hxxps://steamtickets-50[.]com/gift/activation/id=1561523057

Analysis

max time kernel
103s
max time network
98s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
20-01-2025 17:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://steamtickets-50.com/gift/activation/id=1561523057

Score

5^/10

steam discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand STEAM.
phishing steam

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133818692815512181"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3972	chrome.exe
3972	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe
Token: SeShutdownPrivilege	3972	chrome.exe
Token: SeCreatePagefilePrivilege	3972	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe
3972	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3972 wrote to memory of 4804	3972	chrome.exe	76
PID 3972 wrote to memory of 4804	3972	chrome.exe	76
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 916	3972	chrome.exe	77
PID 3972 wrote to memory of 4832	3972	chrome.exe	78
PID 3972 wrote to memory of 4832	3972	chrome.exe	78
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79
PID 3972 wrote to memory of 348	3972	chrome.exe	79

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://steamtickets-50.com/gift/activation/id=1561523057
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffec3a4cc40,0x7ffec3a4cc4c,0x7ffec3a4cc58
  2⤵
  PID:4804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1800,i,12774854915741976835,4677797586804648713,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1796 /prefetch:2
  2⤵
  PID:916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2080,i,12774854915741976835,4677797586804648713,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2120 /prefetch:3
  2⤵
  PID:4832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2168,i,12774854915741976835,4677797586804648713,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2136 /prefetch:8
  2⤵
  PID:348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3064,i,12774854915741976835,4677797586804648713,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3088 /prefetch:1
  2⤵
  PID:3060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3076,i,12774854915741976835,4677797586804648713,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3152 /prefetch:1
  2⤵
  PID:3404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4336,i,12774854915741976835,4677797586804648713,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4380 /prefetch:1
  2⤵
  PID:3440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4752,i,12774854915741976835,4677797586804648713,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4768 /prefetch:8
  2⤵
  PID:1324

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2100

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1120

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
21139eaaa0850ede3f6cb2bb8122cb43

SHA1
24549eb7e57404b426ebc24f54b361ed58df1ad5

SHA256
2a5a12b6d7f113d5cb09f6a2428fa6b62e3f2d916aec61e59b34af3c26aa2a5a

SHA512
668d7fa52ace5b3ba60dfc7ebd1196c11df2597052d2bb9a9e03950acbe02ac33d245813e1dcb72e4e29c52312dcf557b294e7c48c2ac54040aea82d85874b8f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
456B

MD5
17aeb84e7ac2634163ecf910487bc8f9

SHA1
0f8ebef763867bbc60b8641a6ea3ae0bb1a14a34

SHA256
a509d736447a73c24e6781b1e2196926b42ae499a79f638d7cced1ac269b256e

SHA512
afd71908cfcaf7881cdec78e37c5f587f4fb0efdbb9af7e1107f9cb4c6c5c2c4608ee322fbb073ac6ff1a33ddc7d0b949cc9d8a85f491ae0ccd38b46ea3756ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
0d2975941cb9cc675262ad32ee69397b

SHA1
5580a2e9c619260a0189665459af5d3d175e090a

SHA256
425275fdccf15025ac070736af9eeee0f169598d4b595a6a316565bd871bf972

SHA512
48b374d6ee8c552315ade39b3f9f2e68ce578fb4479a566d1ab528d74e32203a274bc601e1d434c33b5a9a7e835a104db1a07bf9189cfbd448b54daf730b489f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
7e1757cef0c63cced7c6ed2a2cba2339

SHA1
8b78d46128e78dad128d6ce53868a9a4c6d5eca6

SHA256
e1b0d7f038d9232015b56bdedee20898b07e6e7df7f87630879f57d0561f4782

SHA512
05d15ab35da4b2019edfeab6fc216d574a29b0db87f4ececa924739ba6395eab6dd4fba3b441629ffadf1706db09c6c9874b246ce80957afd5b81a20bca671e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
dbd4583ee5e213ade2d621127929aeeb

SHA1
d6da8917f3f08118b2732ab3fb2bb4bf46c3bd2a

SHA256
08a445ebbcbd1ba66ba9c817022e25999cc5a5b1a5a8355aefd3eaa40214a644

SHA512
c7d7e199ea1719566dca72ea7a0da1a0fd618d9d2a8aa11a026170a8dfb6d9c89fd3eeb027449cc3d952527b1221108a888c33a59f1fbc5982f5e6d82f68a489

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e9236177099a42b283ac376eed8b3efe

SHA1
5e3ccf5b04f817a06bea4268aed4522b02499b83

SHA256
9ce03f3f3b01a61cf1fc7cdbc48123dfecb2adbf26699df795f8194d63281fa0

SHA512
4b7e7ec9734e286ce0bc5605c8da3ecb256a21e20281f58261e11bd059e104d8d4df5b3fe6ebca16eca716e6ca90b5eadb9b593f730328235dc85d660a174daa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f5c82be1131dc93832f3cb4133702a89

SHA1
a90c25768c1786fefb774750106dbe11f5762556

SHA256
75813020628b8862acd773568d84859922d9961ff54471ab02c6e83e7b6558ca

SHA512
0da0669ce9379c600c66a3075980809f8857a257cfabe2024717cb4e938d609e4ea2d672333d1d11017d3b0e5809e8c71fbab046f33ebece460d7efdf2ac9cf8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4a88b02e60cbb37d9a6a585183095fbf

SHA1
d41cc1dcdc38e7aa809b7f5fc3134e14ed467ee5

SHA256
a31268ddf6e3113e912e95b5777fa8884b91a11bd3fc85887399a786ac75fdbe

SHA512
eac40a2d86ba4fc40ba6212b5e162aebba6dd6376dd6428520520833b8ab332227d31e88addbbc5646af400aebccad856936f9361d0091b2d31d435380eb0596

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1f7cb343665993f9c729873bbd57400a

SHA1
1c1c11cf428856f122794452e1342467c7ecb7e9

SHA256
d4a3244869f58fb815488f96b647174feb2b9b886b93dcff235e4324a82a7d7c

SHA512
061ad2b0c2fa0167b74f975f309ea95607dbaf3d40b4dd2afbc7be125ce8560c839bc6438d14ca151c172249364d856299e704576ebdbef491365510d1329310

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b307cb56a0f4f8aee5c166903f70ee50

SHA1
99dc5f11f1668d5afe99da6c933a3f475509974a

SHA256
88e6e9c8b8c1a311d2c6b1e31650c0116a3340daddd8cf1eefa4beb82cfffce1

SHA512
f5dc1f3d0a02c78e453cbd01f728eb0a2ec9ddd2adeb221f7d3606d74eef2033be72b921ce7fb9f9d6030a62809f4a6260175e2e68eac4618affbf08702273c6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
fdbccef8f22f6da4ce4731e7bde77f06

SHA1
5a563ee308b5cf05d4a20fca6214dc2eb8470994

SHA256
49a122a2265d18152e4972867c46221ea0c1f8198b57697f80b1751f5abc4679

SHA512
ec943e6d5b9ba4ad836e89ec2cfd1206223450b3aad8b8d8c5c64a1876a104ebe1555b7170154a981773672f4fbc271480de9253de3793b47865e517923ebcb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
682586d11c7ac8057a5303787a53e084

SHA1
0c0b634f00b7e43084ec2d2eeae3a730cc8a244f

SHA256
94ffc6b37c95ce64e5384221742b759eb2a0ed67618e787feaccf97b68cf99f2

SHA512
534c909b4a98f8763efb23a1d37cb1693e60a599da7794848836b7e10c2cab101feab26226ce4c9d2275dcc3eb683b440594e28f3c4fe3258dbefe1915180c58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
1f1dc31cbb46be88456b7fd7057d15a6

SHA1
89629977db8bad26778ee0633bc931d770c4412a

SHA256
27789989feb6e1b72cc85a3ea83c688103ee8595e4833d1c1075888ff5c4dc26

SHA512
e84f1d3911fb10913df4294c9b2f138452b05b9c65897c42fb1b221784ab1347fec92896c4ebed90597da307098b7af5a12bb66b1e6bbfa098c23d648ec840f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
f3fdd476ec0ec552b151ce02b4d311d2

SHA1
05c2d8221f9f33dc100ed7851ab9b3488e2f323d

SHA256
4ad2a4f4a755a8b399ff5953580714c804af8ca46f7a4060d4a1d806aa09e141

SHA512
722a7c16b7595957d4b4c8019af0417ac40aa6f87f2629901acebd8afd1a9669b39b8c4024669219fb2249502d98796f0e423e7f931f66f85fbfcb50d411247a

Download Submit