ee1e980d7c55cae79f725bff6a0946c69f910f6a54d448d7b8867bcb7eea0ca4

Resubmissions

27/06/2023, 23:20

230627-3bs31agf81 6

27/06/2023, 23:16

230627-29cy1afg24 1

Analysis

max time kernel
150s
max time network
141s
platform
windows10-2004_x64
resource
win10v2004-20230621-en
resource tags

arch:x64arch:x86image:win10v2004-20230621-enlocale:en-usos:windows10-2004-x64system
submitted
27/06/2023, 23:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Catalogo.pdf.html
Size

2KB
MD5

24c3acfe035a0322b96c3157f3bdff5c
SHA1

a8942661e762ee136b9e6e27aa6300bf1123783c
SHA256

ee1e980d7c55cae79f725bff6a0946c69f910f6a54d448d7b8867bcb7eea0ca4
SHA512

a1caa8b256af3d99abe972c5dd461a3711977a495b4e0ef4fdbf35b230c8fc8c7f41dc2262b445255b4e4747bdabd1e5340df43bbd30b5cc69e227d93d8a465d

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133323814386327430"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4540	chrome.exe
4540	chrome.exe
2596	chrome.exe
2596	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4540 wrote to memory of 4668	4540	chrome.exe	84
PID 4540 wrote to memory of 4668	4540	chrome.exe	84
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 2296	4540	chrome.exe	85
PID 4540 wrote to memory of 1128	4540	chrome.exe	86
PID 4540 wrote to memory of 1128	4540	chrome.exe	86
PID 4540 wrote to memory of 632	4540	chrome.exe	87
PID 4540 wrote to memory of 632	4540	chrome.exe	87
PID 4540 wrote to memory of 632	4540	chrome.exe	87
PID 4540 wrote to memory of 632	4540	chrome.exe	87
PID 4540 wrote to memory of 632	4540	chrome.exe	87
PID 4540 wrote to memory of 632	4540	chrome.exe	87
PID 4540 wrote to memory of 632	4540	chrome.exe	87
PID 4540 wrote to memory of 632	4540	chrome.exe	87
PID 4540 wrote to memory of 632	4540	chrome.exe	87
PID 4540 wrote to memory of 632	4540	chrome.exe	87
PID 4540 wrote to memory of 632	4540	chrome.exe	87
PID 4540 wrote to memory of 632	4540	chrome.exe	87
PID 4540 wrote to memory of 632	4540	chrome.exe	87
PID 4540 wrote to memory of 632	4540	chrome.exe	87
PID 4540 wrote to memory of 632	4540	chrome.exe	87
PID 4540 wrote to memory of 632	4540	chrome.exe	87
PID 4540 wrote to memory of 632	4540	chrome.exe	87
PID 4540 wrote to memory of 632	4540	chrome.exe	87
PID 4540 wrote to memory of 632	4540	chrome.exe	87
PID 4540 wrote to memory of 632	4540	chrome.exe	87
PID 4540 wrote to memory of 632	4540	chrome.exe	87
PID 4540 wrote to memory of 632	4540	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" C:\Users\Admin\AppData\Local\Temp\Catalogo.pdf.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffda8129758,0x7ffda8129768,0x7ffda8129778
  2⤵
  PID:4668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1808 --field-trial-handle=1820,i,11980113331667014120,4878635407753212662,131072 /prefetch:2
  2⤵
  PID:2296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1820,i,11980113331667014120,4878635407753212662,131072 /prefetch:8
  2⤵
  PID:1128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2224 --field-trial-handle=1820,i,11980113331667014120,4878635407753212662,131072 /prefetch:8
  2⤵
  PID:632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3204 --field-trial-handle=1820,i,11980113331667014120,4878635407753212662,131072 /prefetch:1
  2⤵
  PID:1444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3224 --field-trial-handle=1820,i,11980113331667014120,4878635407753212662,131072 /prefetch:1
  2⤵
  PID:1120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4816 --field-trial-handle=1820,i,11980113331667014120,4878635407753212662,131072 /prefetch:8
  2⤵
  PID:5052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4876 --field-trial-handle=1820,i,11980113331667014120,4878635407753212662,131072 /prefetch:8
  2⤵
  PID:2080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4920 --field-trial-handle=1820,i,11980113331667014120,4878635407753212662,131072 /prefetch:8
  2⤵
  PID:4664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=972 --field-trial-handle=1820,i,11980113331667014120,4878635407753212662,131072 /prefetch:1
  2⤵
  PID:3136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=1768 --field-trial-handle=1820,i,11980113331667014120,4878635407753212662,131072 /prefetch:1
  2⤵
  PID:4224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4128 --field-trial-handle=1820,i,11980113331667014120,4878635407753212662,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2596

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2000

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
153ffda205a398c67ba14dff94dc1148

SHA1
b19d2d110c08692bcf5d9235b263ff8234fccf66

SHA256
06418c38edf0dfc7cb885bc52d77e7f0551b8b908a724ef01124ecf20c31c5d8

SHA512
3adaa0e0370eebd0d52f53c3bc9789ce2880f5045105b540e886720b73ad8702f48cee3438fcd15c2741c733df69a33dfaba32500dfb1886dee8d768e0efd732

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4e5fcd528a43619975359b3a97fd5f08

SHA1
1fb09ec5eec5096ea1560d426b4b6e811d4c434c

SHA256
e7c54fc46b9e83c8e115875d0937346d6d50005fd2ba9051ef599aa3f61460f1

SHA512
57b8764b81f77962b58969eee009f5af92ff4e5b006a9d3a4c916fc34b528ceafc52854dddaee2f559eab7ca1e447739fc606ab4fea3949c47a01b37bf11c679

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
6d713c973d25a4bab4a58123c0473d7b

SHA1
c7f8c43497a67fa79743a7eaa49b3039de8e4a9c

SHA256
bcde20a027e1b8da3ea1939543dde77b1aef421a7fc27482b28b5c908971512e

SHA512
f3d72181451afb63cf7970b0196ee65fe2a6ad72a59db06d901063e82afac139a6989e6b6c282e572e3752dc826aca51407b036f8a019897dd7f290cd2c0416d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
7c6c196493fae80ddd79f06475c28414

SHA1
cfde88d7aa1c0a184c113e847b82fe5895a6dcf1

SHA256
08a007c93a68197ed7b3accfd8da90a6fb4d8212474e9d2f72c7dc5dc6042003

SHA512
8deac8d261b365d14134a77fd754718564e5690406e070b7fb30739b0b7420ff61668f0ac70faf31e206cb473a5b3871f473dba18a2c2764c2c7596eaac65cca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
4c7d652ae18aafb14ed81943f6b7a852

SHA1
a9499d47416b55d86fd37dd8ed582dc375b5d830

SHA256
32944e5cf3d0a29a74c84123167f911d6ef13896f6ceed85bf68b6b361d9d073

SHA512
e6ccabf672797789d883adc15080a363695069992794554a1e87ea9e69727eec7e64b155ec5a796f259dabe8062b5144b2adb11f2b4936486b9ca80b45e7276c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
03214512884acfac16df59cc243dba95

SHA1
71a2e30312778decb16fefa830ccd2b2bf4602aa

SHA256
c95fee4aa2fa28df892c9bacef59a44b19e6564bff3864d4b487291438303219

SHA512
028bf4345bcde2c5e3741d32e4c1cbdd5ad860caecc5cdfd739f25d0a2834f826caa4ba5c58d2f447fba4960ec6708a68af304153f183baa4a32e59a4870103e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
03a65d42434ffb3c038480849843f08b

SHA1
2dba03a58dcea4f381406bacdf3b039ab451baab

SHA256
73b849905c718aad61ab819a806a64fa5622f4343f22935b857e924b585c42cb

SHA512
048f7a463600a9391f0e9f5ec9520520299af58581df6aa86b2917ef476bf171da8ad4222f22d45bbf2f2c55b2d5dc0c36d221e0d899320d030ab7cceeb543c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
175KB

MD5
0e21b40581673f54fe6db34723537d19

SHA1
8da975147bc96804cd18c10c00e955d41392d565

SHA256
b2073d07a94646cf9811616bb9244f8a3429bd2bcd7d0d088624f134c6043e3e

SHA512
f050270859c7f24dceb5559e179f88efdf65b46b1b5399c6bb6372c3d32bbd8859ae615d985d5b61b2f8b111a7b0ae4b8336bfd0c856089623fabdc0560eec20

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit