310ddf83c88710c946c7d091948eeff7ad2d7c4f2e3f37efe703f1bef88a3252

Analysis

max time kernel
150s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20231020-en
resource tags

arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
submitted
23/11/2023, 00:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

usda-releases-updated-plant-hardiness-zone-map.html
Size

166KB
MD5

caac0caed53d0bbe0d8250a71e5777c3
SHA1

9e6287c07c84bc2446f7cc2dba043f293b54f356
SHA256

310ddf83c88710c946c7d091948eeff7ad2d7c4f2e3f37efe703f1bef88a3252
SHA512

616ef4086e252cc41daab3c0f07d07e9246de95efef520f5d653246982d90ac5b5d01a7043dc0212cb661e0f13b01a8464862855e3e5526ee9d73721120262b0
SSDEEP

3072:PC0SYBEVCACriHJ8PrgdUw8Q6nozDvOsS90e+df:Xr8Jkr0+Q6Q

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133451718627219973"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1208	chrome.exe
1208	chrome.exe
1100	chrome.exe
1100	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe
Token: SeShutdownPrivilege	1208	chrome.exe
Token: SeCreatePagefilePrivilege	1208	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe
1208	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1208 wrote to memory of 5044	1208	chrome.exe	30
PID 1208 wrote to memory of 5044	1208	chrome.exe	30
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 4768	1208	chrome.exe	85
PID 1208 wrote to memory of 3944	1208	chrome.exe	86
PID 1208 wrote to memory of 3944	1208	chrome.exe	86
PID 1208 wrote to memory of 4540	1208	chrome.exe	87
PID 1208 wrote to memory of 4540	1208	chrome.exe	87
PID 1208 wrote to memory of 4540	1208	chrome.exe	87
PID 1208 wrote to memory of 4540	1208	chrome.exe	87
PID 1208 wrote to memory of 4540	1208	chrome.exe	87
PID 1208 wrote to memory of 4540	1208	chrome.exe	87
PID 1208 wrote to memory of 4540	1208	chrome.exe	87
PID 1208 wrote to memory of 4540	1208	chrome.exe	87
PID 1208 wrote to memory of 4540	1208	chrome.exe	87
PID 1208 wrote to memory of 4540	1208	chrome.exe	87
PID 1208 wrote to memory of 4540	1208	chrome.exe	87
PID 1208 wrote to memory of 4540	1208	chrome.exe	87
PID 1208 wrote to memory of 4540	1208	chrome.exe	87
PID 1208 wrote to memory of 4540	1208	chrome.exe	87
PID 1208 wrote to memory of 4540	1208	chrome.exe	87
PID 1208 wrote to memory of 4540	1208	chrome.exe	87
PID 1208 wrote to memory of 4540	1208	chrome.exe	87
PID 1208 wrote to memory of 4540	1208	chrome.exe	87
PID 1208 wrote to memory of 4540	1208	chrome.exe	87
PID 1208 wrote to memory of 4540	1208	chrome.exe	87
PID 1208 wrote to memory of 4540	1208	chrome.exe	87
PID 1208 wrote to memory of 4540	1208	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\usda-releases-updated-plant-hardiness-zone-map.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff363a9758,0x7fff363a9768,0x7fff363a9778
  2⤵
  PID:5044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1632 --field-trial-handle=1880,i,6555246187493634142,16597984974389789957,131072 /prefetch:2
  2⤵
  PID:4768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1880,i,6555246187493634142,16597984974389789957,131072 /prefetch:8
  2⤵
  PID:3944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2216 --field-trial-handle=1880,i,6555246187493634142,16597984974389789957,131072 /prefetch:8
  2⤵
  PID:4540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2892 --field-trial-handle=1880,i,6555246187493634142,16597984974389789957,131072 /prefetch:1
  2⤵
  PID:548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2876 --field-trial-handle=1880,i,6555246187493634142,16597984974389789957,131072 /prefetch:1
  2⤵
  PID:1308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4912 --field-trial-handle=1880,i,6555246187493634142,16597984974389789957,131072 /prefetch:1
  2⤵
  PID:3468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3816 --field-trial-handle=1880,i,6555246187493634142,16597984974389789957,131072 /prefetch:1
  2⤵
  PID:4864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3896 --field-trial-handle=1880,i,6555246187493634142,16597984974389789957,131072 /prefetch:1
  2⤵
  PID:2900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6024 --field-trial-handle=1880,i,6555246187493634142,16597984974389789957,131072 /prefetch:8
  2⤵
  PID:4232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5660 --field-trial-handle=1880,i,6555246187493634142,16597984974389789957,131072 /prefetch:8
  2⤵
  PID:4820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1788 --field-trial-handle=1880,i,6555246187493634142,16597984974389789957,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1100

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:452

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
b5b421e7213ca3a262b851adb838d3ca

SHA1
82055ab32fbae18764bfe9e3739bb758442dd428

SHA256
0faca477e70f0b8fd6790ef84414a42dc788604995c2ef43e8e5b88ab2f8dbb2

SHA512
988e2c799a1b0e9cd86f181b59a11803c3ffa43b07c271ada58144b191373b72477a0ec74147b84c652920ba0934fe38f414539f7ccc22e0b0c8b856cc41fcb2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
33d9f7c4dc2c89453e683818c4c49685

SHA1
29895e55079ef0e889fcb588523badf9b984a9bf

SHA256
8e25b76c43c4ed91a6a4e7b266347bb009df8d3493f1dbaf4fa94ab469249396

SHA512
c5a66efb7aa2539af15445cfcebea8d1a48d542272e105c3eb23364a17e30f6869e94f543a60d017a0cc4cbcc118378ef1da2db226fc35a05be849d402916db7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
4e0cef89b9a394483aa08a96a239d31f

SHA1
845992d9b3175e57938622237c15d80bc2bb2451

SHA256
49eaaf9f9e10ffed31ed163a9409c1c816a0a02a60f43505f7f4ef1bd6e8020b

SHA512
6c8dcfc436c167436af5a5a646a6e9393f59eee05477f8e757bb54927f8aabab77d1abcb78ad8675d4bfc2fd3e29c8376dea6cf018aaea2d0cfd3eadf1f0cbd2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
535B

MD5
f8722d59a5f6882e73ba9a6a4b616d68

SHA1
b8bdc8ccccb743006468509df9b7aa3674b3c3e3

SHA256
1833dea9f70e5c5f3e0afdbfdf3098c134e54a71e2b754fa46b976c0b26c5ba8

SHA512
4816770199e2d731cef22eb0c0830e2a473abd4329f1422d333592eb14b89ca20187a5125cd4df2964e724044bdb6a8b11116b7bc1df197ceb73dc03f0568a63

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
535B

MD5
9298ca2f86db41ad96380eb7c4d526d6

SHA1
b93e5b7dcbdc3b324753dc4a31511c4da427a53c

SHA256
4068fb70cc1640df6eb3d62f86e2f7a92526ce83ac93299b920f543d2a016c27

SHA512
f01b1bfdd99072079a0177c19b056a4b4d6a12fb05314decee679da96370ef2f00d11b57739c63135eea351f23f46c7374edf4e83601412f8065de0a9e939b38

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
0344608a327ed3544ffeda280964221f

SHA1
7208720fe28e9da6320d9e19a5443ca9f896cd86

SHA256
045e01839d5a0761f0b09262d285ad2db8628292e54d3ceb383e32ab77286b76

SHA512
8d127f06e353a51e7a0b466ff6eae4a7bc352437af36d903c782d0da456facb04d107e09b558bbde39ae1c3c564a4114b40ea47ad171e96788cccd002639d24e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
5b2b71f95ef55225e4105e72ef72656c

SHA1
1e91d8ceff4ef823b073d575860ef7a7e551cc88

SHA256
1a314941d7c27a1f53b2017c42b83aab77105b18d2a3c9fbce5c9b5f0a1d6132

SHA512
891657ab111a716a37b50c07c20352ed51250d2a26e3e399ab2e9443e1c8a6bd5dd5962f9231c3ac04e0f71e17c9bfe72320bad9a8288849a69f810bff7f6d9d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
109KB

MD5
320aedc763fc42752e35961bd69d7d59

SHA1
dfac50b2e5ebaddf0e08b3a2a58c013a3b1f4312

SHA256
b5919c03981755a871f6465a2f47622bf4935e33b484edfd2e4b6784ca4e3f29

SHA512
54d641c9b5d208cf3eeaf193a44d25dd14fbdb8846b8bdebd3b9eaec65a59bb370af8e5f2a9e4105f8a1b8ed1a19d58ff35395712608480dc73e766131dbbbc1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit