hxxp://steamcommunmutty[.]com/gift/activation=Dor5Fhnm11w

Resubmissions

27-12-2024 20:16

241227-y15e4szjbm 10

27-12-2024 20:14

241227-yz3vwszjaj 10

Analysis

max time kernel
92s
max time network
94s
platform
windows10-ltsc 2021_x64
resource
win10ltsc2021-20241211-uk
resource tags

arch:x64arch:x86image:win10ltsc2021-20241211-uklocale:uk-uaos:windows10-ltsc 2021-x64systemwindows
submitted
27-12-2024 20:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://steamcommunmutty.com/gift/activation=Dor5Fhnm11w

Score

5^/10

steam discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand STEAM.
phishing steam

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133798041875788221"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4704	chrome.exe
4704	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe
Token: SeShutdownPrivilege	4704	chrome.exe
Token: SeCreatePagefilePrivilege	4704	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe
4704	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4704 wrote to memory of 628	4704	chrome.exe	81
PID 4704 wrote to memory of 628	4704	chrome.exe	81
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 4772	4704	chrome.exe	82
PID 4704 wrote to memory of 1088	4704	chrome.exe	83
PID 4704 wrote to memory of 1088	4704	chrome.exe	83
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84
PID 4704 wrote to memory of 3584	4704	chrome.exe	84

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://steamcommunmutty.com/gift/activation=Dor5Fhnm11w
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x21c,0x220,0x224,0x1f8,0x228,0x7ffb4878cc40,0x7ffb4878cc4c,0x7ffb4878cc58
  2⤵
  PID:628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1872,i,6588589362376063613,14630394958566262844,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=1864 /prefetch:2
  2⤵
  PID:4772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2160,i,6588589362376063613,14630394958566262844,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=2180 /prefetch:3
  2⤵
  PID:1088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2244,i,6588589362376063613,14630394958566262844,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=2268 /prefetch:8
  2⤵
  PID:3584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3060,i,6588589362376063613,14630394958566262844,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=3100 /prefetch:1
  2⤵
  PID:4312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3064,i,6588589362376063613,14630394958566262844,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=3128 /prefetch:1
  2⤵
  PID:440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4024,i,6588589362376063613,14630394958566262844,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=4536 /prefetch:1
  2⤵
  PID:4588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3396,i,6588589362376063613,14630394958566262844,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=3360 /prefetch:8
  2⤵
  PID:2520

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4572

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4928

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\5aa052e9-3903-4e74-854c-08e6dcb268e5.tmp

Filesize
118KB

MD5
a0ed150496f4fc4dbbb6d01ae98b2a87

SHA1
dfb669fe19ca99154299747bd6491ecf70b0895f

SHA256
d2d6e644ef04958fe364b24a0f13498f5c12211610323a01051d361480c8e48a

SHA512
a30daa7c756201327f2c88856d420bf0071d7c324435b3c4bb9199e463eff784c69e9932eea454033c6ab575af7aadee27b083fa86529d61cbe3a7b7b7c41ff5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
07abf1df50bb50f227c4f3d3d29d92a1

SHA1
8685d052f7bcc9bd12c37150c1f8cf3c8fe59668

SHA256
f41bd6c07d1610b799b1419892d5a11ff3186d1b8ab5b52327552313bddcc49d

SHA512
003417fdbeca40cf145787db7d5227e21137f164b5d5aa1cbad93bdb443a2edef2a9b1f7c91951cd3c4ab99717aa9fa6fbbf7cf101a1b0a42db661a91f612b0c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
456B

MD5
7d1a031079d874017d5eb11f172eb3f4

SHA1
104a82785c584fc41d23cb9f829116c5d3dc2f30

SHA256
385f2b24cae573ec8c1f6dcc92d6b8f4b198bbd16f6b1df2b5a0bddb479c6292

SHA512
4e06d69fc336f94f6eb67ebf73d156b1dbb52bb73897d87d4dab893bb39d4bb3feab12bd20698258037891db1d1acbe354cd6461996d0e4b984dde28adab80b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
f60519f385d1afc0d12bcdecf668fd4d

SHA1
c6343b19e383eb83e14afb8bea09065dee12fecc

SHA256
c56949152225b64a9928c400fa27f76d153cd9eaa592a9bd168ac4c21093d65f

SHA512
8902d2542ee1ac43ba5a54b2da8e10d4e56f3d8a65c2e869ee143af617d5886e3414f690f499a273ce746532f471feacf6bc52c4abeea80a4890b79e63551b1f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
87b08557f0f872ff4e53f3edc3543b3d

SHA1
121caeba6b5acf6c371a11fe712a2afc4414bbd0

SHA256
4f690771a8ab81cba1f083eb656102aa2ed8ff844d3080324e85852c9583983e

SHA512
c31b975f6595d2ef9dc5f317863cfa74586423551c20476bc3182172d4ac3d06bd70cbc28903095cf0313246386b023f05b4090a7aa12e95daf49133e4250871

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
6c14c112ba913afb92635b24bb31c3f2

SHA1
f041fb5705079df15837fea0ffa98ef7ef42d88e

SHA256
c03cf487b0944ca82c0636be59968c775590d964487d463ec5e027904929c79a

SHA512
707fd1d7c87c6f5f264733f7ca2404b8cc75b13b25156266c963be07d7d526c7579c07e3aea2eb77187916b09ee188c249301b3c156ce7cdd37e97b3a354d538

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f76847e57d37fdba2a97e1086db587c1

SHA1
6e1fd5c83913df56c7984f17c053d294c71b1d60

SHA256
5a469eaf1a04406dbe7a44847e84fccfb2b798489406123a6afa072bd91a657b

SHA512
4bd046931b835a28afc233fc7f7e72a24c9366d8a90bb497acf8d5d892a39bde5b90a9f284e975ca6aac3613a9709fa4974813b98f655f6668eb1548da401e24

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
23b236d279e50fdf3f66761681bedbdb

SHA1
ad7ee8a47235400ab7e4d9a75febfd90ec506c10

SHA256
636a8ba83ed6b01f1cf7b33d4dc288a392d0c93709401f738632481be3b1beea

SHA512
def65d28a58a1d94dc834a9afde4446b692055e70db0aae153fa5fb2e334d17a6b5ff6d74387525fb0975c9b6de7598c38a37feba70eebc5153eb6eb0db2ca57

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
eca4819ac0b643e6bd840fd349ca4ca6

SHA1
5be307f260548027207a4e503140572cea0a82b6

SHA256
9a72817bc81a621cfd5e156aa26ba452d9833447bfb6e315bb8616a77faf8df7

SHA512
acaf42d609bfa68b04788f0716652bdb5dcacf1e667f0c550b782a7891d213df90223cf039ed8c14bd4dc62917e1c88584640bcd429f382739de3f16c4917e64

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b0f5f29ae6678bc496fa020bdf0ba54b

SHA1
68dc77825ddd8cccad287bcac1a0c87eea36ce14

SHA256
f52c9f20aa21fe0f246cf28db8a24cb5b81468a3a965268f01aa19e906d98e94

SHA512
e1b20f916df24ac4cba1f42e1ff8885e642a2c3a93f407177f0663dc8feabc0174691c82fcbb7556e958efd5a40fb9e813e8cb317eabffe00448d21fdf33e3ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0f54ff714eb02de57b229457cd30b1a0

SHA1
bc270bc836c627542ec91ab6186d6c57c38a040e

SHA256
3dffb78fc673f5c1b29762cc01679f92f22ab90477c9221b26d3eca02f2a4442

SHA512
571412068452174e90443d2f8a628078d22e0052a0dfc1c811523e6dc1731e351385cf2e1601a9273ae0082fb19b25db5bcff29c98ccb942d51235f100610a48

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
118KB

MD5
70c51ad2dab126c29e9c5ce0ef9b7ebd

SHA1
a4ad4b3f63750480964acff48a5e9f45dd8ec20a

SHA256
bf0a7c112ebff469437839408929b00834a0e3bf15173ce2c46ba120032f45f4

SHA512
4e7525cfc187dc33ebc9b0752ad3b285222d6ddc2c8ab7e8d7723d28839220c30c92884decff199dc5362ee2b967951167114923a7b1150c655ba73fdca5af34

Download Submit