hxxp://yoursyncpixel[.]com

Analysis

max time kernel
150s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
08/10/2024, 22:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://yoursyncpixel.com

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133729008003569698"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
3108	chrome.exe
3108	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe
4316	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe
Token: SeShutdownPrivilege	3108	chrome.exe
Token: SeCreatePagefilePrivilege	3108	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe
3108	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3108 wrote to memory of 1116	3108	chrome.exe	83
PID 3108 wrote to memory of 1116	3108	chrome.exe	83
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4564	3108	chrome.exe	85
PID 3108 wrote to memory of 4064	3108	chrome.exe	86
PID 3108 wrote to memory of 4064	3108	chrome.exe	86
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87
PID 3108 wrote to memory of 232	3108	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://yoursyncpixel.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffda707cc40,0x7ffda707cc4c,0x7ffda707cc58
  2⤵
  PID:1116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1916,i,7913080480339525867,10870528665512782321,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1912 /prefetch:2
  2⤵
  PID:4564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2164,i,7913080480339525867,10870528665512782321,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2176 /prefetch:3
  2⤵
  PID:4064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2260,i,7913080480339525867,10870528665512782321,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2012 /prefetch:8
  2⤵
  PID:232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3064,i,7913080480339525867,10870528665512782321,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3076 /prefetch:1
  2⤵
  PID:2084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3080,i,7913080480339525867,10870528665512782321,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3220 /prefetch:1
  2⤵
  PID:4280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3880,i,7913080480339525867,10870528665512782321,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3680 /prefetch:1
  2⤵
  PID:3636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3220,i,7913080480339525867,10870528665512782321,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4392 /prefetch:1
  2⤵
  PID:4972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4728,i,7913080480339525867,10870528665512782321,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4740 /prefetch:8
  2⤵
  PID:2244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4768,i,7913080480339525867,10870528665512782321,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4752 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4316

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:1072

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4744

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
1d33bdd50180c50d3ff81d977f887b9a

SHA1
3fa84beda329f339bb9d4b8e453ecef55f6c64dc

SHA256
2b3264676995a89d3180ef7320f017f1ce9ae13b0a7a39f55131e617475d8f41

SHA512
7910ab3eb067695ff49b747f444c73544ab1e8b13139993dcf35eddb021029efa5e6374c3ef32cee6ca252e0c37d7d2c7e937edf336f18708e2f951c039f43c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
f0c0bf3d90a5052e08140c3eb4c9c53f

SHA1
232a70eb8dfa503bdc3b6c97a5fab67c75a0bca3

SHA256
1d0a73991a74a301948cedb78abda99e35532b270b44f2f5444a85d5746e6eaf

SHA512
b58f6269bfa22c70b270f9c803e32482687d43ac6ac1490f9669bf5a98adf0943f506106dc9983d28abfdffadcfae574db00dc600ec127267aa7f48bc0fc8aa0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
b27f7442ea833092e0f409c570023a37

SHA1
569d388896ce6b96c77905fbe8f9931de6282d91

SHA256
6bc52e118d2b21027b67a572552299f632e91c8418364aac2533d7d2b5a82df9

SHA512
df06eba4c171133a61afb1ad4ed5e0738f2c2aeb458c3bc8e461fa9e22b5da79e108597798964f04e2059765e65a7e5f323e312c9093a4730d8d5db0bf64dd40

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e960cc28aace780271115a23533e7577

SHA1
c4a30bed581a52dfe58017c4c21f7dd92ecbe960

SHA256
83d6956cde31e9c666431ab9a1eba629912d9041d03c8fe93c72aa4832321be9

SHA512
0a13d35c058f9c9ba9f80d30a76d5772b307e58ebbf9ad83908df14f0a6c33d46adeb2f97e70561b5c7a5d44abdbb5b4b46d2fd36dc80b676780116c451fdc2c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
6c40851ec5f4f2b9ad55c2f49926c72d

SHA1
d6d9848f50c630e3dd3a737720c63aefa414ad98

SHA256
f96a9dac77c21029954860525baac28216de1d46289bc4e135b19be3ef5c200f

SHA512
77f94413dd4ed222ec3489e862f91b30996c44e60b9d4c63ad2684995bca962a70f559bcd05f511cdd6ff4acb128dc37752e8eb0076f0396f796a6aa5c24edcf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c9bb17e739ab104d575259070566537b

SHA1
1900a1a736d69a1100d6b1de3d620fc01c5899f9

SHA256
012a38aad68ea5cc38a5747039b761c7ddfcbe562d073a934a23a2b308fcd10a

SHA512
1ce2cdbf76cbd8f816f9c58b6054345b6c366ab1e2a37a5f1a07f68ebc895a045ef6ed025dff86a1757ffecac605e5b5054a24e79390834fe87bc26071dd54c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d7ee496a5670bdb6d550033803e38ddf

SHA1
1489f692bc746eaeb9409d0b238a00b73af5d815

SHA256
94dd279d15362a3a345d4f4cfef38c68e6947ba109692361438ea10431aba25d

SHA512
d04472eec6856fdafa846d87fdcf73ecdcb205dcf871c7224fb7b555d32dc8a239337bce89d60b4dbd43f2692096febc4d380dec3f82c3428d1823ac7d5b00e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b90c69969658258c1aa22250027d4700

SHA1
c7e8e29a4e04f25703e264a0370c6517503368cf

SHA256
4a785e511a932a2b7a9f911e4728b66b45531d3d7b6b93fd0164be523d9b58ef

SHA512
d09765e07ae744032c48260a0ade7b803527afbf5281f3a48cef0bbb25361defd89155f7caacc90e8f594f395bce4ee9c3f4fdea7650b56c0d41efa370c35f9f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
20e99222b3425e8af926dd738cbebb43

SHA1
de8335a39e2fb8ed20c6cfae87128fe997641d9f

SHA256
084fdb655a7c81015e3d67ecbbed73e5c544e18d370a66e5d564e6b2aceee6f6

SHA512
04efc417da6a83ce4ea7839f233433e4d7542699b340e1d4aa884c3847464c39e492ab98543fab3804097073a469229e79f771710635d88a0657da1d43c61c2a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
2b4118f89373998b3dd4d180cc30a697

SHA1
ff1c414981e0768c9628b80cf3813bca5645ede9

SHA256
c36d476d228bc33a2752c6b9e121873498307762fd2819cb6e78130bb1d94b6a

SHA512
66ac5395dc66e3ab364724221e498d37911bd27610ce69ebd2de96177a534f463ac3ee5ace26f8fe1035a80c02c9ac14b831f796d454c62eb013e8c03db6d340

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
8eef95d172061b71696b700d1b444532

SHA1
db50f039fbeb99d14a9ff4f32eca996f2ccddb9e

SHA256
fea6aef3a3abb16ff9d8dccbf496c2b7c6e5f71878a38c802b2d2835dc12539c

SHA512
7c3ed2d599e35c1d2dab08a952312cb64afd35f0ef450e01d5bdfdffd4accea4023d6c2280fe9a6d53b7a16b98015b2ff1bbf78347781010aac126e5c9b8f5d1

Download Submit