hxxps://www[.]carriermanagement[.]com/news/2024/01/08/257495[.]htm

Analysis

max time kernel
149s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
09/01/2024, 21:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.carriermanagement.com/news/2024/01/08/257495.htm

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133493103423735075"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4772	chrome.exe
4772	chrome.exe
3136	chrome.exe
3136	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4772 wrote to memory of 4748	4772	chrome.exe	47
PID 4772 wrote to memory of 4748	4772	chrome.exe	47
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 3252	4772	chrome.exe	96
PID 4772 wrote to memory of 2680	4772	chrome.exe	95
PID 4772 wrote to memory of 2680	4772	chrome.exe	95
PID 4772 wrote to memory of 812	4772	chrome.exe	91
PID 4772 wrote to memory of 812	4772	chrome.exe	91
PID 4772 wrote to memory of 812	4772	chrome.exe	91
PID 4772 wrote to memory of 812	4772	chrome.exe	91
PID 4772 wrote to memory of 812	4772	chrome.exe	91
PID 4772 wrote to memory of 812	4772	chrome.exe	91
PID 4772 wrote to memory of 812	4772	chrome.exe	91
PID 4772 wrote to memory of 812	4772	chrome.exe	91
PID 4772 wrote to memory of 812	4772	chrome.exe	91
PID 4772 wrote to memory of 812	4772	chrome.exe	91
PID 4772 wrote to memory of 812	4772	chrome.exe	91
PID 4772 wrote to memory of 812	4772	chrome.exe	91
PID 4772 wrote to memory of 812	4772	chrome.exe	91
PID 4772 wrote to memory of 812	4772	chrome.exe	91
PID 4772 wrote to memory of 812	4772	chrome.exe	91
PID 4772 wrote to memory of 812	4772	chrome.exe	91
PID 4772 wrote to memory of 812	4772	chrome.exe	91
PID 4772 wrote to memory of 812	4772	chrome.exe	91
PID 4772 wrote to memory of 812	4772	chrome.exe	91
PID 4772 wrote to memory of 812	4772	chrome.exe	91
PID 4772 wrote to memory of 812	4772	chrome.exe	91
PID 4772 wrote to memory of 812	4772	chrome.exe	91

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.carriermanagement.com/news/2024/01/08/257495.htm
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffed1059758,0x7ffed1059768,0x7ffed1059778
  2⤵
  PID:4748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2212 --field-trial-handle=1876,i,1586718477833280748,13019773089125977642,131072 /prefetch:8
  2⤵
  PID:812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2952 --field-trial-handle=1876,i,1586718477833280748,13019773089125977642,131072 /prefetch:1
  2⤵
  PID:4704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2944 --field-trial-handle=1876,i,1586718477833280748,13019773089125977642,131072 /prefetch:1
  2⤵
  PID:384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1876,i,1586718477833280748,13019773089125977642,131072 /prefetch:8
  2⤵
  PID:2680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1652 --field-trial-handle=1876,i,1586718477833280748,13019773089125977642,131072 /prefetch:2
  2⤵
  PID:3252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=1640 --field-trial-handle=1876,i,1586718477833280748,13019773089125977642,131072 /prefetch:1
  2⤵
  PID:2076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5440 --field-trial-handle=1876,i,1586718477833280748,13019773089125977642,131072 /prefetch:8
  2⤵
  PID:2356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4976 --field-trial-handle=1876,i,1586718477833280748,13019773089125977642,131072 /prefetch:8
  2⤵
  PID:4920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5032 --field-trial-handle=1876,i,1586718477833280748,13019773089125977642,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3136

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1884

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A

Filesize
893B

MD5
d4ae187b4574036c2d76b6df8a8c1a30

SHA1
b06f409fa14bab33cbaf4a37811b8740b624d9e5

SHA256
a2ce3a0fa7d2a833d1801e01ec48e35b70d84f3467cc9f8fab370386e13879c7

SHA512
1f44a360e8bb8ada22bc5bfe001f1babb4e72005a46bc2a94c33c4bd149ff256cce6f35d65ca4f7fc2a5b9e15494155449830d2809c8cf218d0b9196ec646b0c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A

Filesize
252B

MD5
aa6349e2a744d125c708ca746a1d0931

SHA1
9a00ae398f0a6c14a3b2d4f9a389f41d63e573cd

SHA256
1d517ad6a002e3c73dfc5c98ffcdde7b4df5d975d49dea5bd2a39776599b5e8c

SHA512
a57a48f1454f2249069684f3f6986f627226331b15d8ce03ba32252a5d0e550fd5b9b6d50b18673270ee3618bc8d456963161e3f43e0fe18d287cde4c386e018

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
768B

MD5
f5f6f07e7e6249cc9025b5cf73780b4e

SHA1
dbd695353bedeaab2e4f660cf745ae6e5de20d65

SHA256
9e4589c7fe4e04cd5ab7ce74e3bf52fc1c993d16e422b90196893d94ad9435b6

SHA512
d510ab13dbcfb73fa1fe61f2551cd0833cc83bd1ce98322e6b2c19dbca14dfa608ce773e689d31ce3e6baaf752b94911e8ebe703a4ab82e1669a00a80e11ceb7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
840B

MD5
1c9485b2edea4ed9267171ecaf41991b

SHA1
3af67e25432e4295336751effc0aec96ada23804

SHA256
3e17e899fd81cd6386255dd3e18082acd83a7737cda42c4697659610d428238f

SHA512
e39682d940fa1451e869d9dbc87721b311359ce2288ab26cf3ac17f4b029f84395afad110d7f76d86b6587d28c6ebf989f8ca4c1287b33cb8475856dec0f5427

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
6cc1ee5e2aeb3d2571768deedc2f4038

SHA1
e34f4eeb4c3d0b3302df8451282eea5b4c5f3e31

SHA256
868cd82e53a40bdf52f7d58a701f7bcacbf88f9080b13343b1ee3f0212168a0e

SHA512
4f370c4667e106da3de3300aabfbd7b9558109f1a6c00bc8c3440932284177da8c3a9f8aa1fbf3d8858c9e3788280bdec26a91cd6655f8cce8abf208c7729609

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
75b96f85a87d5e17a36f6ec1466c4ff7

SHA1
87041fdf962b341479ac909525080143bfe4fdde

SHA256
0140ae77090b0a01b1d763b18f09bc3db75a5c31cfc76bf29469dc5329b4b6c7

SHA512
ecf4a5856af8ec7d203457942992cf106efba4be04bc82bbb43480ee3e9606d05a348da0d7b8cea395d069ac4d3c68eead81e7107797d6ab9b8cb9d7b38d5fca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
9e06c8bf29b7e14c67bf807c32bd95cd

SHA1
f7afa95480793f63b85ea597650a55203faa0497

SHA256
141a7e34e692d280a258d8380c0e1d78c092cbbd2a22f7007c89b5175847651f

SHA512
581d0a6870e827dfcfeb7b59527ef593b7541fe0ad78c0ac58a44a49da1c6a3c2619efea685c08064a9cdcc4434a2afffc53af0d906cdb6803033e242f891f99

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
5cd4648870081d6a872c3eaf2be5cd6f

SHA1
ab85599de742041fa4d12a36b79ba610e2c7ecb1

SHA256
45c1090c141c275a8ec72efdee89d78373108e6b7a76867cbd909edf217b897a

SHA512
5f8d646e31184c191e9b3e14826e35263045375aabffc8562c56484db20c060707bae40b2a0b2ce863c0a1af4d350454c1a29723f6234a7dcd16897e912939d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
e026777105d18181d69d19d12c3e2fe7

SHA1
481b5fc855de06d1b269ed1a98812158190cca59

SHA256
b8969154146d0502281275dd6a5dd00840131139ebfb8b05955759c3e6ef293f

SHA512
40af049088855eeed36beb8f51ebcf602cacacd3d6a80df494983d2ff83e991cc03afd6e214ef51ad7808c8e977061e10803b44ef36587b9c7fc6c63bb5b8743

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
2e0864f78f45f403ea0a34caab354bdd

SHA1
38f034c0303023142824836ea4c3c961a220186d

SHA256
00187bd5bf3ef8b703bbed6b62f2629ec1b495d200cbf523f63f7e0b98a16b5d

SHA512
d42c4689bf241ecdb4b0afebe0d5c919deddfb44a75b7e7840d4e07bfd6ded183f691a86c6ed5e89ff571a67be5922734b4a96c404b72fa94289995c73043003

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
cde27430fa19300949fe33e05c754090

SHA1
b5e29768106b5f737ff3ab223946975b493c8c65

SHA256
3b7fd7b557d7a58428a277122e17ab06e62bd6e3d0570cdfa40b622e77063c73

SHA512
d5dc8de7c9e361926825ed8f859993b250fcbdbcb4a97c2a4bf201c173900b562995be0edb4aae03c41387a0d58daad8d9dde6a794dab4dede617c9bb2909365

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
1edcbede7e4cbe36980dd3b4e4a27f13

SHA1
05e73b0e5def1fa872d52700add830ca333480a2

SHA256
23524786d112665166033b5885faa42f203cc3fe4c105ae4719fd3a62e07be4f

SHA512
e872c554323a8360343cd4c2e1371db7440253465622ef187dcb223fe6e5f84a58d433ca72c1eb09e999d7d3154b568f23005cdf6f9f39fe539e44f35071be8e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit