hxxps://parentztalk[.]com

Analysis

max time kernel
149s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
26/01/2024, 05:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://parentztalk.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133507213303800135"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
488	chrome.exe
488	chrome.exe
1432	chrome.exe
1432	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
488	chrome.exe
488	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 488 wrote to memory of 2636	488	chrome.exe	47
PID 488 wrote to memory of 2636	488	chrome.exe	47
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3840	488	chrome.exe	90
PID 488 wrote to memory of 3076	488	chrome.exe	91
PID 488 wrote to memory of 3076	488	chrome.exe	91
PID 488 wrote to memory of 4488	488	chrome.exe	92
PID 488 wrote to memory of 4488	488	chrome.exe	92
PID 488 wrote to memory of 4488	488	chrome.exe	92
PID 488 wrote to memory of 4488	488	chrome.exe	92
PID 488 wrote to memory of 4488	488	chrome.exe	92
PID 488 wrote to memory of 4488	488	chrome.exe	92
PID 488 wrote to memory of 4488	488	chrome.exe	92
PID 488 wrote to memory of 4488	488	chrome.exe	92
PID 488 wrote to memory of 4488	488	chrome.exe	92
PID 488 wrote to memory of 4488	488	chrome.exe	92
PID 488 wrote to memory of 4488	488	chrome.exe	92
PID 488 wrote to memory of 4488	488	chrome.exe	92
PID 488 wrote to memory of 4488	488	chrome.exe	92
PID 488 wrote to memory of 4488	488	chrome.exe	92
PID 488 wrote to memory of 4488	488	chrome.exe	92
PID 488 wrote to memory of 4488	488	chrome.exe	92
PID 488 wrote to memory of 4488	488	chrome.exe	92
PID 488 wrote to memory of 4488	488	chrome.exe	92
PID 488 wrote to memory of 4488	488	chrome.exe	92
PID 488 wrote to memory of 4488	488	chrome.exe	92
PID 488 wrote to memory of 4488	488	chrome.exe	92
PID 488 wrote to memory of 4488	488	chrome.exe	92

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://parentztalk.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff7aee9758,0x7fff7aee9768,0x7fff7aee9778
  2⤵
  PID:2636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1628 --field-trial-handle=1616,i,7429435651521668943,11105399895541535314,131072 /prefetch:2
  2⤵
  PID:3840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2024 --field-trial-handle=1616,i,7429435651521668943,11105399895541535314,131072 /prefetch:8
  2⤵
  PID:3076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2212 --field-trial-handle=1616,i,7429435651521668943,11105399895541535314,131072 /prefetch:8
  2⤵
  PID:4488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2932 --field-trial-handle=1616,i,7429435651521668943,11105399895541535314,131072 /prefetch:1
  2⤵
  PID:3460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2940 --field-trial-handle=1616,i,7429435651521668943,11105399895541535314,131072 /prefetch:1
  2⤵
  PID:2996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4792 --field-trial-handle=1616,i,7429435651521668943,11105399895541535314,131072 /prefetch:8
  2⤵
  PID:3792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5088 --field-trial-handle=1616,i,7429435651521668943,11105399895541535314,131072 /prefetch:8
  2⤵
  PID:1328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2280 --field-trial-handle=1616,i,7429435651521668943,11105399895541535314,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1432

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4572

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
20KB

MD5
6a07a681df3db382ec12f4bff0598451

SHA1
e94faad6673eec93f107199a0038d430123683af

SHA256
7a80993c2e2c9e8e86b24ce5b37c4a2700c1586a609949e0b55f7a3cb17f719a

SHA512
bfad29c678c936618da22a6b8a0a49c1431c5d1d8db5b2e1dce78c8ad28b0a13dff47129fee8e496d17aeb40c01cc4d28b233100d9d2eec69ec2006b60ff0446

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
21KB

MD5
3ae1df92828369f382914ffc3eabc1b1

SHA1
72611c6b3accb9625041d1c48406e419fe95b8ad

SHA256
54be9c7059ccf0ce479183d017cdb7c63fa01d342dccfbf32d5824440a2de93b

SHA512
39b35aa420a356b5922eece069f120e76032a54070c8bdbef57b638ec327e24a59c40cae3c232f53df64bee95528f13d642f829fdbe6828b6065f2c65a3e8489

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
51KB

MD5
8a95cd004f56262dd617e46fa1b376cc

SHA1
e4801cdc4248a23d5b1c63feca87c2356d6e2c58

SHA256
9b5f2727dd16c1a8c7269e0dce79f3367594ec5cc10ef07add4bd2f36a7f8a53

SHA512
3df591e7d155180e837d7442f3a107b89763fb370cdf2aa2754588142d52c312fa732ef78a0f4a1bfcf41ae45b9e1e134e98ef7204cfbd17c0d8df14ab94423b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
28KB

MD5
c6e1773fc73c85d6d600f126617b1cd3

SHA1
af1bdf0cdb33be62eba0706807d862672aa8df6e

SHA256
0c1ed8dd4e960abb35318336db6da7d28922feebfade01a2051c808b8744108b

SHA512
04abf1a715eeef046e0601acba1ecd93f6377798ac5c6ae2570f6a4cdc0147b7e43a503a78dab518883b6c90f32c5863ab0fb7812618cea35249406c30ece4e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a

Filesize
55KB

MD5
03a3be47987542113771800ad0d7c2fb

SHA1
b230b0c0b977ea28bb223a60b5ede78529827762

SHA256
6427179f8d00a0964ee4074ec7ac62ebd6cf4768169c2ae34448d4f035b978e5

SHA512
3bf1df2f910b6fc62bebbd3e6477af1ddf0b5ad539d73b57f51f617cd437a7dfe8abd0bf60b7d01a83908f0b8a29a7d917a6da4f33adee32d5f71aa581ccced5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b

Filesize
84KB

MD5
e6c615552991ae16cf6ce7e2dc7c4217

SHA1
5414ee31f6d6f927cbd6b29046e69498623d33c5

SHA256
76b9373aca67c937298fecf7c2edabdf1cf071b3ca7d3334bcf77bc02c5cb7ac

SHA512
1070fb6c65236f1f845f04009c868f2cd44a3695c8c405248f5c79122aa989d9d44d1f2abd6388e82fe2d277bcaa07288120dd584613afbf87ea8127d2fb0197

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d

Filesize
135KB

MD5
6bd9d0a970f8af81fa46363e628b06f4

SHA1
f22a45882e2ef21ab5f4d38da2016c87fc86f002

SHA256
51d65157ec558011b13d28c51e3e6a053a44f69f3ad4172214c1df3aee9ddc91

SHA512
3c3ddae2f50dcfbea2b604b894a205f41030ba7e46d15824a89db3494f9ac897b6fecea664af5b045522df4308bf2e094e52157246ed78f380937223a70599b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
768B

MD5
030698cb7e2d1c70c02e6e0e8cdc30a7

SHA1
f709a7a3f77b4157a55f70a8cbb7bd54f26fe3b5

SHA256
6a5d7d80d65095fe983934f7c0db95e929406b0384d1f394912831e914f895de

SHA512
3a945fa0e5014a08d4f3bbbed854bdd909a322235d2c8a64c041cfd24485b226da43d561389260df693382edd5ac895bebc77fc97f56a8436a3ddaf2b43bd2f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
561173c8b9ab0740de61d6a810b39877

SHA1
d13276720a0f95a423481f71d32596506faa91e5

SHA256
d9981880cf65232d22c63e4f552a994ff1dc6a95be017f41253229ca818a38a4

SHA512
ded18e25a62c12d0db16b8cc2b8157e9742dc102aa6c75e2955d30b63231ad237598ba8ecac304c06b2f0b5ed9e5cfb08c25fe8b2791703ffbe82006e4875942

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
c7b2ef741af475a9a1a499d2e67e6005

SHA1
d1be7624b6e1555e1364ceaad9ab4d1fdeb6a558

SHA256
25b06811159b909eaaa3ee5244204781578ab3dd97e44efec24a4b615e23793a

SHA512
adbd1c125d81f1cee397df0b1227130232d6d6a0015f1614fc6b34b7cd45d643b3e9c7d9a99cf6d8cc73c077cb310fe94e8932d1ce974b99d28f1a90976977ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
3010b5fed27e64a36ba3a827b117bea8

SHA1
4b5459fbf13043fe7c7c14da8440ced377845119

SHA256
946a98a8dd6375daa8ef92b7c0960baea86d80085cc2fe9f996389df6285daa1

SHA512
822c09a69cf4a8d473df3f0222d2b7554220e07a1d2d612e8da3a5429a3e934c57f637b4eb43b0486be635b5ef7df700b231173b41969a5d6e1b5239f3b265e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
e6450beb395cc62b4f9bfc4d4d377a2d

SHA1
d8f24e282042545b469d76e9fb0864e467a37657

SHA256
218f6aa77afa6fe3afb4c2edaca0a2f255bedbecdcc9c297d71340a13865ab8f

SHA512
4e6f8ea860e74316ddd9003972c0127084263520cf0d3927d5b27f2516a1289a49d4b93105388e050e11d24afadd40e8280f65e4472ff69c1f3d3ef36b011171

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ebd8947177f829af9b573b1b9d6780ed

SHA1
03759cf6d0d2a74a30df9441e1a4b3e0befb52b4

SHA256
1c443d6ea5c5b31bd4b3a904d959acbd93dd6d9a88c1f481cc50713f38ffa74b

SHA512
e2b0fa62a12a1ae5a56c61104b93313362bac1c18d7fc6fe9500c7129ceb98a8fb180a0d55c6fab00bcc6a4d05fa4d16c7e671a0922c448e7e2a5a79894d85e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
6cd835928f656106a404daa4c2492087

SHA1
3db3b060b9fbc09cc76f6fd4b243c4ef4e43d6aa

SHA256
c23be7d91424289a765eadc09587496124cdf14cac4bda6c32a9ecd9fa9d2f16

SHA512
2d25ed91eb68785883c8fda32cfc343cdc68fb98ad1dae5ffacb79c120f99702c38e05c6e84e4806a77cc87c1cd463f1a4f28d65fb772a287d88f0f954a443bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
6cd07c7feee0a2c3b65e62e7e813a78e

SHA1
1141204f30c4426e4324b020ada792eca25bcbf5

SHA256
1e6b5d8f6d47b8245e17caa204b0d2f01963d3bc436d69c634a063c22162c8ec

SHA512
6c94c009827af7d29cbc428cb46f01f0ed89503b7d536018f3bf77bad4457807cb28b63dec750d82bed5e8cb7caf837244d1198bbd45e6f3ace857406ad3df2e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit