hxxps://docs[.]google[.]com/forms/d/e/1FAIpQLSdxus22ZPyduYhTeSpr1xpqsi2Mn707eOm1Y9CjYZfIkjj-2Q/viewform

Analysis

max time kernel
149s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
19/11/2024, 11:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://docs.google.com/forms/d/e/1FAIpQLSdxus22ZPyduYhTeSpr1xpqsi2Mn707eOm1Y9CjYZfIkjj-2Q/viewform

Score

6^/10

discovery

Malware Config

Signatures

Network Share Discovery 1 TTPs
Attempt to gather information on host network.
discovery

Network Share Discovery
T1135
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133764889076855140"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4464	chrome.exe
4464	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe
4332	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
4464	chrome.exe
4464	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe
Token: SeShutdownPrivilege	4464	chrome.exe
Token: SeCreatePagefilePrivilege	4464	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe
4464	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4464 wrote to memory of 2700	4464	chrome.exe	83
PID 4464 wrote to memory of 2700	4464	chrome.exe	83
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 3952	4464	chrome.exe	84
PID 4464 wrote to memory of 1488	4464	chrome.exe	85
PID 4464 wrote to memory of 1488	4464	chrome.exe	85
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86
PID 4464 wrote to memory of 3100	4464	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://docs.google.com/forms/d/e/1FAIpQLSdxus22ZPyduYhTeSpr1xpqsi2Mn707eOm1Y9CjYZfIkjj-2Q/viewform
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffd1b3ecc40,0x7ffd1b3ecc4c,0x7ffd1b3ecc58
  2⤵
  PID:2700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1912,i,15553241682455852433,10593685882551631705,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1908 /prefetch:2
  2⤵
  PID:3952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1780,i,15553241682455852433,10593685882551631705,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1952 /prefetch:3
  2⤵
  PID:1488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2264,i,15553241682455852433,10593685882551631705,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2276 /prefetch:8
  2⤵
  PID:3100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3116,i,15553241682455852433,10593685882551631705,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3152 /prefetch:1
  2⤵
  PID:2936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3132,i,15553241682455852433,10593685882551631705,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3184 /prefetch:1
  2⤵
  PID:2352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4612,i,15553241682455852433,10593685882551631705,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4624 /prefetch:8
  2⤵
  PID:180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4768,i,15553241682455852433,10593685882551631705,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=724 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4332

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2000

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:712

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Network Share Discovery

T1135

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
025486925d08e2ed64a1abfe3d06e229

SHA1
2e72524b9be21ef0643e520b8d23bef17ce65654

SHA256
424cd2b6329e71003fdd0ea6c81cbcbd4afa4bb339c299080d1997e5d1220175

SHA512
cd8ac4c183ae5b3855ba02e959aec560d5b0947e1917679c50e2045ccdcd942afc4107e2b459287c5e32ada53a65d55d30d5826936988a3f1a20a7cf27342c95

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
d646eda2eb9fb0f4e5cd548665e112d0

SHA1
fd7c2c305fe9485da46d139d8d15f86e83db8416

SHA256
a3c73687ad3e44046cd74c12561a031d2a31cee9f663c02e1b937a1a0fcc94e0

SHA512
2b7846bfc1e906c644e42d43be17600cb84aaadab57a3e59d1b08a393341a79572292272e6404715f6f253134d548643be881b99c7ef2b05602e465c99762220

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
522B

MD5
a6f6cf866b47502ae1b0f4aa41a5285e

SHA1
6603e356f6631a2c88ec6f881402533ee2d50f6b

SHA256
571a32c5be6f2458afd21a6956b744f2c4386c3396605b82172bb7257d3a23ac

SHA512
4eedd5bef4a15ba98b48afee6f6f62f2202c48f4304223561f26b5f0ca193687e4aba0f1b285732a8064aacbd419c02c1b3d0b29c27ff502da6b2926a5c1ed20

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
48d7a779656054213092c6d28251af96

SHA1
3977ed15efc251ab31cf4a82b9420fb526a3b8fc

SHA256
5fa2dc4637f224e7aec7ad22b42b614af4eb90666a99b4acb5336eb8ebaa39a1

SHA512
0d9b28eb20185dff57e82d48dae596569dfc8fe105c50a8aee939f38fb7a18ea9560562c3a77ee232291a13ce2d70205e8c1245ff41782fa1a9a7c91019a1671

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3167a31caefa806b172cf05f582a3596

SHA1
458b28bac750c8b5c6773bc4697c0ca9181e8396

SHA256
ddc6c95362185ac52b203d54ed186d0b6e9f98be3bf482871c26b624f912f004

SHA512
1daa92981fc4e35be0aee307f73b739326e014fb159ace3e79ed3996fbfadde019873279f631ec4e6dc2445587fd38a4528bea4460bcaf6b53855cddc48f3ff7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7150db29b8977487c21fbb1399f60cac

SHA1
5043b2b7251abe7008cad658d5d20c8e22065210

SHA256
0689cc800e86632daa9779418ca3aeb0db0e4e973ccf0228f348e078f16886bf

SHA512
84a715885f57ee7ed50905b30a9283b23de5aab4d9356336c43b7fbf343d761c94dbb83272c20ef5982772f014c30907f9f2357a743e246857e8132f2f02e2c6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4aea033fa0499c46cd8335c2957b99f7

SHA1
5d906d6b7b2f185ee46f807925a37b865d734268

SHA256
80914c77ffee000adf092db92bb5aaaab23706a350f0a34f10e5711d354ff3f1

SHA512
aa194efa1307c3b69861ce71d8f2a1b3e14ac372c632fe3863f772088b4679285edf2532a970ef4ee087756a56b4962ab7e24aae9d12a36fe809b66cb2732280

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ddaf747c528da9ac814b7ab55f3da976

SHA1
28cfc31bec15b3238e51410c9b03a908e433b484

SHA256
70b5f7671528da653400cb774439813da8e9fab611d690013721d98f14a8c530

SHA512
6c2dd9bf8094674acaa23dfcc7060664ded4688b9225ca7d78a49214fa539b1cbc854efb73c9b398615238d0da6efa7978acd04639eff4be0a5f31f2173bd179

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
effb21b9b78d11b0b3ec7f0c86722557

SHA1
7a445787abc5a443b191f921ace368078e193311

SHA256
0ec2c141a3402b5312571cd9b62daa5cbb10201cb95d4dcd96cea6a199196644

SHA512
c08d7c68af247f9afc5d99a5de3ed40eba614529dd8299c31f7a62e4279f4f8b4ccf6d499b30d57b9c19e8ae7af3b1f3e59574a83b36d25b0db7fe0531ee4dd1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
9956a2b1a12afb07088fb776fd8a954d

SHA1
fb59e0bddf23a910d13447b4fa9344ab3bd9c58e

SHA256
90c268cd6afde42fe2d578038f92d403d7a9284ec703c550b6a5096c09460188

SHA512
23dfcb0fcb8af8e03e88956b9124fb018e94c5fe7940037b87021c8b756cc593a877fa6d0dc2d1f8e04df1fe4cd89db9733809e21970d2edaa9ef4f3aa29beee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
7a3219dd7c1ef203b5dc9e1a3e6a51c9

SHA1
a40d26cde07bc75d300775027b159b68a3020d76

SHA256
3597bd8a03e2b6bdc5a4a9c5f006a90c37c7e31d5a01a6b5b751b1d44f9be7c9

SHA512
ce04b9f163d33736b440938fd854899cc2a40097044a3cb114e3391a61fed758afeacdde552688e9b4f4b7cc800bc35aeeff19cd44bdf54c0744ad69ad5cfcac

Download Submit