hxxps://gcard50[.]ru/e

Analysis

max time kernel
38s
max time network
39s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
09-01-2025 11:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://gcard50.ru/e

Score

7^/10

discovery phishing

Malware Config

Signatures

A potential corporate email address has been identified in the URL: [email protected]
phishing
A potential corporate email address has been identified in the URL: [email protected]
phishing

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133808966431747372"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2536	chrome.exe
2536	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe

Suspicious use of FindShellTrayWindow 29 IoCs

pid	Process
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe

Suspicious use of SendNotifyMessage 14 IoCs

pid	Process
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2536 wrote to memory of 224	2536	chrome.exe	77
PID 2536 wrote to memory of 224	2536	chrome.exe	77
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1320	2536	chrome.exe	78
PID 2536 wrote to memory of 1104	2536	chrome.exe	79
PID 2536 wrote to memory of 1104	2536	chrome.exe	79
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80
PID 2536 wrote to memory of 1848	2536	chrome.exe	80

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://gcard50.ru/e
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8feaacc40,0x7ff8feaacc4c,0x7ff8feaacc58
  2⤵
  PID:224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1820,i,2941916606287056086,1675501567091508401,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1812 /prefetch:2
  2⤵
  PID:1320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2084,i,2941916606287056086,1675501567091508401,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2096 /prefetch:3
  2⤵
  PID:1104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2168,i,2941916606287056086,1675501567091508401,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2372 /prefetch:8
  2⤵
  PID:1848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3076,i,2941916606287056086,1675501567091508401,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3120 /prefetch:1
  2⤵
  PID:4468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3084,i,2941916606287056086,1675501567091508401,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:2232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3080,i,2941916606287056086,1675501567091508401,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4424 /prefetch:1
  2⤵
  PID:908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3412,i,2941916606287056086,1675501567091508401,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3432 /prefetch:8
  2⤵
  PID:4020

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2824

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4408

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
bd94204aff594120578daca3039ea423

SHA1
3462c1fc8021e6221fc950fbc976c19c7881607e

SHA256
99836e6874d70b7947badcc5689de47e43ac1957e8eb01adc113e4c2ecbd8d91

SHA512
6fcebdc7a9bf43a1c0c4ed23cf65e9d1053b2ba7f56d84cff954675da73b1bc0d2513dc974b5b93908fd2212c0c7facf4196418c5653c4c1069981d8cff02258

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
1d3daf670ee1bca9e5686bddb5ae546b

SHA1
01342459248938f8bf8f2b0f664bb3f57230b7f8

SHA256
7860c6dafc5ae26ba58ebd92d02dc628a16c920158fa282ded2596fa1beab575

SHA512
cc61c9286b44a9268c590564601a4b8657d338c2c61a615f9ed7a29602725ecfa907e8accaf7529ee3b2e37be430c1e0a79a98f40260b35558d041edb78b4070

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
2850f24d9ee886612b1546a0a0b683ab

SHA1
8e95c78852c4f391b9ac69a0606398f6b6c8b2bc

SHA256
0ca649259016e93758c90a454faedb5cbae3d2f755740aab41da7b3f382c01e3

SHA512
2c7ca6bd8d96244248bbd82732fc8e515c83983df8a141e40531d46742f3e0c6202fd9fb13b26290e2b61268b61cc0549c9b09fc86ccdde0dee8e385c579bf54

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
690B

MD5
d3d4da4449a1c5b25e032d01ad70347a

SHA1
7aaa6dfbaee7259540a0a12535ea3cc2c335d1df

SHA256
d1949f161f49cc2a73f118d3d7ff4321926b7c04d1b2a07713daa839ed1f38eb

SHA512
c94736e226d07bc39bbcb0a91d452ec3d005874b268391b02380d7dc566ef5bee4ff9747f8c78b472c74dba792489b47716cf306bf5c983374780876980a4041

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
690B

MD5
afa1aceb270421a9d9bc95ced5dcdd13

SHA1
661d7af43f629732dea1bdfbea3982b5f3074b53

SHA256
b814cd250c77230e2335c533d67bf552bc691c3d96c4baee2d1e069bf9b6c1bd

SHA512
39758402f0665dffcd9136d95b4ada4c98c211cc00e6ae8b5ae6a826b86399d12e89fd44685fb6ed8b20cb6c3b08da0b8cc23c29c20c1e705c3f81239f529e51

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
68b90a1d83282e10171bb60dad4ed050

SHA1
631525f4f20943573f909308382d9f5c87c60178

SHA256
696531aa5c73ad657015d4b4882c4f30b85807c5f1251712dc00763ff7fd9291

SHA512
d9b911b186382397d3054d3ff8b9676ffeb1dd7174177ea84b6094071b72a280d309daa4ce697333484f293268aac0a18860566dbfb5e7326fa990f9f2d41fb5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
50b2d69a2663a6d610422473403b1250

SHA1
2ea0ba18f04c6aa344f937a70940fbd1a3541e20

SHA256
3c87b3b8beef04a8dbcc787592218e7538cb22e7fe08f7b86612e61dc2068e79

SHA512
c99ba9aae3b16f518be5646d3927cbf9609307929303a6ea37909afd718f7dc195b975e5c9fbd5495b84b0a37c5bf63be6fc9012972f950bc84e819e5ae17efb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
16c8f778cead411b2afa5ac5c8016043

SHA1
96e2e2a5ab92f94a86ab455f80d842dc62577c28

SHA256
48eaa9041687837201831f37966af2f1c5d9d81541cb87929f78870549a96525

SHA512
7432883aab73af694d97a436b3d764477f809a69c8ccaea69c750cb1688a6648ed3c8e4836ecfa9aca43f4f03bf30414c6935857601603a782a32f8591933bb4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
c10d956efd8520f2be0cba2896ee63aa

SHA1
2d56f7a2591062817c0783009479980d9e710101

SHA256
e77377311a08ea61ceaa09b5c4daac045a1ef6eac4055de3af9485938e954e4d

SHA512
0ce654c898899238a55e5c8dc4aac7193bbf4aa1337d2f37a218924b2d7f96792f0e39896be260278a8bc1a057ca1433e687189b23c469b26b2c499db69c599d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
447050c36ab940bf885136cfccff2c6c

SHA1
d024a1329b9295e1f62a1e3b214224d7c2dfb58d

SHA256
cb535f645600f26ec9a1a377265fa4d81e8df5ca59f5af4c1e102770bc55b659

SHA512
7feba756a1f2c6c3373fad97b6ae8a98942313ca4ee08ed26e548a31092346433367f2e878d82b75b02290ff1ffae5fbe9b58b5709313bc505dea32d6ddc8864

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
d90c6fdfa80b566c2b4cc1cd83e828ea

SHA1
bf18b5fd7f4697a5c6a9a42e7e9f90336bcaad4e

SHA256
ce9e51402a27994ca4747b3d72f6b846afa9004e3a9c55fcaa2d00f44ff8a593

SHA512
a18ec1839995ca5b660544d6d3daca3c020fc003bb92ccf060ff8a754d73db5015488665c2e81f4c0637e7d6e2a95a8d104e793b09cae53e776c806761697949

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
db68fae013401047a98e3e26a3282c4a

SHA1
a0f6e08446590fefd72dc343e8318894625e9ffc

SHA256
3b1680c2cfd3612fce0554e5a6749fd9b66b5ea46d419aebf0532ad2088f4d50

SHA512
25137d0b72dfb5fa8217e35542ea9915b0bce72a06cf1cda44988ce9bfc1cad07ebb3ece9285fe99789929a0d089426d0676da1e5e20d36408b33141a5367139

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit