hxxp://ec2-44-230-127-50[.]us-west-2[.]compute[.]amazonaws[.]com/P2PffTsS3aNQRg5j6zPrlyR6X7GwAHJ7Wt2ccc1uzn8ZlyvqTE8dPeIuGqVK8cbC-fxnaL1EyRi7KzZujhwLXt9PV1AWIK6YHaE7CxcTCvsPc2fhoz2s_In6f8vaKWcflTZOgHjoDPUF4vrq8P11x40zPF-00T40iUIenDWC7fMajgmlqgl9icBA_81FqAOcNQj-VWShc4vxawjRGZZgwhf26bOp1lvlBu26uo2KtAvZJZ

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
18-01-2024 04:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://ec2-44-230-127-50.us-west-2.compute.amazonaws.com/P2PffTsS3aNQRg5j6zPrlyR6X7GwAHJ7Wt2ccc1uzn8ZlyvqTE8dPeIuGqVK8cbC-fxnaL1EyRi7KzZujhwLXt9PV1AWIK6YHaE7CxcTCvsPc2fhoz2s_In6f8vaKWcflTZOgHjoDPUF4vrq8P11x40zPF-00T40iUIenDWC7fMajgmlqgl9icBA_81FqAOcNQj-VWShc4vxawjRGZZgwhf26bOp1lvlBu26uo2KtAvZJZ

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133500242621708266"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
880	chrome.exe
880	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
1160	chrome.exe
1160	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe
Token: SeShutdownPrivilege	1160	chrome.exe
Token: SeCreatePagefilePrivilege	1160	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe
1160	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1160 wrote to memory of 4808	1160	chrome.exe	39
PID 1160 wrote to memory of 4808	1160	chrome.exe	39
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1244	1160	chrome.exe	91
PID 1160 wrote to memory of 1516	1160	chrome.exe	90
PID 1160 wrote to memory of 1516	1160	chrome.exe	90
PID 1160 wrote to memory of 836	1160	chrome.exe	92
PID 1160 wrote to memory of 836	1160	chrome.exe	92
PID 1160 wrote to memory of 836	1160	chrome.exe	92
PID 1160 wrote to memory of 836	1160	chrome.exe	92
PID 1160 wrote to memory of 836	1160	chrome.exe	92
PID 1160 wrote to memory of 836	1160	chrome.exe	92
PID 1160 wrote to memory of 836	1160	chrome.exe	92
PID 1160 wrote to memory of 836	1160	chrome.exe	92
PID 1160 wrote to memory of 836	1160	chrome.exe	92
PID 1160 wrote to memory of 836	1160	chrome.exe	92
PID 1160 wrote to memory of 836	1160	chrome.exe	92
PID 1160 wrote to memory of 836	1160	chrome.exe	92
PID 1160 wrote to memory of 836	1160	chrome.exe	92
PID 1160 wrote to memory of 836	1160	chrome.exe	92
PID 1160 wrote to memory of 836	1160	chrome.exe	92
PID 1160 wrote to memory of 836	1160	chrome.exe	92
PID 1160 wrote to memory of 836	1160	chrome.exe	92
PID 1160 wrote to memory of 836	1160	chrome.exe	92
PID 1160 wrote to memory of 836	1160	chrome.exe	92
PID 1160 wrote to memory of 836	1160	chrome.exe	92
PID 1160 wrote to memory of 836	1160	chrome.exe	92
PID 1160 wrote to memory of 836	1160	chrome.exe	92

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://ec2-44-230-127-50.us-west-2.compute.amazonaws.com/P2PffTsS3aNQRg5j6zPrlyR6X7GwAHJ7Wt2ccc1uzn8ZlyvqTE8dPeIuGqVK8cbC-fxnaL1EyRi7KzZujhwLXt9PV1AWIK6YHaE7CxcTCvsPc2fhoz2s_In6f8vaKWcflTZOgHjoDPUF4vrq8P11x40zPF-00T40iUIenDWC7fMajgmlqgl9icBA_81FqAOcNQj-VWShc4vxawjRGZZgwhf26bOp1lvlBu26uo2KtAvZJZ
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffffbc49758,0x7ffffbc49768,0x7ffffbc49778
  2⤵
  PID:4808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1888,i,11160186385572823520,16943569937739631979,131072 /prefetch:8
  2⤵
  PID:1516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1656 --field-trial-handle=1888,i,11160186385572823520,16943569937739631979,131072 /prefetch:2
  2⤵
  PID:1244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2208 --field-trial-handle=1888,i,11160186385572823520,16943569937739631979,131072 /prefetch:8
  2⤵
  PID:836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2964 --field-trial-handle=1888,i,11160186385572823520,16943569937739631979,131072 /prefetch:1
  2⤵
  PID:2968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2956 --field-trial-handle=1888,i,11160186385572823520,16943569937739631979,131072 /prefetch:1
  2⤵
  PID:4100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4848 --field-trial-handle=1888,i,11160186385572823520,16943569937739631979,131072 /prefetch:8
  2⤵
  PID:3240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4976 --field-trial-handle=1888,i,11160186385572823520,16943569937739631979,131072 /prefetch:8
  2⤵
  PID:2832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5060 --field-trial-handle=1888,i,11160186385572823520,16943569937739631979,131072 /prefetch:8
  2⤵
  PID:3076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4836 --field-trial-handle=1888,i,11160186385572823520,16943569937739631979,131072 /prefetch:8
  2⤵
  PID:3064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4832 --field-trial-handle=1888,i,11160186385572823520,16943569937739631979,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:880

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1656

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
823B

MD5
103ae6a01b25d9d90bd8e111a7970891

SHA1
dac1ad799f4263b3c1a739eb1a09fa65d3e7d07e

SHA256
9be8127319867084300c83d366af702f7f26bacfde7e185b279b7f67697c8d35

SHA512
d3b2d097e329c1629030834bb779bf93f3afa586d804e5552045fd7ed556866879bfa74bf1d4f92e8ba57bace1a67e97020d30d643a6dd30f24b14ba306b3452

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
37a10395bdc8653b1162bd164bff338b

SHA1
07bc169e56f42dd7112d46e42907fbe696cee6cf

SHA256
c54801c5a88c727a9a49ae12731713968fea3bd4bd7cd3ec1143f3de67d68419

SHA512
1110b659f962b36a253fd044c3b6d959f887334331f374c3f6e7dd319265b9af2be876e94fcb8d6bd47248bfcbd9c9ffbf70c70c55e6fc7b20e1bf362849f374

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
115KB

MD5
7b8023b9b8e6413328135aa855d85aab

SHA1
2936e1c50b9707e5e86e7ef17183c0ad16d9c46d

SHA256
03cef28c96d3bbb1d1d9572b9617fe2f452cdce455afcf59ec5d8f92953f797b

SHA512
7f3eb8a9e5dfce8c4458e6389648d615a5b9876f7ba1cebe1cbcb804b0732429b0b2f799dd908602f6d48cfe736a37d9b951b3f80852497c6876a25477c011c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
115KB

MD5
03f82d5fba70b40e8c01b1615392fe2d

SHA1
0f7b8c460690d5123f880a9e0289b2957bb16256

SHA256
86a97e20006325e3088a1d05d26d1fe74f8e841d5984ec5bd566193cf8455702

SHA512
a9f0bdc2c613d08c5d5d7c6546c697107abbc589d440aa235737e9a7e4f27ee1a7dacc25571033807c952e66b1c654b4796e0b716bb4e9b1776f38e9d90e57dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
fb64a1d932c24556db62bca642a3c1fb

SHA1
9d2d96cd579331b51ecfa2e484494716ef3ed944

SHA256
9e3bcc685adf957ff2d1c953dc05092f9c35783ce24ecb2c87f2cff0c7d51faf

SHA512
e096f34fd873139bea1cbddb5ada75644e9710b3cff1044cc51c07f6bfe1e44642ada3f73af79f4c96c6d57cb3786a37b98bb2807d6d66ff61e16e014230106f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
135KB

MD5
17fc177ceff30be3bf52a163c0248282

SHA1
bd785079265ddfc1d1715e94155e93860e52baf0

SHA256
32ecfca258d42cc54f35eafc9a04eab4764146ce9a96b4cdfea7491bdc90e4ff

SHA512
5271d572d99afe4a1826549deaf10df5980cbd4a9cc4511bc45bae50e3d8057784b85d02626c9ba9abcc968aa2900e993449771fdc5b17d5822d461a55ae1eb7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit