hxxp://afrotech2023[.]com/dhj/5317349282/bi5mcmF0aW5pQGlvbnRyYWRpbmcuY29t

Analysis

max time kernel
59s
max time network
64s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
18-11-2024 12:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://afrotech2023.com/dhj/5317349282/bi5mcmF0aW5pQGlvbnRyYWRpbmcuY29t

Score

7^/10

microsoft discovery phishing

Malware Config

Signatures

A potential corporate email address has been identified in the URL: [email protected]
phishing
Detected potential entity reuse from brand MICROSOFT.
phishing microsoft
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133764049865545145"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1028	chrome.exe
1028	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe
Token: SeShutdownPrivilege	1028	chrome.exe
Token: SeCreatePagefilePrivilege	1028	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe
1028	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1028 wrote to memory of 1236	1028	chrome.exe	84
PID 1028 wrote to memory of 1236	1028	chrome.exe	84
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 4440	1028	chrome.exe	85
PID 1028 wrote to memory of 3436	1028	chrome.exe	86
PID 1028 wrote to memory of 3436	1028	chrome.exe	86
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87
PID 1028 wrote to memory of 4980	1028	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://afrotech2023.com/dhj/5317349282/bi5mcmF0aW5pQGlvbnRyYWRpbmcuY29t
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fff3905cc40,0x7fff3905cc4c,0x7fff3905cc58
  2⤵
  PID:1236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1920,i,10616871019842209308,2880837819795461937,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1912 /prefetch:2
  2⤵
  PID:4440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2132,i,10616871019842209308,2880837819795461937,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2184 /prefetch:3
  2⤵
  PID:3436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2232,i,10616871019842209308,2880837819795461937,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2588 /prefetch:8
  2⤵
  PID:4980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3016,i,10616871019842209308,2880837819795461937,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3048 /prefetch:1
  2⤵
  PID:5104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3020,i,10616871019842209308,2880837819795461937,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3368 /prefetch:1
  2⤵
  PID:4048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3992,i,10616871019842209308,2880837819795461937,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3632 /prefetch:1
  2⤵
  PID:4092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4640,i,10616871019842209308,2880837819795461937,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4656 /prefetch:1
  2⤵
  PID:208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4484,i,10616871019842209308,2880837819795461937,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4800 /prefetch:1
  2⤵
  PID:3268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=3000,i,10616871019842209308,2880837819795461937,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4924 /prefetch:1
  2⤵
  PID:3944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3032,i,10616871019842209308,2880837819795461937,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4656 /prefetch:8
  2⤵
  PID:1596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4628,i,10616871019842209308,2880837819795461937,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3764 /prefetch:1
  2⤵
  PID:4028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5440,i,10616871019842209308,2880837819795461937,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4488 /prefetch:1
  2⤵
  PID:3496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5412,i,10616871019842209308,2880837819795461937,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5432 /prefetch:1
  2⤵
  PID:2000

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4892

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1112

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
51db22dd80edd75d9b5d0ffbb8b6738c

SHA1
f6fa436234ea668f065ca62a17f3212a5c9a0288

SHA256
2e1cb02f8be99077a06278da63f3b2b06e9ff89fbef14e40ebd9bf891c984138

SHA512
bc27aa9d06808c6973549413426b2b25a9ca314960d73473b1b67915b5ca6707d0d32b6b6ba3ec15d0123aff1dcc24cf5b004c1afc165fde9d06e5a9bf2f3a6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
384B

MD5
24fe87c4a747ed3dd3d1efc8079cf143

SHA1
4d27de432d64a5f096a704b8b89c2b17f38dac8f

SHA256
a45cda0e21eeff4f9fc690e7d8260c2be70e4c2635752781546b277052d0a129

SHA512
8a92919d9054ab9af36472f9799c0701b9280fe778fef065cdaaf77db41e258d453761eaa36096fc5492d10b8f9e5549915fab93dd5b058101e6ee1203dc46c6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ab02cb94e1cde1bff38638fd4530735f

SHA1
d7553b73463e7cdf7ef0e2a92d0a99b8d76219f2

SHA256
6997f57956c489f6cb4f8f7cb3f9c1161aab9ff101583bf78ecb785b0c6ca428

SHA512
fb0e0a1de1079d8b6b45df5641458e89b272643b9aceee111bfd9ff02669598eb76fb87c8b2e1e5f5197749808342ceb91e31b99e02328d0fa50ebeaee353ffa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
db8a0e2c84637db34b3829110a133bf3

SHA1
09dc56a04eed9882e1f5802426bd04a0e5b3cda4

SHA256
062da6a651def3d33c5603039a28ab94610ecc1cb230148313bd5f2e05deebe5

SHA512
8dedc569a98041d042cb9995f42a036cff8ecda4055d151c70153bc3b4a4f2542edb4eb38547269127ddc2ca4a96f2e6132d796767a0effecfb952fc9fa76e2e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
cd5c9c3d1da108b39fbd806f62924165

SHA1
76dcea6d60a4a7be906acb87dc25b63a50a36cd9

SHA256
8477bef45967c938e8348c0a315ab231c64af7c0b6ef8a88607155de02298824

SHA512
053ca98806b323c7b0632a2ba01b4be0e56688ae059e601a4b167b7ba6670111307272fc4f4422a7985e78ae21b6968006182e321e7c02a4c0aae9c927f85dcd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
cb334268d54547db73e1d015d59c2795

SHA1
d301f86c9572e318d088c8f93aa978fc73b23c0e

SHA256
bed1045e41d85c85600937c43f557c64bb650fca9cbc4274bd1b832f4c1bc0dd

SHA512
fa68db960020bed3b3f243984ac67b340642a356290f0c4c098f87b82e8bf25cad8a2098e76aeeb713e7a7c236d719d04293c62d10379a7a970f6e3d1446494e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
4279867c27f12de6e9e5f9d292db1434

SHA1
ebeb870ff04f552b3d8d71bf911930e5e3363218

SHA256
b39ea9a108ea05436ff65b53ddb2e873958ac895df751347a2cf69bc11b0a8a0

SHA512
ced5b97727afd52412a01ab62815538662d81951d639729b8f038bd77effa59ab41614e5369d9525c68a2ac29e6053417ab9a668517f8e8ce37c537c5b015d39

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
8d69d605181e06c98ce74b7ecabec19c

SHA1
4889fcf62001a4bb4cc64a44851c4389daac76f6

SHA256
7c0264eee459a854e79e289678260a08798d8f0739b82569b3e737e3dbefbd1e

SHA512
1c253d8ab279f3a541cde15af38ff5a2a33bea53ad66440c7a8e42da1ac2ea939a7e67f910bb4ad93b1ba1bc777974d55bbc84724671d40b92801a4df6412da9

Download Submit