hxxps://cdn[.]discordapp[.]com/attachments/1176287511065145394/1200871149119213798/main[.]exe?ex=65c7c169&is=65b54c69&hm=4a98079b3f113b5e22e4dd0d553095122589ef0f50985cea6e303cfc540784da&

Analysis

max time kernel
1800s
max time network
1685s
platform
windows10-1703_x64
resource
win10-20231215-en
resource tags

arch:x64arch:x86image:win10-20231215-enlocale:en-usos:windows10-1703-x64system
submitted
27/01/2024, 18:39

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://cdn.discordapp.com/attachments/1176287511065145394/1200871149119213798/main.exe?ex=65c7c169&is=65b54c69&hm=4a98079b3f113b5e22e4dd0d553095122589ef0f50985cea6e303cfc540784da&

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133508547346243394"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
740	chrome.exe
740	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
3452	chrome.exe
3452	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe
Token: SeShutdownPrivilege	3452	chrome.exe
Token: SeCreatePagefilePrivilege	3452	chrome.exe

Suspicious use of FindShellTrayWindow 37 IoCs

pid	Process
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe
3452	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3452 wrote to memory of 4008	3452	chrome.exe	73
PID 3452 wrote to memory of 4008	3452	chrome.exe	73
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 2384	3452	chrome.exe	77
PID 3452 wrote to memory of 1680	3452	chrome.exe	75
PID 3452 wrote to memory of 1680	3452	chrome.exe	75
PID 3452 wrote to memory of 2328	3452	chrome.exe	76
PID 3452 wrote to memory of 2328	3452	chrome.exe	76
PID 3452 wrote to memory of 2328	3452	chrome.exe	76
PID 3452 wrote to memory of 2328	3452	chrome.exe	76
PID 3452 wrote to memory of 2328	3452	chrome.exe	76
PID 3452 wrote to memory of 2328	3452	chrome.exe	76
PID 3452 wrote to memory of 2328	3452	chrome.exe	76
PID 3452 wrote to memory of 2328	3452	chrome.exe	76
PID 3452 wrote to memory of 2328	3452	chrome.exe	76
PID 3452 wrote to memory of 2328	3452	chrome.exe	76
PID 3452 wrote to memory of 2328	3452	chrome.exe	76
PID 3452 wrote to memory of 2328	3452	chrome.exe	76
PID 3452 wrote to memory of 2328	3452	chrome.exe	76
PID 3452 wrote to memory of 2328	3452	chrome.exe	76
PID 3452 wrote to memory of 2328	3452	chrome.exe	76
PID 3452 wrote to memory of 2328	3452	chrome.exe	76
PID 3452 wrote to memory of 2328	3452	chrome.exe	76
PID 3452 wrote to memory of 2328	3452	chrome.exe	76
PID 3452 wrote to memory of 2328	3452	chrome.exe	76
PID 3452 wrote to memory of 2328	3452	chrome.exe	76
PID 3452 wrote to memory of 2328	3452	chrome.exe	76
PID 3452 wrote to memory of 2328	3452	chrome.exe	76

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://cdn.discordapp.com/attachments/1176287511065145394/1200871149119213798/main.exe?ex=65c7c169&is=65b54c69&hm=4a98079b3f113b5e22e4dd0d553095122589ef0f50985cea6e303cfc540784da&
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7fff2b839758,0x7fff2b839768,0x7fff2b839778
  2⤵
  PID:4008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1796 --field-trial-handle=1924,i,14420985003087025825,9933200737874527595,131072 /prefetch:8
  2⤵
  PID:1680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2096 --field-trial-handle=1924,i,14420985003087025825,9933200737874527595,131072 /prefetch:8
  2⤵
  PID:2328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1536 --field-trial-handle=1924,i,14420985003087025825,9933200737874527595,131072 /prefetch:2
  2⤵
  PID:2384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2896 --field-trial-handle=1924,i,14420985003087025825,9933200737874527595,131072 /prefetch:1
  2⤵
  PID:640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2884 --field-trial-handle=1924,i,14420985003087025825,9933200737874527595,131072 /prefetch:1
  2⤵
  PID:4980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5092 --field-trial-handle=1924,i,14420985003087025825,9933200737874527595,131072 /prefetch:8
  2⤵
  PID:4652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5368 --field-trial-handle=1924,i,14420985003087025825,9933200737874527595,131072 /prefetch:8
  2⤵
  PID:3184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5548 --field-trial-handle=1924,i,14420985003087025825,9933200737874527595,131072 /prefetch:8
  2⤵
  PID:1320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5300 --field-trial-handle=1924,i,14420985003087025825,9933200737874527595,131072 /prefetch:8
  2⤵
  PID:1668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5304 --field-trial-handle=1924,i,14420985003087025825,9933200737874527595,131072 /prefetch:8
  2⤵
  PID:2996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5280 --field-trial-handle=1924,i,14420985003087025825,9933200737874527595,131072 /prefetch:8
  2⤵
  PID:2680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2592 --field-trial-handle=1924,i,14420985003087025825,9933200737874527595,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:740

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2820

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
824B

MD5
b4fddce520aff95f03f65addc4ffa75a

SHA1
da6e325adee391404e3af8737201c29a35bce0a3

SHA256
f9825379936d3133bc860ce75a1dd132d93b331722f468c60decbd2a24e4f560

SHA512
5fd644eea06c7c572a5b9c83698a26d33276c5bb4a3b3791b06c3cea698844a34e262af9d96a43970b93ec01aa72a8c9dc2bdf218bbf2b1565d12b03d0e9a6b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
a69d21ec4a8f88f00c183acb9a57e519

SHA1
d43e3e9658dc500d4d895fe8def35fb9a30be10b

SHA256
12a0d51e537064f6afc042d26d1336c24d003996a93358249189ce8f4abc4039

SHA512
36ac6eccaec05f3dec325c9f5ec862bdcbd632f2bb5a81b9c98b47f4224d09c2a9bf841174d160022bfdc296813929edf587d71da71bba0ef59dddaffe947483

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
86c86d3d4aa32b220ff42dac580e953d

SHA1
343c1351c96ef6f8d0124ce8093e1c8c1bbe0aa8

SHA256
f771ce2251a01222302faccf32551e459d372ac682e9feea2e9aa14975c0102f

SHA512
d9586f898ae3b441e70c71ecf2e33d694d772d68af910ca98b3021f442942668b750788053f5b7280bf8f68d6435a1c0d39223834eb3b0c9ce698374deaa28ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
35aaba85e999e8724b407371c04ad7b3

SHA1
20399c0a61e13045280168852e58a6a737a78ae7

SHA256
203d9d72f01a0e9ff729a1352adce415fea1f2f228164d68850e4a908b1335be

SHA512
38fff8d831f6195c1c0a123104a5c56a8135abe72c2dabfc4d1d71033ae1b0374a85fec1830f301ccfd072e4285b85f377dbbfed4a4e4845fc0eef6187a53f6b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
b85bb3082d4b3bc9dc928548a036935f

SHA1
0d8426dcd0012abda65b09cb4d19bdfb13e0baa7

SHA256
f5747990f012d059a712e3ad5248219f79ad314f5f541c8c17097ae753b4c0c3

SHA512
6a7f64d6bfb2c2177996caba0bee2e53d932e1c873ac2c332acbf4aa921eda867a8d5de67b68e2ced112eef0214f1205dbb76c0590c6948b30c84aa34c100467

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
c6b6f2d74cf7bd43d292f27ba44b6655

SHA1
5e5f70492b398fc22e513816c2e80d3dc9998f9a

SHA256
27696436dd03d4aff218befcd842ddb910f2331a9988d20d4ddc5ea9e0b4f3fc

SHA512
a68bdc2d6f80b552386c63c5c0d0b7326e328e4e0c0d28a8f8e3c3cbd9256a707a58f8c2f1ce618f4f8b5aaf0c7a3d27b519d2bf147ff648f96990cfc484f8e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
115KB

MD5
559697101d4eebdb14abed8125c40073

SHA1
589f4ea2f58564bec5e04ef57b5379e2e6f4c43c

SHA256
0cb79600037e8d3f3b83882b6545011b7ba5ff00a2c8b80699a55b201e92474b

SHA512
1fa9284ade5587833fd8c23a796b0bbf47e8b151264d674ef8a25e455ad0087403b1aa145bfdcacf0e3cc8781b3e5e1f926ac10c2d238f262c20e08c01ab80c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
115KB

MD5
128ac38d27eed07ffe98e27b6f69b7d5

SHA1
94b9756ca50eee2c2108f554e441e6085ad95061

SHA256
8c4e4d20536e3e88c0e84d43f1ee6a5e386b7e8da34150b678885e7785ff01cc

SHA512
c2ffa4d62bd6bd5281886bfec6b5e40fd3a92766ec47b0d65398f789c2468412ce97ad52cc6180570a94358de5bbe90681a602614d573fdd9b825df21e501cd3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
135KB

MD5
b82d525a49806919469b7f03e3e566a7

SHA1
e8f26499a1e44397fa1b1f4cf141abd280a35f26

SHA256
a0d4ed61d6d8a872fa95d9199c583d9f171f5539814ace1bc5a0750602b899bd

SHA512
e228bd1c2140a4fc81c8caa14162ac98b0c9ec26cd36d41eb5625dec474beb23053b010209112dbcb7ed113489269a1825df23bd86003515d8893e91322b70af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit