hxxps://script[.]google[.]com/macros/s/AKfycbzfy4bv_biD0wyKVlbQPx2W7soI3wR3NInB9yj2J1KNYJocFiUO2-L2I37hLVPfopF3oA/

Analysis

max time kernel
58s
max time network
64s
platform
windows10-1703_x64
resource
win10-20231023-en
resource tags

arch:x64arch:x86image:win10-20231023-enlocale:en-usos:windows10-1703-x64system
submitted
21/11/2023, 09:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://script.google.com/macros/s/AKfycbzfy4bv_biD0wyKVlbQPx2W7soI3wR3NInB9yj2J1KNYJocFiUO2-L2I37hLVPfopF3oA/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133450310676962764"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4544	chrome.exe
4544	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe
Token: SeShutdownPrivilege	4544	chrome.exe
Token: SeCreatePagefilePrivilege	4544	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4544 wrote to memory of 4324	4544	chrome.exe	71
PID 4544 wrote to memory of 4324	4544	chrome.exe	71
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 4824	4544	chrome.exe	75
PID 4544 wrote to memory of 2848	4544	chrome.exe	73
PID 4544 wrote to memory of 2848	4544	chrome.exe	73
PID 4544 wrote to memory of 1164	4544	chrome.exe	74
PID 4544 wrote to memory of 1164	4544	chrome.exe	74
PID 4544 wrote to memory of 1164	4544	chrome.exe	74
PID 4544 wrote to memory of 1164	4544	chrome.exe	74
PID 4544 wrote to memory of 1164	4544	chrome.exe	74
PID 4544 wrote to memory of 1164	4544	chrome.exe	74
PID 4544 wrote to memory of 1164	4544	chrome.exe	74
PID 4544 wrote to memory of 1164	4544	chrome.exe	74
PID 4544 wrote to memory of 1164	4544	chrome.exe	74
PID 4544 wrote to memory of 1164	4544	chrome.exe	74
PID 4544 wrote to memory of 1164	4544	chrome.exe	74
PID 4544 wrote to memory of 1164	4544	chrome.exe	74
PID 4544 wrote to memory of 1164	4544	chrome.exe	74
PID 4544 wrote to memory of 1164	4544	chrome.exe	74
PID 4544 wrote to memory of 1164	4544	chrome.exe	74
PID 4544 wrote to memory of 1164	4544	chrome.exe	74
PID 4544 wrote to memory of 1164	4544	chrome.exe	74
PID 4544 wrote to memory of 1164	4544	chrome.exe	74
PID 4544 wrote to memory of 1164	4544	chrome.exe	74
PID 4544 wrote to memory of 1164	4544	chrome.exe	74
PID 4544 wrote to memory of 1164	4544	chrome.exe	74
PID 4544 wrote to memory of 1164	4544	chrome.exe	74

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://script.google.com/macros/s/AKfycbzfy4bv_biD0wyKVlbQPx2W7soI3wR3NInB9yj2J1KNYJocFiUO2-L2I37hLVPfopF3oA/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffa36b09758,0x7ffa36b09768,0x7ffa36b09778
  2⤵
  PID:4324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1820 --field-trial-handle=1816,i,6934707207175634675,10053358830838931490,131072 /prefetch:8
  2⤵
  PID:2848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2116 --field-trial-handle=1816,i,6934707207175634675,10053358830838931490,131072 /prefetch:8
  2⤵
  PID:1164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1544 --field-trial-handle=1816,i,6934707207175634675,10053358830838931490,131072 /prefetch:2
  2⤵
  PID:4824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3024 --field-trial-handle=1816,i,6934707207175634675,10053358830838931490,131072 /prefetch:1
  2⤵
  PID:3740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3064 --field-trial-handle=1816,i,6934707207175634675,10053358830838931490,131072 /prefetch:1
  2⤵
  PID:3416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2632 --field-trial-handle=1816,i,6934707207175634675,10053358830838931490,131072 /prefetch:1
  2⤵
  PID:4420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4524 --field-trial-handle=1816,i,6934707207175634675,10053358830838931490,131072 /prefetch:8
  2⤵
  PID:5068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4388 --field-trial-handle=1816,i,6934707207175634675,10053358830838931490,131072 /prefetch:8
  2⤵
  PID:2344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4992 --field-trial-handle=1816,i,6934707207175634675,10053358830838931490,131072 /prefetch:8
  2⤵
  PID:4608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5108 --field-trial-handle=1816,i,6934707207175634675,10053358830838931490,131072 /prefetch:8
  2⤵
  PID:3884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3552 --field-trial-handle=1816,i,6934707207175634675,10053358830838931490,131072 /prefetch:8
  2⤵
  PID:320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5140 --field-trial-handle=1816,i,6934707207175634675,10053358830838931490,131072 /prefetch:8
  2⤵
  PID:4972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5408 --field-trial-handle=1816,i,6934707207175634675,10053358830838931490,131072 /prefetch:1
  2⤵
  PID:1920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5544 --field-trial-handle=1816,i,6934707207175634675,10053358830838931490,131072 /prefetch:8
  2⤵
  PID:628

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3864

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
4000eb29b255e68293dda2b175a12862

SHA1
9eab8c3a93b1c4031da49f6ea0ea01eb02f0eda0

SHA256
63c66e6f71744b0e5b15ca7f2b865671aa5e7eef61753f9c6d82fca769b658bc

SHA512
e5b7eb7736f9790b648bba92f97ded61f38ffe33db7e3c44d26deaafb6c1b092c82e6098a2e9bc1b48bf69fa67aef8120c7fdbc2a772edd67d0d0c18866eb2b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
1805315949a138385444eac8406ea0fe

SHA1
2f87545648f91b6994a76bae5710e6b83c6d9f52

SHA256
d4b44b05af829440b8c3d7a3eca3889e2fcdfea23c34c4dbd03706d7fa7371fd

SHA512
ba9f16a36b3af6576c5eb6649f500a4099e210b73afa548e1527b9933ad5e092de64bb5b4814dff9522bc9bf1fd3e0482012ab20b39a11dc95957946fdb3cf90

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
669c951152c29d54ed5e9925b9579fce

SHA1
d73495172ad3ca553a183aca18a18ac87742fb5d

SHA256
d896318f55bdc4d1ec4c761b9d6356993590e0d3784f8aa17156693229c9569a

SHA512
120e5effd1980ba1e2d2909c0ed1645e3055ddaf77a48b897ba27343f48e80b2a09532eddca0e8df56fabe4cba4bdcc8109fc1d9b4f7555f492dbc5295cbb9df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
d33b76f8bb9dd17b91934674e1728a57

SHA1
deb3d52c85f09083f6990db3ad67ff07e2132ae7

SHA256
2bdd37b22775c14562e29031637e591ef3bdcb1c5c9d3038cf3eb87453c29897

SHA512
fad9697bd267cf7781e7e4e314cfed90f0310b932739ae50e956f89191bf3e135fb53299d755bbf3a67eb10fd73911061c2ad1a339b0a023589cfc9e657e008c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
b56fc7c28ba2821ebd3e98b2ce635626

SHA1
96ced37ed965330f33a2c7b9b94f373d49047253

SHA256
85d99d88254b263bf7f45f786fda1639af494e8ab933b4e6fb9b66319c538435

SHA512
3555c83b77cf19f59431f762f234edd2475f3c03268bbd8c22e9973f815ad95cf01246ffffccad33447c3083c58adee91f17f3054407729b508210d33d3062f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
d759b36801c9f37d158401151818b045

SHA1
2c78e276f302df343f7a1bf4650d857b9559ecb1

SHA256
9ada1bae228c7307945f884bc9be6d61995088fe8186ca94e4c503ea8f7099cd

SHA512
bafc062f4dee93f10afe0410fcc63145b49c1dffd414e9e57c879e2223a3ce03642420dbc275167710d8c3c7681d88a39830eea568951469b21ce93b29cd6692

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
111KB

MD5
5a8e4afcb511eacfac39ef40344a4c6e

SHA1
f48d1151b29935f86493afbd9812aeca40ed0970

SHA256
3545c6aaea2df357d78db43d1e6b6232e7188c4b6e22f3188fd0c6139a017854

SHA512
d21ea05bac89df4636dc22d6f7b643f081b299ac5c81a2c67e78ab851156c53b4b28fc7a295622ffae329e620992c36b930f21c1da440956b677b44f3951b907

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
110KB

MD5
85ef4f14a4806e7863554a1f3bfe2836

SHA1
3005a54e3b2ca593aaeb5dac8c7317df5d15b546

SHA256
7c0fc4623afddd97af0a2749d47cf81c930f128eb2bf020ef1d82ba487581a47

SHA512
0ab3a80dc38170461fc1f059d05c6a0fbc3ae3eda5241e4d240ad657839c687399871e57854c18a90a29d946439228c07ac8f9d289f61536f953391c7112ed9c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit