92f164a624f6f8df7214af26d8b2909cb3a4cdc325b52cecf80cd49337590def

Analysis

max time kernel
43s
max time network
35s
platform
windows10-2004_x64
resource
win10v2004-20250314-en
resource tags

arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
submitted
28/03/2025, 15:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

search.html
Size

4KB
MD5

dcd7748547055459761d6a92a5b8974d
SHA1

3ac893b2003746d9ae69068eb50f788716d506be
SHA256

92f164a624f6f8df7214af26d8b2909cb3a4cdc325b52cecf80cd49337590def
SHA512

427eab85339f157ac02be0f04c03e5b17fc15e26660d98c88bab2cc81f35af0920b8def0a035e3ee83e5f1867db6f9003308cd4cbddd495ab0481d519251a61e
SSDEEP

96:HAvKczOzk14CV460s/YQlc348V460spzbm601S:HAhyCS60BQlco8S60+/m601S

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	chrome.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133876495440678124"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1952	chrome.exe
1952	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe

Suspicious use of AdjustPrivilegeToken 62 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe
Token: SeShutdownPrivilege	1952	chrome.exe
Token: SeCreatePagefilePrivilege	1952	chrome.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe
1952	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1952 wrote to memory of 2096	1952	chrome.exe	86
PID 1952 wrote to memory of 2096	1952	chrome.exe	86
PID 1952 wrote to memory of 3060	1952	chrome.exe	87
PID 1952 wrote to memory of 3060	1952	chrome.exe	87
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 4228	1952	chrome.exe	88
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89
PID 1952 wrote to memory of 536	1952	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\search.html
1⤵
- Checks processor information in registry
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff878cfdcf8,0x7ff878cfdd04,0x7ff878cfdd10
  2⤵
  PID:2096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --field-trial-handle=1548,i,16244879454268679078,12457779313593421766,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=2056 /prefetch:3
  2⤵
  PID:3060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=2016,i,16244879454268679078,12457779313593421766,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=2004 /prefetch:2
  2⤵
  PID:4228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --field-trial-handle=2364,i,16244879454268679078,12457779313593421766,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=2424 /prefetch:8
  2⤵
  PID:536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3184,i,16244879454268679078,12457779313593421766,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3196 /prefetch:1
  2⤵
  PID:1244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3200,i,16244879454268679078,12457779313593421766,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:2008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4292,i,16244879454268679078,12457779313593421766,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=4312 /prefetch:2
  2⤵
  PID:5880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5584,i,16244879454268679078,12457779313593421766,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5596 /prefetch:8
  2⤵
  PID:3496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4592,i,16244879454268679078,12457779313593421766,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=4876 /prefetch:1
  2⤵
  PID:5452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4800,i,16244879454268679078,12457779313593421766,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3448 /prefetch:1
  2⤵
  PID:4428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=208,i,16244879454268679078,12457779313593421766,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3220 /prefetch:8
  2⤵
  PID:3052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=4812,i,16244879454268679078,12457779313593421766,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3196 /prefetch:8
  2⤵
  PID:5372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=3372,i,16244879454268679078,12457779313593421766,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3312 /prefetch:8
  2⤵
  PID:3832

C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe"
1⤵
PID:468

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:5888

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
6f87ec8325f1455aec57f4dd81b273ff

SHA1
5f7c276320806e24831146ebfc1b3ee161f56e6e

SHA256
b372ec54dcdf84762be6826c3f71eababb580c6ca96fda4e0679eab1a3d5f4b4

SHA512
c0bbff89faf0e5264a9ca7e60ec2449f9e187314c9d16ec8742d43a8ff624a77ef3b5cb1bbeeff2b9acf3a7864d498f272a6b40f2551cd7c95556991e3d6eb74

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnGraphiteCache\data_1

Filesize
264KB

MD5
e97c3f7e2bcd0855b3053529a370c275

SHA1
3f4c248f8ee09596b2034d5575483c87f0bbf8ff

SHA256
c72a2eb20f6c157fe409b12d5e71f68972bcf05ddab7d7f536bcbb4eff94e749

SHA512
46c1526b8ddb8dc8f63def17f766d6e25864a31952be65fd79962ab05f106a6d5fd26a9d7fef1e0fd4dafde2181c4f574b9ac2b18395f6f66c78719b1ab3fe6f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
220b1686f0008d7c6b789afe853cbdae

SHA1
d1be27216a10cad5dcd21da7d52f8b55717ea1b5

SHA256
077ea1e54e67eb517fc9c5e03b6b7a4edc75f0478426530c7a97231495a68b95

SHA512
f339da95f41d7efa2e5f21bd4e7775ef787e0932b9e9851e819e4639e00f66ee6d8c849ab84288b08dbf46ade09294f2212a88a370bc89f844cab7354560a776

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
2d2446c326aac41a0012c5e415947dd6

SHA1
8c8b03f67b48e8016f3bcad5695696fbde24289a

SHA256
63797cc1a1c27ebcf7724bf91d5ed5d348ead4924bf9f3f6256eea6aacc4d6cf

SHA512
d2f0174277d41de90db4d6f6e6f025f6a21eb146ca919420a1e323fdb9c2ef4f40f6b972a3169492410367865031c94a84ad79c4b082a7e0949c4d41d8f338a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
43aeecc26553b55ff237e8fc805ced50

SHA1
52ab00dcbf262eb19fe193a42dfb66f93dbeb4ac

SHA256
a1c01c205d2821fd6b5f1808e24ce5cb76ecdaa1950343325afa1e3b2b7b3d1d

SHA512
986df99afea1bb211c933b6c78c39f781d51eedadd44f773a4145de0b84fcd202ba91361784cb46f0840dcf9cc7c343617782f9f090c65f9c9e3eca8892176d6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
328c996b51b6cd31ae0b3302686b612d

SHA1
2830f5d4e26278403aaf6b36de2c4273100265ac

SHA256
d036f2520fe83f5001b255f7008ebb03622edf5d1c4c9a89a786e31a1d321030

SHA512
abae3ccc6a0ff87b5ba8c8b5ab90f8af02ad9419a2d1f4a7259003d76fad600a81b8e953ac08ce93e00d85324041fb3a446fbe97b3b02c0a3863f2e645c31070

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
34dbd7e9a91c88b17ac987c9ac3f52d7

SHA1
ac6b359561e5b71564dc5dbce64bdf992ca57c6b

SHA256
e3205a88115138a95431830cdd84790a9aed4600c80eaa04c4eca549f6be54df

SHA512
6b95a17e8b6a9725deb37732380ca6e1ecb06f32df06a0cd58bf2b2d075848a670326281550b7dcae61d29b7fc2ceaab5916a32ad91070fd48b3bb6c36416ac3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5e463e.TMP

Filesize
48B

MD5
947fd809198f8a3eeda4e6b842fdf7ca

SHA1
f86289fb769fe735bdf5062ef2dbd112e65d2705

SHA256
7f58b95afbb8cf6ef9bf760430e7ef072e7387410458aa9a8098c56c5dd2d398

SHA512
a01cbe2bfa0786651b041e7c7e16ad0b4a4869f09ae2c1968efdde51cd980fcea2a76522fef6178026fdc0c8a421d9cf76b94af6dc6cf10616bae29dd7c0021b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
81KB

MD5
3cabec61366550e385ee9a51d8407b92

SHA1
ef25fd1aeeab552a458972643f601cb92cd4cd5d

SHA256
04f33ca3ce96ba7afc6f8d37e6d33bc4b2738540b42d7cfa463ac5f83b107676

SHA512
87e8121b12fbc3e61d71f8c0b5a18b8f293b1c16400838f16ea5360a91d4fc7cabf1aed05c6a2ef7e35897377d550780593bac363f5a5052f42b0f54732dcfe1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
80KB

MD5
ae832251d68e9b702e8354c6cc2a3a3a

SHA1
72c3eeae1d5113a47c15bc367993be37addb5c33

SHA256
2443f428e94d8685b0d1e98b1a89f48e712ef7d7bb6a62ab5f29f5f3229987fc

SHA512
25066560656f11714f9931375554d7127bb5972de3f26838119431d38abc9c48116843cb83a9bf1ea214d7dafdc54f897cc19d6f7c824b80ca809eb6d8b80506

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
81KB

MD5
14b694a0178eee2dac4b08a4c18949a0

SHA1
3353324a511c9e79d164f6dca73f34ddd3d19ea0

SHA256
eb2a9c30ed55d8bc780652bee69fc6df3dd0c9db7cd682705eacb93a60bf8024

SHA512
4404222ec4744401364ad90e679765307fa0a20254f6a170fd20fd411723cdde4baab4a9be377a4223994fb1239a41a848875d38c87ec3f0e46fd35dd94fb64a

Download Submit