hxxps://velera[.]taplink[.]ws/

Analysis

max time kernel
155s
max time network
156s
platform
windows10-ltsc 2021_x64
resource
win10ltsc2021-20241211-en
resource tags

arch:x64arch:x86image:win10ltsc2021-20241211-enlocale:en-usos:windows10-ltsc 2021-x64system
submitted
07-01-2025 20:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://velera.taplink.ws/

Score

5^/10

microsoft discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand MICROSOFT.
phishing microsoft

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133807566638943643"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2620	chrome.exe
2620	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe
Token: SeShutdownPrivilege	2620	chrome.exe
Token: SeCreatePagefilePrivilege	2620	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2620 wrote to memory of 4464	2620	chrome.exe	81
PID 2620 wrote to memory of 4464	2620	chrome.exe	81
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 2996	2620	chrome.exe	82
PID 2620 wrote to memory of 1388	2620	chrome.exe	83
PID 2620 wrote to memory of 1388	2620	chrome.exe	83
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84
PID 2620 wrote to memory of 2960	2620	chrome.exe	84

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://velera.taplink.ws/
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x21c,0x220,0x224,0x1f8,0x228,0x7ffe7c70cc40,0x7ffe7c70cc4c,0x7ffe7c70cc58
  2⤵
  PID:4464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1892,i,16791492501564279358,2585626761964140357,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=1884 /prefetch:2
  2⤵
  PID:2996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2140,i,16791492501564279358,2585626761964140357,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=2176 /prefetch:3
  2⤵
  PID:1388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2336,i,16791492501564279358,2585626761964140357,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=2244 /prefetch:8
  2⤵
  PID:2960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3104,i,16791492501564279358,2585626761964140357,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=3140 /prefetch:1
  2⤵
  PID:3600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3112,i,16791492501564279358,2585626761964140357,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:5000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4936,i,16791492501564279358,2585626761964140357,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=4948 /prefetch:8
  2⤵
  PID:944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4308,i,16791492501564279358,2585626761964140357,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=4792 /prefetch:1
  2⤵
  PID:2612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4380,i,16791492501564279358,2585626761964140357,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=3676 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2040

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:5008

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3540

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
74e9be533c9dbe2dc050925a22d04624

SHA1
f2682fec184b77edbea95b62cdd2348baeeb23ab

SHA256
b9c0af04dd63343331af4571013bec116e56588075dd794aad52347bd14bade6

SHA512
d37a8c45431cf10a5a757f1fe3984bd8ae5037c7d1eaa30881e7ddd343305346071eeb991c73582d17c630c69eb3b37c6360e464c81c4defb0c128a1343ad928

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
22KB

MD5
7446609e62242944cc71041181bb69e7

SHA1
6dd927855ac4db37dbec636c1451aa0fdf8cf446

SHA256
deedfb61867b21c7234bdde544212411e0afdaf38ce52d44b47d0491ea1c9e53

SHA512
8fbfd4cb20a86cdfd62093b2424392842fbe1abd971689049666564e24c594ec785cf66451b184c960d0f67d7ab2d79fba2856fa8db263577c99d75fbaa03b8d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
8a0a0ebb89a56494cd028f2dba2fad2b

SHA1
dc11ed7dcf85c9226bfe33a9808a5f7e7c107031

SHA256
9dc606f05dec68291a97c5d3ebcb3b200912d4729d9be2fd65b525a0945b2954

SHA512
9503d1d4b0379be02128120fc03e80c466b5a225d5449d3e887b6963bbe1b4710fbd6f39abc5e5fa713599dc0a1fc0d9198c4178acdc8198b141fa10b5b2499f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
395357c836f188a868c8a13299078b3e

SHA1
055b049ad69ec8e40144d89947aa71e03e31dce1

SHA256
26473216362697c7a8b62167f45547b3cc29e0dea13523bbbc1ebf69fbba9b22

SHA512
c305a0cb876f0d89c7782a8c8bba93a9a4439079fe5431ee0de6bfd1808f3b4152c99fcd57e12ce6f8bfd90dcbacf922bc6de1dbe1bcb614f37c9bb3c21d124e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
5a54ea293c4b20bb299a19f6e925dc08

SHA1
e14dd8e51d17dec4c69c25dd90c10f9de7f8bba9

SHA256
7c05bbbffc771d02306671d8512a975acb204cdfb61652dbc3eb3aee8451ee17

SHA512
3bf76f5522e4f4057ca21c2f86fa0cae7134970d1bcce9f4ece4d7e7c0b2fe4603549a31e961835e8724a4ae385c65f0c7fd5648d17f6446e0a3821bf3041dc8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
c80be75c56feb1e9c901d986a6b5af3c

SHA1
0240ce2eb3de7c2d9e07eac9b845400403a65a1a

SHA256
e5026f5a76e5dac6d3cb42144051dbc89e2664bb6b36119810c8363b50c478b6

SHA512
e9f1f760cf462a8c04fed334b09ae07d0939fe1c7fed0b3b619dec5e365c21a1adb22141aa08627fd17b59d9f02752afaaf7545c02294523626b01720c7a75d4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
ba6909d7d58a67128c2287b37d2db09a

SHA1
fd0d876be91f864a3aa285412b1bcd4871cfb39d

SHA256
7f89893999c251aaeb2fa5dc9c313b86a4eca5da9a68b0c9f1ffba5561008109

SHA512
6bc938141b702820c77a0a906e9c3deb970508b830c2ef546c4ae035e5983df55db5e21ac0288293fbbcc837816b5f1eb1559a42824291b77c05f9c31a1159a8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7439b18c65d7fb9fec5992157f410bd4

SHA1
f7c4da991a7a50c0f5b2243688062604cffb51f4

SHA256
fe037a35efab4868081cd14346df52704979ee21604b0ff789b553a6bdd24cf1

SHA512
6f547ee791867d069714bebc0267d5762ed1d586e4316638cdd88b306fe064e8ab437347bb33fbaf3255c2423f7fa4f88756ef419d4447b70352b4c8faa09c4f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
44d6279ea30ed14d2b94c3fe661339e1

SHA1
d5e3d06930e5aea3750b8f5667b981132bda3021

SHA256
ca7817c4c4c8ba9b24a6669f6cd7425b16fe24084261a9d20cc9561edcdee297

SHA512
ed04a933a9ddd96ecd91fcdde215263db32f41dd37da479ffff88a12119ae41b3177954be2a274e11f3588f62ffea6ae318b139d9520ebba80b4715fb5c39436

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1f998fae3fde7eaeeb5e505baeda693c

SHA1
2f14fcfd5ba7b113faa794d4e8de4fc771aed558

SHA256
7a1f944ffe2298dcc8f7194a54b4c29f65c457f9a02e1d35a9ca8271877dd5a6

SHA512
eb4d751ff79ffef718335f5e38bc120a41daa588a5bdf4fce27313d883f126b2dfe682dac43fdc5d6eea537c811c6bf31df4c9e7d0b83c62d775eda891e458b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
cddd907a6459bc0162d10a349664719c

SHA1
7ee80219b070dfc43a59244cc584cfac4dbadf7e

SHA256
f3d4e6a0241b59ed16fdca246db22b6320396d56968cf63b1a783aab75788730

SHA512
d5ace528fa77237512cb3fd6fdc678f5813fa76f1704b35aa41d318540ac0c5bf1004d85ee52473762b65d1c9f71abe4879c7e8d8c389cdc1dd12bd8822df2f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c999d98198f00fc4015cadfa2e84c7e4

SHA1
57985abf24f13d90969cf7e69804dfce8e23bdd0

SHA256
3fc064a23f07d2cb8f72ba9ba8ef52c1a96304646b7c1255d70299930e63ac7c

SHA512
9fc7c42f5811d53bb0f9cdc09b8d3c5e0687f657f7532093fb80060f3a6abfd7c9781386993884e8daf53642398aea2d88afaf8af475519874f460ce1e865728

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
5a99d3131611a969b9847c6a998ae4f0

SHA1
50e10ecb1c90eeb9f959f02c018ad6b31009878f

SHA256
6ea6d27db0150279c1f6f95e5af735b0df22a2a07bb8809fa76cf1a7d33928a3

SHA512
9d6ac9c1b2a1ce8de8c86ab9e0e4dede929509cdbe5ededa8dd619641612550dcfc8e8c6558159fd52b59c9e548c2e2c1b06badb7edcd927ef114905f748a701

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
90791097e9b422a7ac2afa9a85c1e168

SHA1
3280a6a5ba755685ce545ec478d61f3a0cf66440

SHA256
358842b879f4d1a29a0d24a42a9dbecc44e2935ec9e67c91eeb8e30e3269b2dc

SHA512
0c2a7a56462927c04ee9c304816f5e44093b529d9f0767eb28ca1c30b4af275409144dbf443f6b266213a53da6cb1ddec5ed44f1f4e0fe17ce04e233c4cdbadd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ea536d75aa37754b4599ec8c70608ac4

SHA1
e974eb4039f935f68104ed7bf56da5a8664918bb

SHA256
58e79384db967489a0d8444bedd61c5d0772ddf3f6641cb92791f53655c6a031

SHA512
e599cc7178a6f32ff069572ca0278da41a51f7574d2afce6116421c183c8734176159cdfccbdd18693874b4d120b61bdaf7427d74413d1d748de06602935d905

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
118KB

MD5
c59da52083f7a28905aa671cae9b6ab0

SHA1
8e3bee27889359b5204323b3f9d11fd6cf96f592

SHA256
dd9dace4b9f09a359f9505d294c6991a8ebd1c78a5ef316badb6803eb3dcef48

SHA512
6f5fa302394ebccd359b2249878c29348114dbd394967b5870e3e7026373d2293f6423ee9a5cc7037fe2dcce0057a762606abea6410b27887ded3d099551b4ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
118KB

MD5
564c409a78b717dfd5d4a98a77808bb8

SHA1
214285bef5843f9d54aa9f2913bf396ce3d232b5

SHA256
d715ece54d92bec8be56646d7a417156e63af70c79aa423af5dc9b493f2d6f98

SHA512
af4694859a5582853795c5d58c7f4b4c54e166a065874624ee4ad84aaf8a1dc10f9fe09adb2f0da2670cb65c6ad5dc3586cc7e2795055643cad2a5d1c937c3a0

Download Submit