hxxps://cWwT-04[.]na1[.]hubspotlinks[.]com/Ctc/LY*113/cWwT-04/VWMtjL3Wx3FRW5cyF4W4Z9HkGVkMXxJ56N-2xN2z6H2F3qn9gW7lCdLW6lZ3nsW3T608s5592bkN47CXm9TBLw8W914Hvk5XH9k6W8Mj1CF6JZyqjW3clpWf8n899sW4Bf8bb6-8T5MW51Nz0m2zpnwVN5l3N6XDWZTzW1V_ZXk10_SvXW8zWtYc6JpGlpW1hVMy63K2ssnW7J3JHb2jn2n1W37FSmX5K8WJZW7zvdRc8MH32XW1rs9Dp4BNQKdW7FXyfL2ZMbqvW7NrL7t8YMM56W2BqD5b2XSKzYW5fyXLn845wgZW5KkwZm6mh2pKVsG0rK8TN5Y4W66jkNM1K7y0yN2SRyd6vfGSdW6mlmN07hqbQDf21F54-04

Analysis

max time kernel
302s
max time network
310s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
07/01/2024, 22:30

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://cWwT-04.na1.hubspotlinks.com/Ctc/LY*113/cWwT-04/VWMtjL3Wx3FRW5cyF4W4Z9HkGVkMXxJ56N-2xN2z6H2F3qn9gW7lCdLW6lZ3nsW3T608s5592bkN47CXm9TBLw8W914Hvk5XH9k6W8Mj1CF6JZyqjW3clpWf8n899sW4Bf8bb6-8T5MW51Nz0m2zpnwVN5l3N6XDWZTzW1V_ZXk10_SvXW8zWtYc6JpGlpW1hVMy63K2ssnW7J3JHb2jn2n1W37FSmX5K8WJZW7zvdRc8MH32XW1rs9Dp4BNQKdW7FXyfL2ZMbqvW7NrL7t8YMM56W2BqD5b2XSKzYW5fyXLn845wgZW5KkwZm6mh2pKVsG0rK8TN5Y4W66jkNM1K7y0yN2SRyd6vfGSdW6mlmN07hqbQDf21F54-04

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133491402570167957"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2256	chrome.exe
2256	chrome.exe
4556	chrome.exe
4556	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2256 wrote to memory of 2656	2256	chrome.exe	88
PID 2256 wrote to memory of 2656	2256	chrome.exe	88
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 3700	2256	chrome.exe	90
PID 2256 wrote to memory of 4784	2256	chrome.exe	91
PID 2256 wrote to memory of 4784	2256	chrome.exe	91
PID 2256 wrote to memory of 3140	2256	chrome.exe	92
PID 2256 wrote to memory of 3140	2256	chrome.exe	92
PID 2256 wrote to memory of 3140	2256	chrome.exe	92
PID 2256 wrote to memory of 3140	2256	chrome.exe	92
PID 2256 wrote to memory of 3140	2256	chrome.exe	92
PID 2256 wrote to memory of 3140	2256	chrome.exe	92
PID 2256 wrote to memory of 3140	2256	chrome.exe	92
PID 2256 wrote to memory of 3140	2256	chrome.exe	92
PID 2256 wrote to memory of 3140	2256	chrome.exe	92
PID 2256 wrote to memory of 3140	2256	chrome.exe	92
PID 2256 wrote to memory of 3140	2256	chrome.exe	92
PID 2256 wrote to memory of 3140	2256	chrome.exe	92
PID 2256 wrote to memory of 3140	2256	chrome.exe	92
PID 2256 wrote to memory of 3140	2256	chrome.exe	92
PID 2256 wrote to memory of 3140	2256	chrome.exe	92
PID 2256 wrote to memory of 3140	2256	chrome.exe	92
PID 2256 wrote to memory of 3140	2256	chrome.exe	92
PID 2256 wrote to memory of 3140	2256	chrome.exe	92
PID 2256 wrote to memory of 3140	2256	chrome.exe	92
PID 2256 wrote to memory of 3140	2256	chrome.exe	92
PID 2256 wrote to memory of 3140	2256	chrome.exe	92
PID 2256 wrote to memory of 3140	2256	chrome.exe	92

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://cWwT-04.na1.hubspotlinks.com/Ctc/LY*113/cWwT-04/VWMtjL3Wx3FRW5cyF4W4Z9HkGVkMXxJ56N-2xN2z6H2F3qn9gW7lCdLW6lZ3nsW3T608s5592bkN47CXm9TBLw8W914Hvk5XH9k6W8Mj1CF6JZyqjW3clpWf8n899sW4Bf8bb6-8T5MW51Nz0m2zpnwVN5l3N6XDWZTzW1V_ZXk10_SvXW8zWtYc6JpGlpW1hVMy63K2ssnW7J3JHb2jn2n1W37FSmX5K8WJZW7zvdRc8MH32XW1rs9Dp4BNQKdW7FXyfL2ZMbqvW7NrL7t8YMM56W2BqD5b2XSKzYW5fyXLn845wgZW5KkwZm6mh2pKVsG0rK8TN5Y4W66jkNM1K7y0yN2SRyd6vfGSdW6mlmN07hqbQDf21F54-04
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe328d9758,0x7ffe328d9768,0x7ffe328d9778
  2⤵
  PID:2656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1800 --field-trial-handle=1868,i,13908459982922272393,10941318116064940882,131072 /prefetch:2
  2⤵
  PID:3700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=1868,i,13908459982922272393,10941318116064940882,131072 /prefetch:8
  2⤵
  PID:4784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2192 --field-trial-handle=1868,i,13908459982922272393,10941318116064940882,131072 /prefetch:8
  2⤵
  PID:3140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3108 --field-trial-handle=1868,i,13908459982922272393,10941318116064940882,131072 /prefetch:1
  2⤵
  PID:3032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3076 --field-trial-handle=1868,i,13908459982922272393,10941318116064940882,131072 /prefetch:1
  2⤵
  PID:5020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4736 --field-trial-handle=1868,i,13908459982922272393,10941318116064940882,131072 /prefetch:1
  2⤵
  PID:2976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5332 --field-trial-handle=1868,i,13908459982922272393,10941318116064940882,131072 /prefetch:8
  2⤵
  PID:3224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3428 --field-trial-handle=1868,i,13908459982922272393,10941318116064940882,131072 /prefetch:8
  2⤵
  PID:3800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3360 --field-trial-handle=1868,i,13908459982922272393,10941318116064940882,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4556

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2184

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
2d82d1f32db124a807f2861dbe708001

SHA1
01621ea08c1cedae12c8ef0f2f9195381b82cc7b

SHA256
e93f9724369f5a8f1c06ec4d9183a424af5d9133e14f9cfe2070a5f75f8cc84f

SHA512
3109e933202599bf05ca624e0369546f932a085205e068d6c09581d7b8f18950233c20618dea382faca7e265d30b7b37a29f2d900bbf461725aadbae4e04a8ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
908c3b29d08cf7583b704af8cc58d1eb

SHA1
df2370264a502d0376cb8068aa26b81ff114b7c3

SHA256
de3959866fc7a825480d7a44a33f1665ff07b5a023830e1683d3d6bb971ded1e

SHA512
b1e95055ddd5501d93a871bfcf78fb3cbfaf75968d2ab9c6a1950d260bb10438ff35bac0b48c54382b50780c87373e47551a865e5019359298b3bd6f4e5aaf05

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
3ec2c4ac9bb567e6189e2a16259d7636

SHA1
b159e1cefd062822e4ec848d89b2b64dd87110e2

SHA256
7c51b8e2e9c3faeb537c52173dd668564f37a9f59df8689a1548a15300c04a04

SHA512
14c5af67776a5a4ae03df722a38125007eba79fd818faac3cfee5943e276873417f5e59195c21c906f4736fab1846dfcd33af36eb3fe6ecb8d0f223e09a1929e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
5268db6319c45f3c5fffe99a6205f143

SHA1
7c1bef938fd7c67678e37e7462bf73bf89bb5e2b

SHA256
314ec7a99a5d36b34ba620a03b24b8508be5e842155520ba9de514b105b76987

SHA512
cb635dacbdd5c7f902c824e3246af3323ef354a40c4172045593f0019c84e75a90ac060c43bba8c1683dea8ed2a0c086cf2385019155aad3b54acc409ae509a8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
79f76c103cb9537aff0fdbeacd5aa386

SHA1
f213710031c814a8842f5d6548d17623f9c06cc7

SHA256
913cd543467bd71217143faec1dfe872dfc34924034c89aa46c7fed5d0aed7a1

SHA512
747da2667388ae616fa4f7e22a0a12feca46a01baa6c977ecfb7354f5876a1d0c8922df196090b1a2f21cbe14cb8e9a05dfe244ad897b77ad6492c7f65ef6836

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
b1efbc22730caace54a5def65ee52795

SHA1
f99e7eb7dbbbcef17293f151eec4ed3e39d2d7a2

SHA256
3308a6be5c82005627460673c53fac2332ad36eb5cb00ee8fa0f93e7ab7ec368

SHA512
fcd6f9b9eaf01228406aca1987ca6d49f5989c2fc495b6508ec46e4085d775f8fb697d0985450615e2cc8fa67705e957c54e3c6b71a100e0e29dbf89ba90c635

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
b39ff9406078c75c22daa7660527280b

SHA1
af5176bd3d5be7601165b787c8fc75577f72d33f

SHA256
88f7cc13b604e776e491bfddf43b2cfdefb2c7c9d240e316de1adf7dd81db001

SHA512
9b356b2a2f99791e1caeebd7dd00c8c49de36672d5d1d68463eb59eb7b0e3ffabe02ecab7cf32281a1374db58ccd18dfa501a2787217540b5e1826edce2948e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
045316a81dcbabc68e1161209ae4d04a

SHA1
a85e773330923d161545d5247bbd02b90cb9feed

SHA256
a3192c0c31017906a37b7003335b9f1932b05441f6ef30d63ac2e50fe9ef5fb5

SHA512
ce8d86a5d19ff5d68dff0f68653fd0910e727cab65c3d8cda8729b31751e9302090eaba44ef835d3dcdbcffa7e677ab21718665992e8ee0c98dc3e850bd7659c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit