hxxps://steamcommunity[.]com/profiles/76561199724331900

Analysis

max time kernel
149s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
17/10/2024, 13:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://steamcommunity.com/profiles/76561199724331900

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133736466501326893"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4944	chrome.exe
4944	chrome.exe
1132	chrome.exe
1132	chrome.exe
1132	chrome.exe
1132	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
4944	chrome.exe
4944	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4944 wrote to memory of 1704	4944	chrome.exe	84
PID 4944 wrote to memory of 1704	4944	chrome.exe	84
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 3188	4944	chrome.exe	85
PID 4944 wrote to memory of 528	4944	chrome.exe	86
PID 4944 wrote to memory of 528	4944	chrome.exe	86
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87
PID 4944 wrote to memory of 2724	4944	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://steamcommunity.com/profiles/76561199724331900
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffd5e5acc40,0x7ffd5e5acc4c,0x7ffd5e5acc58
  2⤵
  PID:1704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2084,i,6690970938954690208,4500045187240496358,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2080 /prefetch:2
  2⤵
  PID:3188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1888,i,6690970938954690208,4500045187240496358,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2116 /prefetch:3
  2⤵
  PID:528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2236,i,6690970938954690208,4500045187240496358,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2252 /prefetch:8
  2⤵
  PID:2724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3120,i,6690970938954690208,4500045187240496358,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3156 /prefetch:1
  2⤵
  PID:860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3128,i,6690970938954690208,4500045187240496358,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3184 /prefetch:1
  2⤵
  PID:2292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4564,i,6690970938954690208,4500045187240496358,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4696 /prefetch:8
  2⤵
  PID:1636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=208,i,6690970938954690208,4500045187240496358,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=948 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1132

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2104

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3772

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
d91922b67f129326a909a3926999c608

SHA1
b1b187ef2879d1f0dc92d3e7a529ebee54d91c17

SHA256
0c8a0ca654f15da8689c3a6e7bad3c4323ebd65f137fba8da8ec61ecba220c07

SHA512
eadfe3dba402cf46a823f76797d1298433ab9ef6f81dfb05c3ce0f9914ba4eed1aa6a618578dff328f5485585d0de040bb6526fbf5dbc666eee5a49fb2d053a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
840B

MD5
69e02a2c766f8d2791e911a1d1de0759

SHA1
43896ee919bfc5317cbfc3aa9d0c2ec382d32bae

SHA256
da9f930fe7e5777871083fc598c7eed8198d1ece70fda4071fe2aaa4ff5b11a4

SHA512
9990d7ef4a1937090bfd9be8941720a777da126cfa7f9c568bf0f4dfca4abd80275ec739e7d995ed8802fdcc21932d066f50f937828518fea21af452268603ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
2b03407f1523f86cbf77512d48681613

SHA1
bac23b5b5feb464b89049db42ea46d430373189e

SHA256
af4e20f0442b9379c281d234cdd6b491f809ea824bee60cfc2de1567ae9d8ec6

SHA512
e80f24a996f34df43f16865748564715dc9f7cba63324d1183d53e10f4c75787573b8088c4d909036e4b9cc5c2f2143655795daef99b054dcdc4ff176a521e03

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
cc7e5b149dd2a1259d34a0295efc4735

SHA1
d05755092f0cb3ebeb2ec3792bc9241c310299eb

SHA256
b083bede780f2afbba6ab1a168ef64e87f81b5cb0c1d9871fbe0d792d479c745

SHA512
2074ee9b56a58c58a633608c7dacfd8ef4f087605d5f715e1bf004cc9e2e29ca717098d68d7de5105e70677d529fe37bfa42da19a47c6bccb237ef26c3102e62

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c41ac4d5199bce21b8256984b5d52266

SHA1
1ad2ad4a0d6c370469df0332bf4902eae01f6884

SHA256
1d35c805d75d8152cf32107a8754c87c59d1035b3134a8626552bc472e557b60

SHA512
447e352a1a8dcd33d51cdbb6f7097d8ba007ea586a5f4fb71ef891d8bdd63ea88734a1a33110f1c46369bb855503227fa903dee156a67757f2c896fd6da55fa7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
5349ab359fc8caf45e1c513fa35fd227

SHA1
fd915916442e0e1ba0fcda4dfbeba001c2967ef0

SHA256
67d15546b578c5e83ab814a28ae00bbd57d0796dc7457043cd72dd074df479d8

SHA512
22b2530be8a75323215c5372664dc88560370a42554a9162c554743251cf6ed9c592d5f5b6e167479e227d3df25b4e4683fa5d430a7688ed850331d7190ab6ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d7a7c7f60aff184dbba4130c29a5a52f

SHA1
cd553f067363782b0384ecfb145ef42f97b7f274

SHA256
03501a25d44274e24a603e2c323eeb64b786cf97ece39059ab1934216017b9aa

SHA512
17f9b0160dbe679bd78b592ef24dfa2651ff930c1f3af7f65a7b2e3ee17d92ea5790dbb9503379ea9740cd605203288a43d8b35887187e83b33f61c5a11ba2f4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4fcd55fc0969475ee0172c7d2d69e413

SHA1
66463d73a526bcce9a95fa5fbc74a86a69dffc7e

SHA256
673a0385e620f4e90021c035d0340c4ba9849c6be5d953e9a5889fc122e60047

SHA512
07ee500427d2b1dc7ee8144603c53b68d63eb7b0944b485803572574454918731387dfa2a428f30da547e8190441e7f6892e8e0999bf6bb52044f81f35d13f75

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e4ab99ca95a5106c843b1c9a7fa7e574

SHA1
58165ea754140deb68dda4ccbebf69909153780c

SHA256
64c4838edc59a0ed22470932e87140b8f1fcab7bcd2126a0509aa2bdfee3439a

SHA512
67bd0da8143ab19f588f04cee977fce1f6d42062a0ebb915b715253f68aa5ff0bf50e05ce4d3f693e9207086c124db47e5c17a8a7f3bcddaf2edfc10f9fad6be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
83b05215fb143e502c7cf381ccb5f496

SHA1
29e8a230d8bdd6b6fdc050eee21bb1ab7d9cb98c

SHA256
9408bfa6b462ed6813b7f53fcfa4e683aa56574acd345a2dd942a821d9813f98

SHA512
91820ccb7faca442cc6a8ac983ccea9424dbca44d8fc7bef0476c70d274ffc9fd6dcb201658ed3f064a089e7fd6198636b7abb22ea193a8f4ddd7f6e416efa9b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
86eae13edd0133570730f8309ab721ec

SHA1
21799edd132cc448c97a824cd97c324980e852bf

SHA256
c45aab2d67e87a022db06ed708009901fc7c1cf05b1e9780ed0e3142313c1ba0

SHA512
81a7901177f53dca3b40c9aaf7a5bf8263bb14446528771b9b1d899b405eaf6997e127c1d2934c727dfbc284c9e92486b3e9ddcc5cd00140c28724afbbcc9232

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
1e09f61f1fbcc5e86dc34daf83a37a5b

SHA1
97ab3bdf8f907869fd5030a819dfc2233aa8921e

SHA256
b184cebe82430506b082d0dcffe98bb55810df20f9ae03d05ca2f4fd70fa7286

SHA512
e2be5cf5cab59a4da374c7a3f61072afb8173ffb1c003543232d59a1b3cf87554505d3daeeda05d817a87bd8ff24d49a555715da95757ac0abf067b5f02c934a

Download Submit