hxxp://Onesettings-db[.]com

Resubmissions

30/09/2023, 15:14

230930-smfa6sdd61 1

30/09/2023, 15:14

30/09/2023, 15:07

30/09/2023, 14:56

30/09/2023, 14:55

Analysis

max time kernel
870s
max time network
855s
platform
windows10-2004_x64
resource
win10v2004-20230915-es
resource tags

arch:x64arch:x86image:win10v2004-20230915-eslocale:es-esos:windows10-2004-x64systemwindows
submitted
30/09/2023, 15:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://Onesettings-db.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133405604769573958"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3716	chrome.exe
3716	chrome.exe
4872	chrome.exe
4872	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe
Token: SeShutdownPrivilege	3716	chrome.exe
Token: SeCreatePagefilePrivilege	3716	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe
3716	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3716 wrote to memory of 4620	3716	chrome.exe	85
PID 3716 wrote to memory of 4620	3716	chrome.exe	85
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2812	3716	chrome.exe	88
PID 3716 wrote to memory of 2764	3716	chrome.exe	89
PID 3716 wrote to memory of 2764	3716	chrome.exe	89
PID 3716 wrote to memory of 4524	3716	chrome.exe	90
PID 3716 wrote to memory of 4524	3716	chrome.exe	90
PID 3716 wrote to memory of 4524	3716	chrome.exe	90
PID 3716 wrote to memory of 4524	3716	chrome.exe	90
PID 3716 wrote to memory of 4524	3716	chrome.exe	90
PID 3716 wrote to memory of 4524	3716	chrome.exe	90
PID 3716 wrote to memory of 4524	3716	chrome.exe	90
PID 3716 wrote to memory of 4524	3716	chrome.exe	90
PID 3716 wrote to memory of 4524	3716	chrome.exe	90
PID 3716 wrote to memory of 4524	3716	chrome.exe	90
PID 3716 wrote to memory of 4524	3716	chrome.exe	90
PID 3716 wrote to memory of 4524	3716	chrome.exe	90
PID 3716 wrote to memory of 4524	3716	chrome.exe	90
PID 3716 wrote to memory of 4524	3716	chrome.exe	90
PID 3716 wrote to memory of 4524	3716	chrome.exe	90
PID 3716 wrote to memory of 4524	3716	chrome.exe	90
PID 3716 wrote to memory of 4524	3716	chrome.exe	90
PID 3716 wrote to memory of 4524	3716	chrome.exe	90
PID 3716 wrote to memory of 4524	3716	chrome.exe	90
PID 3716 wrote to memory of 4524	3716	chrome.exe	90
PID 3716 wrote to memory of 4524	3716	chrome.exe	90
PID 3716 wrote to memory of 4524	3716	chrome.exe	90

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://Onesettings-db.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff876949758,0x7ff876949768,0x7ff876949778
  2⤵
  PID:4620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1732 --field-trial-handle=1876,i,207325906637499912,17143474344478876872,131072 /prefetch:2
  2⤵
  PID:2812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1876,i,207325906637499912,17143474344478876872,131072 /prefetch:8
  2⤵
  PID:2764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2232 --field-trial-handle=1876,i,207325906637499912,17143474344478876872,131072 /prefetch:8
  2⤵
  PID:4524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2884 --field-trial-handle=1876,i,207325906637499912,17143474344478876872,131072 /prefetch:1
  2⤵
  PID:4656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2876 --field-trial-handle=1876,i,207325906637499912,17143474344478876872,131072 /prefetch:1
  2⤵
  PID:1800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3992 --field-trial-handle=1876,i,207325906637499912,17143474344478876872,131072 /prefetch:1
  2⤵
  PID:3212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3968 --field-trial-handle=1876,i,207325906637499912,17143474344478876872,131072 /prefetch:1
  2⤵
  PID:3236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4768 --field-trial-handle=1876,i,207325906637499912,17143474344478876872,131072 /prefetch:8
  2⤵
  PID:3168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4032 --field-trial-handle=1876,i,207325906637499912,17143474344478876872,131072 /prefetch:8
  2⤵
  PID:4632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4072 --field-trial-handle=1876,i,207325906637499912,17143474344478876872,131072 /prefetch:1
  2⤵
  PID:4368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2332 --field-trial-handle=1876,i,207325906637499912,17143474344478876872,131072 /prefetch:1
  2⤵
  PID:1472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4144 --field-trial-handle=1876,i,207325906637499912,17143474344478876872,131072 /prefetch:1
  2⤵
  PID:3536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3996 --field-trial-handle=1876,i,207325906637499912,17143474344478876872,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=1468 --field-trial-handle=1876,i,207325906637499912,17143474344478876872,131072 /prefetch:1
  2⤵
  PID:1272

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2164

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
517538fc76f1871643610914229be3bc

SHA1
3bdb950f95b562a8bccbc19b9f899229234b111d

SHA256
fe0ac481a3fe4663d05650dcbe4765a4f38b3cdbdf574f90480af4d240dffde2

SHA512
e9aa999a8eb60d0534647dd8fed8afb977b6d397a1383ad61d497957ff24234641edec78e17f1e750f61bd8332fd7414ad75f22583519814f70da5f87ecd84b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
96eea80ed6832e7109c355a49b847db1

SHA1
49bcba588363d3b4c0e4e463669ca5cb033912bd

SHA256
eec73d4dceb6a60371ad842aad88310f5ce32ab22fb9a2a64ce150ff4052bd74

SHA512
3dc0aa1d64dbf6eb566dc77da21e6607734b5b87da6d065d9b1820ce7f554a7da364933cea31631f13cee2b3bf2340f2d3b8822955d91e1f58bd3db206df6f6b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\b4770aef-5cf9-4bb8-b60f-ecf91d6b8a34.tmp

Filesize
1KB

MD5
0bb32539aee6ff4677b5764357976bc5

SHA1
9e530c64dfef2d2681ef723404db2bed17a646ac

SHA256
b35c1224a8024ebe8695f75fc3b74f82334d1e60355e714ac033b9b33a30cb1d

SHA512
1c5d92ebbf8f60bf47b18970a3f7f67c62e25fc626664419c1438ca297dd1213174db909f959db1e20abd571503b2d5b435cf69707f5230406e3f50aba433b34

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
8f6680115fb14f460502d0338481955a

SHA1
7c174b233b54d2d9d486cf5e57fcd1b3d1e13eba

SHA256
1cc006f02f31122ea0614d23ad9d8aa6770eccdcb19ed887517b24902b3d3420

SHA512
edbff86aa908d0a534aa0afa83a6434226ef2f8dd8a872f58a19e99b1b8d4186edc4995ae4642b74b6f8473eb3fbdf97de94e394e5f75acc2480c8600b180fd9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
31c6cbfbaa943411bdc30a2ad4e162bc

SHA1
d529fb11e9f6c2e81489011d657a6565f87a6865

SHA256
10ee6f2183ed0420683cf8b92d2439927b953bf4bf9f27642e8041ca68026457

SHA512
4b19a93b7f072ee069e49be851df841c64cf60eb54b99fd66f0bd44b8212f0b6dc2bf735832997c01582c35bb359fa45ac9aa80fcefc62d10531cf9bc5fbacbf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
0507a4353b32bce69fc9db0b34eec2f2

SHA1
b6cf3ebdf2b305197a7d0767773df738b186c5f8

SHA256
54d23b0e001666d4dd0d2689fb42c889feec62059075196c5d5a046156dd7905

SHA512
83c468d894b17e708b84801e97ba8e9a4078020eb69951ebc65d58b6846b255202d37e1362d2fa0a683a44d426c533ee605b25af9ad8454e8381068045a327c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit