hxxp://tintastriunfante[.]pt

Analysis

max time kernel
301s
max time network
296s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
22/03/2023, 12:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://tintastriunfante.pt

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1184	2992	WerFault.exe	26

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133239672026118523"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1529757233-3489015626-3409890339-1000\{EDDCC89A-0B80-4745-84AB-DA8B7B040E1B}	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3848	chrome.exe
3848	chrome.exe
5016	chrome.exe
5016	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe
Token: SeShutdownPrivilege	3848	chrome.exe
Token: SeCreatePagefilePrivilege	3848	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe
3848	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3848 wrote to memory of 4132	3848	chrome.exe	86
PID 3848 wrote to memory of 4132	3848	chrome.exe	86
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 4448	3848	chrome.exe	87
PID 3848 wrote to memory of 2228	3848	chrome.exe	88
PID 3848 wrote to memory of 2228	3848	chrome.exe	88
PID 3848 wrote to memory of 3872	3848	chrome.exe	89
PID 3848 wrote to memory of 3872	3848	chrome.exe	89
PID 3848 wrote to memory of 3872	3848	chrome.exe	89
PID 3848 wrote to memory of 3872	3848	chrome.exe	89
PID 3848 wrote to memory of 3872	3848	chrome.exe	89
PID 3848 wrote to memory of 3872	3848	chrome.exe	89
PID 3848 wrote to memory of 3872	3848	chrome.exe	89
PID 3848 wrote to memory of 3872	3848	chrome.exe	89
PID 3848 wrote to memory of 3872	3848	chrome.exe	89
PID 3848 wrote to memory of 3872	3848	chrome.exe	89
PID 3848 wrote to memory of 3872	3848	chrome.exe	89
PID 3848 wrote to memory of 3872	3848	chrome.exe	89
PID 3848 wrote to memory of 3872	3848	chrome.exe	89
PID 3848 wrote to memory of 3872	3848	chrome.exe	89
PID 3848 wrote to memory of 3872	3848	chrome.exe	89
PID 3848 wrote to memory of 3872	3848	chrome.exe	89
PID 3848 wrote to memory of 3872	3848	chrome.exe	89
PID 3848 wrote to memory of 3872	3848	chrome.exe	89
PID 3848 wrote to memory of 3872	3848	chrome.exe	89
PID 3848 wrote to memory of 3872	3848	chrome.exe	89
PID 3848 wrote to memory of 3872	3848	chrome.exe	89
PID 3848 wrote to memory of 3872	3848	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" http://tintastriunfante.pt
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe32f99758,0x7ffe32f99768,0x7ffe32f99778
  2⤵
  PID:4132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1796 --field-trial-handle=1812,i,10186584225476953068,11817216176205755197,131072 /prefetch:2
  2⤵
  PID:4448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1812,i,10186584225476953068,11817216176205755197,131072 /prefetch:8
  2⤵
  PID:2228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2200 --field-trial-handle=1812,i,10186584225476953068,11817216176205755197,131072 /prefetch:8
  2⤵
  PID:3872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3052 --field-trial-handle=1812,i,10186584225476953068,11817216176205755197,131072 /prefetch:1
  2⤵
  PID:1832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3060 --field-trial-handle=1812,i,10186584225476953068,11817216176205755197,131072 /prefetch:1
  2⤵
  PID:1808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4584 --field-trial-handle=1812,i,10186584225476953068,11817216176205755197,131072 /prefetch:1
  2⤵
  PID:2348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4944 --field-trial-handle=1812,i,10186584225476953068,11817216176205755197,131072 /prefetch:1
  2⤵
  PID:4016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5192 --field-trial-handle=1812,i,10186584225476953068,11817216176205755197,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:2176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5180 --field-trial-handle=1812,i,10186584225476953068,11817216176205755197,131072 /prefetch:8
  2⤵
  PID:4520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5708 --field-trial-handle=1812,i,10186584225476953068,11817216176205755197,131072 /prefetch:8
  2⤵
  PID:2144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5760 --field-trial-handle=1812,i,10186584225476953068,11817216176205755197,131072 /prefetch:8
  2⤵
  PID:1440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5772 --field-trial-handle=1812,i,10186584225476953068,11817216176205755197,131072 /prefetch:8
  2⤵
  PID:828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3056 --field-trial-handle=1812,i,10186584225476953068,11817216176205755197,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5016

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4404

C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -pss -s 480 -p 2992 -ip 2992
1⤵
PID:3836

C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -u -p 2992 -s 2324
1⤵
- Program crash
PID:1184

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
57957fa90985a1da0d0c1cd8d073eabd

SHA1
bc8b4e48522135ff10b9dbf68f5d022d01a15f3e

SHA256
203487f1466a5259b1bccd2a73849187b124122f71bed3a8b4a9197ea5da3b19

SHA512
39f5723f604c8f73297dae2f7aebc76d8a228b87fc0aba44eb5f48ef05c161d5453c5fc1b7a84b3aedcda366c3c26b9fe4ea877eb1f54f33d936fdb9618593bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
554fb542e0def7a7d9f24fa45b29e5ba

SHA1
d04796e688ff04ffb03dc4c2531f5423c562f4c2

SHA256
bfdbe3c2bef5d329a690cd09ff5d46b949cbe2da21799f724662ca6912d3a260

SHA512
10a401244b2c37770c09696a9d9010823a45db46b6a0d0df154da66d41d4cd67952ab4cec9f38fb0c45cf8ace31c36e72ba2ed749c10a48163a2ca778047ef76

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
cfb0ccb8152e091cf522651e16250bcf

SHA1
3df3a749650c5d33ddb1fc31914401ba43f732a8

SHA256
a0fdf29c20bcb8b3ef8be0186234a53cc04d558b828f45f12e1433859d62c8ae

SHA512
6555804a49d2cee379d057d8be92f169b2382435b6d0ea67616a88e43f6dfa2030c960bb8f5a1941150bf368d5aba74f0521ea9012217f3356a3008630663d70

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
7494556e0cef3a60a12949fc3875b514

SHA1
64e5600698422adfac799de35039eef53dc65a3a

SHA256
29c115d71e6d02e5ad3c257d6cdae681f28858f6e5410737e071cfc5d4cc22ad

SHA512
3779c093d0c048f8b3e0eb0d18f44008a3410956784d5aef7aa63a1890637da010ec34d322ff7bd1fa558f6087eb11a89191cda46e94686e90bb11eb3d4e3d41

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
1a517054bd54fa9bdd7fad91704a151e

SHA1
55827563e3aa7a3696b3ef74daebcc48c4b83c87

SHA256
170536b145b0fb5954df693987b96c8ec08e4aa89e2375670d38425f0afbaaf0

SHA512
2f5b3af01b53507ddcf03e4aff1dbd7431880aa7f03cf05210e1ecd8c9fe4dd7ab52f41e822cdfa83a613581eef0bdd02dd280f0efc69472841f4d20a7fde806

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
2bde6139347a44a0f968e087e94ca9bd

SHA1
ec2af527d8b0f96ca3e3a911e02b7bfefed0e009

SHA256
6bb75ba8371b8161bdaf36956a7052db2ef35e609623fb66e2f73f9fd5f8f886

SHA512
e82bcdbff7083cb64ce8dca7c23e1fd281d0bf7d7233e7889de2a694bcab1030191d39b4e25f4ea7b1d9f51c4dbc3fab5e3a78ea26c19cf1712ffc2ad4bf34ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
f0b7adb28dfed0e54710b97914038d06

SHA1
5ce0024cf4b4a124d7506eaf8475d372b3e71165

SHA256
d61c3e2dd5419b950858cffca9e3ac5d0c1179f21170e804c1335c1b8e37eb41

SHA512
4ccee1a2aca842b7d35761c998a450e0c009071a64f4b72371ecaeae8a0a05997429ceb26edee6c0c2b2c478ec48db0d47e86fcfd7f34ad7952a18a76fbaa6d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe56a81c.TMP

Filesize
120B

MD5
c5596a4590b6bb34880fd8d67d3e348f

SHA1
a9dd4a082b8b2adecb06c7a1820485deb25fc972

SHA256
a5d878c0f1dfab322153fda74d9eae7b8c067cdc460c9b7f38532d3403b2f44d

SHA512
f3159e2e57996d9182a69d44caedd19d8c90412e5cfe2e95f0e816963af4f17a4d6191139427f87e375fc9a34df9d700bcfbc35d91ac2f8ec2a3dff7ea45c980

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
144KB

MD5
c276ca341d5ab7d30b4f651c26d9df71

SHA1
1d83d3406e15ed11eb03d6b11fda18cc91e8c392

SHA256
b7ec2db7594de914c274dcffb6c69d85c8e20b860c3fd7827c2ee6f5b060a555

SHA512
22e56e9171878acc731d3bf0325f725ac4d81883e929cb008d60eb499abd955b74a11064d40697f32410f2b419fa79cb1d49110da3bddb1c22ba0a03f5a5ead5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit