hxxps://r20[.]rs6[.]net/tn[.]jsp?f=001TaX7jDxmCi2eZvptKt6YZHHfPD5XaY0RqPVKqIWmnudYsT5_GxLrJsqkSliyFqrDLohXKnzLakgaQgR7dA3QOOHnXrLC-WAUxMpXRV4XVhciGwRUSLv7VtjLWKRLO6sHsRDVlTT73fU=&c=gjXYX_Eg_XXCMTg1AHu6JU9s7WKKMqZUv7bdaN7V_BCfqTnxbB0kXw==&c=&ch==&__=/mfytgutmd65fr/c3RlZmFuLmx1Z2VyQGlvbmdyb3VwLmNvbQ==

Analysis

max time kernel
75s
max time network
76s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
17/01/2024, 18:41

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://r20.rs6.net/tn.jsp?f=001TaX7jDxmCi2eZvptKt6YZHHfPD5XaY0RqPVKqIWmnudYsT5_GxLrJsqkSliyFqrDLohXKnzLakgaQgR7dA3QOOHnXrLC-WAUxMpXRV4XVhciGwRUSLv7VtjLWKRLO6sHsRDVlTT73fU=&c=gjXYX_Eg_XXCMTg1AHu6JU9s7WKKMqZUv7bdaN7V_BCfqTnxbB0kXw==&c=&ch==&__=/mfytgutmd65fr/c3RlZmFuLmx1Z2VyQGlvbmdyb3VwLmNvbQ==

Score

6^/10

Malware Config

Signatures

Looks up external IP address via web service 2 IoCs

Uses a legitimate IP lookup service to find the infected system's external IP.

flow	ioc
158	api.ipify.org
159	api.ipify.org

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133499905009810902"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2132	chrome.exe
2132	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2132 wrote to memory of 4836	2132	chrome.exe	68
PID 2132 wrote to memory of 4836	2132	chrome.exe	68
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 208	2132	chrome.exe	92
PID 2132 wrote to memory of 1664	2132	chrome.exe	90
PID 2132 wrote to memory of 1664	2132	chrome.exe	90
PID 2132 wrote to memory of 5060	2132	chrome.exe	91
PID 2132 wrote to memory of 5060	2132	chrome.exe	91
PID 2132 wrote to memory of 5060	2132	chrome.exe	91
PID 2132 wrote to memory of 5060	2132	chrome.exe	91
PID 2132 wrote to memory of 5060	2132	chrome.exe	91
PID 2132 wrote to memory of 5060	2132	chrome.exe	91
PID 2132 wrote to memory of 5060	2132	chrome.exe	91
PID 2132 wrote to memory of 5060	2132	chrome.exe	91
PID 2132 wrote to memory of 5060	2132	chrome.exe	91
PID 2132 wrote to memory of 5060	2132	chrome.exe	91
PID 2132 wrote to memory of 5060	2132	chrome.exe	91
PID 2132 wrote to memory of 5060	2132	chrome.exe	91
PID 2132 wrote to memory of 5060	2132	chrome.exe	91
PID 2132 wrote to memory of 5060	2132	chrome.exe	91
PID 2132 wrote to memory of 5060	2132	chrome.exe	91
PID 2132 wrote to memory of 5060	2132	chrome.exe	91
PID 2132 wrote to memory of 5060	2132	chrome.exe	91
PID 2132 wrote to memory of 5060	2132	chrome.exe	91
PID 2132 wrote to memory of 5060	2132	chrome.exe	91
PID 2132 wrote to memory of 5060	2132	chrome.exe	91
PID 2132 wrote to memory of 5060	2132	chrome.exe	91
PID 2132 wrote to memory of 5060	2132	chrome.exe	91

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://r20.rs6.net/tn.jsp?f=001TaX7jDxmCi2eZvptKt6YZHHfPD5XaY0RqPVKqIWmnudYsT5_GxLrJsqkSliyFqrDLohXKnzLakgaQgR7dA3QOOHnXrLC-WAUxMpXRV4XVhciGwRUSLv7VtjLWKRLO6sHsRDVlTT73fU=&c=gjXYX_Eg_XXCMTg1AHu6JU9s7WKKMqZUv7bdaN7V_BCfqTnxbB0kXw==&c=&ch==&__=/mfytgutmd65fr/c3RlZmFuLmx1Z2VyQGlvbmdyb3VwLmNvbQ==
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa229e9758,0x7ffa229e9768,0x7ffa229e9778
  2⤵
  PID:4836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1892,i,2990404925958686796,8344940131216540254,131072 /prefetch:8
  2⤵
  PID:1664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2192 --field-trial-handle=1892,i,2990404925958686796,8344940131216540254,131072 /prefetch:8
  2⤵
  PID:5060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1772 --field-trial-handle=1892,i,2990404925958686796,8344940131216540254,131072 /prefetch:2
  2⤵
  PID:208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2996 --field-trial-handle=1892,i,2990404925958686796,8344940131216540254,131072 /prefetch:1
  2⤵
  PID:468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2988 --field-trial-handle=1892,i,2990404925958686796,8344940131216540254,131072 /prefetch:1
  2⤵
  PID:5136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4688 --field-trial-handle=1892,i,2990404925958686796,8344940131216540254,131072 /prefetch:1
  2⤵
  PID:5168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4996 --field-trial-handle=1892,i,2990404925958686796,8344940131216540254,131072 /prefetch:1
  2⤵
  PID:1780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3912 --field-trial-handle=1892,i,2990404925958686796,8344940131216540254,131072 /prefetch:1
  2⤵
  PID:4692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5476 --field-trial-handle=1892,i,2990404925958686796,8344940131216540254,131072 /prefetch:8
  2⤵
  PID:1456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5152 --field-trial-handle=1892,i,2990404925958686796,8344940131216540254,131072 /prefetch:8
  2⤵
  PID:1788

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3712

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
e2c2845602f5ce9725e2ccc32baef8e8

SHA1
837441bee5475444cbbd1c46a8b21e9ba12129d2

SHA256
af3102e0d0a786cbd7006f1d780189a2e53bca1c45d4b27e8ade87da2fb53bf2

SHA512
1e9ac08dc0c07bb35f648616a7809bccaa5a91d40000068593914017dd3cf1910e58f7c3b0eb3128e1c6095d8c276923f75c96efa015cdb9280e6423d8637db4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
6dc3e48b601e7bfe268b73716d54cd38

SHA1
66029a9d4f2e7de017d732b0fd08305c62843faf

SHA256
e95e0c395f0536e270bf322c077d40bdf4e85256d47cf771b7f041492d79387e

SHA512
8d069defeb534443082280c2afc50b43d2ad14fade28f50c5ca6801244844c64e75afb7015ca41bf70d2f627664997577838829240844fdddebbbf3eef2544ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
1fbcfc4b241312e258c83be9ce15b708

SHA1
a987df4dcf320cf254ef4b92852830c8c81f63fb

SHA256
b4867551d8a24e60656e9de9341d13fe1c4ca510e019eb35b43bc6a79ede8026

SHA512
a143de1d652a8a72a29c649dffdb0541290e5c43d248911a54a0e8f221268a4171758abdde779bca6076098cda682df9bfa614da8054671dc536c4572389ab29

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\ddb28ee2-982d-47ae-bfba-492df70b12e6.tmp

Filesize
1KB

MD5
6cd567189f358ec4ab266d0df553c9ff

SHA1
a58f6e1328627f14c8be1d1fd0ee6bc073d240c7

SHA256
cf88c7159ed82b1919b9b38cbdc5555f2af1cffb61c4c00f327e2a2f530d517e

SHA512
0f6b2bb2f2564cc26f7c815c96575ff85f32bbf538370e27bf89cb3c6d5d287e2b19bf5f66409899e697e4e4b21613c17a9416848fd81d007b2e44598f41bc6d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
927c63113a7719060067efc5950a2858

SHA1
2f7a4716ffd1378ddc5fd8327b8c54d8b84c1c6e

SHA256
ca0ab5902b25e6c0c0546f8e776d7d0984565b56ecb0c7ead1fa310d6c2226b0

SHA512
0abba512b6b841c5dce35ab5474b24c383ba7a2ca61eaf99df4a5fb55e9f0ec26b3f24897a4f4193fbf5051fb828f4bca391696463f2da93af4959581f5e2bbc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\bafb900a-d78a-4fa5-a517-c187b68d353d.tmp

Filesize
114KB

MD5
546829bee03e05eeecca659116308b20

SHA1
59e862d6215dba00ee43392e76b92d0bcee82226

SHA256
5f77c2f71a58dc7e4d45ec26106ffc4a4d7c37c14a093102958eab11e4bbd629

SHA512
29270d955f329bd642a96e1a309f07eaadb248782c4fa9820c020729c9bbc5a6e5871bff3ca35ac0377f3fa78eb603496bbf3d06367140c4ce1fa4cb05b4fd14

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit