hxxps://update[.]v5lwd8wd5tmz[.]top/software/operagx/banner/original/index[.]html

Analysis

max time kernel
171s
max time network
171s
platform
windows10-2004_x64
resource
win10v2004-20240221-en
resource tags

arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
submitted
21-02-2024 23:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://update.v5lwd8wd5tmz.top/software/operagx/banner/original/index.html

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
4932	chrome.exe
4932	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
368	chrome.exe
368	chrome.exe
368	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe
Token: SeShutdownPrivilege	368	chrome.exe
Token: SeCreatePagefilePrivilege	368	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe
368	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 368 wrote to memory of 3492	368	chrome.exe	84
PID 368 wrote to memory of 3492	368	chrome.exe	84
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2404	368	chrome.exe	87
PID 368 wrote to memory of 2044	368	chrome.exe	89
PID 368 wrote to memory of 2044	368	chrome.exe	89
PID 368 wrote to memory of 4180	368	chrome.exe	90
PID 368 wrote to memory of 4180	368	chrome.exe	90
PID 368 wrote to memory of 4180	368	chrome.exe	90
PID 368 wrote to memory of 4180	368	chrome.exe	90
PID 368 wrote to memory of 4180	368	chrome.exe	90
PID 368 wrote to memory of 4180	368	chrome.exe	90
PID 368 wrote to memory of 4180	368	chrome.exe	90
PID 368 wrote to memory of 4180	368	chrome.exe	90
PID 368 wrote to memory of 4180	368	chrome.exe	90
PID 368 wrote to memory of 4180	368	chrome.exe	90
PID 368 wrote to memory of 4180	368	chrome.exe	90
PID 368 wrote to memory of 4180	368	chrome.exe	90
PID 368 wrote to memory of 4180	368	chrome.exe	90
PID 368 wrote to memory of 4180	368	chrome.exe	90
PID 368 wrote to memory of 4180	368	chrome.exe	90
PID 368 wrote to memory of 4180	368	chrome.exe	90
PID 368 wrote to memory of 4180	368	chrome.exe	90
PID 368 wrote to memory of 4180	368	chrome.exe	90
PID 368 wrote to memory of 4180	368	chrome.exe	90
PID 368 wrote to memory of 4180	368	chrome.exe	90
PID 368 wrote to memory of 4180	368	chrome.exe	90
PID 368 wrote to memory of 4180	368	chrome.exe	90

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://update.v5lwd8wd5tmz.top/software/operagx/banner/original/index.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff98c829758,0x7ff98c829768,0x7ff98c829778
  2⤵
  PID:3492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1640 --field-trial-handle=1896,i,12192538297564415525,4390560215402687371,131072 /prefetch:2
  2⤵
  PID:2404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=1896,i,12192538297564415525,4390560215402687371,131072 /prefetch:8
  2⤵
  PID:2044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2252 --field-trial-handle=1896,i,12192538297564415525,4390560215402687371,131072 /prefetch:8
  2⤵
  PID:4180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3276 --field-trial-handle=1896,i,12192538297564415525,4390560215402687371,131072 /prefetch:1
  2⤵
  PID:4736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3132 --field-trial-handle=1896,i,12192538297564415525,4390560215402687371,131072 /prefetch:1
  2⤵
  PID:3468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5012 --field-trial-handle=1896,i,12192538297564415525,4390560215402687371,131072 /prefetch:8
  2⤵
  PID:3228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4996 --field-trial-handle=1896,i,12192538297564415525,4390560215402687371,131072 /prefetch:8
  2⤵
  PID:4324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3984 --field-trial-handle=1896,i,12192538297564415525,4390560215402687371,131072 /prefetch:8
  2⤵
  PID:4932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5104 --field-trial-handle=1896,i,12192538297564415525,4390560215402687371,131072 /prefetch:8
  2⤵
  PID:4284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=764 --field-trial-handle=1896,i,12192538297564415525,4390560215402687371,131072 /prefetch:1
  2⤵
  PID:772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2404 --field-trial-handle=1896,i,12192538297564415525,4390560215402687371,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4932

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1280

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
17KB

MD5
ff71403edde3939fc6894bb47d059b9d

SHA1
352cdf10c47e708cf182a5ebe5644982b10834b3

SHA256
4f5c5084f34cb62140fab353aa5e168ae5e1db240fce6150a2c9feaf83e6896e

SHA512
914e00a8a19a3f7ff9e80d7b2aa9aadc3cb28caf4ad8e003dd9d2f6863f50dbc85e1111f8122c7758f505e71f96af06bc3738513abfa5e41b1c8f5df9323e912

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
260fc9fb81d0783e71f08022849f0eac

SHA1
0ce2f5e107f889dcb1b31dbd6a235415ae6a28e2

SHA256
b19a997273560b099c789cfb8399a0d5004d41710b5e4a0ddd873a954ea6003a

SHA512
5546fb42d7055d94d31111977bc352b0784c01096c7acb77dd7f041d76a6603787394bbe2c472efcf90e83c0c5e7f1843cfe480b3bd76ee1e06c79d9532a240c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
eb0bf22621d6b5e9967d5bc84d5cc315

SHA1
8844847a4ccd7a2e229914de9fd976592065dd48

SHA256
f6573d4f7718dd5b6c8c31e0851d545aaa34d59e317aab400912fa372b24f5e5

SHA512
fa21da13f1a3a18a7f888c6f7bf761785b697823290dfc539706a1a08017c5f04705dbd9ad4e83a1412c54375bf36d60d38506f9cb41887751c094009f15f3cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
537B

MD5
91894bcd273ba14ffc73d4a7d8bef8a0

SHA1
996a5a8447c4d270e605c84f0a2ca48341eea2c5

SHA256
3e195f19a5303991b308cc086ae4958d3c969b1f0d1da1219b515941974e2bda

SHA512
cdc8b5ecf6dad27b2ae24780eff1525f329bf0558be6b5aa628912616dcc114957da234f7dc7be8aa60e9246f245cd060b1df5f537795723d011c36af418a917

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
774cff1f696a4b7993c1847282f24be6

SHA1
8afab5c4f72a3adf94e04de2621d996a53cdd95f

SHA256
3566086199449bd1c4e896f40a55fe98a145362d4c14730b72dd183ba278412d

SHA512
c8753ec113a71fbf2eb7142a2b9b7d9fb7d1a5f61069de2ffbc2cc7c98f0674485f8c272272d693abb73cc77446ed553d4d8b8902d9c4770f43cbf7d16241e8d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
941ffe4a89e8e38dff62ce6aebba7a36

SHA1
03495bbd7099450c9f5bcac786e39211c67ced5a

SHA256
7df7d4326e82bd7ba9a405baeafa5feba7cc411ba14a45fd98f2399cad149305

SHA512
e05725e08361f049482299f0478794299c542de1526296a9a7ee6419a4733e90aa14f0f305e862260c043ba789b52e2a0a0b0d1a739d7bb775c83183e1eee747

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
c7481ff299d322c762094414a008c579

SHA1
63d65c64644de8fdb56023e6a95191f8f7262202

SHA256
6e55901f5e11d9290570dbcc2e93d2526f88f7ff435cbff3eae4b24fa6ec9984

SHA512
5b20317d162452d5e9fb5253f432b31aa3b81abb985dadfb77df4118acd3934a44334e4e74539b028fad28bb2f66d087a8c2c1ebaf4a98d5dbe828947a843f4f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
d507dd6091db9cf3a78beaa957d3ae54

SHA1
2df31455e3eeb57e0b6ddf70b057409a0453d33a

SHA256
95c9666b04c12dbcb080499f1da0a8c932f697596302fe76502e9b3606495eb8

SHA512
d2388a6e43d0fa25f265b7678567b000a63787022fcb77fb39acc116e59a07892d246550bdee3eebfcff9ce0ea1be50af5fe816e705c396d5eb1ca84db029eea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
50a8d95b0b87e8bbb5533c34790af36b

SHA1
778ba500f9a8ce3c3d6901844ccb78b35a17455a

SHA256
534d0470663d18eb437d42ce600b3fd2f734777ab2dc86bb944d80874e4e8145

SHA512
29d09b5ccd0689b10fe65c7c2dfa396d83cd16192153a3ae2c246b4c1a8630a219c8bc32bcd08d58e6f23d7a41846ea4902bb80f215c05e8282c5ae9a47fcff5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
132KB

MD5
de826f5dd92f7a623b488cccc7f8fa0d

SHA1
b3a51bade52400706e5245373b6a02d53a7f32ea

SHA256
6dd755463ad9625ddac206abe0db87b8ec4198596f1c6974210f0af1fee094cb

SHA512
ee3d7c627c49cd263661fcfe0642b537909db5e5be55d1a0892c203b5d9cd7a1dd980eabe254b9b4bfdff09ede36716d10ac3661d848886dae3394fda9ea579e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
131KB

MD5
3bd6463b99c9f45cb6a5028047dd37c8

SHA1
64aaa85e85da470329e93b6d7cbe01d9fece3147

SHA256
7af781cc1f7ec14a891656026c6d37750860ac8c228f60e985463b97e39396b3

SHA512
64f9e175101a2459f3826848c0566ae342f584c5a7019521ceffeedbfe48aa16ad60602e0059501284ff1a0c1a7fb89aa3b2effceef0fb92aee38b4427e8890e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
131KB

MD5
10b54ef2c16f1327682acc851db38e03

SHA1
817fe21f326b307a0124b5873180bcd545f517d0

SHA256
843c16457608322bd925fb5169968082094bc8ab490d0515ceb62cc2330084ff

SHA512
e71b9b8a1e230084ffbfd625f647c646b61294d9d95f1a5b3bde8ad16ab7716a0b0693cc4bb3db7c0f78bcf66fcd0f20c8266e86e8ee065013d8ca4b010dc0af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
151KB

MD5
4c8f78f9fcf6eec7d33cba70fe604718

SHA1
a243377cda240dba931c268ba69c61d920a6dac5

SHA256
dbd7d3f919b121f66fdc1593cd657a6a1b20d3b27c9181b798000ade19a7492c

SHA512
cfd38496851908d0b76320b212f06ad51c9bfd64b99742978d27d28996e4fda556396deb75203400069cff1ebd709e9bbda9164a75ff111ae9f21950e2908e8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit