hxxps://krs[.]microsoft[.]com/redirect?id=lxDNVZKK

Analysis

max time kernel
149s
max time network
137s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
27-11-2024 08:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://krs.microsoft.com/redirect?id=lxDNVZKK

Score

5^/10

microsoft discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand MICROSOFT.
phishing microsoft
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133771710673790208"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
5088	chrome.exe
5088	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
5088	chrome.exe
5088	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe
Token: SeShutdownPrivilege	5088	chrome.exe
Token: SeCreatePagefilePrivilege	5088	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe
5088	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5088 wrote to memory of 4008	5088	chrome.exe	83
PID 5088 wrote to memory of 4008	5088	chrome.exe	83
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 2036	5088	chrome.exe	84
PID 5088 wrote to memory of 4772	5088	chrome.exe	85
PID 5088 wrote to memory of 4772	5088	chrome.exe	85
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86
PID 5088 wrote to memory of 3480	5088	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://krs.microsoft.com/redirect?id=lxDNVZKK
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xf8,0x108,0x7ffe4855cc40,0x7ffe4855cc4c,0x7ffe4855cc58
  2⤵
  PID:4008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1892,i,16743891449373941726,11044439069936535506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1908 /prefetch:2
  2⤵
  PID:2036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2148,i,16743891449373941726,11044439069936535506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2160 /prefetch:3
  2⤵
  PID:4772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2228,i,16743891449373941726,11044439069936535506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2436 /prefetch:8
  2⤵
  PID:3480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3112,i,16743891449373941726,11044439069936535506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3124 /prefetch:1
  2⤵
  PID:1892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3128,i,16743891449373941726,11044439069936535506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3172 /prefetch:1
  2⤵
  PID:4740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4576,i,16743891449373941726,11044439069936535506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4592 /prefetch:8
  2⤵
  PID:2976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4596,i,16743891449373941726,11044439069936535506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4764 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4052

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:1700

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3952

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\447964bf-0129-4e15-b441-00378351e0fd.tmp

Filesize
9KB

MD5
3a2438822fc7ff683bc3622e466fc7df

SHA1
126af8cb938f6a27683d3d79d90aea1dea24b095

SHA256
bcedb8101e4684b533198666a7d221e1ae5a0f6fc62a2b30808bfc0f8cc7d96b

SHA512
e2aa13e65d04ffcbb0e9c9c6b674d0740431144b013f98ec49163052fbffd9993c073ce51d6e8e1febcbbd692286ac2323ccc71be2cd9dcf17bbb3c550ddf50d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
da221b3e6fce860eefad72f246b0cbf7

SHA1
c8e89f3bf0be9ac82effe017f22c4a0792c0e768

SHA256
afe4f6c1bd92befd5751574d048e0cbe503cb10a6522c2c72d3cf98c43026068

SHA512
533e61e21f1b809c6fdab4602d97701538a7ad4f963da24eb51e204ff583b669df1112dc0e35c0628b7b69b5a5d2919c06f4b1f03cec2ec4311251d651f20d04

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
17d4b4a1da4985097ff3bf1a58b7d392

SHA1
9eba026fe538f62d690deec302de11a33367550c

SHA256
2080f94c61bf51b16641e7a2633eedc921cc5cc39bdeb94dd9feabdd1743639f

SHA512
f26dadd271a44a711bfd40a9a51f7ea960a4f7065a66a3c389c7f510dbef6a53140de8a53769d6ed7ed2890a4ff2f02314007f40a29e33a7292ba2dd7f7e6342

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
692B

MD5
d6318c097173010f09e9c8fc9539a90d

SHA1
e08dc6faece8f4ddcfe7b16cda00cbc4dce10a80

SHA256
ebd660975681fe73a60601ba8ac238a1402a1cb8a68fa4071a4a9af41f46051a

SHA512
cb4800fc047bf006c18ac295e947c1fd7f7f293b87ed41ca2fa07ace17ad373d4bdf864d28ccb4d66e6495c7bc6b59e23df348cc7a2abbd0a594d348e56352ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
613b0d8481805b55f99e137f1ddb7e85

SHA1
541211ab7801dd6a52eee84f0201a476c65e5e3c

SHA256
b42643d4d48e312c31646a473b77ec543ae5b2a465126334fea719d671084259

SHA512
c32d9c40a93d317f279b2329642c057cd24d51730e32fa94cc4b93b1af373e3c1810f7b9fff5375f7e83da08089e6a5e25b19651d56b92b7a437e72c1a987f62

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
215254577bdcd7c61ff81468cc366702

SHA1
832db8c30ae2f87abd0755acd2a60a46bc787f55

SHA256
86279d37d10dea483ed11d50c9b235bd3d2d771e0cf718d0264ac69e224106c9

SHA512
ffb5f5f1da6236e6b77024c967cc6ecd1ac1f8fe6e3efcfeac8f08c2aa33020da20d04b36d56f90a4af71f675ae0c4471788d5bb6c98a92ef33f43627a66ad66

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e092fa3fbb7e92df008788a346945174

SHA1
12b80276458d1e3f8d45202a17033a25487b4ef3

SHA256
1fae89866206b771386217377126fcf75e2acbb60fe180c7334edc59a68c79ea

SHA512
9e4b8087f65789253b867457bb603b14ed2f3c363105f86784f13b86f819251bcb0567193ee629696895c1dbc85de71e28b68fac11f5c6cd5213f61c38d7e3c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f05a4b8a4017a5bf83eb69d2ef33b84f

SHA1
feb6c0072a52c8646bd86a744a4ab6f96919fc08

SHA256
bd01e04575b954ee191832ec155cc4bc4fce358d9ccab813a823dbf5d0528a96

SHA512
c090822787f65827f6402a01446f30f29ac4ecc37aa4aff6461c478a1d8fade38f91e0c2f2c151c0e2f85b1469a5f230dc4b810b7fca828cc4b0ada7d3ecce87

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
f250be0a7359aadaa0d372a1c1a0f2d0

SHA1
10539808d855bd94bbceb25217bd40f9c72ec419

SHA256
058da50870c085ba43a441a34bfb79d340b5ab589f94268d10cc3ae27c764577

SHA512
18b0345ce49c2d9fdb5c1d19c15fd9ef41f6c119cf8d015c0297407c1616d94bd1957cce7fbd40d37a79d311d539de8542e319fa2e706f03fe485d2a477eb28f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
ea8a5a272fb52460ed30961875b1db42

SHA1
34a4e4508cbd117c78e6164f1bed59ae46da52f0

SHA256
a5818d69774eb84b056ad3e615f800ba3c96a45e2e3a7876a41b6d6f3786630a

SHA512
64673a81caac91948e8d8374991e090f6f337a3fdd1028e51f4f25ea6a76873afc142918bf6fd0479df4c781da89cfc2525b1c68cd9ed4e0fa411b2781474ced

Download Submit