hxxp://golden1-online[.]com

Analysis

max time kernel
150s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20230621-en
resource tags

arch:x64arch:x86image:win10v2004-20230621-enlocale:en-usos:windows10-2004-x64system
submitted
28/06/2023, 19:00

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

http://golden1-online.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133324524648808637"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2176	chrome.exe
2176	chrome.exe
1576	chrome.exe
1576	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe
Token: SeShutdownPrivilege	2176	chrome.exe
Token: SeCreatePagefilePrivilege	2176	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe
2176	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2176 wrote to memory of 1600	2176	chrome.exe	84
PID 2176 wrote to memory of 1600	2176	chrome.exe	84
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 32	2176	chrome.exe	85
PID 2176 wrote to memory of 852	2176	chrome.exe	86
PID 2176 wrote to memory of 852	2176	chrome.exe	86
PID 2176 wrote to memory of 776	2176	chrome.exe	87
PID 2176 wrote to memory of 776	2176	chrome.exe	87
PID 2176 wrote to memory of 776	2176	chrome.exe	87
PID 2176 wrote to memory of 776	2176	chrome.exe	87
PID 2176 wrote to memory of 776	2176	chrome.exe	87
PID 2176 wrote to memory of 776	2176	chrome.exe	87
PID 2176 wrote to memory of 776	2176	chrome.exe	87
PID 2176 wrote to memory of 776	2176	chrome.exe	87
PID 2176 wrote to memory of 776	2176	chrome.exe	87
PID 2176 wrote to memory of 776	2176	chrome.exe	87
PID 2176 wrote to memory of 776	2176	chrome.exe	87
PID 2176 wrote to memory of 776	2176	chrome.exe	87
PID 2176 wrote to memory of 776	2176	chrome.exe	87
PID 2176 wrote to memory of 776	2176	chrome.exe	87
PID 2176 wrote to memory of 776	2176	chrome.exe	87
PID 2176 wrote to memory of 776	2176	chrome.exe	87
PID 2176 wrote to memory of 776	2176	chrome.exe	87
PID 2176 wrote to memory of 776	2176	chrome.exe	87
PID 2176 wrote to memory of 776	2176	chrome.exe	87
PID 2176 wrote to memory of 776	2176	chrome.exe	87
PID 2176 wrote to memory of 776	2176	chrome.exe	87
PID 2176 wrote to memory of 776	2176	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" http://golden1-online.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbd3559758,0x7ffbd3559768,0x7ffbd3559778
  2⤵
  PID:1600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1816 --field-trial-handle=1784,i,9257810870351833977,5298096201235664608,131072 /prefetch:2
  2⤵
  PID:32
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1784,i,9257810870351833977,5298096201235664608,131072 /prefetch:8
  2⤵
  PID:852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2212 --field-trial-handle=1784,i,9257810870351833977,5298096201235664608,131072 /prefetch:8
  2⤵
  PID:776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3044 --field-trial-handle=1784,i,9257810870351833977,5298096201235664608,131072 /prefetch:1
  2⤵
  PID:5112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3052 --field-trial-handle=1784,i,9257810870351833977,5298096201235664608,131072 /prefetch:1
  2⤵
  PID:2764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4568 --field-trial-handle=1784,i,9257810870351833977,5298096201235664608,131072 /prefetch:1
  2⤵
  PID:1880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4772 --field-trial-handle=1784,i,9257810870351833977,5298096201235664608,131072 /prefetch:1
  2⤵
  PID:2872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5176 --field-trial-handle=1784,i,9257810870351833977,5298096201235664608,131072 /prefetch:8
  2⤵
  PID:2232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5300 --field-trial-handle=1784,i,9257810870351833977,5298096201235664608,131072 /prefetch:8
  2⤵
  PID:3376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5200 --field-trial-handle=1784,i,9257810870351833977,5298096201235664608,131072 /prefetch:8
  2⤵
  PID:2616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5264 --field-trial-handle=1784,i,9257810870351833977,5298096201235664608,131072 /prefetch:1
  2⤵
  PID:1684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5612 --field-trial-handle=1784,i,9257810870351833977,5298096201235664608,131072 /prefetch:1
  2⤵
  PID:1332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5864 --field-trial-handle=1784,i,9257810870351833977,5298096201235664608,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1576

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2900

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
984B

MD5
1af4bcb4ba851b497f9f042b07deca81

SHA1
7db3248239b50e5271c7f0fe59c0426d4c926075

SHA256
e109b21cb379ea13a877bdc682a797a00269b419203a728b2d0d16e0222afa0c

SHA512
12225c807459bb2d7eee39ce4264ae1f994f010febd184f3c8c8d432cb0b3096f0a667d5be4a6579300cbcb043721202aa30c7dc5fea21be8a2e1892fa2b045b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
95ce721c91c24d44b93e21b9b2374909

SHA1
02948d78cd36a5941048b246e7c6b844dfa8f278

SHA256
e51b18b52418ff4c920b56ff0df55803cd7e4a496e31f955cc523025e6b5bc79

SHA512
3739dd0571b402c77dd3294c231392568c94a646bdf1bda9ef78c9700e2835b3a10a9202e82c02e375008a540c460fc87b2cdf236028e35ad2d038d98a199c20

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
7ba871b2bf0d58cf489ad248fa53c7de

SHA1
18c0e2898ca3b15e02d2aab2d9443c546726a019

SHA256
f54042c2353930825dbf7f7c6f0e7f60679aa8c8ec0743f1ff81c6c5342e7460

SHA512
bcceda45fae351ee394aaedeec102c2e73254f1ba88f2572c3af97a1540f6d2f3a3f70ee3da333f7a4ac67a4375a5e7667fcacc1b94703e386cbde4d20a86798

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
07841953043fab1ccfcfcf8a7b3586d9

SHA1
1f2855d6a6636556708916c98db6be541f139068

SHA256
57fc3e4288e431ed8b030eb2f843b02cfbdf177c03e605b65730446f5c70c999

SHA512
de4d48b04646eb7f230df4909ad8c23a5c6ff9ec41d2f79ce1238767a1e8a60e9e8fe4e41c9f7bb732e39b7802d1ed5167de11d6beb88289232c947ab4793005

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
6395111c79d8602be59de6bb1d892a4d

SHA1
833b48ab2864128fb9b2a58e41573f0eb50b65c9

SHA256
053e2cfac040c1cc372963b01d1698ced0a296796eac92def26a22649e8638ee

SHA512
4185d9d2cb30c097e4c0a27195a292a695e1156657934192b1f584ff1cf1e0573b587de5f81db585862cd4e35066578729334cd03eb86c837f971ec82702a6ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
4aea87a1fcb8634e8c5c8ef6bbcd56f5

SHA1
59264333a64980d88c8f3e54fe308454db45e21a

SHA256
8b9094cd4141e917ea880fd76a0554f6ab80fe83cd248f7d6a97aa4bae26f987

SHA512
5d0a7f6d2392d48b7222a7b8dfef897fa1c9eb75701dc5dcce25b9e49ce3e5924b3476f017f7cfb9cd10687acc06e2ddc2f3fabf15e8eb8a67db7c0c6dac28fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
8f718a62a69575d1ea0824ccfeb046e2

SHA1
22b8879d5aba40250d8ef1881fe94ae976a3edf3

SHA256
9ae5c55fb8ccd645df06d0bd15e1c1ef6ffe92d2b566c7bd719d4923e3f2d32a

SHA512
09ea85d09b81eecf2f9e214e14291bb98d19be0fb19ad384765a397f10308bc9cbe196e9ac60dfe86f6bb0f5d683b03effdb02283e46bb1a61969c9ea77b777d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
e83523f9b4653f6f2512636f75ec8f8a

SHA1
30e48c736f31b40aeafa45138e86dfb1ab4b503e

SHA256
7194ce6cec4a31d6eeb3ef554812a89fad67b6ab98a5d0a6f9d12b397d3b74bf

SHA512
4f7171d7dc389202441cae9a1086bbe6d9f4cd70775cff4749511e5bb2efef83a6d524339decb089075a9c3013b5c560eeef2aaf6a48b3bda12d3e01879ddf17

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
103KB

MD5
22042af7c0f1804de67381990118f994

SHA1
64db149d14591ed4053ae2b85d014aea071c6c95

SHA256
6bbe4dfe616fcc31acadb4549f2561ae61fd319c44a10948f42eae85c39592fd

SHA512
6d8179255d3841ea3c7c5320a6d79a1e0c8f10c475bb743f0279bea5351ee245b4f636c59fbd5330afe4b8ddcabc768dece583643b98fa5f79ff3ef9f4359b00

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe56fc56.TMP

Filesize
96KB

MD5
e5ca1069fbb30399109ca1154a6dc1b6

SHA1
bb4d3193f8477b49616e96307d1993b298ca9183

SHA256
8be01b85a13f11e4219aaf443dfa0a597b7682fee5bc430d30fca3f4dbbe64fd

SHA512
ac249c05ebe91ddddcb656b9a4cdbce3c795ba80d86b3d857fe587234261d1297ef0644ee3c82f39dd6d048c56703f5262fc3b80ea576fa806924091ee7deb62

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit