hxxp://www[.]zixcorp[.]com/get-started/

Analysis

max time kernel
300s
max time network
276s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
09/10/2024, 21:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://www.zixcorp.com/get-started/

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133729822712611652"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
3132	chrome.exe
3132	chrome.exe
3828	chrome.exe
3828	chrome.exe
3828	chrome.exe
3828	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3132 wrote to memory of 2972	3132	chrome.exe	83
PID 3132 wrote to memory of 2972	3132	chrome.exe	83
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4388	3132	chrome.exe	85
PID 3132 wrote to memory of 4328	3132	chrome.exe	86
PID 3132 wrote to memory of 4328	3132	chrome.exe	86
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87
PID 3132 wrote to memory of 1532	3132	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://www.zixcorp.com/get-started/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffa1488cc40,0x7ffa1488cc4c,0x7ffa1488cc58
  2⤵
  PID:2972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1864,i,791249212540456282,16236695813896552796,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1860 /prefetch:2
  2⤵
  PID:4388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2120,i,791249212540456282,16236695813896552796,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2176 /prefetch:3
  2⤵
  PID:4328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2272,i,791249212540456282,16236695813896552796,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2260 /prefetch:8
  2⤵
  PID:1532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3024,i,791249212540456282,16236695813896552796,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3052 /prefetch:1
  2⤵
  PID:1800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3028,i,791249212540456282,16236695813896552796,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:2520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4480,i,791249212540456282,16236695813896552796,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3872 /prefetch:1
  2⤵
  PID:3636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4592,i,791249212540456282,16236695813896552796,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4568 /prefetch:1
  2⤵
  PID:3920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4588,i,791249212540456282,16236695813896552796,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4788 /prefetch:8
  2⤵
  PID:2388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=208,i,791249212540456282,16236695813896552796,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4904 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3828

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:720

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3384

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
5c26ef03031ea9e8c2b742e8e04a4020

SHA1
6ff60e67ac3f80eba5808b12bca0fc73c068fcfb

SHA256
534811c31830a7b3e20f0f7be7c5daff75501651fb38821e13be34375baae1d6

SHA512
bc20d96ec986c3dbf61745a16a996ba5eebf104bb2b4760a22ceca336536bd574c469e2808d383dae269b005367eb8d33d280f76a450d7731b118acd0524031c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
b29705ab9839d95dd1d76e0e768a56b5

SHA1
0d929effcea12bb47e597b2ab08df3b93173d63f

SHA256
2d21e2ac2ea4ad8f415ad7dee92b105e009fd49273e4b7872e5bf850a6560a6e

SHA512
afa460820218fb3afe0c31ac08006c8f52465dc3d00923a5eb22018194f347f91a9b8dd6569c591a62e6ed3bc1c858da132358537708cbac91ac6c4de9bfdd46

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
761d58965bb796b917719b282c9f6e0b

SHA1
f826ea83e7a5ca08f072bc3edd1b2915bdb797b2

SHA256
ed34646a9208cc87f4d1fcc307e75dec8149bbdc19e604a9bb1b13cc3b7955d5

SHA512
4ef012bb3f4ac96839a2f5fd69ded117c9f6e0a121d29d9743146f2bd61752466df6fecf3fb7872b964b79f874bfd62e3104c926e76c17597777f2ac8277af22

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
2692a9a954625dd01f33c4558904fa69

SHA1
6e1feaefbb7fc00fbd9bb96e01e477de9149c38e

SHA256
9125c1399cab655ddab94888c8fdd01fc4a53e1bcdfbdb23961636ae78aa8b5b

SHA512
4a8f740397b1fcf069b59ca551bc89c20ebe55f2e6a48e10a8f7cb7f109a09e1ab0545f368388bcbeb5eda1150dd48d97d440bff8f36817f04cb082b75365975

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
73fa203a27188e5d014cae11291fb7aa

SHA1
d72bdf772166a65720216db8e69871c1e7f4dc24

SHA256
1e0fba8bf8c717efcd7edf05061f855b4f1ad377e8e3de94e14094d9b92ee997

SHA512
a9ec26c4213d2d03fcb3dc041b23e7d9942f0f9029bf5c189d44ba7d842f98ec0c4da780d0e65803fb443ad970faf48e68cae7bc9b62037739668537f897c96d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7bceb8bf3668257a2fda3c3c1257a4a5

SHA1
f40b5c7ac95228449ef9beac10bf31a73f56232b

SHA256
fad9942fd13863abb2c9c1fa9896f353c82e6e6135b0ce76baf6727ccaf508ec

SHA512
ddfbea554202a3dc5745de083304968678d6532acb6cdc65a232ee0d0affd9a9d58367b4d85fc923aba224dc8811faed6db3b72a38f8f44e4d9b4f9489a71219

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
094128614634ec05fae14ef3144daef4

SHA1
7f8ad01273660d9911816c96206e278a1e491b44

SHA256
1a3efb12517493176ddc4706515fc1ca9f22b314de6ce370bc4181913febd97d

SHA512
21c7fcba093b27fefa5939bd1ede1a7f9dc089dedc5eaa9b00ee08a5b9dadedf5ed9d71e18029b9302c80b0ddb8827e5589dbbaeb35a301922142e93b4193bf8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
506b2546171fa04991853c4966e841b7

SHA1
73b76688c70c967f014969828a7c306b2958371f

SHA256
6de8ecedeb1fc2de67d46aca0f259fe4fb5ac0db104d480d9f5b7aeed490279a

SHA512
447263b015c5b3640d79650f8c728f937074549eeca24d059e76e531a2d505eae795ae3fec3e71797ae62878a4a524916af8f0ae14d862bb3cb57b29f0ec5d73

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c362af626c0ddf9334a98d7d5690f92c

SHA1
68c5b0f1c2bb9926b483e2d570153ed4dcffa3ee

SHA256
05d425c8ad5f779d929f5969880dfbd2ce116ed8e1fe945038c67d4eafb18dc3

SHA512
239751e8163275b2539fbfad8c473908bbc54d915480c0c1fb5ccdc4254f595d7d4853d213a6f2416a933a14a8632deb8fe9dd6ecfddb8a0812c794e3248bfa3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
30fa0ef51e170a07948d6efe36465646

SHA1
216b71d67520720be2e6c21e8dec0edddbc4f4c7

SHA256
dd0aaa891d68ba311440fb0ac45c53415af3fdbff9412da5c2ab4c3b98391ca1

SHA512
ac0a42fe0ec5e101b95491ec3f59d9e458faa79971f970e3464916367a2bc31aa62f5b6d9f48a4be5bd908273fbb352adb2872f8721ea04b6018ce5f155f9b51

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
243724bb6c0360175144b53dec7b2415

SHA1
345e426d885feca091b14da8453adba48182a14c

SHA256
8cacc739b8ad000352ee64c74ab6af781fa2d5888a092f5641f23f65f5935b45

SHA512
b9be2f44635132e4aaff5aeddac40b0d12d4393dfee76d3387cf590ef208742091da71c855b89f32967105bf8fe1b588337cb134d1c199a964cf2f1ab27a4049

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
af9be80911b69044eb53f86eb560ddc8

SHA1
2e6de1620902b84a05d4bfd9466f20567d95b540

SHA256
c4caf3818ba03ad7132a2b2bcd989976e5711a3119b0976bfe1a1ad92b57f84a

SHA512
f7e25c5b019f7edbbca0e563c5f23bd3bb5521a973a06e02fa1e8b768c6dd760df3ccf1fb72959bbbebc8896bb255179a0d841ea41edc00b4c52cd4ef18d5997

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
bf28d3dd7bd7217f080c2edd6a9527f3

SHA1
1ad36dd43e9aef73878e45d33e84334f9ba20559

SHA256
c67887d5cd19639e22e5d2b6cc57196a4f9452bd42a83fdffa14bf3796d333e5

SHA512
bcb6c83db4e4b3279affb1282cec1be77fdf00348ae5596bc91a8ca196ffbfb4b52b1f7ca66e2db6542a444345509eb0d4b520dad1b3f1904d9c764b3a158e95

Download Submit