hxxps://edition[.]pagesuite-professional[.]co[.]uk/html5/desktop/production/default[.]aspx?edid=04909bb2-d605-4c20-9138-2d8b7c0821cc

Analysis

max time kernel
119s
max time network
115s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
19/11/2024, 13:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://edition.pagesuite-professional.co.uk/html5/desktop/production/default.aspx?edid=04909bb2-d605-4c20-9138-2d8b7c0821cc

Score

4^/10

discovery

Malware Config

Signatures

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133764962495529052"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
396	chrome.exe
396	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
396	chrome.exe
396	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: 33	824	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	824	AUDIODG.EXE
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe
Token: SeShutdownPrivilege	396	chrome.exe
Token: SeCreatePagefilePrivilege	396	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe
396	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 396 wrote to memory of 5112	396	chrome.exe	79
PID 396 wrote to memory of 5112	396	chrome.exe	79
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 4676	396	chrome.exe	81
PID 396 wrote to memory of 3532	396	chrome.exe	82
PID 396 wrote to memory of 3532	396	chrome.exe	82
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83
PID 396 wrote to memory of 3100	396	chrome.exe	83

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://edition.pagesuite-professional.co.uk/html5/desktop/production/default.aspx?edid=04909bb2-d605-4c20-9138-2d8b7c0821cc
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffcbb3cc40,0x7fffcbb3cc4c,0x7fffcbb3cc58
  2⤵
  PID:5112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1832,i,13151983911950524651,7957812990867997634,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1828 /prefetch:2
  2⤵
  PID:4676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1932,i,13151983911950524651,7957812990867997634,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2032 /prefetch:3
  2⤵
  PID:3532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2176,i,13151983911950524651,7957812990867997634,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2196 /prefetch:8
  2⤵
  PID:3100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3092,i,13151983911950524651,7957812990867997634,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3120 /prefetch:1
  2⤵
  PID:616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3100,i,13151983911950524651,7957812990867997634,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3156 /prefetch:1
  2⤵
  PID:660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=3652,i,13151983911950524651,7957812990867997634,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4128 /prefetch:8
  2⤵
  PID:3112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4968,i,13151983911950524651,7957812990867997634,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4980 /prefetch:8
  2⤵
  PID:1948

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4352

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004D4 0x00000000000004CC
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:824

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1992

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
318a08b7ec22f24807e4d75abb36366d

SHA1
866f3d742b222ed1b6d790906c922be649bed0a6

SHA256
4c8aaef0e722be660213bc1a9ae2c0fb719db9b34953026e4026f73c2a327bff

SHA512
496b2f93f4243dba03c1165c740491b8b55afb17467d7a3a74eb40b4d73bc9ad40941f6f11e57fbcfffa489b4b8be6bafc1af57e316b4f31ca3243d760230e41

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
ce59c55ab6285850e6f9c5f7699e5dc3

SHA1
923b0f89aeb3c4024d51911a5d89a89af720dfb3

SHA256
6eb1b1227fa1de56740931b810c74cdbd0be897f137c3038a2bed2e25f454d1b

SHA512
6069c4ad5bb35e23281fd31f6a2691f8ecd9cb2416e0863334e8e7898e970ebcd27983687b709c15a3a23f4203bd34274ff7c4ed5fb54f18979629b5221b5a97

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
219686c2e8f3c4994cdb3c3f3891bb8c

SHA1
3f96c62def654d0841269cf1d46c4dc488120064

SHA256
6429449924979d8343a0fa5e8dcd4c3d60990596b4acd4531192c0230a00d716

SHA512
8e7834ba5b2c296bbc6b2b62c59c1e0fcd1b8a4eb4ec222f1fb67a5024e772bd9e9a7687c272c42675d6b5d1fabdad523ce1159adf6c498a38ce33e4604bb0ac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
857B

MD5
eb2ad1e730bf4d39589ef95fbbead510

SHA1
1c2f4199a8b4027c8b32545621deb2cf3a3ca90f

SHA256
baa54a77faf6f63f84c7261c18879798eecd8f2872737f460a5adfd3777f7e7d

SHA512
378b04ac9b2460d39a74f208870b9430bcbc60a69b24943083b73936e976f000efd8f16022ed4c1784f1ab8af37f9980d3ffe45e184a4e7350cce25aa9b85738

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
8bb43ae36dc2e74b4e4fecf2ed05d0c7

SHA1
eb0f060848cbf3f04c1c2f8b6435c1ca908f7aa3

SHA256
caee1f6a1f288e082aa18ba3ed119f67c5b3b76508c6f77d43fb67d92d0c6102

SHA512
fdd932f8b9071242e2a6f44f07a339f6c03f001913d01af2f83d3c2a95fb99b0ce8cbffb2d896033e22ecc1f45495dd9dcd964cdceeb206ba64e91b3aa1ddb67

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3f62183a77f649e9fcc3ae10ab5f1b83

SHA1
a9eab86e3ca88236a0e71a3110fa85160093d44c

SHA256
68a56e9a5fbc3f7cb94262c33caa8679bf93a8a5d89a066a20affd5e9f5b312d

SHA512
b03b0a9c1b75fbcaeb974cca5e6130cffa8931febbacb70aca0c7bd9691db05ade4c06d4e2c606c1b111dc45bac8878a111c05b4b01fb2c56c8dbc631cd2fa17

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
8544e0fa0a7e79d53b06ac9ef869bbea

SHA1
b023a03da61bb454cd234161ceed0daa5ceb9cd0

SHA256
c75c728ba68befb2c6dd68e491a4e1c8a49c00fcade14eca16355b019fd8ae74

SHA512
0b255cd42f59fc566810b6393fc116ebcdaf84589b396f6a09b054dacbd4c2a24262c05f9446a1534d24a74d35f40c283f392e61bb09f021f510588f35ede882

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
57655fe3ea07c6da1eabeab9425c6ddf

SHA1
a8f866d76a5d492c0b1a708562ced844778df88d

SHA256
382afa4d75a856e8bbbe215d2c24e995e6340ea7d452b52608c8c2fe67ded553

SHA512
d2b632fd8abb8da7d676ba1e898aeb0aa5314e52b21b67e84a0b24ea82113c04066f0873effa69918b27448db91995ac1b260f875baf92347b00e454a6c82275

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b60bdd860aeb73fff3fe89c2c5d01783

SHA1
718c70737e060c9f0911960a39cfaa7bf7958eef

SHA256
2136fbf1ceec96660abc1934fa263e61491300ba60a0569ca9b4eb7993848bd0

SHA512
06d018712092633633cff7ccd40f377bdf7b8950fcbe626cefa9d4c19f450f41842b63c472d90f054799e3137f5eb7382ca1bcc9b816a54756c754521a253656

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d8b9d8a25675299a8093f62991c33a1e

SHA1
a5223ed2cee52be02b7881b16394a2b04ea57df8

SHA256
7b3b9b5f4c6ef97b8032624ea94a3a39b5cc4ea98effaccf47a226b5570de6c0

SHA512
0769082825d2d30638c71f3e53f625909a8622e6a680a292f1658616e0207bf5926002a8134cae56250143a38863dc979ecbfdc48cf456f57a9bef0b520e1102

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
d1c85620f6a2e0105a310eaea906bbd1

SHA1
94ce667d159508e885fadeb95e6fb8aa1691b137

SHA256
5c847f100aa0ad8584615dd4da9f5ca97d71908ce7f538e14cdaa4e2bffa13a6

SHA512
6b7bf4b3ccd0f9511ff75a77a934ad15389088b84fa43eebfd24237784ec782eccbc7b730b9b4cf8b2829941d58f5da79b9e9a4fe0bb8b0a2fa08dc7f4589e6c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
24e0c2d5e7dea3a67f603a9430a6ae94

SHA1
96013414fbeb2661507260b15850354d4b41f08b

SHA256
4fe850552ef2bd163663800877e81c3b03141d314b3025f281ede658261bfde4

SHA512
65a95e69637a519a075720e112451071516b8136d0af0353628311447fee828b0538cd48d3daece952635d7c74ae043aa741622068c744b52790d476d5d06e94

Download Submit