hxxps://www[.]fenet[.]jp

Resubmissions

05/01/2024, 07:55

240105-jsg8aafhdp 1

05/01/2024, 07:53

05/01/2024, 07:48

05/01/2024, 07:45

05/01/2024, 07:39

05/01/2024, 07:28

Analysis

max time kernel
155s
max time network
169s
platform
windows10-2004_x64
resource
win10v2004-20231215-ja
resource tags

arch:x64arch:x86image:win10v2004-20231215-jalocale:ja-jpos:windows10-2004-x64systemwindows
submitted
05/01/2024, 07:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.fenet.jp

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133489145898699516"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4700	chrome.exe
4700	chrome.exe
3540	chrome.exe
3540	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe
Token: SeShutdownPrivilege	4700	chrome.exe
Token: SeCreatePagefilePrivilege	4700	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe
4700	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4700 wrote to memory of 936	4700	chrome.exe	89
PID 4700 wrote to memory of 936	4700	chrome.exe	89
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 828	4700	chrome.exe	92
PID 4700 wrote to memory of 796	4700	chrome.exe	93
PID 4700 wrote to memory of 796	4700	chrome.exe	93
PID 4700 wrote to memory of 4024	4700	chrome.exe	94
PID 4700 wrote to memory of 4024	4700	chrome.exe	94
PID 4700 wrote to memory of 4024	4700	chrome.exe	94
PID 4700 wrote to memory of 4024	4700	chrome.exe	94
PID 4700 wrote to memory of 4024	4700	chrome.exe	94
PID 4700 wrote to memory of 4024	4700	chrome.exe	94
PID 4700 wrote to memory of 4024	4700	chrome.exe	94
PID 4700 wrote to memory of 4024	4700	chrome.exe	94
PID 4700 wrote to memory of 4024	4700	chrome.exe	94
PID 4700 wrote to memory of 4024	4700	chrome.exe	94
PID 4700 wrote to memory of 4024	4700	chrome.exe	94
PID 4700 wrote to memory of 4024	4700	chrome.exe	94
PID 4700 wrote to memory of 4024	4700	chrome.exe	94
PID 4700 wrote to memory of 4024	4700	chrome.exe	94
PID 4700 wrote to memory of 4024	4700	chrome.exe	94
PID 4700 wrote to memory of 4024	4700	chrome.exe	94
PID 4700 wrote to memory of 4024	4700	chrome.exe	94
PID 4700 wrote to memory of 4024	4700	chrome.exe	94
PID 4700 wrote to memory of 4024	4700	chrome.exe	94
PID 4700 wrote to memory of 4024	4700	chrome.exe	94
PID 4700 wrote to memory of 4024	4700	chrome.exe	94
PID 4700 wrote to memory of 4024	4700	chrome.exe	94

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.fenet.jp
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff899449758,0x7ff899449768,0x7ff899449778
  2⤵
  PID:936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1716 --field-trial-handle=1896,i,14148737850302229752,12175888762786782208,131072 /prefetch:2
  2⤵
  PID:828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1896,i,14148737850302229752,12175888762786782208,131072 /prefetch:8
  2⤵
  PID:796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2236 --field-trial-handle=1896,i,14148737850302229752,12175888762786782208,131072 /prefetch:8
  2⤵
  PID:4024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3124 --field-trial-handle=1896,i,14148737850302229752,12175888762786782208,131072 /prefetch:1
  2⤵
  PID:1696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3152 --field-trial-handle=1896,i,14148737850302229752,12175888762786782208,131072 /prefetch:1
  2⤵
  PID:2384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5444 --field-trial-handle=1896,i,14148737850302229752,12175888762786782208,131072 /prefetch:8
  2⤵
  PID:1372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5448 --field-trial-handle=1896,i,14148737850302229752,12175888762786782208,131072 /prefetch:8
  2⤵
  PID:4000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4472 --field-trial-handle=1896,i,14148737850302229752,12175888762786782208,131072 /prefetch:1
  2⤵
  PID:2724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5480 --field-trial-handle=1896,i,14148737850302229752,12175888762786782208,131072 /prefetch:1
  2⤵
  PID:416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1852 --field-trial-handle=1896,i,14148737850302229752,12175888762786782208,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3540

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2380

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
330B

MD5
5ea20d85e4e5c933ee4358903439bef5

SHA1
58071896c6f3111d44beac0e36ef007e5db7d0b3

SHA256
a92de30e64e4c28ce52c11f90aa71a751a4f9154eecafb9af6fdc2bb1a971b94

SHA512
973863b4a4d620e4a70bf88922b639636bbb83de206e55d3b82c661e9770d5087feeb66639c1f658634f1acf92b533a5bd34ee96593915fb57cbda2d505a9aa2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
330B

MD5
5b518a886325f69707e788e25e627fda

SHA1
cd070a4efc2b43b4f96bdba5cdd4b794a33bb194

SHA256
2a5dfec4012ff5879b24526a483ff27619f6244ae1218bbd942c805797b12833

SHA512
a8551fbaa76d554821ea5130b4676197fc0befc641ad8bf281b4cde31a197b011ef04ea9771d9d29878c4e1eb459d97aa16636708cbb92c57c701795d5a298f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
41060e9f2dee7febbbc018824d249717

SHA1
48724d4c8797294b35a9e3adbf7107d6542ffe31

SHA256
44dc23725755367dfa8464de70e4167b83c4b3bb5d55bd2b5b689c42ae3fe727

SHA512
3e60014b242915ca1d064eb826691606799e92a3eafbaa293c49120a38ab9517e330e9d15f05c99ad7228844cd1c07751cf27159fefec051930b6ecec2b08edd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
792287d81d66356313c4b4437c64a80d

SHA1
ef8f4b024009e60d102a85ba5b0f88c945f2ea52

SHA256
f678472b419777cbe1f0d13bbabd44cd0387a007f76444eb3857778e03f16e2c

SHA512
d86e9f49c4f3c29e77f869b18a2ab3dab41eb57a7c70255c4f804a59c97c3c7b1e53a6f9e5505ecb9e262cf424cf1de5199b0060e7a36d41c7f9f1ff3bad6658

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
871B

MD5
443112bdfce480401af6a3f0d7e2021e

SHA1
c37e6afadbe377d38a3b0e3895374c870aa875d6

SHA256
8bc693e67fdbba7f206c52503d5568a78626e1ca408f7e05c770ac2a54b23541

SHA512
7768a47da07f0e8ceb6e152fec7a30374c7b173f55646eb7ce8961ceaca3983e384858d3efdadf00a51243c240176df250d43bed745b63b9e27f9ebdaa1eec81

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
871B

MD5
f32f21fa0e36360555885e4d9cfc3690

SHA1
e042c629992a3d5f54fefd7e010cf53f16556da3

SHA256
aa5b754d4f773b45e9a910e3216f788a7ebf13cf937b3a11106034dfd07fc8bf

SHA512
165984ea8c2156a7750356457e3f03c3e89a729aa0487e3b118e21edbc4c602a5bfa9b402ea386a8353ff60cdc06328c0244797d8285f645278465a400e146d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
b0c2cab1b7efd9bf2399ffba71711845

SHA1
298c71b1ed8929614a434744b9c8fd4768bb0a42

SHA256
68d5b19b70667b826cbbee4d17aa7b99dfb0ef60bb356a97b96e8f1c6eb7ef9c

SHA512
ec9b203dde909e64d56f95c76d012d1d0e415ed06dfb48e1ae07661eb60a048cd68b3765f62a46749ed76e5ee046b1fd60adf2d44f0cd0ffb58b66dcbf2cfe27

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
a15967221a3ccb29103fdb8e6ceff6d9

SHA1
4986f72c90a6b88b1c441210d090d448f81d63bd

SHA256
081df3332d31e745d86300306ff7cff4700bafb44552fa24593c7e30226b97c6

SHA512
43ce0f66707de0935980e3636bf23a78c74e3cc248a7441a658ad534910be00a11cf7f39962b17e7467003c64ccf6ccaf4e0f6d157fe7b209a6d911705bfefb1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
b18003a540d94bd57f3f52d7aeacd602

SHA1
c4602be0ec8d373daf2efd9cf46c646ca4532506

SHA256
7dd9bcf098097e27499e62e9ce9922679910bc62efedb3ad668aef7c51981bbe

SHA512
6b06dea42ce4da252ed07cd716ed549a175db985697ba0694e4115ac14722ca622e9a8307e054c13606ea2b0c12837661b090e75651a45719ba7d07401d8eda9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit