hxxps://github[.]com/Da2dalus/The-MALWARE-Repo

Resubmissions

03-01-2025 21:42

250103-1kekvsxncj 6

03-01-2025 21:35

250103-1fh3gsvjgy 10

03-01-2025 21:31

250103-1dbkmatrfx 3

Analysis

max time kernel
149s
max time network
141s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
03-01-2025 21:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/Da2dalus/The-MALWARE-Repo

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133804135160831512"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
3928	chrome.exe
3928	chrome.exe
728	chrome.exe
728	chrome.exe
728	chrome.exe
728	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
3928	chrome.exe
3928	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe
Token: SeShutdownPrivilege	3928	chrome.exe
Token: SeCreatePagefilePrivilege	3928	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3928 wrote to memory of 2588	3928	chrome.exe	82
PID 3928 wrote to memory of 2588	3928	chrome.exe	82
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 1976	3928	chrome.exe	83
PID 3928 wrote to memory of 3476	3928	chrome.exe	84
PID 3928 wrote to memory of 3476	3928	chrome.exe	84
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85
PID 3928 wrote to memory of 1972	3928	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/Da2dalus/The-MALWARE-Repo
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff9eb59cc40,0x7ff9eb59cc4c,0x7ff9eb59cc58
  2⤵
  PID:2588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1956,i,4868836627880598011,14738609069520364838,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1952 /prefetch:2
  2⤵
  PID:1976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1912,i,4868836627880598011,14738609069520364838,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2032 /prefetch:3
  2⤵
  PID:3476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2256,i,4868836627880598011,14738609069520364838,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2432 /prefetch:8
  2⤵
  PID:1972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3128,i,4868836627880598011,14738609069520364838,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3144 /prefetch:1
  2⤵
  PID:932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3140,i,4868836627880598011,14738609069520364838,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3188 /prefetch:1
  2⤵
  PID:1396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4672,i,4868836627880598011,14738609069520364838,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3692 /prefetch:8
  2⤵
  PID:3208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5024,i,4868836627880598011,14738609069520364838,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4872 /prefetch:8
  2⤵
  PID:4560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5080,i,4868836627880598011,14738609069520364838,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4924 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:728

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4356

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2060

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:3368

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\1715c30b-1175-4308-ac12-d994539ae950.tmp

Filesize
10KB

MD5
b52c271e43d3c2f54708990327294b6e

SHA1
7b806bf15880936410951023358d97755facde31

SHA256
399926534db5e51a0994a1397db2fd41a960cbfc7c235a1e86b8342c8997577c

SHA512
feddefdfd76c3d401840ad63ad7a6ecb31ef8ad34c39bdbe8aa90696c1359c19b5a6eac478c0e00d012f543fd846ac85da1cb0c0034ca4e58468f2ef545627dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\41dc8a16-78af-4b1b-a7a5-05b2e0e75433.tmp

Filesize
9KB

MD5
1ff1065176939b0cad7f77ee8c3825e8

SHA1
4bbe2ca6a67334d80fcf1ffa4e2583d161b0b7d2

SHA256
46a62405e1ee5c02b13e8a23caf684485421ceb2da537a6f4ac2d43f6c8e2f6b

SHA512
cbddc4f71a4c7fad4ded49538664827480c52bc0ea5eb64824790a373273cd29852e5458fef94fe35d0eb5ce3051a1e71603b3ebbcddbbf5281323f0fc977d05

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
fe39268f558e628de4d0b355d86c8128

SHA1
5eba83733f6882e248fc2a21251c22169050fcbd

SHA256
386e3d02a2d752769a0f9894f4abbb7896de1a5085ba9965d4807b7fb23ca8df

SHA512
c6124a3036d4f30edc5fef53566f106a8cd0b9d02aa68f4abe08c85edcf692f8d69cac8fe7cfb23ed0a8f09d349a69b1a6493c1fa979186b3f6fde41d6f28f3d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
e6ac24364fdffdce49a4d0ad0889172d

SHA1
9e53d8dacc188e799a9d83bbcd1578306791d4c7

SHA256
09dddd26920053f1a2aa9ebfe47afe6f158c385fe0f4bd3f9a9336aa22b1f0b7

SHA512
0966c5aba22bcd37f78f0afd174130b19416c928d4df43232372eb65e4cfb001d9f59feb8ff2cae6f438cbdf615e79f6d846227f87309c0fc67e6d598dfdea47

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
0eab5e6085ae21f3ae210ea5151cb819

SHA1
1a31229fbc340ab215e245be607b49672696d5b9

SHA256
7583906c3867a9b5ad056e40cb0fa6e96dd468f0685271e14f17e1f5090525de

SHA512
c71a45b86bdb4f0f51b2057b0701c78629c5538e535c00612a0d423d0d81925de81ae9297fef72d612f8ef3e1663b8cede185f5309cae96f90eaf46e7dbeec63

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
66e8f92b65f0dd384bf6ccaed61eaa25

SHA1
50d56d9fbf6448c8fd91a54f77ec227027c84a2b

SHA256
b0cfd79a2dba0c40030c4de10ce833fa20abb4e06c9d0c9b91bcbeb58cd1756e

SHA512
844ddfdd16ec4676e2b47daffd7224498a6d9bf31fcc18f7158fee70121831acad1951d4432d5799b7cb157fe8a1277a44723ab285290e10e5615238e95524f1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
10f77d2e337f4fb67b5a957e14598062

SHA1
e05f5d001badb6642985932615e864fd252f3d16

SHA256
3322f1cbc1ef02ae8f647b993092083e274774f3c7b4ef37e14856c4cb4abb77

SHA512
4d5021c090d16c6d5d2d8c30f01bf53bd00471c85edfeb74b2f96af8ce6a9b81bd6065c487ec6b1e4df5bf50ff2d71b381ea5b01cd7b5dfd2cc7cd4055eb32dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
62f141bff075d15362ecf1636365a2df

SHA1
a61fbb631dbbdc62afca87da89da38b0238755b3

SHA256
10851b0667e75714bd4dd3fcded7581bcc2f2148e7f3ce4e4ba7906f338f7051

SHA512
bf54348ee5592caa496d953026c673d66c3f6e35017e9e374a80b98f006a250d6e360b7ec05404691d4adc71a05a95b9c5331b81b0a18a9e13d703a09bac0ac1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
9c51b3696588d6f018b9ec5cc4c1a876

SHA1
c9e385d85fa282e5585dff82afef32e8999af571

SHA256
f42f11b9a503c6d22a46f9f59ae4d9bb2c4e242bd703edb483163b1a09a55b56

SHA512
12ef8e41aaab523b2ac6a9209cc6cf19a1d3cbe7dc799e0b5aff1fa03586fee3a85d3e1303c17bb41c16c14ef3c13be36f5ccf4dc80c7ad4dd5315f61f0a97c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
c12a0ac5060b61931b95915768816eab

SHA1
ed27c536672bfc3b2efacaf991e1b3dbb88a28e9

SHA256
53124d294b46b0181c31b75f0f0793b4d05342a8cce57816464a498d85275aa4

SHA512
ac1c364b2f66dcfa9a9f7dd6f8465b892b9e0f96f57490f4d3c1d5a11e9ce35e62db54f9ed3d76020ec43e5e0205752f028ae6e83b614b4b4b68b868e92c3b5a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
44e4fe14ef601e4b3adaf4852321bc36

SHA1
ec44a93101d27612efa73f718591121fe55e42da

SHA256
c47e94e9602fcf834128b084ad4336f5bc5476a8bade09bdc48af931320f71d5

SHA512
bf54cf21e7f97812437e48e32dd04c52da32cf7684147f16d51bff81856e0c3182fe76cb23d14b7776a0e1017a674960a6ed44c55de22dfc75770d438619603e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
85fd4d3ef2a51c025ad6af0ec9c4aeef

SHA1
c2a05f94af16380b702b7125f4b616c56caa3039

SHA256
45deb4749d34f8dc4b0c553bc582cc48ebc6ff949b440caaffadefd5bb803e5e

SHA512
a38a4a391a6a9f796ae166a3e325fd74e928d0fc20ba1592eae58290ecbd32bd37138916c0f8d1ce925eefdd2ef13f4b47da5c4dd2c0430e41208ceb7ef6d46d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
248ebb7b76aa51d870e7beb187493f5c

SHA1
2b3eb594949f696f84c9d2858a87af854b859ac5

SHA256
d8b161146845f7ef30b2d35c1ea569caada2acf9a329b85a2af85c05a345c82d

SHA512
9c4460345b6d09e4e2c25c451cdcdb905654a988036733641f954af265f6f66a1f0757ded617972b780d4fc069a67d53b76f7ef01c7dd5b747735ec03c923d7f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
fef15686d7623fa6e44a27943049faec

SHA1
d253757f67c534b71cdfa7cc7fc733a33685c570

SHA256
02165996114e7a013aa1dee6c541f68b78d42e7424ed6c1b6907c07119aff71d

SHA512
bb75c80a21646afad5bc54890e1a3286596a48a4b7696505e6b15b33cfa72276bab33ac467217ff488b946b2211bf0d14d0e247dcf7e9eb77aadfaa34ed89c9b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
ac07c352ab77af8f0582c7d2485b7dbe

SHA1
ed8f7b8e0e59abde2ee9b0be6c02be6db45e7717

SHA256
0bb70aa9f571ab976151a91684108cebe58a043a306b8a165d75c8311828dc41

SHA512
da4e1259d845a7daf496769d052e45c46e7caf3730cec85d54d1be8aecfe6d447624644a4abfb09fe0f31f9115daa1d07ac43783b96f8851d4d657f5bf0455f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\cc2f71b4-3fa0-4699-92ec-5ab73b4b1434.tmp

Filesize
116KB

MD5
a874932827f5fb3777c89ce7120fbe38

SHA1
9a99db1694d15e103b17aeab5db8a664da4afcb3

SHA256
074609ca1fe64d67fe7ba0609dc54aec688b4d9bb6b85394637a123657c68ebd

SHA512
2ba7fb068b58931039c69328ea1ff9684346c2597866d4beda2fb758334318b2c30f9550f081e342984b7275e14c909d2e54c926db14b7bb0bb594e456b50edc

Download Submit