hxxp://stockviva[.]com/redirect?

Analysis

max time kernel
600s
max time network
602s
platform
windows10-2004_x64
resource
win10v2004-20231023-en
resource tags

arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
submitted
22/11/2023, 23:19

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

http://stockviva.com/redirect?

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133451687980190460"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2024	chrome.exe
2024	chrome.exe
3428	chrome.exe
3428	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2024 wrote to memory of 3796	2024	chrome.exe	81
PID 2024 wrote to memory of 3796	2024	chrome.exe	81
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 2180	2024	chrome.exe	85
PID 2024 wrote to memory of 4124	2024	chrome.exe	86
PID 2024 wrote to memory of 4124	2024	chrome.exe	86
PID 2024 wrote to memory of 3624	2024	chrome.exe	87
PID 2024 wrote to memory of 3624	2024	chrome.exe	87
PID 2024 wrote to memory of 3624	2024	chrome.exe	87
PID 2024 wrote to memory of 3624	2024	chrome.exe	87
PID 2024 wrote to memory of 3624	2024	chrome.exe	87
PID 2024 wrote to memory of 3624	2024	chrome.exe	87
PID 2024 wrote to memory of 3624	2024	chrome.exe	87
PID 2024 wrote to memory of 3624	2024	chrome.exe	87
PID 2024 wrote to memory of 3624	2024	chrome.exe	87
PID 2024 wrote to memory of 3624	2024	chrome.exe	87
PID 2024 wrote to memory of 3624	2024	chrome.exe	87
PID 2024 wrote to memory of 3624	2024	chrome.exe	87
PID 2024 wrote to memory of 3624	2024	chrome.exe	87
PID 2024 wrote to memory of 3624	2024	chrome.exe	87
PID 2024 wrote to memory of 3624	2024	chrome.exe	87
PID 2024 wrote to memory of 3624	2024	chrome.exe	87
PID 2024 wrote to memory of 3624	2024	chrome.exe	87
PID 2024 wrote to memory of 3624	2024	chrome.exe	87
PID 2024 wrote to memory of 3624	2024	chrome.exe	87
PID 2024 wrote to memory of 3624	2024	chrome.exe	87
PID 2024 wrote to memory of 3624	2024	chrome.exe	87
PID 2024 wrote to memory of 3624	2024	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://stockviva.com/redirect?
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe7ffd9758,0x7ffe7ffd9768,0x7ffe7ffd9778
  2⤵
  PID:3796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1768 --field-trial-handle=1820,i,14035433197911818492,15865490190332628685,131072 /prefetch:2
  2⤵
  PID:2180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1820,i,14035433197911818492,15865490190332628685,131072 /prefetch:8
  2⤵
  PID:4124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2248 --field-trial-handle=1820,i,14035433197911818492,15865490190332628685,131072 /prefetch:8
  2⤵
  PID:3624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2904 --field-trial-handle=1820,i,14035433197911818492,15865490190332628685,131072 /prefetch:1
  2⤵
  PID:4392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2936 --field-trial-handle=1820,i,14035433197911818492,15865490190332628685,131072 /prefetch:1
  2⤵
  PID:3828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3816 --field-trial-handle=1820,i,14035433197911818492,15865490190332628685,131072 /prefetch:1
  2⤵
  PID:472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4868 --field-trial-handle=1820,i,14035433197911818492,15865490190332628685,131072 /prefetch:1
  2⤵
  PID:1888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5420 --field-trial-handle=1820,i,14035433197911818492,15865490190332628685,131072 /prefetch:1
  2⤵
  PID:1124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5800 --field-trial-handle=1820,i,14035433197911818492,15865490190332628685,131072 /prefetch:8
  2⤵
  PID:4452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3352 --field-trial-handle=1820,i,14035433197911818492,15865490190332628685,131072 /prefetch:8
  2⤵
  PID:924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1684 --field-trial-handle=1820,i,14035433197911818492,15865490190332628685,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3428

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4512

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1008B

MD5
d2c80161afc9b12c4d010867572b8586

SHA1
ea71993c0f6f022b775646cecbc5df8a416875f3

SHA256
5d42b59dbf2faf037b29026fb5bae055f923ef08e0accc0610c46b574cdff2b0

SHA512
61b8ccceebd119170a31fd0aff43ec31dffd7cdbf3e384d1df4c8321bd682a1960f22c3a12dfa8d9cedaa218542e4fca74a4f2122b45bb01607c8dc4bc934697

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
34aa8f7eff7a7510c1568bc742b23447

SHA1
24260d23c7e27dc6edf4ace567385a8b01ffb1a0

SHA256
90c5076c462a32dd51abd566a0bf8d8f5d908fe1655849b3f310bb071a0f835e

SHA512
2c31e2f0906096efb27767a867fcdb17a28af73d8e5f84859ee63e2aed31741238b51cb6c2f1926312bbf1ae8bd3de8844f5a424d2b581630f77a841815647f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
30beaf73dc85d6d4c86ff1007542c2b2

SHA1
4159479feecf5530021ed0f04c515567d8e2db68

SHA256
d9b6cc4dcf4f5c2a1c3c18187dd7868f4d26adcbb3213323701fb3bad4ddf5ba

SHA512
95589441bfbf39be278d77da129ab6f87eb138b4414fa744f8395da9480481fd34adb3a9f84949b47d43a600f2da472f350753f8ea38864ccba48ae994c1364d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4059c8f8cec31ca98479f33f8e500f12

SHA1
72f8ac0cd57df08aae84b7fe4c2a1c11c4937fbc

SHA256
de24bfda17a2607faa2762d1341cc1b8cc226c89e6caa76460f834496fb6b980

SHA512
a8926979ece47a4e654b2f9b6d86f45d51d8f789a5107e93b67b847ba9d8d632168b602198d69c541410eecf67ad43db6990853de3410deda5a225304cb9c74c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
e5c25d97c174cfc62366ff2d14ff8cb0

SHA1
e0bdf872ff8cd055cf57c1badac3ec103b89933f

SHA256
a1f36bb99bf85d1ad01d8923b1a0d90f1535ec0eb7cadb56f21698a30c11c816

SHA512
49c3fd5dcd71d39ad4af74f776bc85927f0ff1b190615d40f7f0506de40020ac502917a0b2dd2004355f896d61f4cc4760872046571554fbea060c579379b3d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
43686e4fd96ad55e4ee309bcffcb3662

SHA1
d457f7146eca0de9176740c09da5ec2f89e96c97

SHA256
fe51187676501903cf93ff816a47926a928a19b9ce1fa8b0d7a69d0fb9e50413

SHA512
05008008a1b7a70df2dec0b7c27cf14226a775ea0cc74508c694bc13a9870424c5a6a9dbcfa8ba9979a95f5d100a14631da8d4fd5fc3c81c9f81d9e00bfd89f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
881f780eb9e449f41cfd7ce5e19fe720

SHA1
6ead1202cbdec98aa1298a3e72ccf24e50e21618

SHA256
9fa8a5c0424b9accf7fa0b529d754d75c4d519821cdfcbe5710d06fcfbae2e02

SHA512
5fe6415538d14e7be8cd1dd208c901e75f91245d0dbc3bfd1949a6f7e9654c5ddffd35cb81c59e41b941b3d5550edeb417b0976d91cd704183c7657caed03b57

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
c6db1cecd1ab115e6c2dde2924d9c77c

SHA1
652a3b6967cdab1250b45e4d0f7860feefe4bfe6

SHA256
afc3aa8acca0f625963b101aecaefb8e76f41b5afd07cd1ca2f7858724f425c9

SHA512
6b594153b8d64b964a681fb22439f882b9ab4320a28cead7f5c43730fb88d79757c03bec918529f574c0f96a8b102c11a573bab972195a3303175c44146c963d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
109KB

MD5
8a6e3d3a30e691964bd9f591d083f19f

SHA1
f21629d82dc08c98e8e5a1fca49416828757edc3

SHA256
90956bc50e650569a8ae51b43da8e74b899db39815e31b7c16565e3429380675

SHA512
8908f71496c82f26b76115d7e11b3ff00443b6e421c7eb94c3a33a23eb2fcc102a891140d54ff8ead0c6371adf95fb91501bb4c50645ede9cf48957b5430f249

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit