hxxp://www[.]ade[.]gov[.]it

Resubmissions

20-01-2025 09:11

250120-k52m5aslbq 3

20-01-2025 08:51

250120-kseb3a1nby 3

Analysis

max time kernel
149s
max time network
142s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
20-01-2025 08:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://www.ade.gov.it

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133818367003331746"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4000	chrome.exe
4000	chrome.exe
3136	chrome.exe
3136	chrome.exe
3136	chrome.exe
3136	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe
Token: SeShutdownPrivilege	4000	chrome.exe
Token: SeCreatePagefilePrivilege	4000	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe
4000	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4000 wrote to memory of 5020	4000	chrome.exe	83
PID 4000 wrote to memory of 5020	4000	chrome.exe	83
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 4488	4000	chrome.exe	84
PID 4000 wrote to memory of 5112	4000	chrome.exe	85
PID 4000 wrote to memory of 5112	4000	chrome.exe	85
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86
PID 4000 wrote to memory of 3476	4000	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://www.ade.gov.it
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffad862cc40,0x7ffad862cc4c,0x7ffad862cc58
  2⤵
  PID:5020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2004,i,1091340691929218701,9262577192918735841,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2000 /prefetch:2
  2⤵
  PID:4488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1872,i,1091340691929218701,9262577192918735841,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2404 /prefetch:3
  2⤵
  PID:5112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2124,i,1091340691929218701,9262577192918735841,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2540 /prefetch:8
  2⤵
  PID:3476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3028,i,1091340691929218701,9262577192918735841,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3084 /prefetch:1
  2⤵
  PID:4548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3040,i,1091340691929218701,9262577192918735841,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:4716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4472,i,1091340691929218701,9262577192918735841,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4488 /prefetch:1
  2⤵
  PID:3064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3360,i,1091340691929218701,9262577192918735841,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3532 /prefetch:1
  2⤵
  PID:3000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4748,i,1091340691929218701,9262577192918735841,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4772 /prefetch:8
  2⤵
  PID:2956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5084,i,1091340691929218701,9262577192918735841,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5104 /prefetch:1
  2⤵
  PID:956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4580,i,1091340691929218701,9262577192918735841,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4464 /prefetch:1
  2⤵
  PID:3468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4972,i,1091340691929218701,9262577192918735841,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5000 /prefetch:1
  2⤵
  PID:4424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4508,i,1091340691929218701,9262577192918735841,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4980 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3136

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2132

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2608

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
13455257155315f32cca42c0f59f93fd

SHA1
64f3e906cdd630958fb8f71fddf87f6a9a56ee91

SHA256
3a2c6862d6edfdbbc7689e84ebaf106bb5eb121a5393af7a794453dc1b5b9d98

SHA512
39e6755695b42b475a6ff50b0d4682a7475217638c07953c2006119e26349c0d80a2925631b48c5cb48ba40ac519dd8a0cda57878c2713a5d4b42c1500169ce7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\ab8617ad-59f6-4595-94fb-f3e820ef4dfa.tmp

Filesize
1KB

MD5
be15e9da5bab7dee29b247fd76546c42

SHA1
2df5b53d09f0ca6b6b856d72a65d95edbebeddd4

SHA256
709d265637231a8e9e71884d185687bb8c445de4b7634ec9e4b67105c1ab49b5

SHA512
5129249e72f3b3e607efc1ee2113c3b09fa7a3950dcfcc7e6b4403573367f0fecc635ea30bcd424d45e976e918350a701f679f6fa9bebb242e8282cf8d5b36e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
898e8e3ca6761bccc8195ac1247b52d4

SHA1
546bd82f3e6cd1ca31fd28114bd246b026cb6e3c

SHA256
8ef2764a24789b8d24ede4ec994b4cce4f3e87618fb4230e3550a81b1cdaf38b

SHA512
f901cb26b6d3f4c6815040ac0b4a442fb25b0f1f9b616902f802e0ee74ecb83ad6ebbdddd7656f13410d610c7da150cd7bab8eebc487d2b2dae380a2d53e53c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
9e57790fa6b24d462b6df5b7d9cd6281

SHA1
91580cd3629ae8e9038d6f6d545eae7302fed312

SHA256
a8361131aa8cee7a3639fcc4ebca98793695a4b8a40b607fc0b81084f212ba5f

SHA512
f5a44ea6bc9b0cf7cb0ce0e10facb13d2e3eedd0042615e8fa606cfba5ead9b958b20e68a03fbc94e7616edf7128450324f91ad25026c5dec311e5e43e598b1f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
67ca6ea3d35f49943f92e7d4b0354dd2

SHA1
23885db6f29ea00097d17d1471ab5816f05a3d6e

SHA256
7e0679027e648072ec4d813dc73222bec5c90ae51ec4debf169ef2fd15ecb632

SHA512
c2a083e68a7c43a07d425283c7b85a4a995ea2bc9c18499d7f39f3d930f051d28ae7326c672ebdf9abde9c0dbdb1489a20693665bf06cfca797721bd93e26eb6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3d834d91b855c20f61b69bf32ce0f07d

SHA1
02e55a70ae116a871c368d74e70561a04843fdc1

SHA256
c80de802c0be132990ffe3434c3ba0de9055508ec7ea4c5e452f1f2a2414c677

SHA512
e313c1e6f9be25a58f256bf8d4b9b85d9fca17928fbc24cd8db9d4dd0572bd06a3652471906e951fc2a73006eea2ca2539a9fd6170ea0eb52c5205767eeb52c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d1372232ffd85e8eaf264c854b825d40

SHA1
06ed8acb8367cef330997dd09fa61348fae1aa43

SHA256
4c26ad7e63610ae020c65f4b4d5c0bffb955f35a76fef7444c070e0eca085b28

SHA512
9950b45fcfcd2cf7a5ef3cec59dc9b6c928e91e199dada7eb2548975e5dd4352ab861143ca44e841cf9a65e491b40757729bbefd92492e3f79e294e300445e82

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
dae4c7dd641daa7c6a4cae583fad8a73

SHA1
d9f76d9986a403658af3bbd52521416ae07612e8

SHA256
713c55169abc8074a298be845ac2d29d387f8666d83b3c9a979c9650dddda571

SHA512
bddf24c36fa1f45bbb590c271d286632fe00d45850101cbd07202ecd534c2b4ce975f0d19255285038ffae168bf32b17c6531c8c12a02c3b40ad4ffc41a59fe9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
c5b36f9fa56a5133ad2512d7674c88b2

SHA1
e42bf4f6d91ca9bf225f95073e774c918c0966a7

SHA256
4239cab8981a4a8063e07f84cd41142d0141013d2561a0692bb502ceecc15fb5

SHA512
a5c564f5e72c486936b751615eba76b59adf9cefd7f020eb0650c0b8d7a6739f44d8755aa966da259dc75096b65cdd30d1ba191fc0abf05849963aa67d84b9b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
e4e0fd905cc32806e6bdbf05e6e0fcc3

SHA1
a75512a275764253bb0768369e0f8fb7866c1bb0

SHA256
0429d39420c6e3f9fcc2209225e92a6f9ed9416742ca7f62497a0e8746798337

SHA512
ef6fdf7fc64f6adcb7cc58e2ab239bc308f480f5024b28effa0fe8cbbf7893ffb388eb3b6fbf963e960a1274210d5045c41f48943fd0c3790a8d6c78d0b3ef23

Download Submit