hxxp://htttps[://]google[.]com

Analysis

max time kernel
1800s
max time network
1688s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
19-04-2023 09:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://htttps://google.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133263767837981600"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2604	chrome.exe
2604	chrome.exe
4160	chrome.exe
4160	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe
Token: SeShutdownPrivilege	2604	chrome.exe
Token: SeCreatePagefilePrivilege	2604	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe
2604	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2604 wrote to memory of 1372	2604	chrome.exe	84
PID 2604 wrote to memory of 1372	2604	chrome.exe	84
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2784	2604	chrome.exe	85
PID 2604 wrote to memory of 2256	2604	chrome.exe	86
PID 2604 wrote to memory of 2256	2604	chrome.exe	86
PID 2604 wrote to memory of 4512	2604	chrome.exe	87
PID 2604 wrote to memory of 4512	2604	chrome.exe	87
PID 2604 wrote to memory of 4512	2604	chrome.exe	87
PID 2604 wrote to memory of 4512	2604	chrome.exe	87
PID 2604 wrote to memory of 4512	2604	chrome.exe	87
PID 2604 wrote to memory of 4512	2604	chrome.exe	87
PID 2604 wrote to memory of 4512	2604	chrome.exe	87
PID 2604 wrote to memory of 4512	2604	chrome.exe	87
PID 2604 wrote to memory of 4512	2604	chrome.exe	87
PID 2604 wrote to memory of 4512	2604	chrome.exe	87
PID 2604 wrote to memory of 4512	2604	chrome.exe	87
PID 2604 wrote to memory of 4512	2604	chrome.exe	87
PID 2604 wrote to memory of 4512	2604	chrome.exe	87
PID 2604 wrote to memory of 4512	2604	chrome.exe	87
PID 2604 wrote to memory of 4512	2604	chrome.exe	87
PID 2604 wrote to memory of 4512	2604	chrome.exe	87
PID 2604 wrote to memory of 4512	2604	chrome.exe	87
PID 2604 wrote to memory of 4512	2604	chrome.exe	87
PID 2604 wrote to memory of 4512	2604	chrome.exe	87
PID 2604 wrote to memory of 4512	2604	chrome.exe	87
PID 2604 wrote to memory of 4512	2604	chrome.exe	87
PID 2604 wrote to memory of 4512	2604	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" http://htttps://google.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe00489758,0x7ffe00489768,0x7ffe00489778
  2⤵
  PID:1372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1760 --field-trial-handle=1828,i,9743116466749777090,1620459812862426632,131072 /prefetch:2
  2⤵
  PID:2784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1828,i,9743116466749777090,1620459812862426632,131072 /prefetch:8
  2⤵
  PID:2256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2144 --field-trial-handle=1828,i,9743116466749777090,1620459812862426632,131072 /prefetch:8
  2⤵
  PID:4512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2980 --field-trial-handle=1828,i,9743116466749777090,1620459812862426632,131072 /prefetch:1
  2⤵
  PID:4788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2968 --field-trial-handle=1828,i,9743116466749777090,1620459812862426632,131072 /prefetch:1
  2⤵
  PID:4856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4472 --field-trial-handle=1828,i,9743116466749777090,1620459812862426632,131072 /prefetch:1
  2⤵
  PID:1344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3224 --field-trial-handle=1828,i,9743116466749777090,1620459812862426632,131072 /prefetch:1
  2⤵
  PID:4020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4888 --field-trial-handle=1828,i,9743116466749777090,1620459812862426632,131072 /prefetch:8
  2⤵
  PID:1500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5072 --field-trial-handle=1828,i,9743116466749777090,1620459812862426632,131072 /prefetch:8
  2⤵
  PID:1964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4900 --field-trial-handle=1828,i,9743116466749777090,1620459812862426632,131072 /prefetch:8
  2⤵
  PID:1792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5140 --field-trial-handle=1828,i,9743116466749777090,1620459812862426632,131072 /prefetch:1
  2⤵
  PID:3536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2792 --field-trial-handle=1828,i,9743116466749777090,1620459812862426632,131072 /prefetch:1
  2⤵
  PID:4028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2828 --field-trial-handle=1828,i,9743116466749777090,1620459812862426632,131072 /prefetch:1
  2⤵
  PID:3132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4808 --field-trial-handle=1828,i,9743116466749777090,1620459812862426632,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3968 --field-trial-handle=1828,i,9743116466749777090,1620459812862426632,131072 /prefetch:1
  2⤵
  PID:1788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=4568 --field-trial-handle=1828,i,9743116466749777090,1620459812862426632,131072 /prefetch:1
  2⤵
  PID:4800

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1336

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
882B

MD5
de2b352c9d22bf4f3c7e6e5e7d299bff

SHA1
e2ce3f625de0c8767c23dbb23077deb32f1cd7af

SHA256
f5252f7dc15ef251174f0c302027e50d2f5d3621d1f93387f6c462066a1c2fe2

SHA512
67733a133896a461bb4d3c7a7ebe11101dc36d723d581947526588de9157b26c730157d09f02a29d0629be4b990147183fc2e8f00ebbfdcfa7630bf6a8079bbd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
2b8d2b873d7b67d980b1281bdde109b5

SHA1
abaed9c4e9e0f2f7e93017d803619c53308c4c82

SHA256
53f8a5aeb925f437a343d664efecd3ebb8612387b6b75951270422350e8bf9c0

SHA512
34037afc9dad1857434ccbe752aa42c5777a7adcf326f79df4a571521d9f0abba936d39f38673d15a5cb457a1578de897e97ecb9ffe7b9c12e6cc7a7cd66c307

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
b7fb9501718d7132df429dd397f2d956

SHA1
5646cda09410e4a1b850ca10ba1fb3291ee04a97

SHA256
dce611a7f66330e27b9e7e89a3e8e8ec31aa146e609e45cd1e817ba2e3257b9c

SHA512
daa96e246e19622e9b455df44c04ebf50804dd2b31a8f2846c2da1caff0c9e3f035c6626081f152f581d456f2a83b9c671f9aeb7a0139c9a1a0e21bf20121c20

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
d5e6a718ee2fa6906afa79efb846f984

SHA1
a33b59d2fc36576d9f5db4b6352e4e9f3b6acdfc

SHA256
d4b4438271d723b381d38b41b345abdaa4edfe4c559020f3d14dc831f4c9b1d6

SHA512
101ba285bd583cc69c42c0906b4962cea627a4850013486e51e241dc8d1aa3a0e9a21fb0d2a6384db189d3be9431d77e129fb36eda11331ca9142999aac44b97

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
200KB

MD5
249d96113b33f366f68b2b588b1f7fa7

SHA1
259e70161a1469759afbb5c3713e8f1a8f3e5784

SHA256
ebdb7335c6c8c2a67c2a1a9bf4c89a946458c3fcc76332e8b5400c065dec13ce

SHA512
8c514eb4ddc109c3fe2082d4bfb8e1181f3bbf103212c7c81d81a650d6e954bb73d225144a74d58060b91eaead4767e23879a946aa90087c27583a6d457dfdc5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit