Analysis

  • max time kernel
    149s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02-02-2024 23:28

General

  • Target

    https://2n8w.app.link/?~channel=Email&~feature=ConfirmationEmail--BenerailETicket&~campaign=WebToApp&~tags=locale=nl_NL&~tags=version=1&~tags=marketing_code=BSH3675&$android_url=https://play.google.com/store/apps/details?id=com.thetrainline&hl=nl-NL&$android_deepview=false&$android_passive_deepview=false&$ios_url=https://itunes.apple.com/NL/app/thetrainline/id334235181&$ios_deepview=false&$ios_passive_deepview=false&$fallback_url=alfatahtours%E3%80%82com/.mandem/uaryfait/Y2Jyb2NrQGxvY2t0b24uY29t#%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E&e=5359720045&elqTrackId=khclwagxdtnavykgzffy&elq=7##char20##&elqaid=208402&elqat=1&elqcst=272&elqcsid=1506365

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc414b9758,0x7ffc414b9768,0x7ffc414b9778
    1⤵
      PID:3968
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://2n8w.app.link/?~channel=Email&~feature=ConfirmationEmail--BenerailETicket&~campaign=WebToApp&~tags=locale=nl_NL&~tags=version=1&~tags=marketing_code=BSH3675&$android_url=https://play.google.com/store/apps/details?id=com.thetrainline&hl=nl-NL&$android_deepview=false&$android_passive_deepview=false&$ios_url=https://itunes.apple.com/NL/app/thetrainline/id334235181&$ios_deepview=false&$ios_passive_deepview=false&$fallback_url=alfatahtours%E3%80%82com/.mandem/uaryfait/Y2Jyb2NrQGxvY2t0b24uY29t#%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E%3CFONT%20id=%7Buaryfait%7D%3E%3CSTRONG%3Euaryfait%3C/STRONG%3E%3C/FONT%3E&e=5359720045&elqTrackId=khclwagxdtnavykgzffy&elq=7##char20##&elqaid=208402&elqat=1&elqcst=272&elqcsid=1506365
      1⤵
      • Enumerates system info in registry
      • Modifies data under HKEY_USERS
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of WriteProcessMemory
      PID:4960
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2220 --field-trial-handle=1868,i,1153712056838278055,10978596898632485572,131072 /prefetch:8
        2⤵
          PID:3312
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1868,i,1153712056838278055,10978596898632485572,131072 /prefetch:8
          2⤵
            PID:628
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2984 --field-trial-handle=1868,i,1153712056838278055,10978596898632485572,131072 /prefetch:1
            2⤵
              PID:4324
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2968 --field-trial-handle=1868,i,1153712056838278055,10978596898632485572,131072 /prefetch:1
              2⤵
                PID:4656
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1664 --field-trial-handle=1868,i,1153712056838278055,10978596898632485572,131072 /prefetch:2
                2⤵
                  PID:5116
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4664 --field-trial-handle=1868,i,1153712056838278055,10978596898632485572,131072 /prefetch:1
                  2⤵
                    PID:3116
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4880 --field-trial-handle=1868,i,1153712056838278055,10978596898632485572,131072 /prefetch:1
                    2⤵
                      PID:4708
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3312 --field-trial-handle=1868,i,1153712056838278055,10978596898632485572,131072 /prefetch:8
                      2⤵
                        PID:4440
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5184 --field-trial-handle=1868,i,1153712056838278055,10978596898632485572,131072 /prefetch:8
                        2⤵
                          PID:3380
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5232 --field-trial-handle=1868,i,1153712056838278055,10978596898632485572,131072 /prefetch:8
                          2⤵
                            PID:2124
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5332 --field-trial-handle=1868,i,1153712056838278055,10978596898632485572,131072 /prefetch:8
                            2⤵
                              PID:400
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2468 --field-trial-handle=1868,i,1153712056838278055,10978596898632485572,131072 /prefetch:1
                              2⤵
                                PID:2880
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5492 --field-trial-handle=1868,i,1153712056838278055,10978596898632485572,131072 /prefetch:8
                                2⤵
                                  PID:2768
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3948 --field-trial-handle=1868,i,1153712056838278055,10978596898632485572,131072 /prefetch:2
                                  2⤵
                                  • Suspicious behavior: EnumeratesProcesses
                                  PID:3584
                              • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
                                "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
                                1⤵
                                  PID:4172

                                Network

                                MITRE ATT&CK Enterprise v15

                                Replay Monitor

                                Loading Replay Monitor...

                                Downloads

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                  Filesize

                                  216B

                                  MD5

                                  6973770f0fefc858af327ea64458eace

                                  SHA1

                                  f0f79e424a24a9152f7f8d24b3ec49ad5653bf81

                                  SHA256

                                  58e40b8d9b588047b065246d479fc90dba87cf9ddf5b60e94d7efe2063e79d6a

                                  SHA512

                                  7edd3c3bd09dd84025c98a07187d956db3b5d584972822ad935f8f338a80e9361865b1cce1f5105c1c5cee2378c47c60aaaf8b19a1df1bb9a13c7540c394c681

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                  Filesize

                                  1KB

                                  MD5

                                  97229076ddcd77788ca95a519368e83c

                                  SHA1

                                  88b74c5a3bce2ae0dd1bf4bded628d38a49b6521

                                  SHA256

                                  24029f4e71b5f8c62f733d08d8a833606ea5684ced79dc83417e1bee0d1a7c43

                                  SHA512

                                  4a2d35876c7175078f1c75f74f523b2167690e8f91cc6d5537ad7b193b3ffc2d748c50aae9e4dcde404c2dc69086b57e213198068e8eb860fec5a7e566a78331

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                  Filesize

                                  538B

                                  MD5

                                  619745817ef2e7219ac02f70e22c31c5

                                  SHA1

                                  939c5b345867938d35ee337efabeda73ad2fa78a

                                  SHA256

                                  23068a42b9a8173ddc2f4ca8b4f7c5fc1c619e11ed6c2bfb5f741908820512d1

                                  SHA512

                                  3db7e75267fcbed73b2aeede50a00ab290598c62fe7619c3161ee9aa02f5efe014bff3981cdc2fda0cd1b6cbe2ef1042d589433c1240ea0431958b64c5f8be40

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                  Filesize

                                  1KB

                                  MD5

                                  eaee6ab474a3461423936ed49c872d3a

                                  SHA1

                                  9f52b141234472c333067e82d86f20893c905f1f

                                  SHA256

                                  8a7e00a02f97f02e1b006995a1a2308d1715ee07939a6300f549229d17ddbf9c

                                  SHA512

                                  203d24df64ed30b7fa8464688fee47e70108b981a419bf667bf511cdf1f2fbb92fd1135e075aa6628a5b3806af50773bc8dad7694fb90859b7ec8809319e1493

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  7KB

                                  MD5

                                  f66ef7f937d3ee6d5c290826fb0af83f

                                  SHA1

                                  0dcfc76e98567c0956de134cfb63d1a9a5a425b7

                                  SHA256

                                  88a7ec17b3245f399275221680a44a3cbfba51fde96bd9aca40fb35e8e93cdd2

                                  SHA512

                                  5f636d12c2e6d7a05cdf4e8aeb8f1e6e295ad9c7fefaa0beb1a1225d2068430fe8668cd074ce97f0ebed4f054dfe9e431a6e4d4e6a3227c27444b88e6a52df7c

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  6KB

                                  MD5

                                  b43cbd151d384407e31bb6606c473715

                                  SHA1

                                  27bad3fa5b669aa3610ea6df795720193a2349a5

                                  SHA256

                                  f810f5755bb8bc4bdd63e345c7e9d28c13ad6d0731335c430f5ca0b73e1d34ff

                                  SHA512

                                  ed9c47a00f64dc98611444a945e95e10976960ae0160dd6bd44f31baed2f163a7e2090db3bc2047ce5c4f76043fe5a055ab85c261889d6f44dae2c59ee04a759

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                  Filesize

                                  135KB

                                  MD5

                                  91b5d3cf91cfc3a25115192da4e44727

                                  SHA1

                                  2d00a104245e17a28fb5fb2e1c30ca7551558840

                                  SHA256

                                  9b19c9dbc810e9ee56b368e77990d15e90569d2d9f5b5cbc7939dbbd7c62435a

                                  SHA512

                                  51c0da537263c1e8fdadc931c2e9447358b55e182adbec5695a880150e242b59798b841b7a3586bce7cd97d9d80b16c0d4d5d4de357a760ede58e7cde7f0c420

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                  Filesize

                                  115KB

                                  MD5

                                  b8fb91e69b3cd5e774dd99483b8ccfa8

                                  SHA1

                                  e16d3dbd4d3e0d71f48ab3555966d05d2400e95c

                                  SHA256

                                  4926a00c6d2985e87e7ae16cccba8e59ecc534862c1d6e92ed58b3bbcdd1c602

                                  SHA512

                                  95ee874b40fd669c5ab0b0aaef71e9a7be6cecd9cc1dec921fa624117fc0e48de61968b5ed0def30a02ed146894fe51783a59eea3ba0fd051d8b13eabf087d37

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                  Filesize

                                  115KB

                                  MD5

                                  7fafb18053adb7a0347b46392fe566af

                                  SHA1

                                  b2f65ec14df0f7ff92705c6f762a8f2784f26297

                                  SHA256

                                  bea7f13747874a43e31b8c7b6e192a69c34aa8221f0c865d9633ab0cd9dcd14a

                                  SHA512

                                  3d6bfe75f75e03c95dc94887a25f4c66b57e98b89585623ae6c87f635abb4ca6c188c3438a294ee0e1e1733ddabc1c26c048d2ab9404a0e649291db867621027

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                  Filesize

                                  116KB

                                  MD5

                                  c1086ec805639f5163f17cae0e301ea1

                                  SHA1

                                  f4222947c5c27cfc959ac5e978198d39b2975ebc

                                  SHA256

                                  51f6677b49d2c651bb53199c0ae7b78e4d19666a2c59650aab865b35d987ba25

                                  SHA512

                                  fa240d0ad9c9c63de02c137b7d0c13d45a7775def7f321e877bb77f5c3e944e64ada11ea98d0865c90b56844acca019fb1c19baf13afb6bc580d55f8be11b604

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

                                  Filesize

                                  2B

                                  MD5

                                  99914b932bd37a50b983c5e7c90ae93b

                                  SHA1

                                  bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                  SHA256

                                  44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                  SHA512

                                  27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd