hxxp://manizx[.]com

Analysis

max time kernel
109s
max time network
114s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
12-02-2024 17:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://manizx.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133522337070972474"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exe

pid process

4132 chrome.exe
4132 chrome.exe
4132 chrome.exe
4132 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

Processes:

chrome.exe

pid process

4132 chrome.exe
4132 chrome.exe
4132 chrome.exe
4132 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

Processes:

chrome.exe

pid	process
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 4132 wrote to memory of 1352	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 1352	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 3684	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 5068	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 5068	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 4020	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 4020	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 4020	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 4020	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 4020	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 4020	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 4020	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 4020	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 4020	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 4020	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 4020	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 4020	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 4020	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 4020	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 4020	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 4020	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 4020	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 4020	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 4020	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 4020	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 4020	4132	chrome.exe	chrome.exe
PID 4132 wrote to memory of 4020	4132	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://manizx.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4132

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb4f389758,0x7ffb4f389768,0x7ffb4f389778
2⤵
PID:1352

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1856 --field-trial-handle=1072,i,7654669045321347250,7578840970735093686,131072 /prefetch:2
2⤵
PID:3684

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=1072,i,7654669045321347250,7578840970735093686,131072 /prefetch:8
2⤵
PID:5068

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1720 --field-trial-handle=1072,i,7654669045321347250,7578840970735093686,131072 /prefetch:8
2⤵
PID:4020

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2780 --field-trial-handle=1072,i,7654669045321347250,7578840970735093686,131072 /prefetch:1
2⤵
PID:5004

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2772 --field-trial-handle=1072,i,7654669045321347250,7578840970735093686,131072 /prefetch:1
2⤵
PID:4580

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4880 --field-trial-handle=1072,i,7654669045321347250,7578840970735093686,131072 /prefetch:1
2⤵
PID:1736

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3732 --field-trial-handle=1072,i,7654669045321347250,7578840970735093686,131072 /prefetch:1
2⤵
PID:3536

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5384 --field-trial-handle=1072,i,7654669045321347250,7578840970735093686,131072 /prefetch:8
2⤵
PID:2144

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5080 --field-trial-handle=1072,i,7654669045321347250,7578840970735093686,131072 /prefetch:8
2⤵
PID:4524

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4628 --field-trial-handle=1072,i,7654669045321347250,7578840970735093686,131072 /prefetch:8
2⤵
PID:4484

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3064 --field-trial-handle=1072,i,7654669045321347250,7578840970735093686,131072 /prefetch:8
2⤵
PID:4028

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4612

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
194KB

MD5
36104d04a9994182ba78be74c7ac3b0e

SHA1
0c049d44cd22468abb1d0711ec844e68297a7b3d

SHA256
ccde155056cdce86d7e51dfd4e8fb603e8d816224b1257adfcf9503139dd28f1

SHA512
8c115e3e5925fb01efd8dda889f4d5e890f6daaf40b10d5b8e3d9b19e15dadcb9dcf344f40c43f59a1f5428b3ee49e24e492cf0cb6826add1c03d21efdec52ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
624B

MD5
80fceb2c78f94639798602df40f31981

SHA1
9b45e39c595e06284a2d8b5f22857a4b2b8912c9

SHA256
a86598f844f7bef42bf46065b954b90f0ad053a86eff44904606d163c880b463

SHA512
bafd00ae08d162a63b7455151af2900ba3ed10e8cf7d98f89f0deff855304c140699e9f876e968079040d1c32fb43ce0c52751d63f36d2755ce49efc404c830f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
a296f6c8a106923f4aba054d67b1caae

SHA1
486c668952df50cde7366246ee75fcbf10663fcc

SHA256
dfd5fb2dce1d3c0410cec522822f4ed553fddae79949a034b7a8d8b313fa9448

SHA512
eb13672a35237d05eef555660e0efb2de8fdf5c157dfc7bda21654580c8a526bf98ab1b3934318ef0da3fac6e19b78dec724d59ef94b2330ff4c2d07d832e423

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\ef4fe245-2780-4954-bf65-1e468c31472d.tmp

Filesize
4KB

MD5
a5ad376cf3cdafca065227d490e30dd2

SHA1
5739d26d042256754589dae7be032f2c26006953

SHA256
c10e9221cc4e49d54d937382019a0746058b5a39fbfb6873cfaa6e23e4b2c612

SHA512
bfe8e73abc47e918f32d2918d2fce2a180e70ec4c3b8b5d9f80d78d9c30fc1ea522f496a07571b3f6f137045c365184aa8628b71e886e3db313b8b9808af840a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
0c95ac16ad3a377e1e023172178bdf19

SHA1
34c231a69ee12a4eb2bd938de784f9838faf3acb

SHA256
faee8a713b0187127d7eb6951628cd453a53ddb30ae88f4c7a23e5714b1f3235

SHA512
e59b1754cda93a2bafa872597ddd28bef74e01e16d86caac8ed340e7434af1a33e2797cd7e58804e63419cf421b4890b6ac8f9b7363bd631b02d9449f952fb20

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
0a58cf21303c44b9ed3d4b4d8d903fdc

SHA1
9a1c93eac00bd8ed995b6b01505b50ac49e587c5

SHA256
8fb543cd6e8217bef58d898acbe53d2a7bf34a48e60c40a86d39a3a3f0dd2654

SHA512
11c2b8ffed7b6ccc929d58681cd79f64dfcdc899ff2b5ea8fba7738cd680f50de4e966f93e8044f07ee470ad4706638c15f94e676b3a0e02f25d6a3993ad8aca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
a6d8d31d04f542178f2c6e0f1e0c9fa0

SHA1
5bcb7f9aedd33615d660494aa04322136ea2db7d

SHA256
c41e10677497a8403fecb21d3f85ea1ed3fdc58e179cf6c061f9121fd025c702

SHA512
81673635a84b0867d5907b89548150f87dfd286c24a60b337fcdf35249016b53536626b876d7fea8707c47b84995d36fba10e6f34325ea17a2a4d17cf004faca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
115KB

MD5
1f18a26b621289e6d421e5c76740c160

SHA1
af694807ddc7253c8ad5bf49feb0ca2231ff1be1

SHA256
31af1aaaf3bf938574bff3f8331a73cf00757f4bd90dd1c194922d98dfd51017

SHA512
edb8e97ac8c18e21b227d49dd349161a7c51ac40d518acfe10dc3d99ee347bf799fc2b820d8dfdaefd193f20d4a861937cd731bf8a34fda36863e77164b4a31c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
115KB

MD5
d827a82ab1464740b91fc2a72af24e8e

SHA1
8a6a95bc1f238574f46387a0e4a3ca463188ee44

SHA256
991438bc7e6130027d7d68d953b2e46da9092f13d24a956d97482cf217c46180

SHA512
f22eecac34f05fb89711aac0ad294dfa11807447d37fc1699fcc8733869713af9d213f1f22f2f9d5c88526640f589c7260e29440182e1c09336ce66cb29f133f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
135KB

MD5
fe3b1334597cc98d1b842223bbd43040

SHA1
e7c659310214a233d83f815b591b1f609ac0fa6b

SHA256
53b808598cc91b3725650a8bd32fcd4afa35f4d20a5f146a2e14b066f8491fe0

SHA512
3d946c8c11917c1c366060bf33a10dd099897058b8b358c7cc0d94a1215dccad203ee9699df028938bf4a7b56e9e8fc6c2d69786b2f3177ba7ae1383cea39789

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
\??\pipe\crashpad_4132_WGJSJFBVOKFTLIJZ

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit