hxxp://viz[.]com

Analysis

max time kernel
300s
max time network
293s
platform
windows10-1703_x64
resource
win10-20230703-en
resource tags

arch:x64arch:x86image:win10-20230703-enlocale:en-usos:windows10-1703-x64system
submitted
15/08/2023, 15:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://viz.com

Score

1^/10

Malware Config

Signatures

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133365858555268890"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4052	chrome.exe
4052	chrome.exe
3012	chrome.exe
3012	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe
Token: SeShutdownPrivilege	4052	chrome.exe
Token: SeCreatePagefilePrivilege	4052	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe
4052	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4052 wrote to memory of 3552	4052	chrome.exe	70
PID 4052 wrote to memory of 3552	4052	chrome.exe	70
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 4588	4052	chrome.exe	74
PID 4052 wrote to memory of 484	4052	chrome.exe	72
PID 4052 wrote to memory of 484	4052	chrome.exe	72
PID 4052 wrote to memory of 1292	4052	chrome.exe	73
PID 4052 wrote to memory of 1292	4052	chrome.exe	73
PID 4052 wrote to memory of 1292	4052	chrome.exe	73
PID 4052 wrote to memory of 1292	4052	chrome.exe	73
PID 4052 wrote to memory of 1292	4052	chrome.exe	73
PID 4052 wrote to memory of 1292	4052	chrome.exe	73
PID 4052 wrote to memory of 1292	4052	chrome.exe	73
PID 4052 wrote to memory of 1292	4052	chrome.exe	73
PID 4052 wrote to memory of 1292	4052	chrome.exe	73
PID 4052 wrote to memory of 1292	4052	chrome.exe	73
PID 4052 wrote to memory of 1292	4052	chrome.exe	73
PID 4052 wrote to memory of 1292	4052	chrome.exe	73
PID 4052 wrote to memory of 1292	4052	chrome.exe	73
PID 4052 wrote to memory of 1292	4052	chrome.exe	73
PID 4052 wrote to memory of 1292	4052	chrome.exe	73
PID 4052 wrote to memory of 1292	4052	chrome.exe	73
PID 4052 wrote to memory of 1292	4052	chrome.exe	73
PID 4052 wrote to memory of 1292	4052	chrome.exe	73
PID 4052 wrote to memory of 1292	4052	chrome.exe	73
PID 4052 wrote to memory of 1292	4052	chrome.exe	73
PID 4052 wrote to memory of 1292	4052	chrome.exe	73
PID 4052 wrote to memory of 1292	4052	chrome.exe	73

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://viz.com
1⤵
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffb03ea9758,0x7ffb03ea9768,0x7ffb03ea9778
  2⤵
  PID:3552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1836 --field-trial-handle=1772,i,11854732001024699769,15218605869994461505,131072 /prefetch:8
  2⤵
  PID:484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2080 --field-trial-handle=1772,i,11854732001024699769,15218605869994461505,131072 /prefetch:8
  2⤵
  PID:1292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1508 --field-trial-handle=1772,i,11854732001024699769,15218605869994461505,131072 /prefetch:2
  2⤵
  PID:4588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2652 --field-trial-handle=1772,i,11854732001024699769,15218605869994461505,131072 /prefetch:1
  2⤵
  PID:2980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2640 --field-trial-handle=1772,i,11854732001024699769,15218605869994461505,131072 /prefetch:1
  2⤵
  PID:1640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4768 --field-trial-handle=1772,i,11854732001024699769,15218605869994461505,131072 /prefetch:1
  2⤵
  PID:3672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4936 --field-trial-handle=1772,i,11854732001024699769,15218605869994461505,131072 /prefetch:1
  2⤵
  PID:2664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4480 --field-trial-handle=1772,i,11854732001024699769,15218605869994461505,131072 /prefetch:1
  2⤵
  PID:856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5164 --field-trial-handle=1772,i,11854732001024699769,15218605869994461505,131072 /prefetch:1
  2⤵
  PID:2432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=2840 --field-trial-handle=1772,i,11854732001024699769,15218605869994461505,131072 /prefetch:1
  2⤵
  PID:2236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2800 --field-trial-handle=1772,i,11854732001024699769,15218605869994461505,131072 /prefetch:8
  2⤵
  PID:5000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5572 --field-trial-handle=1772,i,11854732001024699769,15218605869994461505,131072 /prefetch:8
  2⤵
  PID:1644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5280 --field-trial-handle=1772,i,11854732001024699769,15218605869994461505,131072 /prefetch:1
  2⤵
  PID:4512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6072 --field-trial-handle=1772,i,11854732001024699769,15218605869994461505,131072 /prefetch:8
  2⤵
  PID:700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2864 --field-trial-handle=1772,i,11854732001024699769,15218605869994461505,131072 /prefetch:8
  2⤵
  PID:2680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1496 --field-trial-handle=1772,i,11854732001024699769,15218605869994461505,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3012

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:5008

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000037

Filesize
175KB

MD5
2a9c0a1074358185eeb6b70954ebdfe9

SHA1
c944e4dc2d1c703937ba0c9ada25927bb3373983

SHA256
4dadc11ec68efc62c2ec5fdddca582d3f3bc413b85351b5d3d7285cf8d2f0cd4

SHA512
29c9d5895fcbdcb5999a40a5068d378b86c50a2ccda983049dcf5b9a184fb2d1162fa0a7225f1a6ae07b993fa4d251f6aefe5df008c055fe1c2fc859c135b339

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
cdc11884270c9232d5eef94582d56303

SHA1
00614910334e6c78fc7313e1efb09d499b4c1358

SHA256
4cf398866170f22ed9a2faeb651a6d86f7b570b97853524580aa6183c00505a7

SHA512
a277dc84aa0ca828825738730b26cd3b74bf1c3dfb614e10549cb6f61a31ea5c13ba9958bd3b14d280c14468409d151daf8718fa953f49d0434b947a6b86d051

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
ae93a9da8fee7d9ae449c6bbc9e7e249

SHA1
169950b244293943761af73d86e3acbea8e55538

SHA256
91ce7b8f83517160ff70a6dd27d9b1d3e3d11202337aaa8ce00f8a019ed8039c

SHA512
2264c2aff451dc94477d07926f20dd44705214c6b0007e75c2c7f2c7ff7ed7813a8b48524a2c2fda0de6256c373eed1e5fd20bfa2d1870c444656430cf2f60fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
004ce88ebe025363f0d6f6f3bf91107f

SHA1
263625c0ffc66e7e7a5a8b0e0b20d8e4ed6499be

SHA256
cc1bfe768020823a1f012850276ae3613b72494203af9da970864bdc274e7c22

SHA512
f8a3d7b3529c837dcd90b0cdf256cd4a65dba204ac85e745045b3491d0c4466c701dc66765fd99ad4c9b2ad853319f7e1a3822dfbccb6a46e1b61f91fc8acf04

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
3b366151b3d5e759628f320b63ae24ad

SHA1
5246ddc153b05add12c1fbf03a6ffcc68e6f6a37

SHA256
7a4458bc31fb91feb6ff1e51f79681d2ea6e6c799ad5c3788ba7eacbccfa8255

SHA512
59fe02f0a19a9b02012c16ea32900cc4e301f3284e650d31ab77099d96d457208dcf225ed50f2434606ce2753f700ce9404a98d806381a25c7f18f94f4d676bd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a4cc7f369b5b9f2641241514efd1a866

SHA1
26d6cd12c115c19afad7c7f6864d699a365553f5

SHA256
5c07ee4e2e627e71ed03451d10d1ead82b93ccca6bbd38ecf6ceaf0af58b0cfe

SHA512
3346d13ea3ef35d24ccc23c84e76f58013bb9c000845c05a746e2524d795cd0dea05c8d8052b36e4ae361c24ad805e0257cad807b7919b8ba5c208c7c857b0c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
95f1b162e024f5508091b8f6b6e21d68

SHA1
de76b353547754cd43d4d9cf964dcbae468c46d8

SHA256
cf3ebeba10b4c19beb5821bcb3da56d61e8bcd279126c7c7eda5de4401a07432

SHA512
def8b107ed4241dd2ce490ac44a77252c5bba05f9f2eed2e990ab07995d3071f20af77276b0b1612d9ffac000ec20483d522ae7e7bc6ad0c942c477e345df9f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
c89ba0cfa1180b7741a321649968e8c5

SHA1
b5412d9be8e2caddb49b42b6bcddbb3012103028

SHA256
fdb55d4d98d7c729fd858a75c640cace1a50ec2c3923410df3079d6e2e4efbed

SHA512
b4610a4acc0b90d865d2a8da57667a05886e91927b5cd3213c2f1e106c0c0ff4749e2cd879f9a764aaca970e6b196cc2a5e03851877ad725d50ba42b59b34dd3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit