6c6eb325ec7d74f94a7467daa10cb86943cf267a2c58065bc306b6cd8ec3dc8c

Analysis

max time kernel
119s
max time network
120s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
18/09/2023, 17:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

floor-plans.html
Size

64KB
MD5

7510f578327e1024b3e8a1372f64fe97
SHA1

a924ce66d16cb0873916ded1833d4ce8f5c2f2b3
SHA256

6c6eb325ec7d74f94a7467daa10cb86943cf267a2c58065bc306b6cd8ec3dc8c
SHA512

905c9492404d6eb5502655518f4258c06347cc218714b4d7230f8fd762a7acdf64b3a3a9dd6a12f7376f9bbdfc7d17abc09d3e8d1700a60ec43ed9f95c15c595
SSDEEP

1536:hDmTsMHel3/nbq9oN8c9caER+sC25wjZh8:hDmTsMHSTq9Hc9caER+sC25wjZh8

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133395308474292385"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4064	chrome.exe
4064	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4064 wrote to memory of 1700	4064	chrome.exe	27
PID 4064 wrote to memory of 1700	4064	chrome.exe	27
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 1116	4064	chrome.exe	89
PID 4064 wrote to memory of 844	4064	chrome.exe	90
PID 4064 wrote to memory of 844	4064	chrome.exe	90
PID 4064 wrote to memory of 2864	4064	chrome.exe	91
PID 4064 wrote to memory of 2864	4064	chrome.exe	91
PID 4064 wrote to memory of 2864	4064	chrome.exe	91
PID 4064 wrote to memory of 2864	4064	chrome.exe	91
PID 4064 wrote to memory of 2864	4064	chrome.exe	91
PID 4064 wrote to memory of 2864	4064	chrome.exe	91
PID 4064 wrote to memory of 2864	4064	chrome.exe	91
PID 4064 wrote to memory of 2864	4064	chrome.exe	91
PID 4064 wrote to memory of 2864	4064	chrome.exe	91
PID 4064 wrote to memory of 2864	4064	chrome.exe	91
PID 4064 wrote to memory of 2864	4064	chrome.exe	91
PID 4064 wrote to memory of 2864	4064	chrome.exe	91
PID 4064 wrote to memory of 2864	4064	chrome.exe	91
PID 4064 wrote to memory of 2864	4064	chrome.exe	91
PID 4064 wrote to memory of 2864	4064	chrome.exe	91
PID 4064 wrote to memory of 2864	4064	chrome.exe	91
PID 4064 wrote to memory of 2864	4064	chrome.exe	91
PID 4064 wrote to memory of 2864	4064	chrome.exe	91
PID 4064 wrote to memory of 2864	4064	chrome.exe	91
PID 4064 wrote to memory of 2864	4064	chrome.exe	91
PID 4064 wrote to memory of 2864	4064	chrome.exe	91
PID 4064 wrote to memory of 2864	4064	chrome.exe	91

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\floor-plans.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa63f89758,0x7ffa63f89768,0x7ffa63f89778
  2⤵
  PID:1700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1636 --field-trial-handle=1880,i,12721263079051742410,361742943053573837,131072 /prefetch:2
  2⤵
  PID:1116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2116 --field-trial-handle=1880,i,12721263079051742410,361742943053573837,131072 /prefetch:8
  2⤵
  PID:844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2236 --field-trial-handle=1880,i,12721263079051742410,361742943053573837,131072 /prefetch:8
  2⤵
  PID:2864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2988 --field-trial-handle=1880,i,12721263079051742410,361742943053573837,131072 /prefetch:1
  2⤵
  PID:3612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2980 --field-trial-handle=1880,i,12721263079051742410,361742943053573837,131072 /prefetch:1
  2⤵
  PID:4696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4748 --field-trial-handle=1880,i,12721263079051742410,361742943053573837,131072 /prefetch:1
  2⤵
  PID:5104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4884 --field-trial-handle=1880,i,12721263079051742410,361742943053573837,131072 /prefetch:1
  2⤵
  PID:1604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=1988 --field-trial-handle=1880,i,12721263079051742410,361742943053573837,131072 /prefetch:1
  2⤵
  PID:4388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5792 --field-trial-handle=1880,i,12721263079051742410,361742943053573837,131072 /prefetch:8
  2⤵
  PID:1144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6024 --field-trial-handle=1880,i,12721263079051742410,361742943053573837,131072 /prefetch:8
  2⤵
  PID:4884

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1596

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
25f5898c39ddb1ef8cb43c36cb096cc5

SHA1
587af464a14bd0caecdbbaf0759d339445223741

SHA256
edf5a551b84ca2ccf02c36e44225bf3730af00d53632ba51c9727f6e367d556c

SHA512
765c900fcd68d941d1554094baaf1deca80e008e2ac4582351ab2734d8656fdaa62ce71bd13f6abf0f66402bbca9fb85c72672f9718222b1ebffe916decfb745

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
55fbe1cc64107e9031dea3991accea2b

SHA1
963acfe9efa6e7c2ce7a19f675b1b11a39737320

SHA256
90146a4193dee8fa31a115a0d3eae6b7c4bb3c91d4de427d86742e29e3e2f868

SHA512
998d0ae7f1ecac2e57328f694d6b9eb8a0ce3694f74bb9f921f59a5127b6cefb38ad1deef34beda41f1e340e2bb698a4eb1b440817c173dbaee8c5a60e2ce474

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
07bdefe557eaa75411cca75257c1e2f4

SHA1
bd33e5e922441595c46c595b60942f37d65c46d2

SHA256
24eb374633605c7e1765c9995cc2d79a4280c1255f95a2ac28ade0fd99f14168

SHA512
4ae5ce093caed48d9bcbda05e839f70922bd20818419835a7f89a01435d7c0b6a5628d417019d8264fe56daf45297374fabbeb4c45e8aa8a88c410873380d46e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
22ad7ca089dc19bb18a7ef598d06adaf

SHA1
9fa66d0b9c84eba078c2636448b4304344db1873

SHA256
c11c99f922d424aa4e30aa877c35a1c63fd50c27969cc9360ea61c899fe5023d

SHA512
3f9259448728b8b80bf02941d25bad4e75232ad3302a435970071e0b0be9ea4d8daee962bbbacc87e0ddd6985bdac75ab4c02fd3132fb977e59ec4c998f4b581

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
20c84a2bc8969d11cfae11198e43307d

SHA1
6d74e1efde365bbef798f16ff2d5419ec182def4

SHA256
3115a8d2d317364f227370c8b350b3b23869915085558408eb3747fda7f8bb7d

SHA512
1f28cf552edd47fa9248723892bf3296379c4670a034c2237c0a9021507af382d92c292d697bab158458fc4668549bbd1d33cf550c036ec1713017e1a3650da6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
bb6997f065aa40d3e571d8872874f1e1

SHA1
85ba2b117f53bff20a01bc5d7d07b76e405a67ed

SHA256
ada8f8abf3d0cd60061ca769e4fa38407e934ec5f112fbfb3aea4e499d137882

SHA512
aef7464f630d4baf8c424617459dda9efdf3a43251663316d0a3eea363b47aaf0099054bfa377d1bd02bc9c9999eb40c9ade83a54780b1939b69fa2138402380

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
45ae04ffcef6c0942a9ddfc50b673944

SHA1
bf6d57ee507acb09be4d2c80f9d0090b85ad708c

SHA256
a51cf1c8f48567db4730ba0c881203adcd56c4e3b20b7f679ed67a85134bd0a3

SHA512
faa22bb5a8679d1916d6cd5148507e295bdc3bfdc97f85b2cbd613186f0c05359c815a39b0470b8867bdbe95ed9ca918faad20c25f179a4a6debfdc475f29338

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
f4e8cf77890c6a5cdcaf9b0d45c15140

SHA1
9b5f8ec8d8e304efbe37b6f889dde83a09e8b1a4

SHA256
e7d062c7c68daf22c8b9e48785c48d8460eec76f9f1d7b78f4f97689f519d8e5

SHA512
ef09362cebd4aad892aeb67e723beb25144256e169aabe354e9375d971966baf832aa4121f353bd963325bf2d4f5f28813f7e06ea2920c76895b9222ef4bc9cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
102KB

MD5
d5adfcd841a20e8901a6d6c6cc7c0486

SHA1
e6c19e002ab03bfc484314249462b116bdccb1b0

SHA256
a3281882ab6799b81c3d2c0a266771a43eeb34913386f9fb2f56498f9353367b

SHA512
6a6c312f75262a7083aeb760d8f0c0153575fd0fc10b47bc8cfb7cc4aa3652cb3c09bb118aea83bff6bea5a61d350792c2e995f4856a937851bda7257aa64661

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit