hxxp://x[.]bidswitch[.]net

Analysis

max time kernel
600s
max time network
510s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
18/04/2023, 21:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://x.bidswitch.net

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133263337699359376"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
5012	chrome.exe
5012	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
1640	chrome.exe
1640	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe
Token: SeShutdownPrivilege	1640	chrome.exe
Token: SeCreatePagefilePrivilege	1640	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe
1640	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1640 wrote to memory of 1188	1640	chrome.exe	83
PID 1640 wrote to memory of 1188	1640	chrome.exe	83
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4528	1640	chrome.exe	84
PID 1640 wrote to memory of 4852	1640	chrome.exe	85
PID 1640 wrote to memory of 4852	1640	chrome.exe	85
PID 1640 wrote to memory of 2240	1640	chrome.exe	86
PID 1640 wrote to memory of 2240	1640	chrome.exe	86
PID 1640 wrote to memory of 2240	1640	chrome.exe	86
PID 1640 wrote to memory of 2240	1640	chrome.exe	86
PID 1640 wrote to memory of 2240	1640	chrome.exe	86
PID 1640 wrote to memory of 2240	1640	chrome.exe	86
PID 1640 wrote to memory of 2240	1640	chrome.exe	86
PID 1640 wrote to memory of 2240	1640	chrome.exe	86
PID 1640 wrote to memory of 2240	1640	chrome.exe	86
PID 1640 wrote to memory of 2240	1640	chrome.exe	86
PID 1640 wrote to memory of 2240	1640	chrome.exe	86
PID 1640 wrote to memory of 2240	1640	chrome.exe	86
PID 1640 wrote to memory of 2240	1640	chrome.exe	86
PID 1640 wrote to memory of 2240	1640	chrome.exe	86
PID 1640 wrote to memory of 2240	1640	chrome.exe	86
PID 1640 wrote to memory of 2240	1640	chrome.exe	86
PID 1640 wrote to memory of 2240	1640	chrome.exe	86
PID 1640 wrote to memory of 2240	1640	chrome.exe	86
PID 1640 wrote to memory of 2240	1640	chrome.exe	86
PID 1640 wrote to memory of 2240	1640	chrome.exe	86
PID 1640 wrote to memory of 2240	1640	chrome.exe	86
PID 1640 wrote to memory of 2240	1640	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" http://x.bidswitch.net
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xdc,0x108,0x7ffe64159758,0x7ffe64159768,0x7ffe64159778
  2⤵
  PID:1188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1796 --field-trial-handle=1828,i,13524011906103129676,15213152147735860089,131072 /prefetch:2
  2⤵
  PID:4528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1828,i,13524011906103129676,15213152147735860089,131072 /prefetch:8
  2⤵
  PID:4852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2248 --field-trial-handle=1828,i,13524011906103129676,15213152147735860089,131072 /prefetch:8
  2⤵
  PID:2240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3092 --field-trial-handle=1828,i,13524011906103129676,15213152147735860089,131072 /prefetch:1
  2⤵
  PID:3312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3100 --field-trial-handle=1828,i,13524011906103129676,15213152147735860089,131072 /prefetch:1
  2⤵
  PID:2680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4792 --field-trial-handle=1828,i,13524011906103129676,15213152147735860089,131072 /prefetch:8
  2⤵
  PID:2472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4880 --field-trial-handle=1828,i,13524011906103129676,15213152147735860089,131072 /prefetch:8
  2⤵
  PID:716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4884 --field-trial-handle=1828,i,13524011906103129676,15213152147735860089,131072 /prefetch:8
  2⤵
  PID:2028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5032 --field-trial-handle=1828,i,13524011906103129676,15213152147735860089,131072 /prefetch:8
  2⤵
  PID:2356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5108 --field-trial-handle=1828,i,13524011906103129676,15213152147735860089,131072 /prefetch:8
  2⤵
  PID:3308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2240 --field-trial-handle=1828,i,13524011906103129676,15213152147735860089,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5012

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1552

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
104a0d1faf1229247df6f4cd9067bddd

SHA1
62a4cfcfa06678c08091b7ccae7fa7e3ba2e8a98

SHA256
4bb472f528a250cea063a8f6eefc5335b931dca062a6a9f27fc2a6afa28b375d

SHA512
c90042377d613ff83bbd711be28d9950ae66706396755f0dde0828e343d23ddd854b22314a656bf64fd3a9d4cc4b892dad6bcd23a5203c64e0a79ef7c3ae66dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
882B

MD5
3a5374a9a9daecae74443eeac02ca444

SHA1
b8a98ecaeec702b3e25a00a1beab216960c9a9e4

SHA256
624756f084a5018af8a91ceced68b9b5573ceac56c2f85e43033bbebee365209

SHA512
90c3a4227a89d7a3693d1bec8e05a2f14b7d13b5e307a7421897ea36c7e025d6cae654083acee4bbe20a796b7dbc61fbd84970cd9494b58ba3bc60170472e573

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
0953ef2971b4f7e8814f4f9a2b890537

SHA1
213485c45928a9c9312a3ddab11239073632a1f0

SHA256
c3242e8ae28801c6a44a56283d583761b7dbd955facb0a54e33f3c5e3b275602

SHA512
7fc888e7ad07ba89a2765c933afcb33826bce310d0aa72b9206df9496f04808ce594f81688acffbcc358fcc3710e676f5d7cc970e6a74699e63b83f7715202fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
3f1bc9cd4225891bdd27baa7de6f7e63

SHA1
94fc5ad18b4be038c24a006480266e41bc636f54

SHA256
7849a0b8af27cb67fa3abbe09c6485c95bed253cf89994f69bad513356bbb29b

SHA512
9947a8c73bd3cab2b6c338189c432c3734417cb4af6bee99797a99f02015059713e131331052789c504b27d51d9e78867e3c6d8eae213a5a0f9c6712eb29227d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
d082eb7468823f26eda7799ce128f418

SHA1
63a93d4b448ac89bc16e05b0a2b7195dab85ef9e

SHA256
0f3bc58e572f99c3f4d11066d2d5ffbbbf2140da3af48f3bad022f14a14b9b63

SHA512
aa94798b48e87424b8937c594b8294b40e1b94726671eb5350be5201afec7bf4c7204d621d7c79dd17d0488fcd1f0a34c12bb5b6b7b2a1bf8f2220e445e9644d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
72KB

MD5
07a3e17a544a665612c5a8bbb5c251ae

SHA1
6d91c08c390b47d909b514c65f417062d1b4cf2a

SHA256
703073f9c9ccdfa70f98af8612e93b313f75d56ff556649baa46c33a5b8878e2

SHA512
a45bf92675a3591d34aaf3e2fc5b65297e3c1b3d03242cdc252a9c4c3cf6dd935c8928d2a4aa501c2090c1e4518c01ab4b2a865827b7fa53747d406190862656

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
201KB

MD5
46add2179780a017c1a4d9ffaea845e2

SHA1
446ca7d5f78d7438f00423e9a9582206a6df1364

SHA256
dcf5449ada3e60f603340dcd9992b61b5248d1360cb3c999ef08fdff9b508690

SHA512
2a5383e95aa2886df05d0c482607a69eda010839388c03f85832a527dbaf0045211dda9ab5d6552df62bf869477055369ba4e51ede5dbbf0ac4fed4ea7ddbe88

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
200KB

MD5
438eb8fa76f9e63839762c9368ee5def

SHA1
e4e4f6b3b7b07d90c158d6de7cc72ecaaa71bcdb

SHA256
b9d04482514e212877c6caf1d086e966979a6926b71839c128b274d1f8376095

SHA512
38cad59c2131d5121cf078bfc3a6f874f0063283fc9ac34d468cd0a68a2393cdd490055880287ce2a924de1710759bac58cc5c2bd7101cc5ed1b65cbde165b8d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
201KB

MD5
3202a639ad0de46eca8377835a7447e9

SHA1
119575ff4d3502f647424af75f64053244573f5a

SHA256
32f1facf3fddea9a4b064f675644ed4d2a6d3a67b47047ff2716c507eef950ac

SHA512
002ac0f9f071a2908764bfb301049135e99acf1a941fcccde6a6dbbf5ce943c22a653c6bb4798e1653cd1331c326c83d2477e51733d6ea32d0f86b3042edfc47

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit