hxxps://stats[.]sender[.]net/link_click/NssHPgqwkq_LMXim/6c2e336604abee32f8d27926f4ed689e#YWx2aW4uZXN0ZW1iZXJAaW5zaWdodC5jb20=

Resubmissions

23/01/2024, 08:48

240123-kqkq3aheg4 8

23/01/2024, 08:45

240123-kn67aahef5 8

23/01/2024, 08:08

240123-j1xypsgffl 8

Analysis

max time kernel
299s
max time network
295s
platform
windows10-1703_x64
resource
win10-20231215-en
resource tags

arch:x64arch:x86image:win10-20231215-enlocale:en-usos:windows10-1703-x64system
submitted
23/01/2024, 08:08

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://stats.sender.net/link_click/NssHPgqwkq_LMXim/6c2e336604abee32f8d27926f4ed689e#YWx2aW4uZXN0ZW1iZXJAaW5zaWdodC5jb20=

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133504709674675048"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2708	chrome.exe
2708	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe
Token: SeShutdownPrivilege	2972	chrome.exe
Token: SeCreatePagefilePrivilege	2972	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2972 wrote to memory of 4644	2972	chrome.exe	65
PID 2972 wrote to memory of 4644	2972	chrome.exe	65
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 2344	2972	chrome.exe	75
PID 2972 wrote to memory of 1664	2972	chrome.exe	77
PID 2972 wrote to memory of 1664	2972	chrome.exe	77
PID 2972 wrote to memory of 3300	2972	chrome.exe	76
PID 2972 wrote to memory of 3300	2972	chrome.exe	76
PID 2972 wrote to memory of 3300	2972	chrome.exe	76
PID 2972 wrote to memory of 3300	2972	chrome.exe	76
PID 2972 wrote to memory of 3300	2972	chrome.exe	76
PID 2972 wrote to memory of 3300	2972	chrome.exe	76
PID 2972 wrote to memory of 3300	2972	chrome.exe	76
PID 2972 wrote to memory of 3300	2972	chrome.exe	76
PID 2972 wrote to memory of 3300	2972	chrome.exe	76
PID 2972 wrote to memory of 3300	2972	chrome.exe	76
PID 2972 wrote to memory of 3300	2972	chrome.exe	76
PID 2972 wrote to memory of 3300	2972	chrome.exe	76
PID 2972 wrote to memory of 3300	2972	chrome.exe	76
PID 2972 wrote to memory of 3300	2972	chrome.exe	76
PID 2972 wrote to memory of 3300	2972	chrome.exe	76
PID 2972 wrote to memory of 3300	2972	chrome.exe	76
PID 2972 wrote to memory of 3300	2972	chrome.exe	76
PID 2972 wrote to memory of 3300	2972	chrome.exe	76
PID 2972 wrote to memory of 3300	2972	chrome.exe	76
PID 2972 wrote to memory of 3300	2972	chrome.exe	76
PID 2972 wrote to memory of 3300	2972	chrome.exe	76
PID 2972 wrote to memory of 3300	2972	chrome.exe	76

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://stats.sender.net/link_click/NssHPgqwkq_LMXim/6c2e336604abee32f8d27926f4ed689e#YWx2aW4uZXN0ZW1iZXJAaW5zaWdodC5jb20=
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffaf6a39758,0x7ffaf6a39768,0x7ffaf6a39778
  2⤵
  PID:4644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1540 --field-trial-handle=1708,i,17820476621071148576,16145576112362773159,131072 /prefetch:2
  2⤵
  PID:2344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2088 --field-trial-handle=1708,i,17820476621071148576,16145576112362773159,131072 /prefetch:8
  2⤵
  PID:3300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2024 --field-trial-handle=1708,i,17820476621071148576,16145576112362773159,131072 /prefetch:8
  2⤵
  PID:1664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3096 --field-trial-handle=1708,i,17820476621071148576,16145576112362773159,131072 /prefetch:1
  2⤵
  PID:4976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2972 --field-trial-handle=1708,i,17820476621071148576,16145576112362773159,131072 /prefetch:1
  2⤵
  PID:4868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3752 --field-trial-handle=1708,i,17820476621071148576,16145576112362773159,131072 /prefetch:1
  2⤵
  PID:408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4968 --field-trial-handle=1708,i,17820476621071148576,16145576112362773159,131072 /prefetch:8
  2⤵
  PID:4420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5032 --field-trial-handle=1708,i,17820476621071148576,16145576112362773159,131072 /prefetch:8
  2⤵
  PID:5108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5056 --field-trial-handle=1708,i,17820476621071148576,16145576112362773159,131072 /prefetch:8
  2⤵
  PID:4896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5048 --field-trial-handle=1708,i,17820476621071148576,16145576112362773159,131072 /prefetch:8
  2⤵
  PID:3268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2392 --field-trial-handle=1708,i,17820476621071148576,16145576112362773159,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2708

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:5028

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
01661ce4b4924abb77c5052fc12e6972

SHA1
e5fc0a4f15e7c723de61384163d83404524e8f4d

SHA256
3f981c2ecd13656c51e80dfef87b2320e6aeadc69b8faa9f7fbed867952f4d74

SHA512
fcf482b84b4267367eb74bb55728c8a6f542653fe4f2afb4ce3d274a3e6c508b95b17844ed95965950449f54b8182b5853da347f4eb055ffee3069529bcb4c9e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
54f095f30483854434c07c777ab22f51

SHA1
4ba3264747750cd0934524ff9f835e91ebcc5a47

SHA256
b5a2f8fe515372694a0ae04c57936abea04f85bdbc7a68e25694195c24526473

SHA512
5eb5a1e1b61619223ee733b8fbe6c5d937682d2428e9bed1846dc510070196157c1144a12366f3f2101f2917cc3761518a2d0981e590e1d7153de3029eecf1ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
e9d9ca7743897c1402f895a01462ab59

SHA1
506d53c12ef50c642c04b8a16701888c6a2bf162

SHA256
9329ac91c79f6b0393735426abeea2be9da27a6047048ad24d2895d0f6c4f85a

SHA512
3dc9e1f623109c2f2ada6b32bfca97027c28f588e5f4e1144d2d3407c057fc9fabaf1268c301a120b9922d6ad4cc458a8e8580dc8b9e49ccdca4318cfb144cfb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
95c9defc25a70851498e08d58026a813

SHA1
562f3619b99168e8d8d8f37995b61e16dbed46c1

SHA256
83046b9c523c62e68fbab3b8950bfbbff09b28a44072c6dfd208e8aee3d0f2fa

SHA512
d2d04cbd863470863e67c652b3ddfd7600c4ba5fbd837defbf423cf94f1ba91dc98d6d09bcbf3f1cdcc053a1e349b317b0c488790cef9dcc1fb8a98403a4a5ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
de266e706a6ffc0bb502de96b6eb653b

SHA1
3f0f1fb9080021001f71a6ff77215fe74e180e0e

SHA256
3a79ea2699a3c1746583507cff9cde03ab9bc96ca61bcae9f11e7434320afb7c

SHA512
0b207c8c2c3ae284092300e9d5401056b04e9229047352e0bcefd58cf1563e4f69bbd512e3d21f53553cbcbc9abf4586f38275bb4a85066db89d4ef2cbcc66d6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
210cd76ef36690a558f4c03eb6b0f3ff

SHA1
60f058f1d58f2ab5742dc722623d47c695c136da

SHA256
e2fcae1f6467eb2ba105ef38f2fe55962f739060d3a4296eb9e435d5e1edb9fa

SHA512
9f53eaba148836521b7e0f66530cea7bd7fe7ceddf19bdeb82620dc8d8812867cb4aeb7bcc15b18fc135aafaff22319af571385e97c7bc6d4e6913e0780339e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
115KB

MD5
79653d2129470ec7da064d0730fafddb

SHA1
0985708ae6c8b6f3fe90e2a0efeaa716a9769cb3

SHA256
2e51889e6e379bc08749e92ffa8bf04367c533909b7bf4f93f402bc4f58a78ac

SHA512
f79af030728d8bd74e14fc3b28737c28de4c52278de82d080300a63903d8280601948a6c70e41b0a5f134d7c78b64266d5fcb552c70310090b8728a1123e0a57

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
48d6e6d56bb54bd7995afd83d6901fb0

SHA1
38a3fb2fc31b5bc29b0961ba0e05882109af4e9a

SHA256
eb927ce83101d41a9efd9334b998fb3077f100e2f5a26438f7f06815c58cb9e8

SHA512
67b8d7f8d61573f1e268ad7bbbfb33ded4f50cc51035d4e40cf968bc69fe24c3726070e794bb3309cfe10eb7f4cc34d36010fc7085624d92de3f2b3cf6f344eb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
115KB

MD5
42d0b1348b9c8a8bf9af943b2d0c986f

SHA1
8687c94a447a8147ba8af2a9564ec8bbaafb4562

SHA256
b785838a902b6afb5e155a285936a758ce1330ce48ecfbd8ae6a7a0e5078dab4

SHA512
a26764628425807b4858f9d96ea97f7afea9b6cccefcabf0a12fc61b869d726d164ff4d93e4daab73f04dd009eb458602e33e6e3b29fcc857be5489b427b0277

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit