hxxps://goldbergsfamousbagelsnj[.]com/macro/?integrity=bm9ybW9uLmNvbQ==&sso=bXBlcmV6cw==

Analysis

max time kernel
149s
max time network
142s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
12/07/2023, 10:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://goldbergsfamousbagelsnj.com/macro/?integrity=bm9ybW9uLmNvbQ==&sso=bXBlcmV6cw==

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133336324543753684"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
2952	chrome.exe
2952	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
224	chrome.exe
224	chrome.exe
224	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe
Token: SeShutdownPrivilege	224	chrome.exe
Token: SeCreatePagefilePrivilege	224	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe
224	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 224 wrote to memory of 2792	224	chrome.exe	86
PID 224 wrote to memory of 2792	224	chrome.exe	86
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 5060	224	chrome.exe	88
PID 224 wrote to memory of 3268	224	chrome.exe	90
PID 224 wrote to memory of 3268	224	chrome.exe	90
PID 224 wrote to memory of 4500	224	chrome.exe	89
PID 224 wrote to memory of 4500	224	chrome.exe	89
PID 224 wrote to memory of 4500	224	chrome.exe	89
PID 224 wrote to memory of 4500	224	chrome.exe	89
PID 224 wrote to memory of 4500	224	chrome.exe	89
PID 224 wrote to memory of 4500	224	chrome.exe	89
PID 224 wrote to memory of 4500	224	chrome.exe	89
PID 224 wrote to memory of 4500	224	chrome.exe	89
PID 224 wrote to memory of 4500	224	chrome.exe	89
PID 224 wrote to memory of 4500	224	chrome.exe	89
PID 224 wrote to memory of 4500	224	chrome.exe	89
PID 224 wrote to memory of 4500	224	chrome.exe	89
PID 224 wrote to memory of 4500	224	chrome.exe	89
PID 224 wrote to memory of 4500	224	chrome.exe	89
PID 224 wrote to memory of 4500	224	chrome.exe	89
PID 224 wrote to memory of 4500	224	chrome.exe	89
PID 224 wrote to memory of 4500	224	chrome.exe	89
PID 224 wrote to memory of 4500	224	chrome.exe	89
PID 224 wrote to memory of 4500	224	chrome.exe	89
PID 224 wrote to memory of 4500	224	chrome.exe	89
PID 224 wrote to memory of 4500	224	chrome.exe	89
PID 224 wrote to memory of 4500	224	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://goldbergsfamousbagelsnj.com/macro/?integrity=bm9ybW9uLmNvbQ==&sso=bXBlcmV6cw==
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffba1069758,0x7ffba1069768,0x7ffba1069778
  2⤵
  PID:2792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1664 --field-trial-handle=1824,i,3991294977097619965,17144456539345989675,131072 /prefetch:2
  2⤵
  PID:5060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2244 --field-trial-handle=1824,i,3991294977097619965,17144456539345989675,131072 /prefetch:8
  2⤵
  PID:4500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1944 --field-trial-handle=1824,i,3991294977097619965,17144456539345989675,131072 /prefetch:8
  2⤵
  PID:3268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3040 --field-trial-handle=1824,i,3991294977097619965,17144456539345989675,131072 /prefetch:1
  2⤵
  PID:3400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3032 --field-trial-handle=1824,i,3991294977097619965,17144456539345989675,131072 /prefetch:1
  2⤵
  PID:564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4584 --field-trial-handle=1824,i,3991294977097619965,17144456539345989675,131072 /prefetch:1
  2⤵
  PID:4016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3244 --field-trial-handle=1824,i,3991294977097619965,17144456539345989675,131072 /prefetch:8
  2⤵
  PID:2356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5224 --field-trial-handle=1824,i,3991294977097619965,17144456539345989675,131072 /prefetch:8
  2⤵
  PID:3648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5180 --field-trial-handle=1824,i,3991294977097619965,17144456539345989675,131072 /prefetch:8
  2⤵
  PID:3736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5228 --field-trial-handle=1824,i,3991294977097619965,17144456539345989675,131072 /prefetch:8
  2⤵
  PID:5056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5256 --field-trial-handle=1824,i,3991294977097619965,17144456539345989675,131072 /prefetch:8
  2⤵
  PID:3020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2336 --field-trial-handle=1824,i,3991294977097619965,17144456539345989675,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2952

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4400

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
797415a1b8e781abc106b4d8c6dda676

SHA1
491cdbaa6858282a1514c66dcb0729df4a293afc

SHA256
9c1d1cea58397076796ba8a434280ec1b9c35b2848b80e253515b7f3264cebb4

SHA512
2e18962690bfe156f5b6dec19c4a59492a11431d08fa27e251e076af164fa7ddf70729eca35b6779bc044209ff0618d961f61c3ec436063e6a8fb651d503352f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
9103d4f5eb33632aac9f7e4f37574f13

SHA1
e1f6ea8fad75057a2a1e3f28dd2fd2393f924a17

SHA256
6066af247d6afb90c13e33e99a7b6e344cd148fa841ea290ab2ac8c7e354db80

SHA512
f7953767862044408ec13654b47b5604160c25fb57c00435fffdd0dd9ccf89d673c77135865a15ba2662b2ebd07041503c5ed65d87adf2b1147dc3557f87a570

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
872B

MD5
99229b74f14123e75702cb84f375b129

SHA1
ab6ef327e600f78ab572a861f70a1be9e6d2afa7

SHA256
797fc9cbd492a5bf98be780df291d18ba355044dd7be7fa81d577d466f3e3b2e

SHA512
297a0c5ccdf2ec9689d9b1320fdec122f4f95e2db07c2f4c831f75e76955d26bb25bd99812b732982bb2b33545251596e9f4f38d7514c9cda14bc17b7e537e70

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
7e77dd354746394041a223395da62afb

SHA1
d8a49faeef71b0d331a974add910041a7b1990ae

SHA256
2ac283cc6b12a81c4d2ee2be282e786a74436297ef4c4cc888da66a5a07147a1

SHA512
7e108c16f328ff1dab943cc6faca8dea7fc47552006ff51612929d13d46f59a52c314b721da99fbb8f947a56cea4995d9880e5fc614781fead0aba75d13e4708

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
674b80d8bb755be1d8251c075f190617

SHA1
9864e4beec81439a34d6a32bfdb8a2b35e5da92a

SHA256
cd0e84113695e1c7f186fa904d848fb919e98b056a42aad85d376afe4e233c38

SHA512
4c0feedddabbb3199bbf77dfd3787cf890627547fa9a6b0766fe6f219550243a809bb03cc7269bf0948ae50f48169bdb3cc535a490da328ccd4f1cca403d7d95

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
258e92ce8e2810a67c88e6c8c427e3f0

SHA1
b3d59cfb3e8b840ca6d834a8d51f6df241a8ecd8

SHA256
e18ac1780c8ff6618d79e4f2bf6918eee0048ce3c5d2f5c1dfa3364c5ac8ae23

SHA512
5b6fba2cc1e4cf55a799f8affc4dc857364fa95b7cb900fccb0f70482e5a52ae6a71a7f28b54b5a1d16562ddeb692a074a5097ec058804e9bd0d2ee4dc812a76

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
175KB

MD5
d5074394ef153e7c5fafd2bd53021296

SHA1
c88fce2d1d67fdb0df7547a5fc177683d803d637

SHA256
d68be2dd728147fb70eb8d230fce7804317304f8ccf0854d401595fe5b8cdd7c

SHA512
39193847bb9b869e6b476726285bf08aeeef9191a6b363a20f55a34e7f0301a02c28e3dc25ec5ec2e279924c86719cbe6c2b4a24ddc9b06906fa047ecbee3da3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
89KB

MD5
e64a881674cbc8709d325fa5aa57f3cf

SHA1
ca832689830904ed83bf89790b890db7b408cc4e

SHA256
ad9c72417742f76a728c1d372546d2fa3bb65eb4ffe222d7530de2117345c507

SHA512
26029263ed94913ec3ac7023ff011d17c36e3be0d2d47d7180ba9608fca24a9e3b472d9cfc058d6008d2cb6e8b41f988fdd6f4c0988a618a91b630df8fe1fd9d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
175KB

MD5
896f2b5e5a6f96b90d16ae25b1f05928

SHA1
04a3c93a5c8efdcc7164c8842b3eafcf6c2dbaeb

SHA256
490f29ea3b253b5a0788d1bdb5acc61aaa37bd9e93b775ce09639084976b2261

SHA512
bcd243b1b3a881d26630f7fd68c21b2c7324e03fb232ae8abcd405c77504e323cea303dac777368b37ca9743203a74246304bfca6f92132095586419706cb9c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
208KB

MD5
0fe88a233f8c6d074c3753215a51ac03

SHA1
dcad95785aa7d8487c53c4979c2dabe98f25d67b

SHA256
07740a35e85e010098d170c1a367261a09b4e66497e2db543bf4baab1b632367

SHA512
293a614d6deae8348b8e19b3bf042f52edd7d29cb2628a54ce054479dcc84dd2f7af5cfcebd8cd5a91ac1eedf2bac1ccdef3b4f9732aac5afb2c937c0170326b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit