hxxp://myggovvauss[.]info

Analysis

max time kernel
149s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
07/08/2023, 05:35

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

http://myggovvauss.info

Score

1^/10

Malware Config

Signatures

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133358601163546286"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1388	chrome.exe
1388	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe
Token: SeShutdownPrivilege	1652	chrome.exe
Token: SeCreatePagefilePrivilege	1652	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe
1652	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1652 wrote to memory of 4268	1652	chrome.exe	40
PID 1652 wrote to memory of 4268	1652	chrome.exe	40
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 2832	1652	chrome.exe	85
PID 1652 wrote to memory of 1096	1652	chrome.exe	86
PID 1652 wrote to memory of 1096	1652	chrome.exe	86
PID 1652 wrote to memory of 4520	1652	chrome.exe	88
PID 1652 wrote to memory of 4520	1652	chrome.exe	88
PID 1652 wrote to memory of 4520	1652	chrome.exe	88
PID 1652 wrote to memory of 4520	1652	chrome.exe	88
PID 1652 wrote to memory of 4520	1652	chrome.exe	88
PID 1652 wrote to memory of 4520	1652	chrome.exe	88
PID 1652 wrote to memory of 4520	1652	chrome.exe	88
PID 1652 wrote to memory of 4520	1652	chrome.exe	88
PID 1652 wrote to memory of 4520	1652	chrome.exe	88
PID 1652 wrote to memory of 4520	1652	chrome.exe	88
PID 1652 wrote to memory of 4520	1652	chrome.exe	88
PID 1652 wrote to memory of 4520	1652	chrome.exe	88
PID 1652 wrote to memory of 4520	1652	chrome.exe	88
PID 1652 wrote to memory of 4520	1652	chrome.exe	88
PID 1652 wrote to memory of 4520	1652	chrome.exe	88
PID 1652 wrote to memory of 4520	1652	chrome.exe	88
PID 1652 wrote to memory of 4520	1652	chrome.exe	88
PID 1652 wrote to memory of 4520	1652	chrome.exe	88
PID 1652 wrote to memory of 4520	1652	chrome.exe	88
PID 1652 wrote to memory of 4520	1652	chrome.exe	88
PID 1652 wrote to memory of 4520	1652	chrome.exe	88
PID 1652 wrote to memory of 4520	1652	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://myggovvauss.info
1⤵
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa3d529758,0x7ffa3d529768,0x7ffa3d529778
  2⤵
  PID:4268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1812 --field-trial-handle=1924,i,4534086281505798152,5140868803116110337,131072 /prefetch:2
  2⤵
  PID:2832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1924,i,4534086281505798152,5140868803116110337,131072 /prefetch:8
  2⤵
  PID:1096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2848 --field-trial-handle=1924,i,4534086281505798152,5140868803116110337,131072 /prefetch:1
  2⤵
  PID:1764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2268 --field-trial-handle=1924,i,4534086281505798152,5140868803116110337,131072 /prefetch:8
  2⤵
  PID:4520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2856 --field-trial-handle=1924,i,4534086281505798152,5140868803116110337,131072 /prefetch:1
  2⤵
  PID:4564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4592 --field-trial-handle=1924,i,4534086281505798152,5140868803116110337,131072 /prefetch:1
  2⤵
  PID:3992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4976 --field-trial-handle=1924,i,4534086281505798152,5140868803116110337,131072 /prefetch:1
  2⤵
  PID:4484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3984 --field-trial-handle=1924,i,4534086281505798152,5140868803116110337,131072 /prefetch:1
  2⤵
  PID:3708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4664 --field-trial-handle=1924,i,4534086281505798152,5140868803116110337,131072 /prefetch:8
  2⤵
  PID:4052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5452 --field-trial-handle=1924,i,4534086281505798152,5140868803116110337,131072 /prefetch:8
  2⤵
  PID:2384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5536 --field-trial-handle=1924,i,4534086281505798152,5140868803116110337,131072 /prefetch:1
  2⤵
  PID:2388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5268 --field-trial-handle=1924,i,4534086281505798152,5140868803116110337,131072 /prefetch:8
  2⤵
  PID:2016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4620 --field-trial-handle=1924,i,4534086281505798152,5140868803116110337,131072 /prefetch:8
  2⤵
  PID:2620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4772 --field-trial-handle=1924,i,4534086281505798152,5140868803116110337,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1388

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4412

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
19e0d729db225e9ab29eaa38c9f62dc5

SHA1
a60bcc5109dadd37739a2858118b388f345961d7

SHA256
793bd21a763bc0f04e29b27491cb961a48833bd119622c05d1b51e82b7e6f185

SHA512
be97c407e79517ef47d472592faca35d294e88c2974a26ef7360a444fe80ae28d6689e32f78f45fb8d8ac17d6a544cd93e9c2c745284ed9c70e854f74ee05d33

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
f91ad6feedbc801f8ccfb962d8c04c7b

SHA1
ccb9c7a395841b60506de5cf3b166ca021707b5c

SHA256
51f642c7e266a9dee453bbadb3a76c2a1b698162b6e7dba980639f47acf0b2ce

SHA512
68080678934cb2fe5a1cfdfbef8003a1d99d04dffc3e88f70602ae57292316fb9400040891be3bd6a65018107720066c217d7749c82ebb9bdbd21bc7894aeb82

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
4e44ac72a7a03bb8178867257f85ef92

SHA1
b02f60484e2156c86d77b9d6159ff46bf5e1b2a0

SHA256
4fbca59c49a8c9dfc9b4b6cd77d8db4b753420f494bee5a360164f1cb77f628e

SHA512
ad093473ebf94248415da2937d0da8db86795d82d54fd96920df1083804865e0791dfcea87b2203554c08db563f27a66f04e2ae663a945ce29a5f0da976cc293

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
9ba76127aaedbd48fa3708411b354a2d

SHA1
17e95c5efdfe19b173af9de99160ee6ba63473fc

SHA256
ea48e510a4db88a981c3198ab421f9d9ccd9fa6e9f0d62a6b9e4b91dbef70aeb

SHA512
e2fd77bcd4bc0659d589321548944f8c449f3ec0f8ffbc4194cb58daf76ca7842135bda22ac647168af8c8b5c361d41176ae3254eb77e2b62a3ca223a8f82ff4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
108KB

MD5
22e8a87774a28e310d56a3ffd155f248

SHA1
889aa79fce0d4c54616f9fca8225fb91604ab8db

SHA256
8fa8e57487a95846e8b1e34c399fa0c89723c7ed47601bb9d5078a2539da08b2

SHA512
1c82e9f164298249b9e2e7ff97a30906ddbcdde08b37d8d9763ff7fc0c722bef9608f872d4e6c4ea109dc0e075a10c62879f5108a2a0d7e5895ca266ccbb0f1f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
89KB

MD5
f27319e6c269ac88e935f1bba0e6413c

SHA1
262bac6e8594cc9c66ba17d5051ac418e683acb2

SHA256
5c4da6e3f65074157a98b63d0c0f2971c0c792bef05086333bc551c1b30fadb2

SHA512
1b14e02d35f9638ca5934dc4c80dc0ec9a088c9e156a0909092963c81706d1f89428d1f28800fd9d2801d49c6ad2269617059dcef80672cf863bd5310fe05ead

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
89KB

MD5
9e68cc65445019850553193140920054

SHA1
ea9cb34aa65a634fb17d8f16e9e61c173c446f8d

SHA256
a5c7855f0a376c585784ed8a7a0f4e781d267bccac267524771786bfb100e27e

SHA512
21c9e08cbdf2c7eb1824ae7bcd62b6fe22435b6249448237c09592e00a2818124014ea429bccc62135888aead152c46862868c3cfafde6f883b378a14ab75bd6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
89KB

MD5
65caef7179862cc31d9d332c17026ec7

SHA1
6c07d8332961c4dd53b1af23520a6dd3b6c8abde

SHA256
97bbdaa2952568d8c07cd0882d5937f6a04b57645e262b1e158fa9bd00c1d48c

SHA512
d3f3a1a0f79c96a7c4e04c6d3acc000479e3c401ced178d7c0a52fea7d24a80c3eb7ab257520d92afec8936eb5201f52e508a0b46b5a265e5bffac7ba59ef400

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit