hxxp://one[.]cryptonomiconf[.]com

Analysis

max time kernel
150s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
31/08/2023, 04:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://one.cryptonomiconf.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133379304952532968"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4404	chrome.exe
4404	chrome.exe
4424	chrome.exe
4424	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe
Token: SeShutdownPrivilege	4404	chrome.exe
Token: SeCreatePagefilePrivilege	4404	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe
4404	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4404 wrote to memory of 1524	4404	chrome.exe	83
PID 4404 wrote to memory of 1524	4404	chrome.exe	83
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 4416	4404	chrome.exe	89
PID 4404 wrote to memory of 3012	4404	chrome.exe	85
PID 4404 wrote to memory of 3012	4404	chrome.exe	85
PID 4404 wrote to memory of 1400	4404	chrome.exe	88
PID 4404 wrote to memory of 1400	4404	chrome.exe	88
PID 4404 wrote to memory of 1400	4404	chrome.exe	88
PID 4404 wrote to memory of 1400	4404	chrome.exe	88
PID 4404 wrote to memory of 1400	4404	chrome.exe	88
PID 4404 wrote to memory of 1400	4404	chrome.exe	88
PID 4404 wrote to memory of 1400	4404	chrome.exe	88
PID 4404 wrote to memory of 1400	4404	chrome.exe	88
PID 4404 wrote to memory of 1400	4404	chrome.exe	88
PID 4404 wrote to memory of 1400	4404	chrome.exe	88
PID 4404 wrote to memory of 1400	4404	chrome.exe	88
PID 4404 wrote to memory of 1400	4404	chrome.exe	88
PID 4404 wrote to memory of 1400	4404	chrome.exe	88
PID 4404 wrote to memory of 1400	4404	chrome.exe	88
PID 4404 wrote to memory of 1400	4404	chrome.exe	88
PID 4404 wrote to memory of 1400	4404	chrome.exe	88
PID 4404 wrote to memory of 1400	4404	chrome.exe	88
PID 4404 wrote to memory of 1400	4404	chrome.exe	88
PID 4404 wrote to memory of 1400	4404	chrome.exe	88
PID 4404 wrote to memory of 1400	4404	chrome.exe	88
PID 4404 wrote to memory of 1400	4404	chrome.exe	88
PID 4404 wrote to memory of 1400	4404	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://one.cryptonomiconf.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff925789758,0x7ff925789768,0x7ff925789778
  2⤵
  PID:1524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1868,i,10390212208542437696,10670504281883892984,131072 /prefetch:8
  2⤵
  PID:3012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2812 --field-trial-handle=1868,i,10390212208542437696,10670504281883892984,131072 /prefetch:1
  2⤵
  PID:4596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2804 --field-trial-handle=1868,i,10390212208542437696,10670504281883892984,131072 /prefetch:1
  2⤵
  PID:1396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2176 --field-trial-handle=1868,i,10390212208542437696,10670504281883892984,131072 /prefetch:8
  2⤵
  PID:1400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1728 --field-trial-handle=1868,i,10390212208542437696,10670504281883892984,131072 /prefetch:2
  2⤵
  PID:4416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4964 --field-trial-handle=1868,i,10390212208542437696,10670504281883892984,131072 /prefetch:8
  2⤵
  PID:1552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4988 --field-trial-handle=1868,i,10390212208542437696,10670504281883892984,131072 /prefetch:8
  2⤵
  PID:1816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4688 --field-trial-handle=1868,i,10390212208542437696,10670504281883892984,131072 /prefetch:1
  2⤵
  PID:2524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4996 --field-trial-handle=1868,i,10390212208542437696,10670504281883892984,131072 /prefetch:1
  2⤵
  PID:3552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5284 --field-trial-handle=1868,i,10390212208542437696,10670504281883892984,131072 /prefetch:1
  2⤵
  PID:2268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4596 --field-trial-handle=1868,i,10390212208542437696,10670504281883892984,131072 /prefetch:1
  2⤵
  PID:3632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3968 --field-trial-handle=1868,i,10390212208542437696,10670504281883892984,131072 /prefetch:1
  2⤵
  PID:2716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2952 --field-trial-handle=1868,i,10390212208542437696,10670504281883892984,131072 /prefetch:1
  2⤵
  PID:4356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2780 --field-trial-handle=1868,i,10390212208542437696,10670504281883892984,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4424

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2620

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
456B

MD5
8dba6a4373bb6a7a001c1592bc6931a7

SHA1
4425732e010e3cf04c9842aa94e0f24f69430c8f

SHA256
3f5f5b1d07478897e5b47c4902c87054aba2446684d310d695d7c33a6c2760a2

SHA512
19bfefe81e06d76beb98dbba8a51f96aa8b32528d5aadcc8d5e1a8367b20181cca485bd6b817dfcb25f0861ea5554a2e4c7bebf676154c9f0eba6cc708d7ac45

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
05c6cf0dc7cfa796d1b2a48a6e328d63

SHA1
a875d9e7c33c3e33a699638cad5a1e7fcc44f6f3

SHA256
d0bda62affe004e4ad2708cf7baaebd1847e1f9849e70e678bd1440701f7363a

SHA512
2558b00a2c2f484ffea0116ec890483821e858fa86ceac70caf072f20c03c8840ae93d6e9ab0ba33e5fb4d1cf0e4dfb402b60ded4615f8e6b3b1ae114c874046

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
8fefe7a90949deb02d9d42f354b0363c

SHA1
10976cb35ddcf0f4c297dad5a9b0cab2ad001937

SHA256
b2f0ec6157acfcd86fd69e68117037029d1cc2f82134960f5add4257eeb1992e

SHA512
17f53a8d152640d4f4ee30e4743ec8ee40792150b9678aa3e27dd4552d3f62dc764abdc7c922fd5c7762cd074fe959ac142dfc635faa39fdfc405c2ddce7dfff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
231cf88949798455d00ced2038c84045

SHA1
00099072617bbf2b40f93b39c8678e79e51fd711

SHA256
eb4dfc26900e5a94c0cc6268207b104b22a272b59e4c1e6bdae8ba86e005f384

SHA512
0c8793b067393f07b0272ed06f962f6767f0092b712c8e2445baa00b435866cfd56a6939e53a26cc11a1327678faafe310b72b1b1206fe8cad798e1f6d5d0606

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
541cf2d4faff6851d3b7c720cef3c430

SHA1
c7adc24afa2914fc71dcc0d73e3a399de75717f3

SHA256
d31432cc10c0c9988d21aaa5070f43b52c1fbb7519cac443f6003bf4e948b911

SHA512
1bd6bffeb67b05b3a082e41893896ebae2299c12fdf8d60eec53cd6e87e1674455f5bfc2d43b324891836e288df69d9b42a8f101d58ce63949b869659bf5f174

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
060c4775a64fe39b75700787565d99a7

SHA1
b6ede22cd9ec93b4b76028abaa4427d127abec32

SHA256
a0d67e0ce947832267acd2227dc37cb7ba8f6eb1e317f0418ceda2de0af90dc4

SHA512
f45c0f7bc42bb06a7e0ab12da4c531cc999113f7e2e8d8a1506bb6e582192f8486fda351adc1af12476cf48c13f7ac5fa95fa14aa667653042eba8bf06a4815a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
3269ddaeee63a0dbfdbdb2a759a10fe8

SHA1
865776923062fa52f270e0fef5bbe10e2650c5f4

SHA256
d92d95b727c2548c45a2d3a9acd84dfc61c26dd503fb7ed7bf6ef8907d2da56c

SHA512
7d199e51ba3ef08c4239c2610aa40c391ae83b8b249acf67502f08762670071275b3ea06c6f5b801a9fbf44f22812d62e319e694d5669661878cb826016f2631

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
b65baedb39d359374d1529a32c235691

SHA1
4d36fb38f786d358d8729689ed893e840bbb4976

SHA256
f42716be8b54739ab47f35a1d4e8bedf3363d7e7f628df687609c36689eb5cf6

SHA512
d7e42a706f9a2ab490bef7ecdcbec42b2e4cd8832f38671f09e12a2e4160b4a1006ef492c8b4e70f8594425f9bd3dd1f14a81af9657e0fa04c0845ec325e6756

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit