hxxps://krs[.]microsoft[.]com/redirect?id=-crYd9Lj

Analysis

max time kernel
37s
max time network
38s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
27-11-2024 20:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://krs.microsoft.com/redirect?id=-crYd9Lj

Score

7^/10

microsoft discovery phishing

Malware Config

Signatures

A potential corporate email address has been identified in the URL: [email protected]
phishing
A potential corporate email address has been identified in the URL: [email protected]
phishing
Detected potential entity reuse from brand MICROSOFT.
phishing microsoft
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133772112744826757"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1620	chrome.exe
1620	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1620 wrote to memory of 440	1620	chrome.exe	82
PID 1620 wrote to memory of 440	1620	chrome.exe	82
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 2220	1620	chrome.exe	83
PID 1620 wrote to memory of 1728	1620	chrome.exe	84
PID 1620 wrote to memory of 1728	1620	chrome.exe	84
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85
PID 1620 wrote to memory of 4780	1620	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://krs.microsoft.com/redirect?id=-crYd9Lj
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffb61b7cc40,0x7ffb61b7cc4c,0x7ffb61b7cc58
  2⤵
  PID:440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1916,i,3873415636830575469,16073431847401387919,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1908 /prefetch:2
  2⤵
  PID:2220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2144,i,3873415636830575469,16073431847401387919,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2152 /prefetch:3
  2⤵
  PID:1728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2220,i,3873415636830575469,16073431847401387919,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2232 /prefetch:8
  2⤵
  PID:4780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3108,i,3873415636830575469,16073431847401387919,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3124 /prefetch:1
  2⤵
  PID:3116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3128,i,3873415636830575469,16073431847401387919,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3184 /prefetch:1
  2⤵
  PID:3560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3644,i,3873415636830575469,16073431847401387919,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4596 /prefetch:8
  2⤵
  PID:4236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4860,i,3873415636830575469,16073431847401387919,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4000 /prefetch:1
  2⤵
  PID:5064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=5044,i,3873415636830575469,16073431847401387919,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4996 /prefetch:1
  2⤵
  PID:1832

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:5000

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1596

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
cd752358f7f70101a758ac0b5d2e72b7

SHA1
9bce22b5f05f170b9f3db0e49f7c2ca34006e40a

SHA256
2301977db3b560b71f3dda876d1e8aa42e6d2b099941be16f382e252b264e0c6

SHA512
7981e9cb749622be70153e7bdf42699cd4b85f56995cf63a883048cea70ce1c7b99aff48d9e58eead761a6c7c16286733b6c87a0663dc233f73988fecb82465a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
22KB

MD5
c654a623ad90bb3dcd769dbbac34d863

SHA1
8719de38f17d8e4d73e2a5e4e867d63dd3965baa

SHA256
deec787cca1b9436e080478742a0299e0db1a9712543a72d2cdc8373fc45a432

SHA512
b7440cec44b71bcdbefcd878a860ee3cc0163dc0905dc688ebcbcd7c6f5cfdfc187ea0c2b6247a362ad462450c34020933df7825cf6ceaeb3138d65eb944abad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
a4bc04c1f9a11b24aa41c6db7d06b2b0

SHA1
958ccb9c3380d43432edf780a43a0a4c1607c9be

SHA256
0e70428a7f82ac0641379718322d8811a91e02f4637bd97a1688c59953473f44

SHA512
2bb73e13f14f7fa2d4423c457c190b35051784f8b7097d4caa424a2c5c6d198355f78991f999fdb36571552091cd1490d462ac7a83f622a1587e1fff767e79d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
39eb545fcc2d27a14e811c2d2231ab92

SHA1
b89a56f47109aad4220a6183d82cf9aa826f1746

SHA256
188d8811cabb03d2d8a0180c7403a351f83129f83e9dc081cf3fdf823cf61b50

SHA512
e53d78f1e03a23655b9e845e8439280f85fe9dce2f0622ebc1f9ce5ab864b20348c667fb3026a920fdb8c66000a679248ca1dd5e6380c0d27ff635b69a2871f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
692B

MD5
0e7b43f18493e0913ce39ed2c9be659c

SHA1
154be17f6a90acbf0394b21de89b508116a05f5d

SHA256
37f69c3902039cfdfcfcb7b2fc74f8925d32d908d172e5938355a1f15dd61a2a

SHA512
e91d576957a0464b17a14ec530168ceb62d67faf9679b5e4146f09a0f9bc7fd28401e1f0a598ee8db24a454851faf8b5b0f7c93e9e47a5f4afa0ec71510b2ad4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
9f2ed1709af66a5686f8b657609d7cf5

SHA1
2afdecd6237977d5beb82c28a5e37802c43b7239

SHA256
89e13493fb6ed8ea5127fe17538450e31f8c82f7099d483e1459b5723a65ad38

SHA512
d6b05c441fb82fffdedde9c6d3e90fda013e09cead482dce371b3f6028d585e282ea361aff6a5b71bfcf503a4864117bcad63b10b842f9a65b4639a3e3ac2e94

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
b68fccca558373cc71efbe5a66630bdd

SHA1
33af51c9e964031995747dfbde85ffd9407492c6

SHA256
81d7eaf5a3ca429300f261a3208a345106243b74a6c0279d32a8854e0a27a32a

SHA512
ff6b538aa626e054534e5c137a237057ba7751e1f378ace5600626651513c465f0806b7f8816c605b26923ebf26fb02d01bb7a69fd4df337adcc849c82c44699

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c0d1b0130bbcaba10f8e67e50dbc8636

SHA1
e1babce62fbc192dd5a2af6f16460aae581ca4cb

SHA256
48f2f2e0764b245f8db5d066788961e45e057867e7b40429fe7a3aa8cf3501cf

SHA512
5359c0f5f4bb93f29a608ae558139dcfe212a035ae650f03a05c3857ea7f7f84990fbfc79323896489d6e64a47ea474fbcbde3e05d79c36b253577699149cb3c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
67e11a6fa7bcce9364631c4849eb19c1

SHA1
254ac3a91258d4fd692a633ff74819c584525bbb

SHA256
2ad6606c15e285f14ee8598ad2e51c382973b0536c4eddb635b5ecc509c604ba

SHA512
df47d36a0d95191c7854a2469820626bc0caac825db2d014754edbcf1a3d1e27d57e9c8fce968e7b34f3ef550e43046ce890a2376dc1465ef72a8f09b167e4a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
39f2a4cc1c2514590af55568b754c098

SHA1
3389fe19fd67ad30d4b27b6ee26d3ee7847cda9a

SHA256
3ace3a7c3f437e469f6ce419c8b92ea0482330d3c930f2a5213e080e06f66890

SHA512
0a8aac636320f2517fddbf551867ff19c7a8eb675bbd6cb61cb85b14816dd315f41e9e6ec088270288c0bcbe6ce696ea8d04a402e41070e25b8d9a2890af89a0

Download Submit