hxxps://linkprotect[.]cudasvc[.]com/url?a=https%3a%2f%2fsites[.]google[.]com%2fview%2fusatolerancerings%2fhome&c=E,1,DAPGt0VQj8RNqAw15Y6fiRyTXUYR7MthQpfDNboLKEhRa_zgwSciLI6RDkEtBEWOFNsutgKhQ_mFdSeqv3j1gk-VQ1C210VUflv06YjMQ-SsoW8ETSgyMw,,&typo=1

Analysis

max time kernel
151s
max time network
143s
platform
windows10-2004_x64
resource
win10v2004-20230621-en
resource tags

arch:x64arch:x86image:win10v2004-20230621-enlocale:en-usos:windows10-2004-x64system
submitted
28/06/2023, 13:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fsites.google.com%2fview%2fusatolerancerings%2fhome&c=E,1,DAPGt0VQj8RNqAw15Y6fiRyTXUYR7MthQpfDNboLKEhRa_zgwSciLI6RDkEtBEWOFNsutgKhQ_mFdSeqv3j1gk-VQ1C210VUflv06YjMQ-SsoW8ETSgyMw,,&typo=1

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs

Web Service
T1102

Looks up external IP address via web service 3 IoCs

Uses a legitimate IP lookup service to find the infected system's external IP.

flow	ioc
107	api.ipify.org
108	api.ipify.org
110	api.ipify.org

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133324340025563122"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3340	chrome.exe
3340	chrome.exe
3076	chrome.exe
3076	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe
Token: SeShutdownPrivilege	3340	chrome.exe
Token: SeCreatePagefilePrivilege	3340	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe
3340	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3340 wrote to memory of 2712	3340	chrome.exe	85
PID 3340 wrote to memory of 2712	3340	chrome.exe	85
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 3776	3340	chrome.exe	86
PID 3340 wrote to memory of 2036	3340	chrome.exe	87
PID 3340 wrote to memory of 2036	3340	chrome.exe	87
PID 3340 wrote to memory of 1336	3340	chrome.exe	88
PID 3340 wrote to memory of 1336	3340	chrome.exe	88
PID 3340 wrote to memory of 1336	3340	chrome.exe	88
PID 3340 wrote to memory of 1336	3340	chrome.exe	88
PID 3340 wrote to memory of 1336	3340	chrome.exe	88
PID 3340 wrote to memory of 1336	3340	chrome.exe	88
PID 3340 wrote to memory of 1336	3340	chrome.exe	88
PID 3340 wrote to memory of 1336	3340	chrome.exe	88
PID 3340 wrote to memory of 1336	3340	chrome.exe	88
PID 3340 wrote to memory of 1336	3340	chrome.exe	88
PID 3340 wrote to memory of 1336	3340	chrome.exe	88
PID 3340 wrote to memory of 1336	3340	chrome.exe	88
PID 3340 wrote to memory of 1336	3340	chrome.exe	88
PID 3340 wrote to memory of 1336	3340	chrome.exe	88
PID 3340 wrote to memory of 1336	3340	chrome.exe	88
PID 3340 wrote to memory of 1336	3340	chrome.exe	88
PID 3340 wrote to memory of 1336	3340	chrome.exe	88
PID 3340 wrote to memory of 1336	3340	chrome.exe	88
PID 3340 wrote to memory of 1336	3340	chrome.exe	88
PID 3340 wrote to memory of 1336	3340	chrome.exe	88
PID 3340 wrote to memory of 1336	3340	chrome.exe	88
PID 3340 wrote to memory of 1336	3340	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fsites.google.com%2fview%2fusatolerancerings%2fhome&c=E,1,DAPGt0VQj8RNqAw15Y6fiRyTXUYR7MthQpfDNboLKEhRa_zgwSciLI6RDkEtBEWOFNsutgKhQ_mFdSeqv3j1gk-VQ1C210VUflv06YjMQ-SsoW8ETSgyMw,,&typo=1
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb15e09758,0x7ffb15e09768,0x7ffb15e09778
  2⤵
  PID:2712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1792 --field-trial-handle=1832,i,9090217503839151165,16665645768450069983,131072 /prefetch:2
  2⤵
  PID:3776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 --field-trial-handle=1832,i,9090217503839151165,16665645768450069983,131072 /prefetch:8
  2⤵
  PID:2036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2180 --field-trial-handle=1832,i,9090217503839151165,16665645768450069983,131072 /prefetch:8
  2⤵
  PID:1336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3200 --field-trial-handle=1832,i,9090217503839151165,16665645768450069983,131072 /prefetch:1
  2⤵
  PID:2120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3216 --field-trial-handle=1832,i,9090217503839151165,16665645768450069983,131072 /prefetch:1
  2⤵
  PID:4052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4552 --field-trial-handle=1832,i,9090217503839151165,16665645768450069983,131072 /prefetch:1
  2⤵
  PID:4280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4992 --field-trial-handle=1832,i,9090217503839151165,16665645768450069983,131072 /prefetch:8
  2⤵
  PID:1412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5068 --field-trial-handle=1832,i,9090217503839151165,16665645768450069983,131072 /prefetch:8
  2⤵
  PID:5044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5244 --field-trial-handle=1832,i,9090217503839151165,16665645768450069983,131072 /prefetch:8
  2⤵
  PID:2416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5056 --field-trial-handle=1832,i,9090217503839151165,16665645768450069983,131072 /prefetch:1
  2⤵
  PID:2400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2836 --field-trial-handle=1832,i,9090217503839151165,16665645768450069983,131072 /prefetch:1
  2⤵
  PID:2548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3648 --field-trial-handle=1832,i,9090217503839151165,16665645768450069983,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3076

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4156

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

T1102

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
240B

MD5
b1e944264b4ec49010bd31d3f5f20797

SHA1
f27b2f7c11c640d5b5b61a720223a636075a75a2

SHA256
e73fcca9af181020d94deeb0c675b8259c8fd3881a58625635a1ade1c0982180

SHA512
e5bffa30fe8c51c76d7098b7338a9eb0c42d1343f52ef0c1a11c356a1508adcc105c07b560a260239dab5ac1204f79f07fc7b83f68dc1bf7bc2b240baddba4f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
64c623d7abf861c57297e7d51ed3cc92

SHA1
2afd0dca38a14bc463a40d48d7b5e7e3ebefd56a

SHA256
c8d735fb5317e31b0a9d3405c6370ff182b09782673d5b2b8dd4725afe4c4833

SHA512
32ca51518817b785edf9ac38d158fe5f22e41cf01d4197e906ee9f45c3f83f489c2953c07b5046816897ad1a84020f1fcf3ab675f7cbf5fe8c7545771ed7e5d5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
5b928a4664d93e97c90673448fd1bdaa

SHA1
92f8375e01068173e923e69724e736cffb1d5045

SHA256
23008caff975c984fbdd31c88f155f6992a0bcc02c6b365607f26553956aa533

SHA512
6a556a03c0270d89b3a34de332896c2a1271f22bd678f64880598ac4efeb8fb5ef496494ac66b1a2d642817c509f5408b40a56b2898c906873fa940a79105c45

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
d3300d2b2fae36767dcf346b152f3b0a

SHA1
47fda3eb99253fa805819edfdcf35c761a431268

SHA256
481d790428d375a11a9bc2d4a1117314337e2e2915f04126070e8feba82c45cf

SHA512
62b2d0c681ee6b8fa210bbbc39f94035081011b542d1bcbf37519a53c0ebf6870d99d4d0b40ab6edec3e2d2f37197282a3b409471dba13587f4e1eeb06d79188

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
873B

MD5
6849bb6081411f732d608f899316e947

SHA1
2d665380d45b276015a12db2b509a9608a77c1ac

SHA256
604c09828a06786e6f00e085c7d924f4af4ad421e9f6f4edc37483a283d882c4

SHA512
00f07f74d42de5a1b477186418d1ebfb0b13878808561fb1ab0fc0b1fae4b0ffeb8c0a2e50a885ee17bb3f5fd897444a62317e034c2642dc346623dad7d31989

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
7323347b7cfa2cd12104b44eed6fd594

SHA1
383437b98da29c1ca2c82645876c0122a25f3efb

SHA256
d9ca0f76f511f8cf0c354f2abcf3632c4cfb154aee6432ecf177dd1d2308d822

SHA512
7b402fa317c6c08273be95113605c785e0678fb0cc7cf72497dcbc5d302b7743a501b16dfc4d816a355ab877ccf33734decd7701f34866fed242e00bf29fde79

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
78ecaa2152cc9659cab653e2b495e2ab

SHA1
ea8a6b4d939985cba2f1b4459170714996cca5e3

SHA256
f08c6d200a1fa4d026e786b25fe872dd6a7bdc7ea10fcc9c5a96371e73072e11

SHA512
147372432bb27028ac16f7ec03969ad74037812a1db1c945d9142e2e974bb09ee6726c0d879671685374ee7251c334711e796f73dcd7d8c7b88dd43d12266091

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
9df3ed38dcf1322ac6311868901ff1f6

SHA1
9d46bb5a182780cc3f087f465874513608393317

SHA256
5d414d7bb44df7d4018d783e09a5c61e2c26f78c366f2ace6e1db406f97a5806

SHA512
714bf2218205c231807e7e59b5b0ad8b35bbd441023a48c1cbc3d2d27b938159403e907f67dd4e3eb6cd4125cb7083a23ab2f378d7f913f56d0cc35a3d91ea8a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
ae82dc94dcdaef96eb7f9791345561ef

SHA1
a92062e277d3464b8d674f62730dd57b7bbe0e1e

SHA256
352a9e035fa4695d2ef8ad2a1187dd407cd7fb74a35ed878bfeece068dee7229

SHA512
8607c2c57c10ff9b236c3d8acf086ce4b5cd96e365bb13d2069ec0a8842e49ca17f7e25d78cf2def97a8000da07e8f8914bb8f75e33f7033458cb1cc793c31e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
e567bc45d62822b68848540099d60c43

SHA1
fce2d308ba32bde0ca9beafdfb914d236bcc4e4a

SHA256
cf15e5cafc0f5c7414456246ff10bde04d7d4e2f1b7935f24e46bdffca641da0

SHA512
836695d1cd200387d18e0e472b56caef4ce3626aee807106452ea8bdefb056ccb13f4228f66d8f937991d6ee432a8ab8c417c93be8008330e6f1646b45d37cac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit