hxxps://areyoufriendswithdavid[.]xyz/

Analysis

max time kernel
900s
max time network
845s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
21-01-2025 15:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://areyoufriendswithdavid.xyz/

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133819486868569400"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
1620	chrome.exe
1620	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
1620	chrome.exe
1620	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe
Token: SeShutdownPrivilege	1620	chrome.exe
Token: SeCreatePagefilePrivilege	1620	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe
1620	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1620 wrote to memory of 3672	1620	chrome.exe	82
PID 1620 wrote to memory of 3672	1620	chrome.exe	82
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 448	1620	chrome.exe	83
PID 1620 wrote to memory of 4508	1620	chrome.exe	84
PID 1620 wrote to memory of 4508	1620	chrome.exe	84
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85
PID 1620 wrote to memory of 3528	1620	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://areyoufriendswithdavid.xyz/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffcb555cc40,0x7ffcb555cc4c,0x7ffcb555cc58
  2⤵
  PID:3672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1972,i,5582857615311197886,18128140473475972675,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1968 /prefetch:2
  2⤵
  PID:448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1892,i,5582857615311197886,18128140473475972675,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2088 /prefetch:3
  2⤵
  PID:4508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2272,i,5582857615311197886,18128140473475972675,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2468 /prefetch:8
  2⤵
  PID:3528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3092,i,5582857615311197886,18128140473475972675,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3120 /prefetch:1
  2⤵
  PID:3676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3108,i,5582857615311197886,18128140473475972675,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3160 /prefetch:1
  2⤵
  PID:1864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4564,i,5582857615311197886,18128140473475972675,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4576 /prefetch:8
  2⤵
  PID:3124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4388,i,5582857615311197886,18128140473475972675,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4644 /prefetch:8
  2⤵
  - Modifies registry class
  PID:4800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3800,i,5582857615311197886,18128140473475972675,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=208 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1952

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3956

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2484

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
ddc67bb94aee65913835620a732ab50d

SHA1
e015d2b477b480e55784f2feed835d59228be75b

SHA256
953d9fb43348ba6d8511066c7906b182d41d3d712a6fb0d1f9becf9923dfda48

SHA512
d6e5c3ac6cd38c8daefec9e20a79079cd2731032ab3cb865ed0f2a8607ad4fad86f2c95c85b67efef204b1523a11714a7805e4a62a1e7ae7b5ed56a067aac96d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
3e456378300f5c4f3d4d988e000ec237

SHA1
de6058dd159090efc6fe9bd87f0dee9a223d00ad

SHA256
4a0e6086d8ba47f4b276c42c0998c639dce6be0ba17482bd23af4bb265019f27

SHA512
be1bcc9ce17eb4befd3f9f717be7a78dbf8059b242361fb64899cbb0b43ff3f4916cd377a6f71a9fa200c5a2731a71e965aa41e40c3625ece8b7d346ccbf958b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
9f70bd16a3e338c50ce7243f70727a3d

SHA1
45cfc8e194576b5b0b93bc0fa23d877294f50b4d

SHA256
b6c6ca31fff75dafc2957f0551d12ac6cfce42093a110dd7a14b11699855a7c6

SHA512
cdf16d81c4cd88c2b129950cc5dfb7672cc70733b6a91c25ba932d0b622e9f8874b3ebfeb0752d2dfe3cbff980124edc7d797130413f1c9181e74411d346f2df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
0cc2294291c0d6d35500f26ee2de77ff

SHA1
deb2ed37db31feacfc4a0a13af7542a0ace77de1

SHA256
e93467eeadbb6d74776c03705ada86e70e41b7539377ac84368e745c3cf069f4

SHA512
70211705e963733be3ed6e440541b83cba82ea3b3f541186c76ec0dbdf43f987f1bd6f4bc5f4ebd267ef5b941777f6eb66e09de2d28c1468807337f4ed0a287d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
29c8b7321f32e35a29f7e8f7475e184f

SHA1
ea38a7b7372cc04781e2c1e185b90fce4a95b18a

SHA256
4c11338642ee05b75d04ea62c4201e3eec4fea99a64fbb6ba98e2652abeb0db9

SHA512
0bb3cd480f531c96909a2ffdae2be2723d07f2eb58ba0988d6260b5474a5c42bed7002f36f6c80410fb5aa3f656b9c025a9f1ff6c0614df7caddb72b3cc1494a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7883c5f8cbebd6536693b2d4524dfa90

SHA1
358d3d494e918f6a856329214a2d46b4b556187e

SHA256
53435fe64cdad2d1fa7041bd34058d9dba73b229c0299bbdf982d06744a7319c

SHA512
b95922675f3e1c67b8bea9deaf47bebb292c7ea3c6597021368269efba0b1b9f2a4c95bebd75e440336c4a11e51acbe7be5a2814c6622cae77a53ef4394aadfb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
622af1654a08f98ba47d3a7d4b41f993

SHA1
bc77a542bf97af95a8ec9494fd1680abf8c8f44b

SHA256
3b2edcd5a28c5344865abd9242fdc3d72b8a12c7bbe9a9110a7ede91d38a6dd4

SHA512
f903db8112f45c7acafbefa2886f146aa46dab2d61522927703ae21b25ea635682ff557e40b8ee8e4e10c29420196214afac8e167c12c8c29cdcc3115184c70e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ac097bee21517904b8fb2a8aa6367155

SHA1
79c064c9eb620f1452516988edc35535f80a5c3e

SHA256
9d07f8b47409142f867f681e541c0902f62e6a6866c880d7db32915b2a154da1

SHA512
f098695b32323b700badb7e4d199bf948af2b76ed169d768806084b696da2f5d8aa8798d9cc9c60b4ca45bad3374e8069b5ef63d763d096ba0b4ee9db164210b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
265056955c02809d59741fd50758b144

SHA1
e9667fb0787dc710219f54c268d4c379615ea5f6

SHA256
077f5c26f678e24a07791d3e8f223d04e8a529aa22d2bb516b04679c1b2296eb

SHA512
1453d403eba01607edf3b6eef602a7f1079776ea9f4996464bc2612510c0ba6994000d11bf381c893fbfb4bf32650c647d99faeb38b55e11810dac5af95220f1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4218cd3a4b07921d203d0b45afd2acad

SHA1
2e3ef1dd5ec3c9a6c0ad79dcc70273a19bb0311a

SHA256
b3e105a893a0fa2afa2c72a3675f0d52e374a70d04af89394fc073b2418b97fb

SHA512
d54f973dd79ab8a4bfdda9838d9a47687e5d8034236bf541e9872408aa16d15fb7a2ba85e6c9f33ef54a7e69056f994f845a446296997f8b81b182c2b126a9fc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4155bb27b356739525f518b79bbd8969

SHA1
3df115ee9c3a0e1fe1fbdc754456d65cbf32c40b

SHA256
e95e21ab65a3aea2f6339cc7cfaaa86c215d0257446e5c81739b96f5ad2ea68c

SHA512
5ea844f9b70057a283de7a3e1d8d121ab6451c0fc28d7d3b84074fc4d3ff55f44a40438e989294a303b8b7cc1c10d01cb3ed2c56a4726139c0f80302fe9d723d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
db97e57cfb51000c5114458bd4c2ae8a

SHA1
24c06321acdcca6065130a9b227f18208d381498

SHA256
375349584424b0a342cb97a263ba554a4d5e0d3fd7d24d47a6221dcae1ad9d50

SHA512
48a40b996add8828222779e719ba2ef424bb56b7dc328cf291688fd09cf28644cbbc4a4a3ecaaa9be641e00f32596e713141df86849e9b5514d9768393a735aa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d5e15d61405ef0f2536b67bedc37265f

SHA1
c96d3be5b6fb2b581abb6c3b339806445af877a4

SHA256
206992730365d1637b1dd59a2ac05b019ccef7c706efc0e80ec658c5885d4e46

SHA512
6176b3c46534d1e21fa805b66c97f227a7a332d7f59a19d4478c3d91958597a1c7dcf79122666ee65db7cf02c9fb475cbc84af509eb94b8ceb37fe31ca5bee16

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f634039ac4298e0048e6e2b5d600e105

SHA1
9b2845f4d30d61d2d51c8402650f94cd79b2b9df

SHA256
3bc10ed2dd1f43020e69001fa3f859122203a1bab9f0fee6a763394245476d6d

SHA512
51711bf53888686c8d6e5fca2fa24f7bf505693c52d32b1a8a6ee11d73cf0298086725da5bf75cf3de4aaabc18194d7115809f661d58ee029ce58380b2e9c923

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
808791fa0328cffd500c368cc21ad90a

SHA1
5975ec8bff6bb317b5195a66da15548c1224a750

SHA256
155e2d2e8f728aaf47f32d4be34823ead73fdca83a94af4ce88d111146ecd966

SHA512
4ca88f1a0bc71cc0b1eb9418575d037cbf8bd92fe3b0ab5ff08a18dc86246d93fdde72b8685dd7913690067b5f868e4bb2d864e7abf9020372029aace88d6ed5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
61fb982355165ec0380eb5aeb0990894

SHA1
cdab6598343cc50bd710f6749a198c9fdc5c7290

SHA256
43533510be942d239b1e370a1cb8afca7c319ecd4a4b65f248e70955618f1109

SHA512
c5250a1a324954178ee55190b7074f4bd8ede8ea0c12d7077bc90238739d8fa5cce7019da67e98d0af26d25b82a972e2160f60665eba7aa57f331e929eccb996

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d23fc079e9a292c25545c51fa315a915

SHA1
7ddf6b5e3af53448b603ccc29ce3fb946f1c22e0

SHA256
1e7cdaafea7e480a42d89721c56ab489106afa23adb3494a3b7d2c48f47ad235

SHA512
9a454cfd4cbd422f45b93c2ef77ca51fdffa33d6f63cb9fc6d3c6d52945534f35afcf32547b44dad688fb6f72e46353ed310d4569c970055a1203d910554b5ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
57239691951ff527285f18ead9b4751a

SHA1
47493257a54fff0c33a4c0bb62557e0ab29fded1

SHA256
510ea3839e74e7e0a58fab790033afffab62a70b1f4c37ca32782da25920181f

SHA512
42d053183a44df7bb1707e506d6d640ed584a71660519d0576fb40ffbb729055d455a0d85df90247486029b5098f9ec9371ea51d60f0ef2a2512f65b8dab94f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
8981bfb57f92a4c4c16cbe8842e731b6

SHA1
1487c0b396a5fb88b474aa5c32c5711a86d0f9df

SHA256
ced4e3216b19fa3ec894974cf480472d6623271df7c23af03715297326f9e7d3

SHA512
10fb9597874be3b1aeea5c386437c635c754ffe3b1ef580d61520ba17fc7069f851408040e6cb2eec975fb24b91861eabf3eb5c031205449d28febc9740caa15

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
6b0c62ac95ec272b1f017a4e39afe832

SHA1
cdf5c4fe1b5a0b927d74cc7ad3e01ac80cbe39bf

SHA256
c51cf9e3aef20fbaa983234d172fbbaacdd37b2a3c30b8e44349eca8fa8f8af6

SHA512
754b6f89b5cfe11a0f00de14468b7434adf6afefafb90ebe9a352d4dbf25f0e3ed0d725dad488901294a02a1c68515322b99c917ac2b991572f48b6cd3d1e77c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
29af5211306f8f37d55c6a543feff5c4

SHA1
d2b4ae9e1b691398ae54eb49e565adabee420d6f

SHA256
e98dc5cc96a14b6372fab44bb4eb28b34c8baadf9ca0b384c2a86f8cf110c6f5

SHA512
826ee4dc3a8d7eed31abba7a63e92137252ef6aa3e1bd66f500fb1b12bff9b84b093dee69ae45343cac3055302408c2de11ec57aa58f138697ba3367fa03eef9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
9b0fcc32c3f841185fddbc02245a8ff0

SHA1
30b2b7771289f7a1861575a7bc60bf476fca8c86

SHA256
e3e57caf263215756d180a3300b2e87ee92842ad4d0065d18ff4ae207ca29058

SHA512
9a46b6aad39b7105e71ee839af0688ea80cf704b8ceba3d11ebd9413b74759ef76bc72c176eea829bca62fb36a598e4a1c4d6ba6914002746413b9d7b1d436c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c1fd761f0a066bc48884df51222aa242

SHA1
b819a189f31c8913f4972bb8bbd99cbda58613c9

SHA256
5e6d0c10023ba53ed483c15425c4cd6d38d4be543aae1396555e9f44fdbf4e92

SHA512
3e667e501175906638c657585f0aefe7086766cc2bd9a10131ba7c280dcae1f764f92b28242f050f8d01195fd6ab1e9d5b5bd97567861a9f26badcdc685511e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
96e326d58a41401f2fd168b4f9e5f9d7

SHA1
45547ae2032b814ebac0638977ad26f5548af83c

SHA256
330bf33e9da59923573f3251b09d65aec7c9cf24ba9db0fc19349556192ae1a2

SHA512
8fa84160ac37df326eab580373e3be21050d758d05fad193916950a98abbd0a7a58c2cc9593ea1920cbdb54b3fc6a65ffeaf558aca922a86c0c91928d03fd4c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d132e0539821513d91f7bd20677526d7

SHA1
6013514c61ebbb4468febe5f5868c76984f2281f

SHA256
6b28b59be23a0a5d94b00e32ad7db664fa70a3fc9b66097942c62090a6e8e6ad

SHA512
5d48ba769264ee4b2ec1005682640ff59d4c3374048ef6e82055dba82e655433bea55327d8a023d3d2d291ed4cbde55e0ff908a1ae8db5221239d2df41de7c97

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4e114f516f11cbbe182d5abb200d3b0e

SHA1
95d17930c39b7a4cec0eb37e3b12f94364974ca1

SHA256
0b1d5fc79f98af3d8b5244c82fd594cf9ec265d04b990cb0669dced25ad1e36f

SHA512
906dd23020688cee806b2d37c23f7d41727eeb66e0835053e4d5cb20dc625364c2e444ce65cf3d75cd8d2c51c64b5b7badda19ed334ffdf83dd79aabe7c4f0c0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f92c9943db4a145c9ac0821d9844ed7f

SHA1
1761c2af4550024f361524d49eed031ec95de687

SHA256
048c208d9cc9fc86fe6bd06b3aaad2c36d2faf9ed0f1e16a0f0f30ee9663b189

SHA512
698c90e1f42dad6f6aab6a1ef1056fd3a4f60f80ddb96db8e263e68ed8e6075540e67e0e0106cf18f9b3960ab835b9667db04790afd1038bac05e86150a4a59d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
751ca45b0c38dc02a7b11876796eb807

SHA1
35fcda6ab17f96fa8a681c6a988fec06de7cb8e8

SHA256
79cc898cbe65de2c51e0b0fb35c2473e2c3594499e337dea4df3da159c60ca7a

SHA512
f00637510ee963a5d4d3afec3b5b7da76b08c6d67e8d0b44996885aa41d56e0b02eb166155738b241094c0ebab446beb970266c23806c9b933349142e7c68e50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b63ac5ecf2c1af4afc4fd4cd059772c4

SHA1
b89729ec614bca515b43d5c766caa0d3ea24ecba

SHA256
8c6dad34403a8c8209fc81bc1e7ef88ce7cc8af31d2bb06277d87d2bbb666cd8

SHA512
042f075e9ce413723e7a1cfc989d55cd6a44d4d3b1bbf2807829c2f25947d6d0d6153d530bd269ca560fd1eb80366e45614dd7d89b205322f4e0d2c74b451946

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
5b753c09c7391e88bef0e9807f98dcf0

SHA1
df7adda98018537e64b195fd2d9d8f08d0e46038

SHA256
ffda4a1ade25e298ec1e7a3cf33a06656164a1e1dcef30dd94cbbf20f148062c

SHA512
9c48b840bae4521d6185eae52cb5c24197fc49c66ef197f3331b54de55acc4786a5232d51b9c20b53941102fbb9f6c32a823994aa0bc4c06e9b2b9168f34d0e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d18e713bd890b4a65bfc7ed614cb72af

SHA1
83ff09fd7eb97bc7f1224322028c6a21b82ad15a

SHA256
9389feef4c08beff878c3c80e9c046e1e80daeb5368908c10f4a7bb195c80086

SHA512
e7aff1ab88d71161d89c3f7856874b11ba29cdcb36c12cb50c2c4d4cd5bc13bb9a9d3c5f3ba0712ab74ac587d09629cdb53ba6c8aefb9b32db136e14b6a5252f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
2edd663ec1b3ebc3729e15738bb12064

SHA1
687beaa7bd342da05bbfcc50bc5b6f96eceff798

SHA256
50184b01a00d72a40e7abf710bbf02332e61214f0f770cef82bbe5a5ad49bf6b

SHA512
5bca10ca0363368c04ff8596cdf00c9657c3daa5a2479d97d8f7ee5990d71db166f026e31abdbcc1d9b38586827e0da2f4785719bb5be419dbd233427d10ac87

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
677c12e3b26f5062655cc23725a00263

SHA1
17c00dcbccadf2e67d26a98c7621c1ccf2e0bdf7

SHA256
11574ad670c4eeabe9271a1a6cd3ed2114d272f90837a431941fd8a25e1b5416

SHA512
718b5b82d0e1fd700f33e001582a4955cbcecb952034a6c8feffc399f6a2024582cb2d2d1b89dac4ca0137cad8049e515f69db86812884134396b97bd4897461

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0a5c118aed3c15747b087c63a2f80762

SHA1
d5edaaccee569915c5c16f3aa5e4c45341297f0a

SHA256
5c60a904cffe25fb311bf8e3ba50b2f9bd722d59fba3dfa59f3b19135d27292a

SHA512
5d674eb1bb137001d5af7078fac247c2d43b9d360e7b7ae3b14b3fc1521d94bd9cd0154d2775e6017ac753eab4853f684f43905b0e4e9b70d9e3b41717c5794f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
681034c9393f07bec96841a860234e99

SHA1
d0568f1b48d9ceb184043ac9238881a7f53bba75

SHA256
97f8079d223ef924a2d5a8e6e41c25b43d2bdbdeca42a5e2c40d3a036c5d5ba1

SHA512
c02ee15667ff972e10ef1065700494a6a38f7a60c38463723ff05d1e84f552d69b2aa630fef5f33d1250de8e1b0b4ea4c50c8dd8e50d098aba04bbca0a0aaf3a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
559d8210a723aa589e451790e3bcdb9d

SHA1
92889f8f73c42190952d35167dfdcbbbeafc2a8b

SHA256
c952975971e7de2a2987d99c25d82e97ea152b4084662a000dcee723f6eb57c8

SHA512
5b53ac081565d2e31dd6a85fb1c3fe5ce1e14653e85ac99e0f5c4037e917474c804f7ed5f579ae796fd2aadc528f184e46f74f3d6319bc1bdf2949acb15b8286

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
30711012838680d0804473af904869c3

SHA1
bc975dad1254dc4b595ec1c8711e2731a96bacc5

SHA256
ed75adf5abcc40747c1d976578ee1ec1db98e2f88106f48193358a0858476e56

SHA512
0f0e32bdbe18ffb055a479b28d3e1ffe30e1aa38ba2dfb830b061269af36fb18dcb8fa3c307c86cc66170da577d0b396898e9697cb66c74a4d32f1ac46cc68ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
298055d92bb8d390108fb67dcd00a088

SHA1
00f996b096a503044f0c3c36d1134b00de6cc3b3

SHA256
c1aad65dc484953a073811f9f0478ef84ad99c30c510f9d6c8a34a91d0ea559d

SHA512
7aae6a943fbd27b3090c171d1535d7d12cdd6c0c0c08c6c92b648bd2580141d5732d4dedd057c5422466984d99d49cc521d562329010a39d01bb7c3814fc2889

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
cefab7900702354842d873b17a7aacb3

SHA1
088029ab7655907786ac39eb7bf43e6c2674fb38

SHA256
8f84746e03d7de515a8da7d8ef6d6889802332868a327a877c4de65dc1e69b69

SHA512
83e2f8a338215e18a0327013a8e766c99a1797e62269cc6ceecb1deed586df91ec7b34cf22bc956ef79c936286763f22e6e66691b790d8de8268afff107b34d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\b35eef45-4ee3-452f-8b98-4e3874e3a289.tmp

Filesize
9KB

MD5
ddcd145fba0953fd1e37c09a321e28c1

SHA1
48750fa1aac256c31c0fccf8a1c9114e63ba7e4c

SHA256
62ec6713b0f85ff9797cdaf539a5a761eecd604f521a8b3244c5f86607161547

SHA512
4a03bd98f7a5a86f8e0aca9f09235fb5dca28ef07003b36daebb50501948d103c820e28e9f6aaaaada90c0b403bd0654f1b5f0afc09f29511e92daa0eddb0f00

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
de5a6e71430dda2ac8fac427ad0098d6

SHA1
ce9259dcddea49b88ef10e8ae9cadf47455cf92c

SHA256
9add00333b95a261cb09428bc94d11c2895daa737b6db1dd1b56fc701b897850

SHA512
c3ce30a3e156e10459ebfd854175199c0d1d2515295851e00ddd4cad120788a89d44b14697f19471d0ea42d35e5b87d442397715614159dab91639efc0fed146

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
216af19370117f36772d1c5343047341

SHA1
6c35f6ff4b995d7efa36e3eec0cb230198059e4d

SHA256
195ea3d0170d36b8184687bea8e907f0b823b7d2cbff936caf931bfcf2de6333

SHA512
0a0647b2994a390f00714ddcfa78d36c74b8a12a9e0f0e762322515c5b24e52979693d636862cca79279633e26eb6036ad29f410219477f692ae9a1ac553ac4a

Download Submit