hxxp://edgedl[.]me[.]gvt1[.]com/edgedl/release2/chrome/ac3jvtnqjeymtphmax4jaju64coq_121[.]0[.]6167[.]185/121[.]0[.]6167[.]185_121[.]0[.]6167[.]161_chrome_updater[.]exe

Resubmissions

18/02/2024, 05:51

240218-gj64yafa75 7

18/02/2024, 05:49

240218-gjh24sfa68 1

18/02/2024, 05:45

240218-gf7lasfa35 7

Analysis

max time kernel
149s
max time network
138s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
18/02/2024, 05:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://edgedl.me.gvt1.com/edgedl/release2/chrome/ac3jvtnqjeymtphmax4jaju64coq_121.0.6167.185/121.0.6167.185_121.0.6167.161_chrome_updater.exe

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 2 IoCs

pid	Process
3692	121.0.6167.185_121.0.6167.161_chrome_updater.exe
1400	121.0.6167.185_121.0.6167.161_chrome_updater.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133527087650926284"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3791175113-1062217823-1177695025-1000_Classes\Local Settings	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3096	chrome.exe
3096	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: 33	3692	121.0.6167.185_121.0.6167.161_chrome_updater.exe
Token: SeIncBasePriorityPrivilege	3692	121.0.6167.185_121.0.6167.161_chrome_updater.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe
Token: SeShutdownPrivilege	3096	chrome.exe
Token: SeCreatePagefilePrivilege	3096	chrome.exe

Suspicious use of FindShellTrayWindow 42 IoCs

pid	Process
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe
3096	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3096 wrote to memory of 1848	3096	chrome.exe	34
PID 3096 wrote to memory of 1848	3096	chrome.exe	34
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 1716	3096	chrome.exe	88
PID 3096 wrote to memory of 208	3096	chrome.exe	86
PID 3096 wrote to memory of 208	3096	chrome.exe	86
PID 3096 wrote to memory of 3404	3096	chrome.exe	87
PID 3096 wrote to memory of 3404	3096	chrome.exe	87
PID 3096 wrote to memory of 3404	3096	chrome.exe	87
PID 3096 wrote to memory of 3404	3096	chrome.exe	87
PID 3096 wrote to memory of 3404	3096	chrome.exe	87
PID 3096 wrote to memory of 3404	3096	chrome.exe	87
PID 3096 wrote to memory of 3404	3096	chrome.exe	87
PID 3096 wrote to memory of 3404	3096	chrome.exe	87
PID 3096 wrote to memory of 3404	3096	chrome.exe	87
PID 3096 wrote to memory of 3404	3096	chrome.exe	87
PID 3096 wrote to memory of 3404	3096	chrome.exe	87
PID 3096 wrote to memory of 3404	3096	chrome.exe	87
PID 3096 wrote to memory of 3404	3096	chrome.exe	87
PID 3096 wrote to memory of 3404	3096	chrome.exe	87
PID 3096 wrote to memory of 3404	3096	chrome.exe	87
PID 3096 wrote to memory of 3404	3096	chrome.exe	87
PID 3096 wrote to memory of 3404	3096	chrome.exe	87
PID 3096 wrote to memory of 3404	3096	chrome.exe	87
PID 3096 wrote to memory of 3404	3096	chrome.exe	87
PID 3096 wrote to memory of 3404	3096	chrome.exe	87
PID 3096 wrote to memory of 3404	3096	chrome.exe	87
PID 3096 wrote to memory of 3404	3096	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://edgedl.me.gvt1.com/edgedl/release2/chrome/ac3jvtnqjeymtphmax4jaju64coq_121.0.6167.185/121.0.6167.185_121.0.6167.161_chrome_updater.exe
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa62da9758,0x7ffa62da9768,0x7ffa62da9778
  2⤵
  PID:1848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1984 --field-trial-handle=1988,i,9535104545125508538,734193375034722635,131072 /prefetch:8
  2⤵
  PID:208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2236 --field-trial-handle=1988,i,9535104545125508538,734193375034722635,131072 /prefetch:8
  2⤵
  PID:3404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1700 --field-trial-handle=1988,i,9535104545125508538,734193375034722635,131072 /prefetch:2
  2⤵
  PID:1716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2868 --field-trial-handle=1988,i,9535104545125508538,734193375034722635,131072 /prefetch:1
  2⤵
  PID:2884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2876 --field-trial-handle=1988,i,9535104545125508538,734193375034722635,131072 /prefetch:1
  2⤵
  PID:4800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5068 --field-trial-handle=1988,i,9535104545125508538,734193375034722635,131072 /prefetch:8
  2⤵
  PID:1432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5020 --field-trial-handle=1988,i,9535104545125508538,734193375034722635,131072 /prefetch:8
  2⤵
  PID:1344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5056 --field-trial-handle=1988,i,9535104545125508538,734193375034722635,131072 /prefetch:8
  2⤵
  PID:4620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5320 --field-trial-handle=1988,i,9535104545125508538,734193375034722635,131072 /prefetch:8
  2⤵
  PID:1960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3632 --field-trial-handle=1988,i,9535104545125508538,734193375034722635,131072 /prefetch:8
  2⤵
  PID:1720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5660 --field-trial-handle=1988,i,9535104545125508538,734193375034722635,131072 /prefetch:8
  2⤵
  PID:1756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5672 --field-trial-handle=1988,i,9535104545125508538,734193375034722635,131072 /prefetch:8
  2⤵
  PID:4960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5320 --field-trial-handle=1988,i,9535104545125508538,734193375034722635,131072 /prefetch:8
  2⤵
  PID:2732
- C:\Users\Admin\Downloads\121.0.6167.185_121.0.6167.161_chrome_updater.exe
  "C:\Users\Admin\Downloads\121.0.6167.185_121.0.6167.161_chrome_updater.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious use of AdjustPrivilegeToken
  PID:3692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5112 --field-trial-handle=1988,i,9535104545125508538,734193375034722635,131072 /prefetch:1
  2⤵
  PID:976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5240 --field-trial-handle=1988,i,9535104545125508538,734193375034722635,131072 /prefetch:1
  2⤵
  PID:1228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=972 --field-trial-handle=1988,i,9535104545125508538,734193375034722635,131072 /prefetch:2
  2⤵
  PID:1264

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3500

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:2692

C:\Users\Admin\Downloads\121.0.6167.185_121.0.6167.161_chrome_updater.exe
"C:\Users\Admin\Downloads\121.0.6167.185_121.0.6167.161_chrome_updater.exe"
1⤵
- Executes dropped EXE
PID:1400

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
823B

MD5
4d73da6b663916bd88d2817ec7788fc8

SHA1
f302e9b9939a318b29384683dc977fe38b3d73c1

SHA256
e8750cbdcf53bd54cbac6488c3d37bc706cbbd57a9e874ffa953e75e0fb83f0f

SHA512
514effe16341edb19027688c09815ae021640e4a08785aacb94f5dd74c90a8e05c3600f3159328c806d184aa24f133bf0659ee53f4b27e33807e20f95519e951

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
be6d817fca00c8d2c6515148df37bf80

SHA1
b39b26d6bcff088ec1f606faadc3b8eaa82950b1

SHA256
9c9bf92825264ceeaa9987e2b28fcdd2e780bb4ce383ce8024588c67a55af0f8

SHA512
367ed20d6ae3bd5cb31b8a3ed0094a43a3764c53da73eac0c9d928a37707a3e2758ef8d64c5503f03458dd7205804f7f9ef2928461ce1f44113014ec125a9903

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
466b86d87a267ddfa03d665ff2da7fa1

SHA1
c2623193178792bc395d850214a29b9eda042b73

SHA256
d80ef2f0a1b599fa536ac614efa814e55381d0347a4fd9e86060652fb3bc4618

SHA512
86b4042651d0a33ef61e063de113d3eea73c05fdc8ab0854d2344d2ba30c70bf15909dbd03dcc95f06fa4a933071ecefae59a8c1d8afe33d19e839043f7dcd58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
6c8008afb8229060a221e00e165e2977

SHA1
ca0c36517257371d18be76ef9bf34129b3752d27

SHA256
b33beb65b46fec064602ded3399b095ad56266ff5ff20bbb7e8edcf14c165717

SHA512
c8f93e02d4f39d75e9927640b63f4dec95c1995eece56ffc477bf05bcaf956a4553e85a0ae857facd924accf8fe18f38e54113b5c50d7b6b4f511e77da8f5257

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\Downloads\121.0.6167.185_121.0.6167.161_chrome_updater.exe

Filesize
3.8MB

MD5
e8fe448b31d5791ec6288967ce6a3e8c

SHA1
0f98e1e4630bb9e474351b24cc4f0d3029f1dc26

SHA256
d552bed9f54a154aac8bc1b2592ae7d749bf77fde87b31fd7d3cc7918d835e56

SHA512
71a323cb5ceaa5823fee1cc3f7099c48c6c60b4db291f4eef18a474907360adc744ec93af78e1a66832e5a375650b7d460b7034abfe138dc0a6e474cb09c6b62

Download Submit