hxxps://gamesnacks[.]com/

Analysis

max time kernel
1800s
max time network
1689s
platform
windows10-1703_x64
resource
win10-20231020-en
resource tags

arch:x64arch:x86image:win10-20231020-enlocale:en-usos:windows10-1703-x64system
submitted
15/11/2023, 21:23

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://gamesnacks.com/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133445600337233139"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4724	chrome.exe
4724	chrome.exe
804	chrome.exe
804	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe
Token: SeShutdownPrivilege	4724	chrome.exe
Token: SeCreatePagefilePrivilege	4724	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe
4724	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4724 wrote to memory of 4164	4724	chrome.exe	71
PID 4724 wrote to memory of 4164	4724	chrome.exe	71
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 4636	4724	chrome.exe	75
PID 4724 wrote to memory of 2176	4724	chrome.exe	73
PID 4724 wrote to memory of 2176	4724	chrome.exe	73
PID 4724 wrote to memory of 4256	4724	chrome.exe	74
PID 4724 wrote to memory of 4256	4724	chrome.exe	74
PID 4724 wrote to memory of 4256	4724	chrome.exe	74
PID 4724 wrote to memory of 4256	4724	chrome.exe	74
PID 4724 wrote to memory of 4256	4724	chrome.exe	74
PID 4724 wrote to memory of 4256	4724	chrome.exe	74
PID 4724 wrote to memory of 4256	4724	chrome.exe	74
PID 4724 wrote to memory of 4256	4724	chrome.exe	74
PID 4724 wrote to memory of 4256	4724	chrome.exe	74
PID 4724 wrote to memory of 4256	4724	chrome.exe	74
PID 4724 wrote to memory of 4256	4724	chrome.exe	74
PID 4724 wrote to memory of 4256	4724	chrome.exe	74
PID 4724 wrote to memory of 4256	4724	chrome.exe	74
PID 4724 wrote to memory of 4256	4724	chrome.exe	74
PID 4724 wrote to memory of 4256	4724	chrome.exe	74
PID 4724 wrote to memory of 4256	4724	chrome.exe	74
PID 4724 wrote to memory of 4256	4724	chrome.exe	74
PID 4724 wrote to memory of 4256	4724	chrome.exe	74
PID 4724 wrote to memory of 4256	4724	chrome.exe	74
PID 4724 wrote to memory of 4256	4724	chrome.exe	74
PID 4724 wrote to memory of 4256	4724	chrome.exe	74
PID 4724 wrote to memory of 4256	4724	chrome.exe	74

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://gamesnacks.com/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffc877f9758,0x7ffc877f9768,0x7ffc877f9778
  2⤵
  PID:4164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1800 --field-trial-handle=1876,i,10374918328093241371,37332457776911428,131072 /prefetch:8
  2⤵
  PID:2176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2100 --field-trial-handle=1876,i,10374918328093241371,37332457776911428,131072 /prefetch:8
  2⤵
  PID:4256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1624 --field-trial-handle=1876,i,10374918328093241371,37332457776911428,131072 /prefetch:2
  2⤵
  PID:4636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2996 --field-trial-handle=1876,i,10374918328093241371,37332457776911428,131072 /prefetch:1
  2⤵
  PID:396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2860 --field-trial-handle=1876,i,10374918328093241371,37332457776911428,131072 /prefetch:1
  2⤵
  PID:3460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4340 --field-trial-handle=1876,i,10374918328093241371,37332457776911428,131072 /prefetch:1
  2⤵
  PID:4652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3716 --field-trial-handle=1876,i,10374918328093241371,37332457776911428,131072 /prefetch:8
  2⤵
  PID:3976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4660 --field-trial-handle=1876,i,10374918328093241371,37332457776911428,131072 /prefetch:8
  2⤵
  PID:1800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4508 --field-trial-handle=1876,i,10374918328093241371,37332457776911428,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:804

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3688

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
0d2ff36ca37fb10e096a5808154056c9

SHA1
abc26bec138bcf9272e107b25866df641265acd4

SHA256
0623f96922ac584c76d303d927dfcc96c7061b5e90820822f6e8f1caac30c9fd

SHA512
a7e19f9e13e57878c95f389414d957b95a5e37c9f01ccee1b2bce35e85669b5f237a759987832f3654f22a7d8b062cc5f57bb221bc56f0463487d05b40943abc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
defb210a192d676ed4fc8a8b9d22b9a5

SHA1
afbc3c4285203f96797b21258236ef9e31df7f59

SHA256
56b3f65ffc8b388ea112377f3d889b076f65b4fd645c8a7dabca2746976e545c

SHA512
7b90f6535631fad4d7bc57427b851e1599baa43393bc2f55b6dd46437eeee3a70ff61413be125eb5325e67e2eafc2ab176b09ea054f2a2d270298cc30c3c3cf7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
7f2e8bd2ce9f9cb2a85050ccf7a73c9c

SHA1
c3628669514a0ecfa70956eaddf0df3133fdfc79

SHA256
f82cf0bae5bbc67d600337bf13f63809a18b9ddfa3c1a5d4129129354874f2c0

SHA512
d2c8dd391e3106139a2a08ba4b23bbcc51e67c6f147f74ad29fbf8032e3b87146cdf96a669a613dc8cf162952509fcda4a6126678f9a2b408392d3906bbfd63d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
b9985774c573d3aa9f1cf803a9c452c7

SHA1
0be9d4c49c2117c54c0eacb0fa3f2b4b1422cbd2

SHA256
7487faa43081f3f8e8f7245914d4e4dc2c61e70beb763d2cb917f9b467c2fa65

SHA512
ae63a411948dc56ce1f955b61ab98fa440cf1a18b3c1e0c3fb7e2298aa83da537dcc0f057e4f57a2b782496b7f3780d57bb853b40b0cd1d12f5c9d3439f29408

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
fab7e82a00dada53740e638deb98a23b

SHA1
f4b3ff5009d8c383bb9f414a0faacf4c18e24e68

SHA256
335ea2181e6fd928f6cd9c20097cfbf2c199396e46514ec71f4cebf87f590a82

SHA512
b0c4ccd9bd319fcfdeb7d4f7e74173084571c484a68ef68dab5c9f952c661bbb49a4ffbbd6bca5247fc061bdd1434798d7f1259470caefc1b4d019263ef5f3b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
873B

MD5
bae4627cf354fc5057f1431dcfce8c65

SHA1
7ab12c5c38a6bbb4990f4c62e2ad39625bbbc378

SHA256
2a871613542c1a81da3736f7ef45c849ca79cf02166f71295162cddce20d8db8

SHA512
aaec3987fffc644141f56f52e48cba754eae3bcc11006f39d9a089aea157b0409ebdf1ba95294f8181c21b596cd287e25e7f350b320fd1fa191bf72325d88b03

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
873B

MD5
3d1879e2620b7b7b7d8a0644b0c43825

SHA1
66f7251e5dbf1dd625db106198ca61b106c46000

SHA256
dbb33cce4af8e7eb46932ac85471d382d2f9f763bd0a683bab51d965a43ad2ad

SHA512
c92701c96271c9da6619621c2c81107c253ae32b41d20e527d1b68a45751554efb105ce05f63bd50f8103a2e5f3a0c84cf436af8a68ad4c2a1acf7334bbf890c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
873B

MD5
6a19ccfaa89ba7122f5f70fac4ec3951

SHA1
767584d4095eab0447e4f6bc1a3ac4835bb9508c

SHA256
e3e3005f22fb66ab0f5f612288ff1170c2a99b3c60d59cdc2d3e6a0294d4401a

SHA512
f7332de89ca16ef6294ba276a8947bdb53cb2acf9758c4b45f896c7944625666a7ea666f789c1102a435dfc3e4c1b86775c38738b4afec193de07a060a677bce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
873B

MD5
2b8b776d49a5d03ce3480214d1bbe1d7

SHA1
1dfc343100bf2eec395e64080a3e26b139b0d254

SHA256
f7154d144288588b5ee4d3cb70013916027de80647a643a19a6c8d0782450af4

SHA512
7752aecc1a8be337b0506994d548fd3d1e9e231512b3f93d9eb8cef11f2cc5825b64157d62cd45b2a0f42e9471b962cadb144ea96628dc6673b121a336d3ac67

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
4dbb49283e599bd35fe2766b6e54ed3e

SHA1
95187994d15997ac9ae68ebeae91cd4571c79075

SHA256
74aa4c52b3e7e4c415af8cbfd90d3a936a910bce3e3e2a239bc0f759f9383f9e

SHA512
468c53a4a7df0f2bb65163f8bf4790b7ed11589231d4792c7de476c7cbe91251cb2766d31c062f7b3d179cb4148ade8b11e00f91c7baa82724ec76018d62a853

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
e1217651af9bc4dccae84c0a4fa92e99

SHA1
7c95f79c608fe4ece846039c1afe765f712cdda6

SHA256
58bc377e8ad7e539970f8833d52fc20c13e77e3e4dc45bc1f5872f76939a531b

SHA512
7c58236d2ae52702b35a9dc2b6dafb26c2aa42aa815dce200b4ffebcef62938a1a1916c2c3b666d1ef6708d837db4e304f612e73be0358e9f90a88c10388b307

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
1965ea440b88ddf95e61fc1455aea4fc

SHA1
f7a2d51b5daacd013c8c8efe621aabd655df2dc3

SHA256
f8e55c5fc2a574f8ab049cdc6cb3d5c6437ef2a0590a7219f41af8fe26c7ddf6

SHA512
3715da38ba7ac8f143eca6fe58cf3422dfc0992b9447aeff6b7ee5e7546abfc89a30824aa57851e0a31cbb1a07c537f2b333f9a9dc662d632a16c1ed3e7bc002

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
106KB

MD5
a3fb6c36b85a99eed4ff47448c11bcf3

SHA1
925ce3a301fbc20efedb19601543b378866181c7

SHA256
b5d5aabb36cb98b5ca3c2ea60e29fd5a66fa2864ea00465e8d9b1f4bff5587af

SHA512
97f498896a98bf13bf908cc1fbfff5976c41ac85c457670279cc67ebf1b0f4e66d7a42a1dc87f9e21d55e425743cee7dce54a549d7339f7f776dc495036491bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit