hxxp://veracruzenred[.]mx/contraesquina-politica-fernando-martinez-plascencia-amlo-pierde-credibilidad-dia-con-dia/

Analysis

max time kernel
299s
max time network
296s
platform
windows10-2004_x64
resource
win10v2004-20240220-en
resource tags

arch:x64arch:x86image:win10v2004-20240220-enlocale:en-usos:windows10-2004-x64system
submitted
20-02-2024 17:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://veracruzenred.mx/contraesquina-politica-fernando-martinez-plascencia-amlo-pierde-credibilidad-dia-con-dia/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2468	chrome.exe
2468	chrome.exe
1020	chrome.exe
1020	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe
Token: SeShutdownPrivilege	2468	chrome.exe
Token: SeCreatePagefilePrivilege	2468	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe
2468	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2468 wrote to memory of 1284	2468	chrome.exe	31
PID 2468 wrote to memory of 1284	2468	chrome.exe	31
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 1992	2468	chrome.exe	86
PID 2468 wrote to memory of 4276	2468	chrome.exe	87
PID 2468 wrote to memory of 4276	2468	chrome.exe	87
PID 2468 wrote to memory of 1904	2468	chrome.exe	88
PID 2468 wrote to memory of 1904	2468	chrome.exe	88
PID 2468 wrote to memory of 1904	2468	chrome.exe	88
PID 2468 wrote to memory of 1904	2468	chrome.exe	88
PID 2468 wrote to memory of 1904	2468	chrome.exe	88
PID 2468 wrote to memory of 1904	2468	chrome.exe	88
PID 2468 wrote to memory of 1904	2468	chrome.exe	88
PID 2468 wrote to memory of 1904	2468	chrome.exe	88
PID 2468 wrote to memory of 1904	2468	chrome.exe	88
PID 2468 wrote to memory of 1904	2468	chrome.exe	88
PID 2468 wrote to memory of 1904	2468	chrome.exe	88
PID 2468 wrote to memory of 1904	2468	chrome.exe	88
PID 2468 wrote to memory of 1904	2468	chrome.exe	88
PID 2468 wrote to memory of 1904	2468	chrome.exe	88
PID 2468 wrote to memory of 1904	2468	chrome.exe	88
PID 2468 wrote to memory of 1904	2468	chrome.exe	88
PID 2468 wrote to memory of 1904	2468	chrome.exe	88
PID 2468 wrote to memory of 1904	2468	chrome.exe	88
PID 2468 wrote to memory of 1904	2468	chrome.exe	88
PID 2468 wrote to memory of 1904	2468	chrome.exe	88
PID 2468 wrote to memory of 1904	2468	chrome.exe	88
PID 2468 wrote to memory of 1904	2468	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://veracruzenred.mx/contraesquina-politica-fernando-martinez-plascencia-amlo-pierde-credibilidad-dia-con-dia/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xfc,0x10c,0x7ffb343e9758,0x7ffb343e9768,0x7ffb343e9778
  2⤵
  PID:1284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1688 --field-trial-handle=1872,i,1740592483465495399,4993118461489268501,131072 /prefetch:2
  2⤵
  PID:1992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 --field-trial-handle=1872,i,1740592483465495399,4993118461489268501,131072 /prefetch:8
  2⤵
  PID:4276
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2244 --field-trial-handle=1872,i,1740592483465495399,4993118461489268501,131072 /prefetch:8
  2⤵
  PID:1904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3060 --field-trial-handle=1872,i,1740592483465495399,4993118461489268501,131072 /prefetch:1
  2⤵
  PID:1824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3096 --field-trial-handle=1872,i,1740592483465495399,4993118461489268501,131072 /prefetch:1
  2⤵
  PID:1740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3928 --field-trial-handle=1872,i,1740592483465495399,4993118461489268501,131072 /prefetch:8
  2⤵
  PID:1664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5076 --field-trial-handle=1872,i,1740592483465495399,4993118461489268501,131072 /prefetch:8
  2⤵
  PID:3716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4912 --field-trial-handle=1872,i,1740592483465495399,4993118461489268501,131072 /prefetch:1
  2⤵
  PID:2920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3408 --field-trial-handle=1872,i,1740592483465495399,4993118461489268501,131072 /prefetch:1
  2⤵
  PID:4456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=212 --field-trial-handle=1872,i,1740592483465495399,4993118461489268501,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1020

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:856

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
408B

MD5
861c62eaf74fe5389ad5432295c9c947

SHA1
8dac460ff073ae5d478b0405aa8bd4fd83ebc294

SHA256
9c1d0d6b87852ddde9334154d58d9c7f01909e3b64a26b881cfdbdabca123005

SHA512
5d12e04db19f0687c1f453749f1b22e84f647840f066b68b56363db2b6ee6b30777d7d223a22e03747d7abd92f8aba5d988ec7d6a7fee66115b8ff8fb0e4c99d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
c89a282fe31b5680881e02decafe72c2

SHA1
0eb587d4381c2c0a9ad64ac37661c061dc43d47d

SHA256
eccb6f854f805e6a89ddeb8dda527a3bba7df38f2887ba7f94ea22ce3145e990

SHA512
3900fe5695e7ecef0c5fb40781e27ff9754d07645cd428065720e24fe6d8ce78c87a4e4faa1a76bff8c31cee043160c777c01e801dffc37ea51a174541d68d0b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
10a035d60d87b8e8f36639d75b1fd978

SHA1
cc0917d9a35f6ee7d72d096dabea21a78a87822e

SHA256
c38c6a7b1e91edd9f95a8567cf64d93aba13a5b458bb4648ef1a0f305960469c

SHA512
fa7f63c9ba62f1080a652c709acb3510d392c475001d1b8cf8e3dad999102c137a6605e1cf9e680952721c2414c992bd2ef52ce27e2a1a682e57ecd824919561

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
62c5d403a130ad45747061b4e5540e79

SHA1
770ccbc75df15711a7743dda6490843103317a6a

SHA256
5a80d1feb821779627a8ce64374628f2f1c026804940bac0cc00ef9c55257886

SHA512
8feebb69fe4c63b283c1986e4f283af3ce1c6ea6a6e8f6fb9d046b057e9329d5a15b51f0f2a55c9298d5d2bc0ca6e314bc0e194a5864f5b11105ecc59251b600

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ee9aacdc8efb9dfc540ef4041928d03c

SHA1
6149878efb188fe3d9a27df364b9ff2819a3b134

SHA256
72bf5b9ffd7808824d3292ff02cb09abd537f49ccb3a6d1de3714cc6b6aac2ff

SHA512
827e90ff1224667c7a0521f01d133965566741ab6e8067b24300a8dd3728de8cb29e1676e9e22f17a0474e7b5fad3e13810ae3eea87b813021564eb89a5a8cb3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
93455356e788092a7bf96e7ca4f89a07

SHA1
32b9d2797acbdc605ccc113d54180db7178bc054

SHA256
2f6f17ebc7bb2111d09232ae92a754e5e73e8837bd357105239cbde15f7ac206

SHA512
b3c800afae09255feac60214827bc0312cb93723a2427b83df17fa0ef59337e6ed71410d126b6bc7e92bd074bedf32a79d3b051751cd233e779f949bcc50d0ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
31e9f782d712025d7403beaaac12a3c4

SHA1
4a3ccf342500c3a1a62beceae925c8bb3e71ee12

SHA256
bc12cf0b77857e179da4c35f0da76cef3dba9ea398b757513ba69b64b2321517

SHA512
2d011d0276f0cbdcc34240f57477391a9c760c12c1397bf707500af5bc8d1b1695a8069f168b2cb1061a5aa6d421d6781194569c3a5809fcfbae869c8cb0976b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
0e24883bff6dc47625e63965a18ab00c

SHA1
d173f08e18504ac321aa1a20e4c40c97aa50bdc7

SHA256
d1bf9d531871c2960dfbc9f54ad523d71fdeab21179eec4bcd28c08a14c2ae32

SHA512
3892e05a6dea2879e913359ab48d1a3fbd971dad0d11cc8313e9f48d09eadc3528598bb886a3023c5049566b0ef34ec274a14ee3f4c1a1dcf846e0ccbba1867e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
3f5002b786f0dcfa927a07697b069bfa

SHA1
c2dc846673e07d6838a101eb64d1d78341c52fa5

SHA256
adef14350dd00bcf9fcf5ffb1a9f09c5942b12c46cea6d2882ce8cec12a77bf9

SHA512
d7ecf00d3032e075ca82d0c0753f32b47b039acfb514870203060b5a0c8819c355a990cd6ec147163b60a3326fe429992100dbec5915c7124dee136ef47f2107

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
b3af4e5ed9fbf75032e137eb64b8239f

SHA1
931f66e8da6d658393618cdbf35f3d9f6094e0ca

SHA256
0a187b5c9dcd088f1e7d005fb2d78e53cd1d1f211ee43a06103267c567a9b711

SHA512
fd1d864b36de9b88825dad3095af201ee3cca8927e117040848775c60d3e7d274c9d7d5a80e7caf8ff4c50ef43a25351541b2d71c95cd601f8d83a17d1f34d50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit