hxxp://www[.]color[.]org

Analysis

max time kernel
150s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
28/08/2023, 07:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://www.color.org

Score

1^/10

Malware Config

Signatures

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133376812272877852"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4756	chrome.exe
4756	chrome.exe
1684	chrome.exe
1684	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe
Token: SeShutdownPrivilege	4756	chrome.exe
Token: SeCreatePagefilePrivilege	4756	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4756 wrote to memory of 3992	4756	chrome.exe	81
PID 4756 wrote to memory of 3992	4756	chrome.exe	81
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1776	4756	chrome.exe	83
PID 4756 wrote to memory of 1272	4756	chrome.exe	84
PID 4756 wrote to memory of 1272	4756	chrome.exe	84
PID 4756 wrote to memory of 2852	4756	chrome.exe	85
PID 4756 wrote to memory of 2852	4756	chrome.exe	85
PID 4756 wrote to memory of 2852	4756	chrome.exe	85
PID 4756 wrote to memory of 2852	4756	chrome.exe	85
PID 4756 wrote to memory of 2852	4756	chrome.exe	85
PID 4756 wrote to memory of 2852	4756	chrome.exe	85
PID 4756 wrote to memory of 2852	4756	chrome.exe	85
PID 4756 wrote to memory of 2852	4756	chrome.exe	85
PID 4756 wrote to memory of 2852	4756	chrome.exe	85
PID 4756 wrote to memory of 2852	4756	chrome.exe	85
PID 4756 wrote to memory of 2852	4756	chrome.exe	85
PID 4756 wrote to memory of 2852	4756	chrome.exe	85
PID 4756 wrote to memory of 2852	4756	chrome.exe	85
PID 4756 wrote to memory of 2852	4756	chrome.exe	85
PID 4756 wrote to memory of 2852	4756	chrome.exe	85
PID 4756 wrote to memory of 2852	4756	chrome.exe	85
PID 4756 wrote to memory of 2852	4756	chrome.exe	85
PID 4756 wrote to memory of 2852	4756	chrome.exe	85
PID 4756 wrote to memory of 2852	4756	chrome.exe	85
PID 4756 wrote to memory of 2852	4756	chrome.exe	85
PID 4756 wrote to memory of 2852	4756	chrome.exe	85
PID 4756 wrote to memory of 2852	4756	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://www.color.org
1⤵
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff42ca9758,0x7fff42ca9768,0x7fff42ca9778
  2⤵
  PID:3992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1660 --field-trial-handle=1884,i,8912655572695928742,4822808646754720840,131072 /prefetch:2
  2⤵
  PID:1776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1884,i,8912655572695928742,4822808646754720840,131072 /prefetch:8
  2⤵
  PID:1272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2220 --field-trial-handle=1884,i,8912655572695928742,4822808646754720840,131072 /prefetch:8
  2⤵
  PID:2852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2824 --field-trial-handle=1884,i,8912655572695928742,4822808646754720840,131072 /prefetch:1
  2⤵
  PID:3560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2808 --field-trial-handle=1884,i,8912655572695928742,4822808646754720840,131072 /prefetch:1
  2⤵
  PID:452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4880 --field-trial-handle=1884,i,8912655572695928742,4822808646754720840,131072 /prefetch:1
  2⤵
  PID:4352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5088 --field-trial-handle=1884,i,8912655572695928742,4822808646754720840,131072 /prefetch:8
  2⤵
  PID:4080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5216 --field-trial-handle=1884,i,8912655572695928742,4822808646754720840,131072 /prefetch:8
  2⤵
  PID:2332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5196 --field-trial-handle=1884,i,8912655572695928742,4822808646754720840,131072 /prefetch:1
  2⤵
  PID:4040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1852 --field-trial-handle=1884,i,8912655572695928742,4822808646754720840,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1684

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2996

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
16KB

MD5
01d5892e6e243b52998310c2925b9f3a

SHA1
58180151b6a6ee4af73583a214b68efb9e8844d4

SHA256
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d

SHA512
de6ca9d539326c1d63a79e90a87d6a69676fc77a2955050b4c5299fab12b87af63c3d7f0789d10f4be214e5c58d6271106a82944d276d5ca361b6d01f7a9f319

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
34KB

MD5
4e4e8e6acfee02878be9e781fd9e9ecf

SHA1
b4778cdfc498bc849bc25f43fda5cfe7089fc446

SHA256
5d9692c0c25752c362097f772c8218b7194be31918e54f1e8408db0dd9f6df8d

SHA512
d866b2621ea770ca1f9bcf7bbe843742cdde86954c754725a85b4a024e88a7e91285e6259502fa608bdf86625faf9d31696bac7a0eb03f8bd55a1a20ca4dd8a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
ab9958858a2a7b9d8a0855ef26a336d3

SHA1
59fde56015692adc874882593aa97de99db02ae3

SHA256
861a9bbad234c17a39f3aa518d16b523365dbec1eb8186ae20cc20c94fb963ff

SHA512
712479419a6397a40321323ae14ded955ffdbb890888f6e8fc28695a7f0c80a4c98958928eae7bb585b6a4c886e7cc88cf860ba82e89278cc9c7fd5d05793905

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
859B

MD5
7bd2ca5a1e4a0203ae52d2f32eb5105d

SHA1
37aefbd6a9d33a4bb897de1d8913d0777e0e4fda

SHA256
5d9f1c9665d1fde1f256329f4ad143c673a8e29ece383256d43338cc69514ca5

SHA512
0d12143d90aab5da29a083ea18882c0df7f366ed5be8cb9742d96c9ffbffae60243dd35164a1ce8181ec4e22dd6b5e4b555a76ef2bf8a3978cf131b288ab8d41

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
829B

MD5
921d094504b3bde3ac9c83f53744975d

SHA1
7e566ccdbb46bf525e94c3fb2a2a5a299b8ecf1c

SHA256
2943470ccb88fe432a2fcb3e79f8f58f2663c6e8ec7effd89c95ad841629de66

SHA512
9e76e66ecc41cc738bfb81012fa58b6388f50011426680e40729316fb52ba204918127ae38ff10c6763dc9812d01691bc91a5442159afe04448555909a151e82

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
00a440bce2fb5c4acad28b1a4ce9beb4

SHA1
a0549b287f4e107de5143b4b2a16e0bae374bf50

SHA256
d019341a5135b87225b44795c5498b3d8478f316c50380a941d09a3644db997c

SHA512
f246c8faadaae34aa0a29f9b531a44b61f14ccc5bc328eaa4b4399cfe129219ac2cea55b5aafcc4d9c3c8b9154f0582d6257afa17e7bcd24049197af4e98c8ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
88810bd479f6d5c8a6e7f7db925b7382

SHA1
4a189276000fb1c1862e5d3c2e7e3d28ab725aa6

SHA256
ef333d16d5d0ce33b8e6c5be6b0cf1ae2b86983a65c485542465f78497ec65b3

SHA512
6ba12c6fa70a4455356459784b413b4888e6c17c359569ae7581b71f2a7a7901d61ba1d4944b67871619c26c805aa8a3a59cbc927f9839e0f66fb41be46afe57

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
1a7b259ce652dd15dd66c23534f174ed

SHA1
4eb7e1cb623969ac2252eb2621d78eb2a0ad7629

SHA256
d8e0a72743aee8f54883755eeacde7e5fffebcf2fbe7164454b5fd776477573d

SHA512
b136c61eb4989731248ebde02a7c3b8940e1061373f89ec5791fe4421a02744f39faa84252a33639d6c4fb1f00afdbc21145bcf583f37d873ade19ba5b203f94

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
770d30c1c2ee763bc8bc609ec62467f1

SHA1
bc02e14574bb129b451b8ac5fabbcbc8b265cd98

SHA256
0e0a710d4802e7b112020668791b3e37fdb14ea311ce59150f8688c2a144dda6

SHA512
744c6f122038a313f7a0d46d8952bd0209ee61026c7a768a48e0e5783ac4866fcf527290f500a8bb9c9745332adeb051f7286abd5e12f5e4af37688356bd2902

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
f442682ff89de66cb3cd69290578586c

SHA1
bb39dd82eec5aac341da981de8159fdb2d1eb8e1

SHA256
acddf47eb532e0c1491758edace49698d087a7e10fcbb3f83fa75bf47d281ea9

SHA512
73319085718cdcaea39b48e44d766c6249e8c43ada569bb92e15ec25803712e58d444eaa2714338c749655626aa83c374eb40439029b50348d791faa2bf06309

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
1439f59838335d457a4dd57c890e1331

SHA1
8a826aba4ef47975e3404bc31772cc3d9026f860

SHA256
9b98539c1379891392dcda69b8aeaa12d37fd0399042d26b081402b672887ccc

SHA512
03ea24ec2d84894d6c01c8a666dd3b095fcc30040073585cdc9d491e310ce9fa6f64af018a420a5fd15c9a6f85d2af74e2fe33a344441d273dd6aff4d7ba25f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit