hxxps://uniquewriters[.]org/ifx8g

Analysis

max time kernel
150s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20230220-it
resource tags

arch:x64arch:x86image:win10v2004-20230220-itlocale:it-itos:windows10-2004-x64systemwindows
submitted
26/05/2023, 12:58

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://uniquewriters.org/ifx8g

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133295867522835046"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3448	chrome.exe
3448	chrome.exe
3060	chrome.exe
3060	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe
Token: SeShutdownPrivilege	3448	chrome.exe
Token: SeCreatePagefilePrivilege	3448	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe
3448	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3448 wrote to memory of 3732	3448	chrome.exe	82
PID 3448 wrote to memory of 3732	3448	chrome.exe	82
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 1176	3448	chrome.exe	83
PID 3448 wrote to memory of 3380	3448	chrome.exe	84
PID 3448 wrote to memory of 3380	3448	chrome.exe	84
PID 3448 wrote to memory of 4860	3448	chrome.exe	85
PID 3448 wrote to memory of 4860	3448	chrome.exe	85
PID 3448 wrote to memory of 4860	3448	chrome.exe	85
PID 3448 wrote to memory of 4860	3448	chrome.exe	85
PID 3448 wrote to memory of 4860	3448	chrome.exe	85
PID 3448 wrote to memory of 4860	3448	chrome.exe	85
PID 3448 wrote to memory of 4860	3448	chrome.exe	85
PID 3448 wrote to memory of 4860	3448	chrome.exe	85
PID 3448 wrote to memory of 4860	3448	chrome.exe	85
PID 3448 wrote to memory of 4860	3448	chrome.exe	85
PID 3448 wrote to memory of 4860	3448	chrome.exe	85
PID 3448 wrote to memory of 4860	3448	chrome.exe	85
PID 3448 wrote to memory of 4860	3448	chrome.exe	85
PID 3448 wrote to memory of 4860	3448	chrome.exe	85
PID 3448 wrote to memory of 4860	3448	chrome.exe	85
PID 3448 wrote to memory of 4860	3448	chrome.exe	85
PID 3448 wrote to memory of 4860	3448	chrome.exe	85
PID 3448 wrote to memory of 4860	3448	chrome.exe	85
PID 3448 wrote to memory of 4860	3448	chrome.exe	85
PID 3448 wrote to memory of 4860	3448	chrome.exe	85
PID 3448 wrote to memory of 4860	3448	chrome.exe	85
PID 3448 wrote to memory of 4860	3448	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://uniquewriters.org/ifx8g
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x40,0x7ff99f8b9758,0x7ff99f8b9768,0x7ff99f8b9778
  2⤵
  PID:3732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1796 --field-trial-handle=1812,i,6542701692923602759,11575001297626185300,131072 /prefetch:2
  2⤵
  PID:1176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1812,i,6542701692923602759,11575001297626185300,131072 /prefetch:8
  2⤵
  PID:3380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2228 --field-trial-handle=1812,i,6542701692923602759,11575001297626185300,131072 /prefetch:8
  2⤵
  PID:4860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3216 --field-trial-handle=1812,i,6542701692923602759,11575001297626185300,131072 /prefetch:1
  2⤵
  PID:2680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3224 --field-trial-handle=1812,i,6542701692923602759,11575001297626185300,131072 /prefetch:1
  2⤵
  PID:3644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4620 --field-trial-handle=1812,i,6542701692923602759,11575001297626185300,131072 /prefetch:1
  2⤵
  PID:3736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5072 --field-trial-handle=1812,i,6542701692923602759,11575001297626185300,131072 /prefetch:8
  2⤵
  PID:4676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5232 --field-trial-handle=1812,i,6542701692923602759,11575001297626185300,131072 /prefetch:8
  2⤵
  PID:3820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5144 --field-trial-handle=1812,i,6542701692923602759,11575001297626185300,131072 /prefetch:8
  2⤵
  PID:3344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5176 --field-trial-handle=1812,i,6542701692923602759,11575001297626185300,131072 /prefetch:1
  2⤵
  PID:3860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5372 --field-trial-handle=1812,i,6542701692923602759,11575001297626185300,131072 /prefetch:1
  2⤵
  PID:2996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3204 --field-trial-handle=1812,i,6542701692923602759,11575001297626185300,131072 /prefetch:1
  2⤵
  PID:408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2860 --field-trial-handle=1812,i,6542701692923602759,11575001297626185300,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3060

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1652

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
1e710b369947641bfbce8a0e10c2e7b7

SHA1
5e0340fc749b5011e2f7babf958f13ef82afbcaf

SHA256
095bc1cb019921aae9dccfbc088ecc857e269eb6e8fdef6bab1557e54bceb26b

SHA512
dec229ab218b363f71398ec224a9bf454e2610a9853399be75a95062173bfe0353f3a497ba13f5f0192016ec45aaeb23d031a1d3169d2da20dd924ea23ce528c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
052d381ddef00e106ac38dc2a493daf4

SHA1
088334cf99f6881acefb06a5c2d8870e8cb10965

SHA256
073b7c30bf9e4260553e3654f867a8c301a0a5099c31b5bd8c34e4c1a7015320

SHA512
5ab0df30c6a19e7ee56b8cbee9b45eac2e471da1a356f64c603e3fa58f7defb4b797c8983cc5b89300f8f0ac9262c5b102773824d475776b7d97e8991f68aeeb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
49a2d0064bcb08011d2647f4bfa65f6f

SHA1
430fe91700aa4c6d2777dd03dadc7d4e6732bb80

SHA256
a2140029ca77be321bf469d00ef705297cc24689a309351b84a584928af26827

SHA512
e400aeecd622052b1102428c93e19fffa0f37c84da994b7c955bfa8004d3a39e81409e0440c59bd3daab9655ada339463d874c2bfad7d051a629059747fd6927

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
bde5823c99c897795070732ecbfb13b4

SHA1
0b4eac95c044a8803e50a1eb2018ed73b52ae21b

SHA256
c91af91278b2c5c959518edb0f5742d509ec06e0f32d66d8ec368becd03fc314

SHA512
358cbbda450ec9317f23c7d3c4936d48f8b91f7feb90a09595b7bd060b20307b9e48d0363084f8b1c10c4786024cbed359764b36f3fab58f517195d6de207352

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
a252211c2484fca80a06d63cb1ec9044

SHA1
81fce085ec6a58c9ffc5c941e1679b19f5d78de7

SHA256
bf83d192f5338f0c49c2b945e632f4783fe88d6f34f88588b59023d07505eca1

SHA512
371b4968093292d5b67c22d4c387e1c0f83d72fd6300ffb6d854fb30cee9f08affe0931301ab5ab21299d14c1d74ad1335d348b7e121bc6dd70b0a6493e70328

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
b5a309c9c97d7309a6d8f42a57815751

SHA1
65af261a159ce85a1f1c1383cbdfd4110faf8861

SHA256
613a9935e731698b69311a102d84913c0369d6a1d90b8a7a0ea724c9577cb1ac

SHA512
1e036bfd8d483bf68d3e430a19f6e215e10e7bb0c59c245aefb8ba279141384951ddae157c9b6f814d8d282b92c92c9565bf156067bd8e68ae0de9874ff397c6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
153KB

MD5
f7edd483e684665afaf1f778c70335ba

SHA1
71148b8cc81c69d97deb1e551967a28dc7e6ce0b

SHA256
0fe7f398b41c30e23b6e3462419de3c387732985dd7c8f42a4b0bde1088553df

SHA512
2fdb36ce09455122eb596476fb747e544d0f61e8225d0a59ab4d2d452a00be5896fd5bd749eb1ce7f05ef1c6bf8fb6c5bfd0a4b54251a7862934dde27fa623ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit