hxxps://url7923[.]marsello[.]io/ls/click?upn=Xn88PJeNIL29Y2OVpP6Ui9EYZtRwTAy-2FanEqeT7KFITIPxx3CQ-2Bz-2BT1Wn5ebq2tm1sqE6eg2vD5bCaw4Eaq12excuENkml2Z-2F-2BVwaqonMgw-3D_Nd4_zn392oq3WCbQR9pQOrSlN3JYr1eawUW29DwOmXQDFEKvXTscqRwDY-2FgKnWU8V7NzSsBCCcv9uzK4FKXWSalTgA6HlLAwSKlyolcXDeTD8LF45bNie8E4gj1okiCjROA7oohXThj7z3M9m-2FNBNWinnLG18DVcdhCQfzNJhXt-2BjJX3oDGgrUxpxb6nYP4CUVxhdHdikKr1HXfjuGHu2zoLcgUWP9p19dUjdS3s3cyeQrCIn04ilggiIUtJNzGNEZ7igcWw1Sdbl-2Ft9lxc1N8MIvtVVZwbma1r2rkKyA6euQ5Q0S46okRR8U4ZfDzPHAlvh

Analysis

max time kernel
1s
max time network
157s
platform
windows11-21h2_x64
resource
win11-20231215-en
resource tags

arch:x64arch:x86image:win11-20231215-enlocale:en-usos:windows11-21h2-x64system
submitted
09/01/2024, 18:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://url7923.marsello.io/ls/click?upn=Xn88PJeNIL29Y2OVpP6Ui9EYZtRwTAy-2FanEqeT7KFITIPxx3CQ-2Bz-2BT1Wn5ebq2tm1sqE6eg2vD5bCaw4Eaq12excuENkml2Z-2F-2BVwaqonMgw-3D_Nd4_zn392oq3WCbQR9pQOrSlN3JYr1eawUW29DwOmXQDFEKvXTscqRwDY-2FgKnWU8V7NzSsBCCcv9uzK4FKXWSalTgA6HlLAwSKlyolcXDeTD8LF45bNie8E4gj1okiCjROA7oohXThj7z3M9m-2FNBNWinnLG18DVcdhCQfzNJhXt-2BjJX3oDGgrUxpxb6nYP4CUVxhdHdikKr1HXfjuGHu2zoLcgUWP9p19dUjdS3s3cyeQrCIn04ilggiIUtJNzGNEZ7igcWw1Sdbl-2Ft9lxc1N8MIvtVVZwbma1r2rkKyA6euQ5Q0S46okRR8U4ZfDzPHAlvh

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 2 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Suspicious use of FindShellTrayWindow 17 IoCs

pid	Process
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe

Suspicious use of SendNotifyMessage 8 IoCs

pid	Process
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3452 wrote to memory of 2032	3452	chrome.exe	16
PID 3452 wrote to memory of 2032	3452	chrome.exe	16
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 2436	3452	chrome.exe	44
PID 3452 wrote to memory of 3936	3452	chrome.exe	48
PID 3452 wrote to memory of 3936	3452	chrome.exe	48
PID 3452 wrote to memory of 4296	3452	chrome.exe	45
PID 3452 wrote to memory of 4296	3452	chrome.exe	45
PID 3452 wrote to memory of 4296	3452	chrome.exe	45
PID 3452 wrote to memory of 4296	3452	chrome.exe	45
PID 3452 wrote to memory of 4296	3452	chrome.exe	45
PID 3452 wrote to memory of 4296	3452	chrome.exe	45
PID 3452 wrote to memory of 4296	3452	chrome.exe	45
PID 3452 wrote to memory of 4296	3452	chrome.exe	45
PID 3452 wrote to memory of 4296	3452	chrome.exe	45
PID 3452 wrote to memory of 4296	3452	chrome.exe	45
PID 3452 wrote to memory of 4296	3452	chrome.exe	45
PID 3452 wrote to memory of 4296	3452	chrome.exe	45
PID 3452 wrote to memory of 4296	3452	chrome.exe	45
PID 3452 wrote to memory of 4296	3452	chrome.exe	45
PID 3452 wrote to memory of 4296	3452	chrome.exe	45
PID 3452 wrote to memory of 4296	3452	chrome.exe	45
PID 3452 wrote to memory of 4296	3452	chrome.exe	45
PID 3452 wrote to memory of 4296	3452	chrome.exe	45
PID 3452 wrote to memory of 4296	3452	chrome.exe	45
PID 3452 wrote to memory of 4296	3452	chrome.exe	45
PID 3452 wrote to memory of 4296	3452	chrome.exe	45
PID 3452 wrote to memory of 4296	3452	chrome.exe	45

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://url7923.marsello.io/ls/click?upn=Xn88PJeNIL29Y2OVpP6Ui9EYZtRwTAy-2FanEqeT7KFITIPxx3CQ-2Bz-2BT1Wn5ebq2tm1sqE6eg2vD5bCaw4Eaq12excuENkml2Z-2F-2BVwaqonMgw-3D_Nd4_zn392oq3WCbQR9pQOrSlN3JYr1eawUW29DwOmXQDFEKvXTscqRwDY-2FgKnWU8V7NzSsBCCcv9uzK4FKXWSalTgA6HlLAwSKlyolcXDeTD8LF45bNie8E4gj1okiCjROA7oohXThj7z3M9m-2FNBNWinnLG18DVcdhCQfzNJhXt-2BjJX3oDGgrUxpxb6nYP4CUVxhdHdikKr1HXfjuGHu2zoLcgUWP9p19dUjdS3s3cyeQrCIn04ilggiIUtJNzGNEZ7igcWw1Sdbl-2Ft9lxc1N8MIvtVVZwbma1r2rkKyA6euQ5Q0S46okRR8U4ZfDzPHAlvh
1⤵
- Enumerates system info in registry
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffb26a49758,0x7ffb26a49768,0x7ffb26a49778
  2⤵
  PID:2032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=316 --field-trial-handle=1792,i,3546680596569547074,8742450890504699663,131072 /prefetch:2
  2⤵
  PID:2436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2176 --field-trial-handle=1792,i,3546680596569547074,8742450890504699663,131072 /prefetch:8
  2⤵
  PID:4296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3080 --field-trial-handle=1792,i,3546680596569547074,8742450890504699663,131072 /prefetch:1
  2⤵
  PID:1960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3028 --field-trial-handle=1792,i,3546680596569547074,8742450890504699663,131072 /prefetch:1
  2⤵
  PID:468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1792,i,3546680596569547074,8742450890504699663,131072 /prefetch:8
  2⤵
  PID:3936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4492 --field-trial-handle=1792,i,3546680596569547074,8742450890504699663,131072 /prefetch:1
  2⤵
  PID:1160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3244 --field-trial-handle=1792,i,3546680596569547074,8742450890504699663,131072 /prefetch:1
  2⤵
  PID:1600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4888 --field-trial-handle=1792,i,3546680596569547074,8742450890504699663,131072 /prefetch:1
  2⤵
  PID:3872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5592 --field-trial-handle=1792,i,3546680596569547074,8742450890504699663,131072 /prefetch:8
  2⤵
  PID:2068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5208 --field-trial-handle=1792,i,3546680596569547074,8742450890504699663,131072 /prefetch:8
  2⤵
  PID:1100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4928 --field-trial-handle=1792,i,3546680596569547074,8742450890504699663,131072 /prefetch:1
  2⤵
  PID:3148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2244 --field-trial-handle=1792,i,3546680596569547074,8742450890504699663,131072 /prefetch:1
  2⤵
  PID:3796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3220 --field-trial-handle=1792,i,3546680596569547074,8742450890504699663,131072 /prefetch:8
  2⤵
  PID:3352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3284 --field-trial-handle=1792,i,3546680596569547074,8742450890504699663,131072 /prefetch:2
  2⤵
  PID:1984

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4704

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
c1f425bd88793240211135e80a5ab3f3

SHA1
bf0c98aec4e091f2d36ff92547add6f55e346878

SHA256
e24bcf0eb5d31207cb9fef66a2c0f75b4b9efe3de8a40f6a71cbbf351c5d9cb2

SHA512
053d152bc89eec5b98dc07ba0af9581427ff4f55f8aef661272c9cd7a38c03151c1042c67da1e64582cea40ee3d4b5617961e20271085fbf5d77983ebe879138

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
534cce88678f666d5a7f484cb822b1f3

SHA1
4b4c4210ec96d7f643b49c085cfd54f36d4358ad

SHA256
e8f058ee3ad4cdbf23e44658efebad43686f86ff2e28063a8ffa9cd82339cb48

SHA512
beaa9a3c55a1b06e7c31dc094a21a73bb664da10714fcca88e21fafc04b09fd4470ac48d1e75e6e74ffe33ee681b27e8ce46c7f3271a551151f3c2bb0057cc33

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
fdfce3a95d8f55c008f4b8a4b0562920

SHA1
756bcbb9cc5934630c3e1a01d052167e2a549aae

SHA256
f141de66cda7fba8cfecec97d897abedef27211c9883b4c48bd9e99f26f1f809

SHA512
cba2f65737c986b9a17ee9fe62efbf0f00ca9a1d76d7f7d2c39732904230aa4aad674a857383589367c9a6faa4cb8785d3b9d73bbf1c0e566fa3b3ea9c04ab0c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
63a61cc89e6622cbdf8976ab9d01c837

SHA1
b3f541d7f0a5e190c537f62eb1e7a1d74ce59adc

SHA256
30dd9b117e3cb03c189fee433f00f7d552a13319ef99e8ed77e89be7e4640201

SHA512
a0bbe6b72a951d07477c5fcb57a5dc681df4715d0b12ab566c3a94ca77084de7e38f6e5ce447b984b1f5fae4f29575a5c465fe8b5ecf91da3697f885f98a5451

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
7da4bdeb648b173779daa1c3384f9855

SHA1
e5196f13732fbee44132fa79ba54855690340788

SHA256
9fcb1206ee8e5d31cc017b5448475038d2136e1b8bf350c3c85f41c85a6e910d

SHA512
be624952277079dad30abad2f339a7f17363dbeb664247a697b90eacb2f8597ac72d3556120c214e191bb6b1b8c812efceb9b9678c766f77dabc9a94ac512e25

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
f0a7685ed82e852680c5aab0d24977f3

SHA1
1a7c0db95c5c096f684963db1a83d82deba34f2c

SHA256
7a3c30cd7e03654102073e0f300602042129812a3b35edce1f98be5ab3afb14b

SHA512
91ff45935f6888034b79871e7e3a36204155f8f6b9890799f3088375ed70f0ad678e0952b151ed45e3b244d693d3af2e864ab693441003bbf8b2a31a5aaffd69

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
089ac25738876ef144b9474dcc438129

SHA1
4ccb181329c30eb39233539f675ccb032669a82f

SHA256
12ba6bacdb8c9424d398edc7d9c476ea5fc7249bc85860ec2d28260fe12da912

SHA512
924510c243d930cfcd944ee0ab5b00b0fb622aff84e6550fa69cc656c058b3280daa284133bd49a5759a5192178e64d31bd93e2f17f79576da43043c5f7b11a1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
704B

MD5
9d3663be51f88abee14ada22d2cde739

SHA1
2669d6f510711260043b423d9de93ce38a46d1a6

SHA256
dccad2c35562ad9f2a98ac4ecbeb3f08c6e8dd94b837a46675fc24d70c84a074

SHA512
6cc0a6121eed21b1a364e8505d3e3a782dd8ce524278dd52540fe9cee197bd0c451665a7bb1f5c4011799e0d277979d0a5f33c23806c8cde047cd79506b3e655

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
b245af85f91ed8c98fa6a3a89451cf98

SHA1
18bcc681e12b7af1c294a644b4153563d47e2c99

SHA256
f42be06bdec375ecb7e719b93d899992cf6718aafad60fa5435f1294da765067

SHA512
b8159f2f7f24152d56c94871499c61033f1064702dcc7590d408735472029feca4fc77cc0f78b6e43e276abbebe228b6cb91b63bdb0672e95add8450d9b770b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
33efc051085d01de6235ea5df5141b86

SHA1
e9a6828ff2936f23a07efe0b94df2e976a843349

SHA256
56df8e32ba4d7988f9760cc2657569cab68f255b84f4feaa7054bbf6a0849d91

SHA512
930f9d97acc09b400e121f8d5c75db6f9ef1f4c49ec37484ac96c83c36f00ba00ad98fe86f1b6d84cebb3dc6918704460b238a509b48e28e8f0b9509bf557a3d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
028b0111a85ea20b1d681d80b9a5029e

SHA1
6f683ccd79be256620cffd86bb039bdcd0c2644a

SHA256
49efb524de4b161141459d951dd4777b9337062b02203e6fc3d04e2778425b3c

SHA512
3a9925e51a1336f4770cdedf77eb6ceb39b771260a4f48537c82a45e646d62a9479bcfdba25fba6e03a9e5241e873808531e6b548d0c6a42ab4094dbc368b53e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
5KB

MD5
a4c8da9d6affb904a4cb8e342a696a13

SHA1
068d1b4069aca215c2416280a92a212e98aada58

SHA256
594b4c1143a55217ee83ad43d62301dfa414a19a84f2192edc276676853c600a

SHA512
fa80684a285462801db84f1b1d4de748e14670d438f59b323ca41a2b2bdf3580d9bb1e1308db1b9177e40dec5eb64abfb97d7bc7ea45c49cdad86e798925c3b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
95KB

MD5
02b03038c64351ea93ca30822383e11d

SHA1
8e41061c3f8459c4f8802ccd199cb6a64a2a4e99

SHA256
c6e4da38e62e93be9c06ccc5c06ffbbbeae334d92cd26b6bab282528dfe4f0ed

SHA512
be5d0661898bf8410d2734905cb49cf8ad4f6b38cfe495c0adcb230ab89e9f4fedd662539a15e1a7a9d981e5257ad8ebb4d1dcbc0db253c201f272dfdcf16e14

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe596344.TMP

Filesize
94KB

MD5
a3a8d46c3cac16261e482605644ddca8

SHA1
348d3def28a8b4c05001b8c3088fad5d0a37cad3

SHA256
9d060f2ce8e8ed1805de32581505ea33c6161722d2198d79b4c7b319ef5b01ad

SHA512
effded16a392d085fc0eb4b945f50320b37da8638349af497ddc5959a4cedc1cbe70ece3d33d2d6fb5a1edc718bce2e49b8752413a902d2bcb23b13785035c34

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit