4dc639d70bcb6d074029e576c9f5638e5926647c6471bffc1c9b92badc568d02

Resubmissions

21/04/2023, 16:39

230421-t59s6sgh28 1

21/04/2023, 16:36

230421-t4hy3agg98 1

Analysis

max time kernel
149s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
21/04/2023, 16:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

INV-2131.htm
Size

146KB
MD5

ab7ed4d0e72ac79793ea50f8d0ddbc64
SHA1

3be9af842686d24abd9573fcfb8a022dedb650d7
SHA256

85356521df25310652b87cf1ded54974a6ab506ef9d71ec52ca3debdeb408370
SHA512

1cc77fe0e573aafcb4330d3becb5cede4253bec069e1aa830347a535d310a84bc8d446c7f2d51570b6f7c577f9f43de783754dc0c79cb7a2eff078d280c50b8b
SSDEEP

3072:bKVvr0NOZ7hFV+yw2B1IyiCFJyrISwVAx8ZoyFF8feTIh1DYFmsxyOhmX:bwZVFVmCPmx8ZZ8feg1DYtyHX

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133265760035430233"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4376	chrome.exe
4376	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
4168	chrome.exe
4168	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe
Token: SeShutdownPrivilege	4168	chrome.exe
Token: SeCreatePagefilePrivilege	4168	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe
4168	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4168 wrote to memory of 2524	4168	chrome.exe	85
PID 4168 wrote to memory of 2524	4168	chrome.exe	85
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 2488	4168	chrome.exe	86
PID 4168 wrote to memory of 3568	4168	chrome.exe	87
PID 4168 wrote to memory of 3568	4168	chrome.exe	87
PID 4168 wrote to memory of 1624	4168	chrome.exe	88
PID 4168 wrote to memory of 1624	4168	chrome.exe	88
PID 4168 wrote to memory of 1624	4168	chrome.exe	88
PID 4168 wrote to memory of 1624	4168	chrome.exe	88
PID 4168 wrote to memory of 1624	4168	chrome.exe	88
PID 4168 wrote to memory of 1624	4168	chrome.exe	88
PID 4168 wrote to memory of 1624	4168	chrome.exe	88
PID 4168 wrote to memory of 1624	4168	chrome.exe	88
PID 4168 wrote to memory of 1624	4168	chrome.exe	88
PID 4168 wrote to memory of 1624	4168	chrome.exe	88
PID 4168 wrote to memory of 1624	4168	chrome.exe	88
PID 4168 wrote to memory of 1624	4168	chrome.exe	88
PID 4168 wrote to memory of 1624	4168	chrome.exe	88
PID 4168 wrote to memory of 1624	4168	chrome.exe	88
PID 4168 wrote to memory of 1624	4168	chrome.exe	88
PID 4168 wrote to memory of 1624	4168	chrome.exe	88
PID 4168 wrote to memory of 1624	4168	chrome.exe	88
PID 4168 wrote to memory of 1624	4168	chrome.exe	88
PID 4168 wrote to memory of 1624	4168	chrome.exe	88
PID 4168 wrote to memory of 1624	4168	chrome.exe	88
PID 4168 wrote to memory of 1624	4168	chrome.exe	88
PID 4168 wrote to memory of 1624	4168	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" C:\Users\Admin\AppData\Local\Temp\INV-2131.htm
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8abf79758,0x7ff8abf79768,0x7ff8abf79778
  2⤵
  PID:2524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1700 --field-trial-handle=1848,i,17404782964690320044,2572745234313097199,131072 /prefetch:2
  2⤵
  PID:2488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1848,i,17404782964690320044,2572745234313097199,131072 /prefetch:8
  2⤵
  PID:3568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2232 --field-trial-handle=1848,i,17404782964690320044,2572745234313097199,131072 /prefetch:8
  2⤵
  PID:1624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3168 --field-trial-handle=1848,i,17404782964690320044,2572745234313097199,131072 /prefetch:1
  2⤵
  PID:5056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3184 --field-trial-handle=1848,i,17404782964690320044,2572745234313097199,131072 /prefetch:1
  2⤵
  PID:4248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4840 --field-trial-handle=1848,i,17404782964690320044,2572745234313097199,131072 /prefetch:8
  2⤵
  PID:1112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5180 --field-trial-handle=1848,i,17404782964690320044,2572745234313097199,131072 /prefetch:8
  2⤵
  PID:4664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5080 --field-trial-handle=1848,i,17404782964690320044,2572745234313097199,131072 /prefetch:8
  2⤵
  PID:3972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3944 --field-trial-handle=1848,i,17404782964690320044,2572745234313097199,131072 /prefetch:8
  2⤵
  PID:4492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5216 --field-trial-handle=1848,i,17404782964690320044,2572745234313097199,131072 /prefetch:8
  2⤵
  PID:464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2448 --field-trial-handle=1848,i,17404782964690320044,2572745234313097199,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4376

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2464

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
7a9dcd23414edce2f020e6600df1f281

SHA1
32bb3e3ae7bac227e2c67a523f329e140ee206cd

SHA256
0161f6e6eedcfd7d5afc7dbd1dbc2b8173f7b3984cce42c65e5261769438eaf1

SHA512
c5bf1ede125308b74cdb9a8f56348b9eb1eab9d4f2313d79bc3fe28e7d3888176e31b46db32584de23ed97e55291e1ebf41856f62287e6738ac3079c003f4691

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
22ea727c9a29292c718a655a71b3ba13

SHA1
111cc3aa6692467eed20415f1b2feee0c4ff7b83

SHA256
fd4bcdcf581c3042c54346956d9fc94bf0537101c82e8de0b640a52b651ffa9f

SHA512
ebb9853e985377d72a3e50c174ae437c68b2e5200f6ca3975b2106dd4568d150505959014bf232b63c8713f94e3879dee767b1d3241912c13f64dd6f9828a52d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
8970c353d5ebd0f3f969474c9952000e

SHA1
f677c194eb2821ce09a977d0a42f0e7b87301102

SHA256
c3c17c6b29700cb318cbb9347d8cf2b3fc9dadaaf76f64002d9128f55c51e97d

SHA512
d501b6db667264d60dc00423a50cfabaef1f0ceeb60277474c02f9812f4e3764cb04b9d4eca0d6ce0b8f9ea38529e842cbcde711afcde6a7ba9a5581a46c44c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
8a85330a930920c1d9f5b81c93205c9d

SHA1
9225af5db76cb2ddbb3a85b67fe04cb6c4f5f52d

SHA256
4341b9b796ccf249f2e80e21bf607f090156324c0ea747e1c54a3fe334745f34

SHA512
314b16f9fd7b249cb71e974e8b0452084fa404ab0b3068771b5d4a586bebcde32c956f9ed8c0b01f547cf3c6491e50581bb0a23994de035e581dba1101326f5b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
72KB

MD5
d53ede9711b126007d8cd271e04a5450

SHA1
fb1112332b67fb9e83e440f998888be07642056a

SHA256
610cba04a7be58b73fc8be3c59f2534931778f4cf77d4bfe777933cf418174ec

SHA512
8ee1c3731835f8f21c83156d8044f654ea73e9264641daf6de60863144e18a62d8101844f57e995acbfd1ace45bce53c736750379f0317cdad597d8c089dda66

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
203KB

MD5
2bc2fffa216b8163e3ac6398871fecf4

SHA1
2b9fed09c62d895d69e1e9617db752222168f919

SHA256
4239729161c0621be94293c6a58246c466a018cfc275acd075a40ee457ec5d0a

SHA512
d9411969e1186144d91076d42261f85d1aa72207f5ff1f07bd82e95d4c0643cc92972d6ce24c4e8a7d221f12b9a9da6fba0817aa4a1724cd7dc1e531e24292dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
202KB

MD5
1bf081857d23b1fab9607f6267716c5d

SHA1
c362ba5c34a817d1049b46f1db99233c4a6fc7f4

SHA256
791d4616e2ad9744ea7e89d1e0808d6697bbe8e95eb5278c1631e322459cdd76

SHA512
d1edfb116dcb22f14aedf5eec7c5d78a8521f32c02f7f927ac30e05690e95e6943afe6d5db47dda00e573c97d04e8ed2d3d4439c3f8d8db96e87b1e5918b6f6b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
202KB

MD5
e71c9cf1d76a96a0a3c61d36ebe0b751

SHA1
5e83d42d560bb8902b2024b8c599171152c5810b

SHA256
89ddcece8c088489f237c0057a4da30fd06dceafa580b90db6e1500f1bb9cb67

SHA512
8b4b5f637f8ea40d446b40abd95f3d6a6c22e6ddd513ae7cffe3e5e16e89881fd9f662017d094db98769af811780f288abcdd4c83a07514792e09bac051b559f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit