hxxps://github[.]com/enginestein/Virus-Collection

Resubmissions

20-12-2024 09:33

241220-ljje4avraq 3

28-09-2024 14:24

240928-rq8apazfpr 10

28-09-2024 14:22

240928-rpks1asgng 3

Analysis

max time kernel
149s
max time network
142s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
20-12-2024 09:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/enginestein/Virus-Collection

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133791608332273970"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
1588	chrome.exe
1588	chrome.exe
2008	chrome.exe
2008	chrome.exe
2008	chrome.exe
2008	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
1588	chrome.exe
1588	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe
Token: SeShutdownPrivilege	1588	chrome.exe
Token: SeCreatePagefilePrivilege	1588	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe
1588	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1588 wrote to memory of 5032	1588	chrome.exe	83
PID 1588 wrote to memory of 5032	1588	chrome.exe	83
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 1156	1588	chrome.exe	84
PID 1588 wrote to memory of 4900	1588	chrome.exe	85
PID 1588 wrote to memory of 4900	1588	chrome.exe	85
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86
PID 1588 wrote to memory of 5024	1588	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/enginestein/Virus-Collection
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffbc44ecc40,0x7ffbc44ecc4c,0x7ffbc44ecc58
  2⤵
  PID:5032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1992,i,1913885395116765543,12064297513323995589,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1996 /prefetch:2
  2⤵
  PID:1156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1860,i,1913885395116765543,12064297513323995589,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2080 /prefetch:3
  2⤵
  PID:4900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1952,i,1913885395116765543,12064297513323995589,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2280 /prefetch:8
  2⤵
  PID:5024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3124,i,1913885395116765543,12064297513323995589,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3144 /prefetch:1
  2⤵
  PID:3524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3132,i,1913885395116765543,12064297513323995589,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:1392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4608,i,1913885395116765543,12064297513323995589,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4628 /prefetch:8
  2⤵
  PID:2764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4744,i,1913885395116765543,12064297513323995589,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=208 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2008

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2748

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1500

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
cc8b3d9b6ed2c151b852955924f8374f

SHA1
737ab320b4ebe20dba37d2f13ec83ac0a4fe9fee

SHA256
4c409279e64cadb994f959801ce623e08bb6fba3885697ee5a3916ee04cd9398

SHA512
519e8e5a64b35f43f7cefd9e01c4a48e39fb0282f303716c0a8fc42c1b1f918d195712a252583712b84db02556d2d5820540c26ed7cfb0ad3de418ecb6dbf125

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
6fca6eeee6b9e914559b9525c5e9b0d5

SHA1
765f4aded761374e6fa36331349f0fc0e02304c4

SHA256
33be12ee6bc374e76c917400812822d38bfc00e122a77a81b3755df906cce33b

SHA512
aeaec5b33e8d92c5ce828b01f3f30de7f381f505ac8a389fb8541b52a74516fa1031b09a59151011ad6dead747698a8dea62d3fcab2cb7d8dee8cad026bbdb8d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
3384249ee1a86646c4d4a645b7c14180

SHA1
1bcc5319676a47f5ac900232166ac633021730b4

SHA256
06eafa2da16711ca9b2b13422f831da881dc04d23b82bcc92afb9a1e89415292

SHA512
be91a020183813c9e5b79ffd5abe140f56d008e9a1bdbb0ff3cd9ddbb28b47a9401b5a486870e36b3c20a163a5e1a7f6f2a9d1a348c3b40f8067fcea60462832

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
bb237789d541c3424f9d75ac6b7bce1c

SHA1
66d3433d683ca4867df271fb335536a70c5b9080

SHA256
deb775b0d92d9a585f2aeec3c0a8f26fc0a5326cf8272d3da1487c5be6218d1a

SHA512
e1db336136d047ac3f3c77f9f2d0766fa236a293caa6ce530cef372cb04ed684075006ef137dde82e1ec4f2a432056d4eb7ce0a6357fc5f150b4f94227bb4ca1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a29d3b6f1ac14ff7c1ce68c4df80197e

SHA1
8f1a3d9866cb2bb75cf897a5b7b527679d0f49bf

SHA256
4b290691f4f1dacc7b189f1bac46c3c5da44e5b7e72a1ebbce901b6e5ee63b99

SHA512
b9b89b8514b3798aacdd73fd9ae2275faddfaf849df64248215cb41ef0493ae641423d0ebbadd76c27507844497caf3906d5f8d93d009af24cb5730cd4d96da0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
343f02daa6dded7fd71355cd18f4cba9

SHA1
d0e377cdf40badafb457a71185187afbcb6d4f16

SHA256
8a9e0b067779a713dd797cb7b4c55895cd40b3953adc0ac6e9c4f77561fe661b

SHA512
70706ede824b98cbfee944f04c58d03805cd7fdc756e7c48389dba3183f9ce79d3518f22636c2bf10651e5d2834c3d2870c2191a64fcddfbd43cc70865448e09

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
2f687541b09063d4c4461d33cf8800fe

SHA1
657453422108cd436b76691a4b1234941b77f8f2

SHA256
8e2cfaf2df4d9fb80c897d5810fd681486302620189c0f17c65706d57b7a99fa

SHA512
b8b926b41cb91183b8498d05d7e3ef27b5bd8f06cbe896fa2362624492495368d44000cf8f44aae6d46b96d8c180c93c27f857167c79a9ef221dcb2fbcf28e5e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a8dbda6c131164f20e3827961b888b34

SHA1
26fc246fac1ef15863a3866a343b5565af4b23ef

SHA256
d6da034aa462f45e8b045567e6494a4070ca2cfe360e40c8bba221c30718cfa7

SHA512
888744f587c31a03dfb6a97b7345db7ce38084c4007d68518b638fa1f8030f967966532835469fb539378fdea32e0c2951ff3a28c1cc47bcbf8c359415a5c357

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
8b5d9af510775bf7bccfbf0a37c9ecad

SHA1
943a257fa1385baaa040bdfa613d8aed13bf7c9e

SHA256
20190923b58522d651b8727b361371bd21a28c821470f37fd474b5bbf4e96acf

SHA512
bdbd0db4a4b6944bd92e1716ed26a10eee2ec3af76b31a2987cb7f27688a4e79769ef607dc864e61ab354aa81e5e19d27d4c53bd51b62bd8e62ae8a48bda87c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
d92c0f55d91bc5c61243ddbd03bec8b8

SHA1
aa4cef068cc6b51feba8266152fe0aae4dfb9b56

SHA256
120dfd6a9f30f1a29a772fb2b354efbc4d43d8da74e69d9fa97d61f5e1deea43

SHA512
742d884e5cebe84c112c84dddd7b62ca08421df572b23cb24866ef9ee03a849da20e2787f31477f62f9429716e4a209d7337ceb6a642ab342228c6b703dc9e42

Download Submit