hxxps://mega[.]nz/file/8zcgDLqI#HGFvK-NqdtPxilp-WgqPUeHXEjLLfla2cvKvES3nJpA

Resubmissions

20/11/2024, 03:28

241120-d1pz7szbng 4

20/11/2024, 03:23

241120-dxpv2azkbt 4

Analysis

max time kernel
79s
max time network
80s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
20/11/2024, 03:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://mega.nz/file/8zcgDLqI#HGFvK-NqdtPxilp-WgqPUeHXEjLLfla2cvKvES3nJpA

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133765466258757231"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3412	chrome.exe
3412	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
3412	chrome.exe
3412	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe
Token: SeShutdownPrivilege	3412	chrome.exe
Token: SeCreatePagefilePrivilege	3412	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe
3412	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3412 wrote to memory of 3532	3412	chrome.exe	83
PID 3412 wrote to memory of 3532	3412	chrome.exe	83
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 3884	3412	chrome.exe	84
PID 3412 wrote to memory of 2780	3412	chrome.exe	85
PID 3412 wrote to memory of 2780	3412	chrome.exe	85
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86
PID 3412 wrote to memory of 3276	3412	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://mega.nz/file/8zcgDLqI#HGFvK-NqdtPxilp-WgqPUeHXEjLLfla2cvKvES3nJpA
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffe72cfcc40,0x7ffe72cfcc4c,0x7ffe72cfcc58
  2⤵
  PID:3532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1964,i,1600075653021302402,11458063577094911983,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1584 /prefetch:2
  2⤵
  PID:3884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2040,i,1600075653021302402,11458063577094911983,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2436 /prefetch:3
  2⤵
  PID:2780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2116,i,1600075653021302402,11458063577094911983,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2544 /prefetch:8
  2⤵
  PID:3276
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3108,i,1600075653021302402,11458063577094911983,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3160 /prefetch:1
  2⤵
  PID:2224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3116,i,1600075653021302402,11458063577094911983,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3196 /prefetch:1
  2⤵
  PID:4044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4616,i,1600075653021302402,11458063577094911983,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4632 /prefetch:8
  2⤵
  PID:4904

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2992

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2728

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
03d827d62a04750ac389fd4223c26f2b

SHA1
6b3e1d24f1ae04e73c8f8e425cbdc52dcf0df85f

SHA256
c20e44f9d0fe7ea1bd82c8ea59b90213748a8b9d04fb186b75be768f851af751

SHA512
367b6259aeb3c8f56e37a6c4198cf5d5500a0a008149156b31f8f3b4b67ee67a588a94a3c6438968fe7e46d352f6980ae05d9d7811e1ad2bff7ea5d23972831b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
eeae71d8832c6c603f4ba189e67fdae6

SHA1
8e190b3d9e651af8912df23aca7fe61dac10663c

SHA256
c2780170bb07bd055c1fe955279602b34b86157828a97ef0707c23aa81d8592a

SHA512
93e49c719c269943911c7e48465648c7618388e6316ae168f871d715bde43928d9e9ba02cd5c282ad63976c05d15f96387032804659f66486658b3d89c5ef2e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\Paths\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
620a21aca169140aa05d0c92cc3e111e

SHA1
bf3b8d58bd75053a7fc4be734dbe2bfb5d5c938e

SHA256
93ba657be58aae97b65de2659bc93b90f607d6697466f4219b52e2a45756889d

SHA512
bc5317d56021a55662833ac82f41f6546712cf3f75e4065ad0958b938f18336b53dc521140a31d8bc2cff49a0c6d2cd1953e92f866c5d00800ab9d320338f395

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
aceb8f75437c945e19dbb780b0b11af4

SHA1
cb34b6cf09967c004a4b0ec382013127cd6fb20e

SHA256
7453099533c695e26c226bafcd25f9dc57a2c9f170e98084cfdd0057a97af92d

SHA512
bd3734441ea4a8f0f0c12bbc5a57905ddb653029f58b22dc5b8aa21858e5ec5dd5562e5fdc236f8621e98a4fdafcaeac108e1dc7c173e61edf782950bd319ee9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
523B

MD5
1895ea5e08400c9b4a7b738b114c169a

SHA1
4ffc36960bad53fc953fa73f0282d52164023161

SHA256
4539e85f621be8828c2fa41d75f1043400a361746ac3aecdf33ade616daeb3b1

SHA512
6f8ac613d21dcf62e2b07c91b6b3154439ed489200aaf8df1d2328af73ef176442d61ab49828f832bf443a85ede6c6331c45d69349b50abe0bdbb8952045dab9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
bcda354689f013a346828fca1d6036a6

SHA1
46baecc79cf44adef89835851862f8f87cc857de

SHA256
9a400fc8e73d3cc5025c69ea1b95d6ba57a676558a4407a2dd2a3ac43309daca

SHA512
79c141de52ba2f1dcab8da50a88921010c3f943857c962ab7bc4cc72d57fc2513a8c1fe73468291a4ea3604fcab42bec87d8f32bf7a248a079e679e982ddb633

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
cb57f5a7f47ae7305e829ca22a4a51d5

SHA1
d33031ddd2ee6a22b707fc69190c976df5a417e1

SHA256
1dd30ca2b5e72aa1fdc9a435f6b7c9d55e4411012b8543f0ac51a1a8a6bfdcea

SHA512
37383d4eaff2c1e9c2a224605adf16822fe667345c650258989a6ab2cf58eea0840af58ad5531d6301450fa0d6f249fe5a8b37e103a99650e79853207a76ef46

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e28a4005e427c57f2d8bef1c7b418068

SHA1
c7a616ab002979b52089b8cf0c263e6af9c7e13c

SHA256
11c07722e3cc3495714cf182cc1f4ab388a6d6f431e08e95c375bb97b0338e15

SHA512
d10b3465c3bfd6bbd7b5c79ec5f3dfeda5a31b62e7f53dd2d1d6e2617156e693ea33a37fd2c25c505921f84c045be452d190f3c6d52fd4a456ab3fae89f97e9a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
26b23e6d12eb3fa6135b798bb9bc82b7

SHA1
6f3d50d003af3df3aeebec0f4dd8fd01310f46c8

SHA256
67eea08f79eaecc1b187ae71c10b1791d7331d27cce2960b5450580891ac5e4d

SHA512
dddff10b1b9cceb3120dba641e6e539ef62610fde3bdb4a721ed025e37f255b17a8522647da981e78e1a7bf09dad2039c3eac9634490a838aebd78150852c0e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ad937ed1d6ee2d3717e970a552f69578

SHA1
05e34ee0ddf57fb3b5be99a54e71da095465dbc0

SHA256
81905336c833682063575bca50f461d151591d3c1ef893fb6463ae1489c4aaa7

SHA512
27382ccad2366d67bec0cf98b67f9ca6eacf6f90046c3b52ddf4d9c934dc7447fea49ef33569a51e3ffbadee13700530d093320a14f46bf1670f0c5cfb41dfe1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
f32adc64e48d068f847f35d1796f1e71

SHA1
653fd98365931edfb14cb19dca37f60aafc58770

SHA256
f07e7ee35158b979c5c78e3c2e26fd5c2f297dcdfe8ed4ea40deed361fb052e3

SHA512
c3c5d0f60797ec82f8ddfe03969dea7b2dff0981c9c478fb07e85084f024767f6de4b4743814104b3dc3822ab0afaddde4e3f76eeed8ff2c5f003e4ef4acdb73

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
bd8f5bedbccfb73b88e8ad9a07a4c834

SHA1
2267198a13917d9013e776e955af43fc9312648c

SHA256
609bb328e97ca724ca0f1ef9d1ecb10cc9585df33df6ea0dfa4c6366efd32d13

SHA512
64ee905e96a387f9b849f5ed29037252e5b3dc2bbd24a89236007a101dfa4c77928c0b8d1cf930a1fe5a0713b6d4567c5a5be5cf6d4754f0cde8f5aea34e50af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\d0af0de1-284d-483d-9630-5f5da0e8212a.tmp

Filesize
116KB

MD5
c813b6a3cd2a5829ad28f4a938bde045

SHA1
f94b9269b7ffc42e82d2ef96db939e428b720ca5

SHA256
7fee6df16934d321d50a1d8f7ee0cc1eaae480f3758aa988a1e93f3c84b6fa6b

SHA512
52aa750b6ccb68680a824e7b6f67b77921aba555b65a43a026e75e63f07f1b9a1efe3f2a5de0672e790d66801585c8ead2a981ea5e7070561f148d406483f615

Download Submit