hxxps://djt3hjjt[.]reciclandofuturo[.]com[.]br/amRvZUBtaWNyb3NvZnQuY29t

Analysis

max time kernel
70s
max time network
69s
platform
windows10-1703_x64
resource
win10-20230220-en
resource tags

arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
submitted
01-06-2023 15:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://djt3hjjt.reciclandofuturo.com.br/amRvZUBtaWNyb3NvZnQuY29t

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133301135900819175"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4296	chrome.exe
4296	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe
Token: SeShutdownPrivilege	4296	chrome.exe
Token: SeCreatePagefilePrivilege	4296	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe
4296	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4296 wrote to memory of 8	4296	chrome.exe	66
PID 4296 wrote to memory of 8	4296	chrome.exe	66
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 2440	4296	chrome.exe	68
PID 4296 wrote to memory of 988	4296	chrome.exe	69
PID 4296 wrote to memory of 988	4296	chrome.exe	69
PID 4296 wrote to memory of 3552	4296	chrome.exe	70
PID 4296 wrote to memory of 3552	4296	chrome.exe	70
PID 4296 wrote to memory of 3552	4296	chrome.exe	70
PID 4296 wrote to memory of 3552	4296	chrome.exe	70
PID 4296 wrote to memory of 3552	4296	chrome.exe	70
PID 4296 wrote to memory of 3552	4296	chrome.exe	70
PID 4296 wrote to memory of 3552	4296	chrome.exe	70
PID 4296 wrote to memory of 3552	4296	chrome.exe	70
PID 4296 wrote to memory of 3552	4296	chrome.exe	70
PID 4296 wrote to memory of 3552	4296	chrome.exe	70
PID 4296 wrote to memory of 3552	4296	chrome.exe	70
PID 4296 wrote to memory of 3552	4296	chrome.exe	70
PID 4296 wrote to memory of 3552	4296	chrome.exe	70
PID 4296 wrote to memory of 3552	4296	chrome.exe	70
PID 4296 wrote to memory of 3552	4296	chrome.exe	70
PID 4296 wrote to memory of 3552	4296	chrome.exe	70
PID 4296 wrote to memory of 3552	4296	chrome.exe	70
PID 4296 wrote to memory of 3552	4296	chrome.exe	70
PID 4296 wrote to memory of 3552	4296	chrome.exe	70
PID 4296 wrote to memory of 3552	4296	chrome.exe	70
PID 4296 wrote to memory of 3552	4296	chrome.exe	70
PID 4296 wrote to memory of 3552	4296	chrome.exe	70

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://djt3hjjt.reciclandofuturo.com.br/amRvZUBtaWNyb3NvZnQuY29t
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffa9c2c9758,0x7ffa9c2c9768,0x7ffa9c2c9778
  2⤵
  PID:8
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1584 --field-trial-handle=1740,i,17904897722451259791,9839267999721159550,131072 /prefetch:2
  2⤵
  PID:2440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1976 --field-trial-handle=1740,i,17904897722451259791,9839267999721159550,131072 /prefetch:8
  2⤵
  PID:988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2092 --field-trial-handle=1740,i,17904897722451259791,9839267999721159550,131072 /prefetch:8
  2⤵
  PID:3552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3016 --field-trial-handle=1740,i,17904897722451259791,9839267999721159550,131072 /prefetch:1
  2⤵
  PID:2260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3044 --field-trial-handle=1740,i,17904897722451259791,9839267999721159550,131072 /prefetch:1
  2⤵
  PID:2820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4400 --field-trial-handle=1740,i,17904897722451259791,9839267999721159550,131072 /prefetch:8
  2⤵
  PID:1308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4692 --field-trial-handle=1740,i,17904897722451259791,9839267999721159550,131072 /prefetch:8
  2⤵
  PID:984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4756 --field-trial-handle=1740,i,17904897722451259791,9839267999721159550,131072 /prefetch:8
  2⤵
  PID:4476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5008 --field-trial-handle=1740,i,17904897722451259791,9839267999721159550,131072 /prefetch:1
  2⤵
  PID:1772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5168 --field-trial-handle=1740,i,17904897722451259791,9839267999721159550,131072 /prefetch:1
  2⤵
  PID:5036

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4820

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
22KB

MD5
9a2a744bff26cf6f94f93fe31e90f122

SHA1
4ac36aab1cb7e82b18f082e29ff4943206633213

SHA256
24135ae6ee67e2f60698336656bd6e614c4d86d2340cb72d801ad8a2680252e8

SHA512
7c2c0ca27c96c451cd31da4aa9602ed30bfdf539812dcc98c2fafb92474ba803c3bfe3c638a3825ed43174828dd4698e8f9f83185e591ed65a58969a941b1878

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
e18315100f8780e44922ad789aa9c72d

SHA1
efa879e0deada7db513d9c66f86d9da010dfd89b

SHA256
c94f55dfdf23fef99359eb0b1cd449ac1a520b7af8038e4acb23923d525df06f

SHA512
fe22593b4cdafee225a5ef471647d9d2fe0a8f288e4e081a7d9a9623464e909b585965d31aa1c84db2ddc10ed8ed238f3066f2f22230b6ff3cb83dc6f5ceb6f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
59f80042cbac59263fed5962af99457d

SHA1
0b078306730f4a3bdf490a559480658196900839

SHA256
ef94e45b066ac4c7e810bd1e7c0daefae9b3214e20dca31fcb666ac8560a486e

SHA512
230942a8b56e3ecf7ec02384e64212ec3783257babb3819638deb8f5e4357a8d43029af2dcae8445df355045dea09b0a12feaf593efa2f20a133a3a066dee842

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
622277c34c9c8eecfd5f7aa9769b6228

SHA1
1d922a6f810ef7b5f08bce4c8cc588418182799f

SHA256
1e024dc902a13f7955086fdeaf752bd02fdc01251a6278ffcab5818af4df7871

SHA512
b98bbf4d6703bf270fd45c1cd5ce1bec3930d32b6dfd30b0e426d722182dfc37a499377d6448fcf8318d7dd0be1f388e04a9e8911110fc76e2c92cc6d0aa230f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
48b6d673dac5e796a0c017c5c7b11696

SHA1
87b6a1ab18817ab9c29bb34eafe34f4feb9882b2

SHA256
7f96dc32c0475769cd4d1021f1ecd577412336ba38a13b826bfa1fcea8b9c1d1

SHA512
002754e70a64bb70e10ea31a84ff6d34623b11af9fc0ef814913464005dc60c46ea57e3807f692b03d597f8e0867466c834d3d73a21f4cfc32deb586e4e888d5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
471413a1cbd07743b5f5e03f3ab4d14d

SHA1
999b4cd5d276b73f3293f872daa407c7a9f5e6ee

SHA256
3ef84134ecf3f9d4858333c238fe657c183bab81c86ea06c214437b9141134b8

SHA512
6bead73b09abbe5a03113c45c33c318570224820adcd6275331dda5a67ad64a5ff0860e8e308e1a85d4de6145dad0fdbd99fa927a42fceb7e35d5773b3f69fa4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
5cff471e99f9f30054d3e4a219f708be

SHA1
3c831ea8f56b18c4a0c6324e946f678a038abf69

SHA256
c356dd799752f9604a167d5347ecf7333464089076cc4dc8fff8a4b829f9ff60

SHA512
6c84d5cd957bb228c3926f96f14ac59737ef7f6cc9063b90080a89698245c7685230dcc95e26c9368322d772e3f0e69b220dda8ff5f52acddda0f8e17655e84f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
effa5f52273ddcc6084de8e621fb6643

SHA1
82d48a29f31f6934f09533134bde2ffaf2120754

SHA256
247e4ec22aed69c44f3bbd9f5a143afea2c44ed487ffb8e1293c804861b76780

SHA512
e6f57b9ce3b4c4c06d4a5ae4dd8a30da73b1c74beb9bb648b482039a81f0b5e56695d62a1f8e9323256641d8dd12ad63b397112a00974ae66fa4ff7b72a3e10b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
427285451b6a16003cbc46a9fe7c1090

SHA1
af48188fb6f3b069f010d5d2a26865857175afcc

SHA256
60553752ce853080f26724da5a861a0d0ec6a7d379d9cdc031488cb68c1df78b

SHA512
6c02e76d658818924f086a659bc143f39312e647e3bbc2e74c6c8ece2c24954d7dbba4d153211dfa9421ba24e76260ae1ac18d52953d1136a9708373303ef076

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
12KB

MD5
ca1d2bf0abe95e0b6e4385e9dcf5199d

SHA1
e5ade25ebbb78d864071014680e9e1f7a42c449f

SHA256
d5b52787c22e2f571bb7d07f49980690bc528ed93379e46444c763f4339acc35

SHA512
232c56dc2a98ba56e258c98d43a8a6b860ce0faf31fc1ba3851d64c54b589d64750e530a062b565d55e10161187d9502e2b0f718e2e645b3d938b0c6d7e5c0fc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
157KB

MD5
e17c4639b72f3da63fb3f7a4f0f1e82e

SHA1
1b4c191b1f2c3457cbf6f514db3cb13811a9f0ef

SHA256
bd3998c5cd20c9372be5a4cbc911a1da3d13e46a155393e8c102b55b3d7ae08e

SHA512
05fa143c48063fb0426f629901f5c5032e06d81b292fdec836c577349c9a91e2e2d8c3fbe88fc7d73a5ef3af1d9995ca43720977c43339f33db825dc3b321137

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit