hxxps://github[.]com/MiSide-game-official

Analysis

max time kernel
63s
max time network
64s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
30/12/2024, 05:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/MiSide-game-official

Score

7^/10

discovery phishing

Malware Config

Signatures

A potential corporate email address has been identified in the URL: [email protected]
phishing
A potential corporate email address has been identified in the URL: sweetalert2@11
phishing
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133800105060467996"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4784	chrome.exe
4784	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe
Token: SeShutdownPrivilege	4784	chrome.exe
Token: SeCreatePagefilePrivilege	4784	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe
4784	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4784 wrote to memory of 3144	4784	chrome.exe	83
PID 4784 wrote to memory of 3144	4784	chrome.exe	83
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3668	4784	chrome.exe	84
PID 4784 wrote to memory of 3676	4784	chrome.exe	85
PID 4784 wrote to memory of 3676	4784	chrome.exe	85
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86
PID 4784 wrote to memory of 2764	4784	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/MiSide-game-official
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff8b7e7cc40,0x7ff8b7e7cc4c,0x7ff8b7e7cc58
  2⤵
  PID:3144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2104,i,13081101043644153601,8563299734627152908,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2100 /prefetch:2
  2⤵
  PID:3668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1888,i,13081101043644153601,8563299734627152908,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2028 /prefetch:3
  2⤵
  PID:3676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2268,i,13081101043644153601,8563299734627152908,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2492 /prefetch:8
  2⤵
  PID:2764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3124,i,13081101043644153601,8563299734627152908,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3152 /prefetch:1
  2⤵
  PID:1464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3148,i,13081101043644153601,8563299734627152908,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3336 /prefetch:1
  2⤵
  PID:1768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4464,i,13081101043644153601,8563299734627152908,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4664 /prefetch:8
  2⤵
  PID:2328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4828,i,13081101043644153601,8563299734627152908,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4836 /prefetch:1
  2⤵
  PID:4992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4024,i,13081101043644153601,8563299734627152908,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4644 /prefetch:1
  2⤵
  PID:4436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5112,i,13081101043644153601,8563299734627152908,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3392 /prefetch:1
  2⤵
  PID:1312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5076,i,13081101043644153601,8563299734627152908,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5136 /prefetch:1
  2⤵
  PID:4748

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4828

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:872

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
eedfa065292e12aa124241aab0cc1376

SHA1
38c298c1ac871842cf619f81f9cee006893869b2

SHA256
7dc7fc7b721e033ba556984212d1f54fd14c6f86b9ef8a114aa6323fcd9283fb

SHA512
8dcb89eb3bbe87825c3890344a7b3deda10f13ef7284f224b033ce90d329f01f947c4c8f229a2bdf937503fa176a55547205a7364a21ef2953b423f6f187d841

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a

Filesize
55KB

MD5
8c8570b4f12320683236d03dcb731522

SHA1
74bfa086377bd05877fe1cd3dd33d5a03905d078

SHA256
6274e1067ba46068b0eff59727cc40e72b4acbf68d7839d8b97d0baec731b9ff

SHA512
01aebcff1c3f42b7a771a3d05e35bafd218e34677544cbd8044e3a925f159009f3d2c2d20ad9a8c211f4c706146d2c05202f3959cd2e262b64d3ab520969e58a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
ab1a45ec9e0406898ee4f71102ce1ea0

SHA1
236455f7818dbb1967ab75d8d44d3af34c7813da

SHA256
854f2ab4438a70a23fd41176f9b447c689b8fc1000045f900ad093eb1f487c30

SHA512
e9df1c5d6cfd8ba7df404cd133268de817d3dd2feb84720a82b335b7710e6e155f064825f55f12f407b94dd2c84215e6e70e2a086e423ec90705325ebd128813

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
e261ac1cacc609f65c07c71e3e205280

SHA1
dd6bebebb6a9b174584cfaff8d5ed16421c8825f

SHA256
c733ddf2ff6f98caa8a5c48f4e1f0c06d508de1b22d294655708a8c7aa627174

SHA512
7b9536af5e8e97b196dd903149f81c76c7ccc4d8cc829b5bc3ae866b29522d40d8bcb1f8ed8e214f1825c1619644b29f034fb88e69c7a68156f328aeb924dee2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
c8985d9a2deb63b6bcb8d3882b25b1c9

SHA1
4f65adaf7cb81deb07d2230975009d84c0f961bc

SHA256
a9628331549b28fa4cb4191f80d673a7922914c4c06cd6e9043667854606addc

SHA512
24ea8bcb04800b7c6056fc5e9106e49e33ec342f2d04ae082d2a05ea7b5c6bb2b57a6c253a74dbf359ced66bf63c5991d54b811ca54a9456fb1d582b8e34c46d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
b18897a24a0a57e3c54df6502c3b8223

SHA1
8f8728bc8fc1f196c872c6af495bd9f43860220d

SHA256
d11167fb2fe115a2455e09ce69fae1199501c16b696e63863a73c4b2fd547d2e

SHA512
899d5b17c39ac5f87135479a68ccb96ad048b971af7edf11c7c1e87a2e1b713766c79a68dfc647c0a0f5fa8c51d2fb0e8fbf3c1c0c14cf8cbfb5db74c40ee94e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
d9f85eab2d7e4e627f13af17da959b41

SHA1
649a1832457da323bf3617e7b10443c88aaa809d

SHA256
87181dfc0bae7de241bc61df7ddb8a09134171d8d099385a19a95a265a777c6f

SHA512
e77c6cfef0f60845f34bacbf3a710a542ccdb3a79960ba269061ff74cecf44ead6496aee74a20e172d6c44fffdcc18453c4047c48799caa1c3bff41f1b8d2cd5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
e4317299dcf1bcdfa7d6f766efea0d7e

SHA1
22b2be3f5f960452556bdfb1c3cfdb7b1373626a

SHA256
d343e262f250895ba5dd65feb426b32f7f915e8b17ed7b9acfb1beb3146ad8f8

SHA512
607291251ff22f2ed46c3c68b2a778c7f40d4e886752c2367c86e692da58da1034b7e0457361c89d558291a7ddb729757ff2d9238e925ca48a67d057a8e36b88

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
9d5d01fd26be1a6502036345f565e53f

SHA1
ec8a27704381508d57bae28aca8cdbf47ce916c5

SHA256
4d84a807f490cce1151f41291fd99f23c1158e31529912bf755b9177a1c8b841

SHA512
a714ebac1946d67a6c52461989cb53e5164017b83e88af66b6e126272db5f1134bc3bd85acd71a5964e45b779c4271925f48e976a9cbdfaa605e0d8205d453c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
4b9b7356c5002281d3b957a2e5386acb

SHA1
d3354d2b8b2b097d3d1aa07d79d063b8f8faf62e

SHA256
b241aeb263bb6820303f3e87f27f639e348e9265e98896c268b1df044a8c2377

SHA512
745aa610821590677318d794b30ff7c357c534d90f91b2b92c27f2c240452dc3339f03cfe2a0d19e411b851cce3d8413f570f0c5cd75804008e5622375cab296

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
18902ccca0803c0c4ff973f14037b2c3

SHA1
f883020a187a084d88dab10bc1487bb0832b15ac

SHA256
656126735144ce78234343dd5117b1734205baff0d76c4de352b5d3e90c12d24

SHA512
8789c9d7a0fda12c3bf5bfc900ab4aaab50c4d8d751a2dbc87db3598f97761ed341c1641b0aa2173055e37d8cfbb434fa3dd1f59975ef57276281e873e46f8a1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
f367067f089f8ec103773c021b312bd9

SHA1
939a76fab3839c3096d686c3aa9a6dab2e3115a3

SHA256
7cd54069e51ec2859c12bc69358277862865a0dae7529d2d5d35bcc40bce4ea8

SHA512
b134a96ae0339fc148aa9db7fa2f3e23b0119d107cdfc04b0c1b721a6d0529203b112b273c11304a88c2170f9218eeb478f6f2701d24e52e6612dfb4dba75804

Download Submit