hxxp://www[.]bettervantagepoint[.]com/

Analysis

max time kernel
123s
max time network
78s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
10/01/2024, 17:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://www.bettervantagepoint.com/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133493823440175873"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4380	chrome.exe
4380	chrome.exe
3004	chrome.exe
3004	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe
Token: SeShutdownPrivilege	4380	chrome.exe
Token: SeCreatePagefilePrivilege	4380	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe
4380	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4380 wrote to memory of 1884	4380	chrome.exe	34
PID 4380 wrote to memory of 1884	4380	chrome.exe	34
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 3936	4380	chrome.exe	91
PID 4380 wrote to memory of 2948	4380	chrome.exe	92
PID 4380 wrote to memory of 2948	4380	chrome.exe	92
PID 4380 wrote to memory of 5076	4380	chrome.exe	94
PID 4380 wrote to memory of 5076	4380	chrome.exe	94
PID 4380 wrote to memory of 5076	4380	chrome.exe	94
PID 4380 wrote to memory of 5076	4380	chrome.exe	94
PID 4380 wrote to memory of 5076	4380	chrome.exe	94
PID 4380 wrote to memory of 5076	4380	chrome.exe	94
PID 4380 wrote to memory of 5076	4380	chrome.exe	94
PID 4380 wrote to memory of 5076	4380	chrome.exe	94
PID 4380 wrote to memory of 5076	4380	chrome.exe	94
PID 4380 wrote to memory of 5076	4380	chrome.exe	94
PID 4380 wrote to memory of 5076	4380	chrome.exe	94
PID 4380 wrote to memory of 5076	4380	chrome.exe	94
PID 4380 wrote to memory of 5076	4380	chrome.exe	94
PID 4380 wrote to memory of 5076	4380	chrome.exe	94
PID 4380 wrote to memory of 5076	4380	chrome.exe	94
PID 4380 wrote to memory of 5076	4380	chrome.exe	94
PID 4380 wrote to memory of 5076	4380	chrome.exe	94
PID 4380 wrote to memory of 5076	4380	chrome.exe	94
PID 4380 wrote to memory of 5076	4380	chrome.exe	94
PID 4380 wrote to memory of 5076	4380	chrome.exe	94
PID 4380 wrote to memory of 5076	4380	chrome.exe	94
PID 4380 wrote to memory of 5076	4380	chrome.exe	94

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://www.bettervantagepoint.com/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb23a79758,0x7ffb23a79768,0x7ffb23a79778
  2⤵
  PID:1884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1796 --field-trial-handle=1872,i,6679639083073427757,15537184376893608145,131072 /prefetch:2
  2⤵
  PID:3936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2028 --field-trial-handle=1872,i,6679639083073427757,15537184376893608145,131072 /prefetch:8
  2⤵
  PID:2948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2928 --field-trial-handle=1872,i,6679639083073427757,15537184376893608145,131072 /prefetch:1
  2⤵
  PID:2276
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2196 --field-trial-handle=1872,i,6679639083073427757,15537184376893608145,131072 /prefetch:8
  2⤵
  PID:5076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2936 --field-trial-handle=1872,i,6679639083073427757,15537184376893608145,131072 /prefetch:1
  2⤵
  PID:1400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=5044 --field-trial-handle=1872,i,6679639083073427757,15537184376893608145,131072 /prefetch:1
  2⤵
  PID:4612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4588 --field-trial-handle=1872,i,6679639083073427757,15537184376893608145,131072 /prefetch:1
  2⤵
  PID:4024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5496 --field-trial-handle=1872,i,6679639083073427757,15537184376893608145,131072 /prefetch:8
  2⤵
  PID:844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4604 --field-trial-handle=1872,i,6679639083073427757,15537184376893608145,131072 /prefetch:8
  2⤵
  PID:4512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5292 --field-trial-handle=1872,i,6679639083073427757,15537184376893608145,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3004

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1500

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

Filesize
201KB

MD5
e3038f6bc551682771347013cf7e4e4f

SHA1
f4593aba87d0a96d6f91f0e59464d7d4c74ed77e

SHA256
6a55e169bc14e97dfcd7352b9bc4b834da37dd1e561282d8f2cc1dbf9964d29a

SHA512
4bee876cea29ad19e6c41d57b3b7228f05f33f422e007dc1a8288fd1a207deb882c2789422e255a76c5bf21544f475689e7192b9a8a80dc2e87c94ee0bc6d75f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
6aee8ed57d7fa857b15d7d95e84ea65e

SHA1
476705b6e1e4cd80ff46e078fa389bf42b33a9d6

SHA256
eb19ab471a6e6f1140bb20b4912513a7a566b5d5627072d27caa62b8deb68877

SHA512
e3971031f1e399dfdca742a4d277140e82cc9fef28ebbe7f4ac973c76a70d307bacc2257b3bf0bd8064d18fab9093a17ef1a858b1f557f63032ee88e7eeb6ac7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
574ca28c606ba1be413f3c27203c0096

SHA1
19b6772d1e2acbbc1af1e8413073543ead23be76

SHA256
6f21552982a14eef5700fbb31d9113c863ae6ccf967884913d80f014ca2a34c2

SHA512
f2e9a475d549dcb0a4d22517102313e1536c0cce1a857ada827de76dc88ce465a7f8173b330470f0f533897a23b472c7fe1f0415cd6a00cfe488a1980d0462fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
3aad8136519b957e3351e34200e785e5

SHA1
a2f32d734af99ee1f58860501a16bf6c8f27e93d

SHA256
1dc1b31883d8edb2ea257be4f0964a6e5e1f081d8ee0d44d8c828050d9b62cb0

SHA512
752eb01a54ec39046ab7034025265e98427c1743806d8813989b5ae9e28f60cbb95087dd1ccc993dde3ee31ed0362aded69d137e921d734aecd28f5dd992b3a0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
75e97f921ba5227b48338142fa9b0b3b

SHA1
81e93b59af799b3a11921e6c8537c6b37c5acd79

SHA256
8a78b81e83dbe517e32da8196f5b055a6123f339a71b01498fb0129801589d0c

SHA512
c835e4033cc6484291320c0033fd83961bafeb0c4a276e0b6c1ceeed30c84b66ecb40cc1af54bb8ba686b48cd7244b628b69aeb4b7151faafe9669c05c00b879

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
f6bf42c1ac2d8f25e0fe276132ac3fa4

SHA1
09eaa543ebd73ec83ab75107c3a911c76e829fda

SHA256
b5fa0a0563a849ae772223da22619e9793e2129a03b7d26dddb4207aa3d8af9b

SHA512
6a734f764d17b2b31e8c5f410338bf02790c7786ad7dcf5f9224476e062823c1cb4736d353f1d0e4eee7e23da38ce8f0f1d2e4200147a1714b4a03ce3bd291b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
6803f122f09ef3116d4106b384b667ea

SHA1
5e7d5a1c3afadf427c79b8f66483301b47897029

SHA256
3212f06f9b3f099e417c6e0ed2ba68c61c56490ae9408224cf8b6391149b68ec

SHA512
67960e436f66c6cf00eaf4d28b79e21977a1ebfeed4eff745e860fd391b9c6905ed4ac8878c2ebe7b57ce4e4e256dc6296ba2df7b5b260f964417661a86ad652

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
0fa7a46fa55fc9a2f92b6486c53e1f59

SHA1
02f5bd4c444d68f609a22135b01c4bf61ac6b2fc

SHA256
8ddc5f1774211eaf9826ba5452c9980ddb179e897afa896fc900a30e167fea86

SHA512
7e152513d7707d142b1ea17490f9ecf8af553c6d6226ba247bd138c1a06ee6e46d1233c880761dc0b18da3cae9b8addaba70fe60fe406d707d9fb712696edf91

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
538B

MD5
1c84d38d55e735992a9121cecf8ff3cc

SHA1
6b0413e2326b0f7190a2e5535b76812b15002a60

SHA256
543a390eeb3b3976c213be392d482bf5fc8b894a4f96476ad49148b0146d27ad

SHA512
fbf55b1bbbdbb9df75163c6731cfa30c9db725e0ce7d29c09c06ac592b434fa00af7c3118c4d5025d9819e011ef1815a133f740b96f0af1d52e92e2272760e9a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
52ce2c0b022abf7c988d1f5a8b37ab11

SHA1
38a88b08d3e6a11d6d9b72e39ebb31295e90af38

SHA256
a7fce9aa750c217e7a4bbb60a05ab0e7e99a75da483342b31d19060d6588707c

SHA512
0591aed2f190267e27ad301f186e8b42c979b22b6b86837a0fb7a7f168c612ee5421ec18d6df1dd890a3231a7d045a2484fdb35bc02eeb5aadad0192d875ef65

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
81de7a2ea675181b55e9b7d878a7f0a2

SHA1
42e3959e8764cd54381cb3ac4eaae88aa40baea8

SHA256
dec83d084348d4c7711e26919c85886735fe36b9fc705867a3d8149722866c7c

SHA512
08fbce25ac959f6a1b7c6684ff44a866182a810d6eda5c2fc4d4200bf7b1536e7f19f9968cf10339e9516c2bd138e9a195105226b39964b49acced2ec12e6241

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit