hxxp://google[.]com/#bmFkaWEud2l0YW5lQGludmVzY28uY29t

Analysis

max time kernel
150s
max time network
144s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
20-03-2023 14:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://google.com/#bmFkaWEud2l0YW5lQGludmVzY28uY29t

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133237981633218475"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exechrome.exe

pid process

2128 chrome.exe
2128 chrome.exe
3308 chrome.exe
3308 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

Processes:

chrome.exe

pid process

2128 chrome.exe
2128 chrome.exe
2128 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe
Token: SeShutdownPrivilege	2128	chrome.exe
Token: SeCreatePagefilePrivilege	2128	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

Processes:

chrome.exe

pid	process
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe
2128	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 2128 wrote to memory of 4560	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 4560	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 2160	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 228	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 228	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 4028	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 4028	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 4028	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 4028	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 4028	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 4028	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 4028	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 4028	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 4028	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 4028	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 4028	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 4028	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 4028	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 4028	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 4028	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 4028	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 4028	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 4028	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 4028	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 4028	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 4028	2128	chrome.exe	chrome.exe
PID 2128 wrote to memory of 4028	2128	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" http://google.com/#bmFkaWEud2l0YW5lQGludmVzY28uY29t
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2128

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffb91c59758,0x7ffb91c59768,0x7ffb91c59778
2⤵
PID:4560

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1780 --field-trial-handle=1800,i,7641388830775068211,11874470053392131625,131072 /prefetch:2
2⤵
PID:2160

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1800,i,7641388830775068211,11874470053392131625,131072 /prefetch:8
2⤵
PID:228

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2220 --field-trial-handle=1800,i,7641388830775068211,11874470053392131625,131072 /prefetch:8
2⤵
PID:4028

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3116 --field-trial-handle=1800,i,7641388830775068211,11874470053392131625,131072 /prefetch:1
2⤵
PID:3436

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3104 --field-trial-handle=1800,i,7641388830775068211,11874470053392131625,131072 /prefetch:1
2⤵
PID:368

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4496 --field-trial-handle=1800,i,7641388830775068211,11874470053392131625,131072 /prefetch:1
2⤵
PID:4936

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4820 --field-trial-handle=1800,i,7641388830775068211,11874470053392131625,131072 /prefetch:8
2⤵
PID:2132

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5048 --field-trial-handle=1800,i,7641388830775068211,11874470053392131625,131072 /prefetch:8
2⤵
PID:4644

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4844 --field-trial-handle=1800,i,7641388830775068211,11874470053392131625,131072 /prefetch:8
2⤵
PID:4928

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4040 --field-trial-handle=1800,i,7641388830775068211,11874470053392131625,131072 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:3308

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:5060

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
408B

MD5
f1323f1354dbf3c4f0f763009b4ae140

SHA1
8e86633e449fa8b3ec0537825100955bff4b6b09

SHA256
1215e126bb7b90bbfb923a28ecb7cfbfbd463d9545d2073bf98cb7ef5a1dd357

SHA512
90681544c4abd593e1205703e3e74da9a8391c83b0078bf4137299476c32f73287accef28d8328db817f4af44aa7c20dacbd71433fab3382b7b09488b2bcf435

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
bbfb2a4aaddd0743f17ec7f1224a5c1d

SHA1
17a7445537e8ac05c90f352ae02bfbd4ef14bfe9

SHA256
763271d40cff90c527f4f0589abae76a3c1d1877340620f3da314b13bd870945

SHA512
0f25e0951245bd6c180560447600be18bc235805189f6d3adf290f05a1c9c7e5ac1be0342b664cdeddd8408c186452617c872c875e19b350d90996bcdd243e8e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
b2c6a5fe1f4f5c3aa9d3f6281189418c

SHA1
2c9035161d6aaf2887cd1e73ba2d84f287cbee73

SHA256
afb615413ae971384883cb0fac256d27cfc1548c16b83b048f80b3636ca2b9a6

SHA512
24fb3e2d8437bb4c26086356d8a398e006f9dd80ca5f7d94738db601171a777f106d7161434d2db17048daf7866cead511db90fb6af819c149ad7720b6ab9feb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
eea8d4b06553f0f10d60a7818eaf39d5

SHA1
a55f10ea8e1b229a3042ee18a334f9c908acdaa2

SHA256
0f0518312c6f640208b2484d94d0f58ffe874ba4e7f80510555ca428b23d5759

SHA512
d3291e7065d00e705e6d241b2814d068a3c228335dbe383d47d895a740ffb85728e8073726f66ccbc76e2b9e309f72f90705857aba30a9037c43e22202ab9c0c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ed270ea5e326fd9205bfe79b04327141

SHA1
cb7b4ea7546bd302efb9a7264a3010cedcae6e46

SHA256
f6864357c5455927ebb552d597059b6a82d5977c83d2e81fb228915a662c65d2

SHA512
6cde37ae7758804042fd4ba49c377102fdfb6bfd5215a37729046fb718fcf7352c5471e16066e59d123b83ebdf33843c275592f142947343fd15f4cd060c7635

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
0f41214961765712fc41e18bee9da3e1

SHA1
736acf5e089085e6a4d47e61130b97091f15f07e

SHA256
6cb6f65e0916d12a495a27f081e12aeb59ad31054febcf3256001f6440d86e64

SHA512
304bdb0d1f7d0ea105d97b6c95ed2c5a68ab65117658b6f557bfd115b62086a68cfa0ffc31907f8135d9b0c0608dcc3f66e69df0b61f146f6e7dcc521bc00678

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
c9587743c147ec7a9f915aed8bc53344

SHA1
20890439e9a4cb02b14287900a579f800035d3cf

SHA256
2c353d9ca52a9bd3fe88375939c9b197f0766a1c191b381c4b45f1eeefa42e98

SHA512
6a7b7b3f2f8c3e281da68639594cead896f3375f6ac5579656990a24d2af9e95a00c6bba603fe3861f38d5f1e5e05852b500af49b574718a4486c55cc8feab8f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
143KB

MD5
c1c54f3aa337f1b512080d0ca158351b

SHA1
62690855faf48b4f07f7929c88d8b4c46e3b16f5

SHA256
d4590cd6ccddea681031e061ea85d9da015e3a6efae5364bd67292c5982b42d9

SHA512
de5836f9cc9fb90edb642b6f9ed09cf554ecde823ed80598f20a75695b884c12f135cf9b8027d69b3f7af58e2d0a43810d206cf8c54ab588fb177751a3208d8e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
\??\pipe\crashpad_2128_GWKGLVFVZGDFGTNG

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit