hxxps://app[.]box[.]com/s/p0hot1cqv8ex57s71njvrkbn0upcrnhl

Analysis

max time kernel
83s
max time network
87s
platform
windows10-2004_x64
resource
win10v2004-20231023-en
resource tags

arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
submitted
15/11/2023, 19:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://app.box.com/s/p0hot1cqv8ex57s71njvrkbn0upcrnhl

Score

5^/10

microsoft phishing

Malware Config

Signatures

Detected potential entity reuse from brand microsoft.
phishing microsoft

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133445517083385374"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1444	chrome.exe
1444	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe
Token: SeShutdownPrivilege	1444	chrome.exe
Token: SeCreatePagefilePrivilege	1444	chrome.exe

Suspicious use of FindShellTrayWindow 28 IoCs

pid	Process
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe

Suspicious use of SendNotifyMessage 26 IoCs

pid	Process
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe
1444	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1444 wrote to memory of 2012	1444	chrome.exe	86
PID 1444 wrote to memory of 2012	1444	chrome.exe	86
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4228	1444	chrome.exe	89
PID 1444 wrote to memory of 4048	1444	chrome.exe	90
PID 1444 wrote to memory of 4048	1444	chrome.exe	90
PID 1444 wrote to memory of 2784	1444	chrome.exe	91
PID 1444 wrote to memory of 2784	1444	chrome.exe	91
PID 1444 wrote to memory of 2784	1444	chrome.exe	91
PID 1444 wrote to memory of 2784	1444	chrome.exe	91
PID 1444 wrote to memory of 2784	1444	chrome.exe	91
PID 1444 wrote to memory of 2784	1444	chrome.exe	91
PID 1444 wrote to memory of 2784	1444	chrome.exe	91
PID 1444 wrote to memory of 2784	1444	chrome.exe	91
PID 1444 wrote to memory of 2784	1444	chrome.exe	91
PID 1444 wrote to memory of 2784	1444	chrome.exe	91
PID 1444 wrote to memory of 2784	1444	chrome.exe	91
PID 1444 wrote to memory of 2784	1444	chrome.exe	91
PID 1444 wrote to memory of 2784	1444	chrome.exe	91
PID 1444 wrote to memory of 2784	1444	chrome.exe	91
PID 1444 wrote to memory of 2784	1444	chrome.exe	91
PID 1444 wrote to memory of 2784	1444	chrome.exe	91
PID 1444 wrote to memory of 2784	1444	chrome.exe	91
PID 1444 wrote to memory of 2784	1444	chrome.exe	91
PID 1444 wrote to memory of 2784	1444	chrome.exe	91
PID 1444 wrote to memory of 2784	1444	chrome.exe	91
PID 1444 wrote to memory of 2784	1444	chrome.exe	91
PID 1444 wrote to memory of 2784	1444	chrome.exe	91

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://app.box.com/s/p0hot1cqv8ex57s71njvrkbn0upcrnhl
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffa42a9758,0x7fffa42a9768,0x7fffa42a9778
  2⤵
  PID:2012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1720 --field-trial-handle=1876,i,8282035137557302375,16694062289480354458,131072 /prefetch:2
  2⤵
  PID:4228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=1876,i,8282035137557302375,16694062289480354458,131072 /prefetch:8
  2⤵
  PID:4048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2200 --field-trial-handle=1876,i,8282035137557302375,16694062289480354458,131072 /prefetch:8
  2⤵
  PID:2784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3140 --field-trial-handle=1876,i,8282035137557302375,16694062289480354458,131072 /prefetch:1
  2⤵
  PID:4452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3192 --field-trial-handle=1876,i,8282035137557302375,16694062289480354458,131072 /prefetch:1
  2⤵
  PID:3828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5396 --field-trial-handle=1876,i,8282035137557302375,16694062289480354458,131072 /prefetch:8
  2⤵
  PID:3836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4756 --field-trial-handle=1876,i,8282035137557302375,16694062289480354458,131072 /prefetch:8
  2⤵
  PID:3500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5116 --field-trial-handle=1876,i,8282035137557302375,16694062289480354458,131072 /prefetch:8
  2⤵
  PID:3888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5364 --field-trial-handle=1876,i,8282035137557302375,16694062289480354458,131072 /prefetch:1
  2⤵
  PID:2432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4928 --field-trial-handle=1876,i,8282035137557302375,16694062289480354458,131072 /prefetch:1
  2⤵
  PID:2196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=824 --field-trial-handle=1876,i,8282035137557302375,16694062289480354458,131072 /prefetch:8
  2⤵
  PID:1732

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4528

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
6e0606716dfa42abcccd0add6839556b

SHA1
0ba6c37261a8fa53911df158c63e586a2fa63d61

SHA256
30c7d50b2a869bbf565e5ef02dda316b78f6a12f4a021e2c6f16dc07e78a5f36

SHA512
4d9603c058922f57d0afe9918ed57d87746a3c19eb811342dc0b0bb55390b5108dde4a6dc41a48cb4c828ca9fba8b61d8c5eb1b3afdb59629c5b31c54d0ff556

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
ff8212886a0ac10e3f725dcb539e696b

SHA1
d41879dab41df746dbaed2d15604bdafe3b9aa9e

SHA256
3f35114e33def250b081c28b484d4ca1d20ddf8d94e6219a17db8f7f802283f1

SHA512
e66a60409fac9ed8ec828d8a420de3d89dbe08825f6ed976e27a48c541fca96f1fd35bb0172089389d8fd37c1d90f39de9a76b432d46da2bee768622c402101d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
7c3570c7f64649ea007e9af9e983c316

SHA1
f8cb20319d01493b97906eac911180583e01fcc9

SHA256
d3147f567b908b80c8e630f3e9ceba8394c9c0140684ce68e1a236b82183cc98

SHA512
25cccd23a01b3d2c4ffaf8c51b58adedd96c157bf14198c20eaaf438b960866f46a550c9f220df0c20674679ccd75317b5fa0ee2665b5846e1465363ad247344

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
875B

MD5
a41cc82bfd3a48c75d0b4a20f98152d5

SHA1
3b792c77d9d241e46db778081bf349da2f77a791

SHA256
e72ca16e92f91a4ff6b8a980850ecb4ae2a4e1960bdb2842b3e61310b2cc9661

SHA512
bd38b3a0d1c96fd06e10a10ea4e4b3479922589743b51172af54d9f7f9050d59773ded8869e33e53cac5b227e40dab0406db03b532e18aa0f1ce71b3f532f243

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
eb4398b0dcf5a95d6d4a43a929cb62da

SHA1
ba792edfb426e5ec3982edcfe97009e4d4128681

SHA256
c7b7b5bc9f98ddfa750c000050e6edcaaccff57bd2773f72d822bc46a6f78d1e

SHA512
ad4088508130d482cf4fc534e61e486bdb37a8613021041a1a2abc63bde918dca319c9da3d6aab8f5818c9f44f24073230bc0b13d4dcbc864b3c43de397d9c83

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
70799a8ed2c5b999a482ec3e67d7f07d

SHA1
a47c39c9e6dc7fec6ce01201b0fff6d5c2209a93

SHA256
2d1bea8b35b1ca54cc226a2fe7bc351bb3b6a9395f9fa8f30101f7af188c26a7

SHA512
62677d8fe61cf606c27a7547d752eec09417d9e03d12e45528d469e555de99f2656b676d41f0367f6399b3af5c2200e5746739449c108d780da832dfcfa8fce4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
292bbd21cd43e194a7fb891d4d467765

SHA1
3cf688a3814c15cbf0076d4be83caad145f168dd

SHA256
a7b4613298e9ffc4005d25cd70fcc8e2f039332ce1eafc313d01cc9b0a0f5de7

SHA512
a8bd8d57080039bbda58d3f165a251f9b2d8208c4ae5d301ad1800dabe6f2596b24c2215111ea09dd935bc9106ebe7fb4da1c09110eb2745be0478775355da2e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
2b0e85eaf2be704cd9678ba8d65c75d4

SHA1
a4c7153b29c99f3bfda0f1b53b7a817886ec2688

SHA256
175a716af99ffa2ee3c53149d851b07f33fcb64889478eb16efd3456593b2aea

SHA512
dd314b08a0d73d1f56cf2511f9725805ee171fe225c9bc7b0c3e230c50faf8d42f013c3808af99c6eaa29134477385e288bda2b327c4726805cc9d4bd00cb3c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
46e10804ef65cc4d125090bf7380d742

SHA1
0f2c89dfa2a271238934d5d08c17c65e79df688e

SHA256
21f21a1761db15e75bb01ca82a65c08af60f1972d416ad9d6f6f08ec096282f2

SHA512
4773c32b689e81a08b11e314944f719aea0469ab9958aa911c8ab4f1d18deeb1b13b7cb9cdc595731773371a7cd491220af3573f7dc0c6e67efa93486efc5f4d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
0315efda6a908003a0484eef428954d4

SHA1
4c2010169f996a681035563646bad18e9b4c5d58

SHA256
05afdb6cf21a5fb456a89302a6176b9a4dfac2dd40b30b2af2110fd89415cb1b

SHA512
9f760699f494bfe860f7b6c10a755f144a886ed276f6d2ffb4fa32dda559f60935f7dccc175c19b6bf222a79d3ba3549f0f6230a8da9ca6a7768e254eec1edf0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
fb4d859a23a8bd11c37394a5be74bd15

SHA1
511921907d62b08ed9d2a7155b04ae0566dcf4f2

SHA256
5fee511950b06584a5343d7ca45a6fd31c2867986c7e4a5cf1f6840cd8920e03

SHA512
7e874a08d5c4756cd8a333a7387c58f8935e2fda76aa883284ed629d6ff05f3dfad6ddb7c80d089e7a622b45a08d659a69679eda5aa60ba91b5c6925f459cd17

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
109KB

MD5
09947619d20dc9a9a711b23991dda5d2

SHA1
b68c7b179343809dd8c116d56d355ef8a0a7bf38

SHA256
b878afac8d8814b2505793f64f9777a50dab1d2c5128f3721245cb1991f20780

SHA512
a1e70cbe31c0eeeb335742223d66530e46cb69e0e7a027547126850af23ecb5528f79e86181614604e0a5f4cc40990ea28d4820cb5f33052e1d29a98ab42936e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
109KB

MD5
8574c7fe2867cfe09ebfc05ba617dc5e

SHA1
6969ed3e8ee406a6533768367c7f8d9c1e3ce0d1

SHA256
0d6c6d5407d38e3544eafb80eae9f37f04a1e16a3ef56cf6485adacd5b38b792

SHA512
842cc0523ab3894240306a90a9d68572c7a37b8d3a5bd0785b28b2727ff2f3470c78bdf843ceb84174e4908a4a5f12c431db84d367d0533d264a96a55490e588

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
103KB

MD5
e55783a97c85764cf340e729003a60a6

SHA1
14f0fda91b04ee97423e43dc61c14354c8db41b6

SHA256
08ae54e118e1708630abb6920d1dfd206bfcd854b74e09474714456df6de94ba

SHA512
838afd55868c81519933f36f52eb563bc316fb8ebab5cef417da5d4dfa57e83bf0ee2b36c6222608ad86836861c1fd01b95751fb915567d618e93518c2d78eed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
101KB

MD5
f45c35429885b303f8bd3e9358d8fdbe

SHA1
a54e9c66538f13bf9b2b52aeb5e4be4764e01c7a

SHA256
596feebf5e1edd228f7fba51594e274270d9535d4e36fb453b508f9cc0555845

SHA512
69f71ca98cfbc6507198938b0c03050717af0ec79880d756a8b53e8f07b19a706fd09960d973402fc584074684105f7643fde5552d0cd524930fd73bd48ee1cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
104KB

MD5
d2f6e014882eb4b7c787fa8025b2d4ab

SHA1
312a583f29b38c69b56d7f3b70fdc7a0368066de

SHA256
0bd772637018b12dd3dcf91c90792066c8a359cc5ebe5d136ad3f09e9b182ab8

SHA512
2281005ea13e93efb85d07c2e8369a59f533681ea864c4df6554d99c64bb4f73904dfb08626f65c1b7bd73057c4c8b86bdb7d72d313d9aa7e2f5456d572f6b25

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit