hxxps://dev[.]azure[.]com/wpp-edg-nucleus/

Analysis

max time kernel
150s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
27/01/2024, 03:28

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://dev.azure.com/wpp-edg-nucleus/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133507997409705471"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
1240	chrome.exe
1240	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe
Token: SeShutdownPrivilege	3880	chrome.exe
Token: SeCreatePagefilePrivilege	3880	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe
3880	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3880 wrote to memory of 4352	3880	chrome.exe	84
PID 3880 wrote to memory of 4352	3880	chrome.exe	84
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 3276	3880	chrome.exe	88
PID 3880 wrote to memory of 4892	3880	chrome.exe	90
PID 3880 wrote to memory of 4892	3880	chrome.exe	90
PID 3880 wrote to memory of 864	3880	chrome.exe	89
PID 3880 wrote to memory of 864	3880	chrome.exe	89
PID 3880 wrote to memory of 864	3880	chrome.exe	89
PID 3880 wrote to memory of 864	3880	chrome.exe	89
PID 3880 wrote to memory of 864	3880	chrome.exe	89
PID 3880 wrote to memory of 864	3880	chrome.exe	89
PID 3880 wrote to memory of 864	3880	chrome.exe	89
PID 3880 wrote to memory of 864	3880	chrome.exe	89
PID 3880 wrote to memory of 864	3880	chrome.exe	89
PID 3880 wrote to memory of 864	3880	chrome.exe	89
PID 3880 wrote to memory of 864	3880	chrome.exe	89
PID 3880 wrote to memory of 864	3880	chrome.exe	89
PID 3880 wrote to memory of 864	3880	chrome.exe	89
PID 3880 wrote to memory of 864	3880	chrome.exe	89
PID 3880 wrote to memory of 864	3880	chrome.exe	89
PID 3880 wrote to memory of 864	3880	chrome.exe	89
PID 3880 wrote to memory of 864	3880	chrome.exe	89
PID 3880 wrote to memory of 864	3880	chrome.exe	89
PID 3880 wrote to memory of 864	3880	chrome.exe	89
PID 3880 wrote to memory of 864	3880	chrome.exe	89
PID 3880 wrote to memory of 864	3880	chrome.exe	89
PID 3880 wrote to memory of 864	3880	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://dev.azure.com/wpp-edg-nucleus/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd98349758,0x7ffd98349768,0x7ffd98349778
  2⤵
  PID:4352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1672 --field-trial-handle=1656,i,9997602029077212160,16273752901550779501,131072 /prefetch:2
  2⤵
  PID:3276
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2232 --field-trial-handle=1656,i,9997602029077212160,16273752901550779501,131072 /prefetch:8
  2⤵
  PID:864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=1656,i,9997602029077212160,16273752901550779501,131072 /prefetch:8
  2⤵
  PID:4892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3164 --field-trial-handle=1656,i,9997602029077212160,16273752901550779501,131072 /prefetch:1
  2⤵
  PID:1988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3156 --field-trial-handle=1656,i,9997602029077212160,16273752901550779501,131072 /prefetch:1
  2⤵
  PID:908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4564 --field-trial-handle=1656,i,9997602029077212160,16273752901550779501,131072 /prefetch:1
  2⤵
  PID:2016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3380 --field-trial-handle=1656,i,9997602029077212160,16273752901550779501,131072 /prefetch:1
  2⤵
  PID:912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4904 --field-trial-handle=1656,i,9997602029077212160,16273752901550779501,131072 /prefetch:8
  2⤵
  PID:4688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5028 --field-trial-handle=1656,i,9997602029077212160,16273752901550779501,131072 /prefetch:8
  2⤵
  PID:1952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5020 --field-trial-handle=1656,i,9997602029077212160,16273752901550779501,131072 /prefetch:8
  2⤵
  PID:3776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5016 --field-trial-handle=1656,i,9997602029077212160,16273752901550779501,131072 /prefetch:8
  2⤵
  PID:1896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5052 --field-trial-handle=1656,i,9997602029077212160,16273752901550779501,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1240

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1500

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
240B

MD5
ab413065ef401a5553ca39394b29a2f7

SHA1
d25a13963d64738c017c44014325a24ea757c63c

SHA256
cec5e3888a000923ac8b18cb643a28230a490c47e1af6885c1b5e49b1ea57803

SHA512
d3dee5974cdb2c1b102c0bc78b42c56e08d386eab1fbe638a13d69a45361923f922a835913d8ed3909ed350b74a81178c5378ca1dfa57e9f9ab202e501d48e80

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
ef4ed2ea7a1cfb6b6e45e3f25d628e46

SHA1
2a71f7f85861ae184c406f28c5976e38e53d280c

SHA256
34d22da345b061134b997cb0783f5070cd8971706bc10aa7d0c451acbbdab216

SHA512
b931d1bd7e7523b2f187dc281a613cd162536aa4179be693d0a56f658f5e4a279064d10e90d4215686651a6cfea2a9fcc30d8ce66b38a825c5c957e45b3449fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
3c01a96c3c5cd0e6fa523dca5e6543eb

SHA1
08182acc7d73c56da406ec249c4d06f036150d77

SHA256
479e8ed231e3aca07750a0a0a8dd9087efce7d01cb2b76639be0d8d4dfbdd594

SHA512
207128b9276a70c416c91fdba0966a0e7568ffa381edde25d702da5920146ae43472e3132bb607b4f89031bff6fdd43c658cebc93044a66807e10c96cb35093d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
77d43abd73554e632a15381e37c221d9

SHA1
9a1b76788bc90d008ade9835dece5a88db51ff56

SHA256
f028097de413a41d6383561cf8ade630e8e3940864ab15684ba780701176d974

SHA512
acd43708fe86b7493776793be5175e3ba806f9857c4cf06071eb123435892a152b7f1700e7d0fb4e1515e1c99f563fd10a49468ab85a07fd257892eb0712b72f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ca347594a11c3f2a8c7155309ad3e257

SHA1
46c6c0eed74665d4966077d335d3d7ef15f1acc6

SHA256
cbe2262aee923d2a87ab8445631aac933cd4d01485feea3ebd41ab6a6c43c2c1

SHA512
315aa1b9fea3bbac347253fab4c47698557e6f6d433793e900af520a76f476e2a0484838b456429274de8e731c685f3c7ddb08aefa1fbe68f065b6e56504e0f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
115KB

MD5
8ad0cb667a7b647727239ebb7bda12c5

SHA1
26908bfcbc73575276e2742d38c941b8952b6bfc

SHA256
f2f9662aa23b7a048db278f66e75117e753e3475fc93b7f2ef2564ffc3733cef

SHA512
08aa91ace9a99c8cf91fe2a03e19d0ff84133ec85abd25c97b9251ed2d721ebf96a4716c8f8f3bf19055c2160f3c30b114e9bd7f2f59eb0cf36cd9ccc5c0d5f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
115KB

MD5
5ae356cf5cb2470da75cb229a6545a3a

SHA1
4e4fcb54712965f14aa1c2e104288bf427b1848a

SHA256
76c04bdceb903b21b70e7f78260ba3e227c979c63a0ff04f99216e84eefd663d

SHA512
b0fe54167728239a9e5efd1872fd18520fd10f09c09de3b1e0bc15c767426d3027fe49b1afadb7b1635d1de6707e6c19b88d701cce82174d1185db5cf09f1233

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
135KB

MD5
35ce3dbaf77d592373bcdd5da25fc47f

SHA1
a78a7755ecfc1e175ebdb872e2921654bbb3560e

SHA256
576418a87fb6abc18b5b599d112a6de9a98522259c49b0ba780d834a4d488d13

SHA512
61a08c49339e898300791aa88ee5735954e992e56065ca6e5f9bfa6a3018219aa726e5a3e0ccf0be241228fa60feb1e5038d060c34f3bce850fe82cde449a8ac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
bce8fb298017b8968ee134b8c33b33f2

SHA1
1cbbb985540ce29d047b68098369dcd93b13395d

SHA256
d8a76e7879201e0c007554acbb8287bc4289f384feb1b6b4471cf4a7cfa1f9a0

SHA512
ced167fbf9573da7fc82bca6992fa9c5f291e0088263605028a59cbeadd65327a02bf0054e7d395a4d7fde0cea9465c3031bd5acc6129f1056a3be01a82f9e39

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit