hxxps://linksly[.]co/Survey100

Analysis

max time kernel
150s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
09/10/2023, 17:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://linksly.co/Survey100

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133413476300515254"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2472	chrome.exe
2472	chrome.exe
2064	chrome.exe
2064	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe
Token: SeShutdownPrivilege	2472	chrome.exe
Token: SeCreatePagefilePrivilege	2472	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe
2472	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2472 wrote to memory of 788	2472	chrome.exe	82
PID 2472 wrote to memory of 788	2472	chrome.exe	82
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 2316	2472	chrome.exe	85
PID 2472 wrote to memory of 3564	2472	chrome.exe	87
PID 2472 wrote to memory of 3564	2472	chrome.exe	87
PID 2472 wrote to memory of 3376	2472	chrome.exe	86
PID 2472 wrote to memory of 3376	2472	chrome.exe	86
PID 2472 wrote to memory of 3376	2472	chrome.exe	86
PID 2472 wrote to memory of 3376	2472	chrome.exe	86
PID 2472 wrote to memory of 3376	2472	chrome.exe	86
PID 2472 wrote to memory of 3376	2472	chrome.exe	86
PID 2472 wrote to memory of 3376	2472	chrome.exe	86
PID 2472 wrote to memory of 3376	2472	chrome.exe	86
PID 2472 wrote to memory of 3376	2472	chrome.exe	86
PID 2472 wrote to memory of 3376	2472	chrome.exe	86
PID 2472 wrote to memory of 3376	2472	chrome.exe	86
PID 2472 wrote to memory of 3376	2472	chrome.exe	86
PID 2472 wrote to memory of 3376	2472	chrome.exe	86
PID 2472 wrote to memory of 3376	2472	chrome.exe	86
PID 2472 wrote to memory of 3376	2472	chrome.exe	86
PID 2472 wrote to memory of 3376	2472	chrome.exe	86
PID 2472 wrote to memory of 3376	2472	chrome.exe	86
PID 2472 wrote to memory of 3376	2472	chrome.exe	86
PID 2472 wrote to memory of 3376	2472	chrome.exe	86
PID 2472 wrote to memory of 3376	2472	chrome.exe	86
PID 2472 wrote to memory of 3376	2472	chrome.exe	86
PID 2472 wrote to memory of 3376	2472	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://linksly.co/Survey100
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff78979758,0x7fff78979768,0x7fff78979778
  2⤵
  PID:788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1772 --field-trial-handle=1900,i,7416847203046958779,6440245072038767576,131072 /prefetch:2
  2⤵
  PID:2316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2232 --field-trial-handle=1900,i,7416847203046958779,6440245072038767576,131072 /prefetch:8
  2⤵
  PID:3376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=1900,i,7416847203046958779,6440245072038767576,131072 /prefetch:8
  2⤵
  PID:3564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3244 --field-trial-handle=1900,i,7416847203046958779,6440245072038767576,131072 /prefetch:1
  2⤵
  PID:4728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3224 --field-trial-handle=1900,i,7416847203046958779,6440245072038767576,131072 /prefetch:1
  2⤵
  PID:2796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5080 --field-trial-handle=1900,i,7416847203046958779,6440245072038767576,131072 /prefetch:8
  2⤵
  PID:208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=5196 --field-trial-handle=1900,i,7416847203046958779,6440245072038767576,131072 /prefetch:1
  2⤵
  PID:5040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3452 --field-trial-handle=1900,i,7416847203046958779,6440245072038767576,131072 /prefetch:8
  2⤵
  PID:5044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=2308 --field-trial-handle=1900,i,7416847203046958779,6440245072038767576,131072 /prefetch:1
  2⤵
  PID:4332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2452 --field-trial-handle=1900,i,7416847203046958779,6440245072038767576,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2064

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4516

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
330B

MD5
dd904d5d2fa9b61079a7da5671bf9c7b

SHA1
183802bf8b5cb20374c1031b7a3fb9eb4e202e00

SHA256
93ecb813c730d9d037d71dc0de830537931fd4b4adba6bd25095afa266928e9f

SHA512
65c8150c6eddbf1cad0b2413f8ef36c52f14c0d79830f459ece5edcee18a6c59ed8b3b2eb7bb59a6fcefd57e17fb4d705cd4e8ac3eb8efc98b845b1b4fbb8c7d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
816B

MD5
9a9aa5628dca8eb4c8e0bc5fe721da0b

SHA1
ba6794057aca4a6d90c4c3cf78f82e14248a75f8

SHA256
dc0707347c6a4a22ba06aac39890489dd476b7760a0070e890dbf9574112f6d6

SHA512
8db825df767c819bce0813302c3f7ad285fc31f18e6398fb0a2788562108e5a43ed208a543d0c7e2dbfe3205ce801bbadd4f6722923e164cc7dba55b30f036bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
864B

MD5
54d92eaba6fb0aea8e970fa224a2d857

SHA1
854ce83696b2696881bf08612d4ee23500a5d90c

SHA256
f1a1fac7125771dd0f6e8aafd1d5a6e29239a8e51ea8c0e9705b2bdfb94bc30d

SHA512
a338ca164f1f7272a6d9083a3ec25c997c49f5e75d0dfaad11c5906506e05cb05447d4b6b802a912f6bb9237281fbc749a016fc3566556e13fd273ac770a9dba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
8c17a5a8839ec043d01e2218c07c806a

SHA1
067ab6805c63a1eb0a0a3cdceb85b011f365e76b

SHA256
eded5aecf4f3e2edc47c643a306551882bbf41d91f8b28861a2e7164210dd071

SHA512
58defd828f3face5c7eb80a4aa33689ed4f1440cc7d79eeb52ffa5900a8c339e334d6f429f7fdce1028871962a775d85abf2ddb513e41b830d2eef6969530c4b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
b1b5b83d145f783e50aa43845db39627

SHA1
90210c1facee8355dd9b304015f783cd5b8071c9

SHA256
3e0e33e33be8cbf6e454d0a826752df53f84d37e12436849e832f9cd9caa1203

SHA512
089e79d83a92bde0f01532020d326ff33f3ba46230a84e9db7061acdeec7888e3d0cf27bf726fe75ac2ae8c26c08c08d1a66b0894b5e6793221cb1bf380eaa66

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
47ace23e5fa4e422a05d3d30c20f2346

SHA1
1ca76826ad8309ddd5f97ab54c1db1503e173ca9

SHA256
dd2b10e4c19bee68fd6d68c7daddb6716405406dd65ab51a5888b1d619f38843

SHA512
f2221603f53d174aa1e96ad4ec55eb476185741502f1408e74e0a5e2aae448c41322d460d3d3647c539a04cbb94ee3da07e02298786c8fad05f361f61adfc5a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
06cb0589538a8a38a99a6a85e85b2622

SHA1
f92cf70607004d57adffaa8de5e9bdc14e6420c7

SHA256
42f34c5598738cca48ce095afbc6f4d809e7431b551375d7e89c73cb2d0da70a

SHA512
5ca66e1886e76a56968f3033ddf2959883608c9ce6e1b7d2bb095e0f12b1bbaecb4cf77824987f7e548d1f36b92cee2893b723a57ed1a8f4219250a0625682d5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
820f04ff870776f615b562408dd1e002

SHA1
190ec66bc497d94fbea7fc0b38f93af415179fab

SHA256
b48197e57960dcf755e88c31ff7d2d1a0229b5b491b2be3057b1102ba62b8c49

SHA512
4df204692b0b2b71bac2a098b2d656a45b13a50b710845ad570c8e757dbe97ccf0d29470d69f2bfacde2680e50929389d17e3354060f4de59dd4edd404f088cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
4054f7370ad7494c6b10ca1177b07b1e

SHA1
dcebbeeaae108ca5ff2d3956bed42299dad924f0

SHA256
8ecae0e0db4a246ab0503db200ab9ce29e1c249d666f89cbda6e24d74b17d6e7

SHA512
748b949c7c824d27abc071a696a7a0a485799696b937df3be224c8af14e1156eaf9e960b70dd3cb98f2c1f144baee63c08f5e0a8423fda94385eb267ee0c187d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
64f64f925c85f9625502d40eddabe474

SHA1
4e3dfc40118609460e998266daf7efeb1cf5bba7

SHA256
14b56ad0bc62db3e3a94e4ea8475961a09a87304ff1af7f75c987434b711e7ec

SHA512
94af0388353d00d8e082175e4c314f58720f1427f27e907ab43e481e3ea61ec219ef8ff760a21d2ac3ba6fbbad25dbd5d9d4e927d3e4dfee3b3f726754287eda

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
b9bb7eb25d4988bbfdc47902bd4a0129

SHA1
71f32f0c2e9fdbce39e82d0c2510f93869e53356

SHA256
99135f5a7d89bd9a9b253ea5c89b61275b3569a468f6d46129b8ac702a8b4fce

SHA512
758d56b023e5afa092ef681ed7eee88f46437c5719145636597a2cec43c0e2c82f26014e5d977038bb7ea44be131accdb1d7b87d452cc6e2a600aab9ab71599e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
ec4eeeba14fe9be28303c03a51b641bf

SHA1
c86464cf9fc76c9a97962715c4475db865bd8f59

SHA256
b169be63aac13047137b998d798b7a143ac9a8ff4c10ca7c6319fc6a16cc0e59

SHA512
7234b6a900caec5cac010417e1077d996ec3f2b936a7a75c526949f375329fd1889ecbd0d629421856140dfebba1da417df7dfb288cae4f97dea521fdb5976bd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5992b1.TMP

Filesize
48B

MD5
9efd1ffcbc151a284fffdf2882d841d5

SHA1
8574344f1539b30f0e52866bcddc947bcda666e8

SHA256
c6e79328101e8fcdffe8705f0246eb2f71a312b33d937885a4363ac2d2eea51e

SHA512
7eb4f11a8779195f7d40e6195637336e520a3c163742e7a54f9bd6554f8797cdc118ea8d1513a17d1d3b9bec7eeb693fde56b619c9fe46590528e76b76b03f2d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
bfba797cb8803fe82330cd9c13d49978

SHA1
c39ff0c90bfdd35962ff7766772279a878a35cc8

SHA256
260a716fbb7280e0f87fa5b5a6012d689d8e233b8fd988152bbb56b8c5e9bdcf

SHA512
093fc39a4773b59e7d8f38507b998fa2296f1e82b09c41efeb4d1297fbb2dbe59b7b4de4471cedeb2264bbe0a2726c0df9b8f98879dca2ed5176dc9a0892220e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit