hxxps://dribbble[.]com/shots/21992699-You-have-a-new-fax-to-review?utm_source=Clipboard_Shot&utm_campaign=scanna808&utm_content=You%20have%20a%20new%20fax%20to%20review&utm_medium=Social_Share&utm_source=Clipboard_Shot&utm_campaign=scanna808&utm_content=You%20have%20a%20new%20fax%20to%20review&utm_medium=Social_Share

Analysis

max time kernel
60s
max time network
63s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
13/07/2023, 22:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://dribbble.com/shots/21992699-You-have-a-new-fax-to-review?utm_source=Clipboard_Shot&utm_campaign=scanna808&utm_content=You%20have%20a%20new%20fax%20to%20review&utm_medium=Social_Share&utm_source=Clipboard_Shot&utm_campaign=scanna808&utm_content=You%20have%20a%20new%20fax%20to%20review&utm_medium=Social_Share

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133337618249457414"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2356	chrome.exe
2356	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2356 wrote to memory of 1940	2356	chrome.exe	84
PID 2356 wrote to memory of 1940	2356	chrome.exe	84
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 3904	2356	chrome.exe	86
PID 2356 wrote to memory of 4324	2356	chrome.exe	87
PID 2356 wrote to memory of 4324	2356	chrome.exe	87
PID 2356 wrote to memory of 4604	2356	chrome.exe	88
PID 2356 wrote to memory of 4604	2356	chrome.exe	88
PID 2356 wrote to memory of 4604	2356	chrome.exe	88
PID 2356 wrote to memory of 4604	2356	chrome.exe	88
PID 2356 wrote to memory of 4604	2356	chrome.exe	88
PID 2356 wrote to memory of 4604	2356	chrome.exe	88
PID 2356 wrote to memory of 4604	2356	chrome.exe	88
PID 2356 wrote to memory of 4604	2356	chrome.exe	88
PID 2356 wrote to memory of 4604	2356	chrome.exe	88
PID 2356 wrote to memory of 4604	2356	chrome.exe	88
PID 2356 wrote to memory of 4604	2356	chrome.exe	88
PID 2356 wrote to memory of 4604	2356	chrome.exe	88
PID 2356 wrote to memory of 4604	2356	chrome.exe	88
PID 2356 wrote to memory of 4604	2356	chrome.exe	88
PID 2356 wrote to memory of 4604	2356	chrome.exe	88
PID 2356 wrote to memory of 4604	2356	chrome.exe	88
PID 2356 wrote to memory of 4604	2356	chrome.exe	88
PID 2356 wrote to memory of 4604	2356	chrome.exe	88
PID 2356 wrote to memory of 4604	2356	chrome.exe	88
PID 2356 wrote to memory of 4604	2356	chrome.exe	88
PID 2356 wrote to memory of 4604	2356	chrome.exe	88
PID 2356 wrote to memory of 4604	2356	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://dribbble.com/shots/21992699-You-have-a-new-fax-to-review?utm_source=Clipboard_Shot&utm_campaign=scanna808&utm_content=You%20have%20a%20new%20fax%20to%20review&utm_medium=Social_Share&utm_source=Clipboard_Shot&utm_campaign=scanna808&utm_content=You%20have%20a%20new%20fax%20to%20review&utm_medium=Social_Share
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8738b9758,0x7ff8738b9768,0x7ff8738b9778
  2⤵
  PID:1940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1652 --field-trial-handle=1880,i,4838685843279009330,1446893887443965099,131072 /prefetch:2
  2⤵
  PID:3904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2036 --field-trial-handle=1880,i,4838685843279009330,1446893887443965099,131072 /prefetch:8
  2⤵
  PID:4324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2228 --field-trial-handle=1880,i,4838685843279009330,1446893887443965099,131072 /prefetch:8
  2⤵
  PID:4604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2988 --field-trial-handle=1880,i,4838685843279009330,1446893887443965099,131072 /prefetch:1
  2⤵
  PID:2608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2984 --field-trial-handle=1880,i,4838685843279009330,1446893887443965099,131072 /prefetch:1
  2⤵
  PID:4484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4540 --field-trial-handle=1880,i,4838685843279009330,1446893887443965099,131072 /prefetch:1
  2⤵
  PID:3988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=5096 --field-trial-handle=1880,i,4838685843279009330,1446893887443965099,131072 /prefetch:1
  2⤵
  PID:404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5656 --field-trial-handle=1880,i,4838685843279009330,1446893887443965099,131072 /prefetch:8
  2⤵
  PID:3692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5300 --field-trial-handle=1880,i,4838685843279009330,1446893887443965099,131072 /prefetch:8
  2⤵
  PID:1500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5528 --field-trial-handle=1880,i,4838685843279009330,1446893887443965099,131072 /prefetch:1
  2⤵
  PID:412

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3824

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\2a89a4c0-48a1-46ec-a22c-80c4c0deac60.tmp

Filesize
87KB

MD5
3a3b8d53a392da02fac558ab99a29363

SHA1
aaebc403860483c1461540c008a115b773a3ba46

SHA256
7e3df0ecf5ea71ee5acc017602c751196daa9c53b47777dec5a2c89a0428fca1

SHA512
9ff2e06bcb99e32b09669c9a5dc529518d974af972e588da87c07fbe5a95e6a73db17deb526b3bb0a83d03c32ffd7a24655fa5130b8d9314b7c653d2cd934f8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
18c066a1193134f22835e2fa146a252b

SHA1
4d5f03b47eb5fd14b933dacf24e6c5310efe70ae

SHA256
1e6966d1e3dd2a7bb8cdd931bbc6e142bebb0bb52a761d3094dd2f88ab3655f7

SHA512
e98fb95ca9b3b47612e7a675100c3f71673d37f1e1e4e16e1ad3ed27a90eadeca96fa6003e473326ccef0abbcf1213540dba4e9686ccd06092551ae36e81c1b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c3615df4411a3829a4b623aff9e04984

SHA1
a5980e76b2b4c42b3a7828611e567430c681b38c

SHA256
5821ba8b7d4d546cd927f970bfb5c54999c37015d1c921e0e4a332a0b50bd8f6

SHA512
a8eae51c07a6eec33f72b53c31e70932eb99278c75153a2b0cabf55d3a8c41f3e95d79e2ffcb5568bd050f2cbd8abc5f7006dd6ec7653cb3725f2885602e6ee8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
590bd40a462e8380a3b95cacc56a442b

SHA1
253cd0ec8896d855351213738c4a349ecb428dcc

SHA256
333677183b9daf917f3c5e28bfb9f9c96137410cd8dafb434b17d2bb7ce8e903

SHA512
836956c2fb72d89094b1a559e4472d74f0e5cab1ba12f5c57b7c8504b03b3758863d0a68fbf1342c2c27d0344f6dec8df790acc02edfac0faf603419a69c0c8a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
bdcd080bf195be4f162364737bf7150f

SHA1
41e5d4d6c231140378182e009ad01000d23a7f2f

SHA256
3fa6d9fd1594db2e7493efd14e5cdbe73c846177d65be99f6317638ffea32f25

SHA512
97e3d8be0f55f74c38c21a0fd2085e870ef9f3e60e6491f33aed2c9d48c2821ea97a205d2fb34b887781453caf7884d9a0e17ea0847ea9991be9d72ea248afee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
820456547a0a2bea75f417268edc4a68

SHA1
18f030e6cea15599252d80fb7af037ed5bab2908

SHA256
578c94f336a69532665ed7dad3bbdde2d196764d6995946e8e5be32aab2dd9fa

SHA512
8692b557a742c1c58fc69aa6572186a95fbb3be9b8690058d74a5ad0fa1bcf345a6af2873c45364b3c0d80537f79000f89b8673ec00586658a3be895537d0162

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
dd6eb4dd7ec8e4398bf1b083f7c2cf32

SHA1
0797b149d8f0d176a6deee2101c8fe323dc1173c

SHA256
301abcb97cce3dbde2286504629a31034799f0e9b6f6b3f63866143ee4057a4b

SHA512
d758d6bfb6a6c38702e51d3b0d3720ea9de0979060644b7288986a2b100cfddb1519a0a88408db23b42adb3060aeb27af3f2af335583f54516a41b75609a0b20

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
051c7862333c9772a6c8e71b88616df2

SHA1
2770c6b5630ccd3b7b9e9d18e27dd09f3a7206bd

SHA256
c5fabe34d53e55cead3012992b1bd01062528ad9b16115da219ed877b2caa5ab

SHA512
49bf06f59a3a0fc7073a06f27c7ce705b805ae7a4b59aea529bd1648c0d8a20a039d461d65e763f17c64fc11f0ee480167a68e544ff9ca15efa725a6903260b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
41cff2eb962509842f8dbf028cbc5cb7

SHA1
0ba6e83b503a18f1fd481020e502a60ed41efe1e

SHA256
e1d53db15f799245792042c693a5ffafeae13a9782e8253f3abfb993cd2dc657

SHA512
f93f52071d0a8e63d4178b4df1355975b3e0af5929db6ed172f77e8cb9a2614cbf509af10103fb0d2d5187c0795d06c0243a633e384f5295d38d5cc8fbc9a6c0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
9668310e747674328d45c8296aa948ff

SHA1
17b1a48cd253b2acecf1add1e1916ebda86f23da

SHA256
786abc05317064ac770d5bc8284a98ebe2a3b2ec0b617a2cb52e6b32c4fed79d

SHA512
66853c0a02e876eb31c84c9e0ab7a9c3904482638f0b88020d1bce4769cc93da49a325baf7d291c58a04f515770b05f4eaaf08283a3c0e1a249b2c14e02274ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit