c4763d8db274e9a4d3933d3518edf34efe2a7ba4239ffc119c79d23e63bbd7ab

Analysis

max time kernel
71s
max time network
130s
platform
windows10-2004_x64
resource
win10v2004-20230221-en
resource tags

arch:x64arch:x86image:win10v2004-20230221-enlocale:en-usos:windows10-2004-x64system
submitted
02/04/2023, 14:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

dancing_banana_2.zip
Size

23.1MB
MD5

f42742d8f0a0a2a48302f5444f1cd482
SHA1

aac1a45ee9887ad1b497ea9d4c78bc24fd780792
SHA256

c4763d8db274e9a4d3933d3518edf34efe2a7ba4239ffc119c79d23e63bbd7ab
SHA512

bc25863d76765f357c34240e59696af92fa46401f86c1ed1d9ef8c50aebc7ca2a155b47e16c8297cd7d4c6c0d7015e4bb61f7d183fc378adae8c269b421d6c4d
SSDEEP

393216:92C5VgDO0jwTGCJyyJVLC0IDX9FIf5ZbCFbcT3Do5y96/sCliFo12C+Ygrkd0OLa:9frg60jUVJyyJVLFI5FIfb+bX1CI93/a

Score

6^/10

persistence

Malware Config

Signatures

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1060

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2805025096-2326403612-4231045514-1000\Software\Microsoft\Windows\CurrentVersion\Run	chrome.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133249282382590534"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1776	chrome.exe
1776	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe

Suspicious use of AdjustPrivilegeToken 36 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1776	chrome.exe
Token: SeCreatePagefilePrivilege	1776	chrome.exe
Token: SeShutdownPrivilege	1776	chrome.exe
Token: SeCreatePagefilePrivilege	1776	chrome.exe
Token: SeShutdownPrivilege	1776	chrome.exe
Token: SeCreatePagefilePrivilege	1776	chrome.exe
Token: SeShutdownPrivilege	1776	chrome.exe
Token: SeCreatePagefilePrivilege	1776	chrome.exe
Token: SeShutdownPrivilege	1776	chrome.exe
Token: SeCreatePagefilePrivilege	1776	chrome.exe
Token: SeShutdownPrivilege	1776	chrome.exe
Token: SeCreatePagefilePrivilege	1776	chrome.exe
Token: SeShutdownPrivilege	1776	chrome.exe
Token: SeCreatePagefilePrivilege	1776	chrome.exe
Token: SeShutdownPrivilege	1776	chrome.exe
Token: SeCreatePagefilePrivilege	1776	chrome.exe
Token: SeShutdownPrivilege	1776	chrome.exe
Token: SeCreatePagefilePrivilege	1776	chrome.exe
Token: SeShutdownPrivilege	1776	chrome.exe
Token: SeCreatePagefilePrivilege	1776	chrome.exe
Token: SeShutdownPrivilege	1776	chrome.exe
Token: SeCreatePagefilePrivilege	1776	chrome.exe
Token: SeShutdownPrivilege	1776	chrome.exe
Token: SeCreatePagefilePrivilege	1776	chrome.exe
Token: SeShutdownPrivilege	1776	chrome.exe
Token: SeCreatePagefilePrivilege	1776	chrome.exe
Token: SeShutdownPrivilege	1776	chrome.exe
Token: SeCreatePagefilePrivilege	1776	chrome.exe
Token: SeShutdownPrivilege	1776	chrome.exe
Token: SeCreatePagefilePrivilege	1776	chrome.exe
Token: SeShutdownPrivilege	1776	chrome.exe
Token: SeCreatePagefilePrivilege	1776	chrome.exe
Token: SeShutdownPrivilege	1776	chrome.exe
Token: SeCreatePagefilePrivilege	1776	chrome.exe
Token: SeShutdownPrivilege	1776	chrome.exe
Token: SeCreatePagefilePrivilege	1776	chrome.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe
1776	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1776 wrote to memory of 2420	1776	chrome.exe	92
PID 1776 wrote to memory of 2420	1776	chrome.exe	92
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 848	1776	chrome.exe	93
PID 1776 wrote to memory of 544	1776	chrome.exe	94
PID 1776 wrote to memory of 544	1776	chrome.exe	94
PID 1776 wrote to memory of 2176	1776	chrome.exe	95
PID 1776 wrote to memory of 2176	1776	chrome.exe	95
PID 1776 wrote to memory of 2176	1776	chrome.exe	95
PID 1776 wrote to memory of 2176	1776	chrome.exe	95
PID 1776 wrote to memory of 2176	1776	chrome.exe	95
PID 1776 wrote to memory of 2176	1776	chrome.exe	95
PID 1776 wrote to memory of 2176	1776	chrome.exe	95
PID 1776 wrote to memory of 2176	1776	chrome.exe	95
PID 1776 wrote to memory of 2176	1776	chrome.exe	95
PID 1776 wrote to memory of 2176	1776	chrome.exe	95
PID 1776 wrote to memory of 2176	1776	chrome.exe	95
PID 1776 wrote to memory of 2176	1776	chrome.exe	95
PID 1776 wrote to memory of 2176	1776	chrome.exe	95
PID 1776 wrote to memory of 2176	1776	chrome.exe	95
PID 1776 wrote to memory of 2176	1776	chrome.exe	95
PID 1776 wrote to memory of 2176	1776	chrome.exe	95
PID 1776 wrote to memory of 2176	1776	chrome.exe	95
PID 1776 wrote to memory of 2176	1776	chrome.exe	95
PID 1776 wrote to memory of 2176	1776	chrome.exe	95
PID 1776 wrote to memory of 2176	1776	chrome.exe	95
PID 1776 wrote to memory of 2176	1776	chrome.exe	95
PID 1776 wrote to memory of 2176	1776	chrome.exe	95

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\dancing_banana_2.zip
1⤵
PID:2084

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Adds Run key to start application
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd20209758,0x7ffd20209768,0x7ffd20209778
  2⤵
  PID:2420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1776 --field-trial-handle=1808,i,1312030159405840990,14736669691637352208,131072 /prefetch:2
  2⤵
  PID:848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1808,i,1312030159405840990,14736669691637352208,131072 /prefetch:8
  2⤵
  PID:544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2228 --field-trial-handle=1808,i,1312030159405840990,14736669691637352208,131072 /prefetch:8
  2⤵
  PID:2176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3224 --field-trial-handle=1808,i,1312030159405840990,14736669691637352208,131072 /prefetch:1
  2⤵
  PID:2328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3256 --field-trial-handle=1808,i,1312030159405840990,14736669691637352208,131072 /prefetch:1
  2⤵
  PID:1692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4532 --field-trial-handle=1808,i,1312030159405840990,14736669691637352208,131072 /prefetch:1
  2⤵
  PID:4916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4748 --field-trial-handle=1808,i,1312030159405840990,14736669691637352208,131072 /prefetch:8
  2⤵
  PID:512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4868 --field-trial-handle=1808,i,1312030159405840990,14736669691637352208,131072 /prefetch:8
  2⤵
  PID:1964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4888 --field-trial-handle=1808,i,1312030159405840990,14736669691637352208,131072 /prefetch:8
  2⤵
  PID:3448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5180 --field-trial-handle=1808,i,1312030159405840990,14736669691637352208,131072 /prefetch:8
  2⤵
  PID:3820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4852 --field-trial-handle=1808,i,1312030159405840990,14736669691637352208,131072 /prefetch:8
  2⤵
  PID:1772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5140 --field-trial-handle=1808,i,1312030159405840990,14736669691637352208,131072 /prefetch:1
  2⤵
  PID:3952

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3624

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
202c333a6b175658c09c4c0ab540d025

SHA1
294fe4bb222aa2a7c2276c7d86be586535842106

SHA256
d4a1304e569729a2b3ad2b4432d523d854afc507f2b6a60ddcfec1ce97d3601f

SHA512
684c939301f26d0ce495bc3549225842689a27987f4acfbfec3b7f8c261ab7cd7e01e9180294b96c27256a8368f12e6d3e2d00a4f3b0186094199a090886b917

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
a4e9746166b07c4c95e8ea14de839e50

SHA1
e7556ec5e5f532f0030dc1ee47dbcb9e2cb6074c

SHA256
0dd32200c1915e03051e2f4fcd02127f86d67d5e9d77783b2b0c672e7fb4c46e

SHA512
813a4beb32074624bc5e33a438bfbe2f915f790e9f7156a0a5a70160cc2b45f92a8ff05bcf756d1e125e7678b446d8edc03b07de606073e3555d70446922bcca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
c35fe33912f735dd75cf9aa27e647bda

SHA1
410b847480759c50afbd6b83db5f5691f0ab9488

SHA256
a42f92c68cb3c62f7265054141e45f292c1586c6939b373a65330a8d0b63a1a9

SHA512
78f2f1a729395e99d70a9c39e67851e79fc3f8d10846ddae29ff77126d124d70a8130e98821bd3be784c7323a4d63ec05b8a5f198816fe8308a18f5ceb8d1d1c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
f3a13a854ec77ba9d6978c2669c15480

SHA1
0d52ef29e496ec591406c6567e3078c6126adec9

SHA256
dcdfccb3c63a49de8779a4a0608d670597a39826cab965818d62943bfb55eddd

SHA512
361ead776438a6e217ee4faf45fee8fbd3e3560859d53948dee0ae29f273be08289a5da0990b0a0a64aac4739210e69f329167ac12a8633cc126dbada9606307

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
53ffce9922b0e4adf0d5ea2c4c9e701a

SHA1
5b1cb2201741b5928df2268927f78ebe63e7d365

SHA256
6c7907097629674c88f60f259a60811b543616f75fad5afadb49d5e364048222

SHA512
538e29450f9a6171393e83ee4da56b36860d7aa62ae34bfb65fd851a47a3a6ea495c0c4bfe2ea67228aae5398aa1f3036c23fde5ea35333f9c87a77d19d2dc6a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
89841f282a0b99eb7758cbdb8f15b245

SHA1
cd68144114b869a8f48c89a9c3ef3c9eda6ec69c

SHA256
2dc17d3a45edc2a266ce1274c1028ba6101a9a42dc7d4a8c11dd91f4d56d6a41

SHA512
3199c07adccac985b280a5c496e1141dfbf9e027f74543fc080d7a56cc64695595f95e38ecc4d9fbca31f629285538c20d55c92cb8ef6454c191211dd80e483b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
40159a8c7327f7b6d94ce0f04a0fcca3

SHA1
3facfbebdb45b3735d7fce385900011a44003c21

SHA256
7327746c930475f55b158d403c854e639901cffe950cc3618a82b37258b2f6e1

SHA512
a339ccae9411212e2ad49fa6fdb0a735920297928a33b615b7d7877b68be99c226b11bd6ada43cd45a59acab1057591767d3caf69f3fb315d797d1461cc1fbfb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
173KB

MD5
9f2a56a675ab3112a5093581c5bb4e6a

SHA1
31f8fc1ada5223be09aadec1e92f9f97a3d025fe

SHA256
b463eb21856792f352ee3657f6086c671192925c23d5564fa8d4ecafdbb84e7d

SHA512
c71836acc6215b5c9499d0c852155608d6b6554530c4749a2a175b8e2cd56f2586dac645c471588b034743533ca7e5b0d277352e150be16ce5fc3c19873c1824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
173KB

MD5
a2b69f758cf6ada662ad374e46371620

SHA1
0b0bdba38ae787a7d918e19e7695bbf27791eb2b

SHA256
43e999e84446d5cd739b9b15d9765bd603e21ba45a0cb2c10fdde87eb9fbec96

SHA512
3fbef40fcda1115fbcca545d0711ce6bcf6532b8be02580961aa4c52970e5fa88c531161a8586c947ee675fda169621b4da81ffe4bc404af7e9de8232439c1f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit