d3e049952083ba0a7ee1de871dda6ee91886cc5358ce81b7e2ab96d16d618500

Analysis

max time kernel
600s
max time network
490s
platform
windows10-2004_x64
resource
win10v2004-20240221-en
resource tags

arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
submitted
25/02/2024, 00:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Registration - GiftMiner.html
Size

35KB
MD5

aa14980270dcaccc82c528460e77d69a
SHA1

b9b4ed727f8001ca95f6cdc3c8470bac38609d6b
SHA256

d3e049952083ba0a7ee1de871dda6ee91886cc5358ce81b7e2ab96d16d618500
SHA512

07ac9b06959fe1e0f841f98c06e7b0f84134615eae86e74172cf347ff7df34e521056cfe3af1fd5921343ccec6ab66b4396df7907cee695455e7da55d7b4b424
SSDEEP

768:xhAHrXcvWs1SnCM8jn3wUkT22MhkMCLOMs:x53PQKb

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133532964052237670"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
5036	chrome.exe
5036	chrome.exe
2248	chrome.exe
2248	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe
Token: SeShutdownPrivilege	5036	chrome.exe
Token: SeCreatePagefilePrivilege	5036	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe
5036	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5036 wrote to memory of 4488	5036	chrome.exe	55
PID 5036 wrote to memory of 4488	5036	chrome.exe	55
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 2716	5036	chrome.exe	91
PID 5036 wrote to memory of 4360	5036	chrome.exe	89
PID 5036 wrote to memory of 4360	5036	chrome.exe	89
PID 5036 wrote to memory of 5008	5036	chrome.exe	90
PID 5036 wrote to memory of 5008	5036	chrome.exe	90
PID 5036 wrote to memory of 5008	5036	chrome.exe	90
PID 5036 wrote to memory of 5008	5036	chrome.exe	90
PID 5036 wrote to memory of 5008	5036	chrome.exe	90
PID 5036 wrote to memory of 5008	5036	chrome.exe	90
PID 5036 wrote to memory of 5008	5036	chrome.exe	90
PID 5036 wrote to memory of 5008	5036	chrome.exe	90
PID 5036 wrote to memory of 5008	5036	chrome.exe	90
PID 5036 wrote to memory of 5008	5036	chrome.exe	90
PID 5036 wrote to memory of 5008	5036	chrome.exe	90
PID 5036 wrote to memory of 5008	5036	chrome.exe	90
PID 5036 wrote to memory of 5008	5036	chrome.exe	90
PID 5036 wrote to memory of 5008	5036	chrome.exe	90
PID 5036 wrote to memory of 5008	5036	chrome.exe	90
PID 5036 wrote to memory of 5008	5036	chrome.exe	90
PID 5036 wrote to memory of 5008	5036	chrome.exe	90
PID 5036 wrote to memory of 5008	5036	chrome.exe	90
PID 5036 wrote to memory of 5008	5036	chrome.exe	90
PID 5036 wrote to memory of 5008	5036	chrome.exe	90
PID 5036 wrote to memory of 5008	5036	chrome.exe	90
PID 5036 wrote to memory of 5008	5036	chrome.exe	90

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\Registration - GiftMiner.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff97a0d9758,0x7ff97a0d9768,0x7ff97a0d9778
  2⤵
  PID:4488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1892,i,12519703414939425315,4354942670294032310,131072 /prefetch:8
  2⤵
  PID:4360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2180 --field-trial-handle=1892,i,12519703414939425315,4354942670294032310,131072 /prefetch:8
  2⤵
  PID:5008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1760 --field-trial-handle=1892,i,12519703414939425315,4354942670294032310,131072 /prefetch:2
  2⤵
  PID:2716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2992 --field-trial-handle=1892,i,12519703414939425315,4354942670294032310,131072 /prefetch:1
  2⤵
  PID:3900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2984 --field-trial-handle=1892,i,12519703414939425315,4354942670294032310,131072 /prefetch:1
  2⤵
  PID:3280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4604 --field-trial-handle=1892,i,12519703414939425315,4354942670294032310,131072 /prefetch:1
  2⤵
  PID:3608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4788 --field-trial-handle=1892,i,12519703414939425315,4354942670294032310,131072 /prefetch:1
  2⤵
  PID:820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5552 --field-trial-handle=1892,i,12519703414939425315,4354942670294032310,131072 /prefetch:8
  2⤵
  PID:3136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5644 --field-trial-handle=1892,i,12519703414939425315,4354942670294032310,131072 /prefetch:8
  2⤵
  PID:3748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2740 --field-trial-handle=1892,i,12519703414939425315,4354942670294032310,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2248

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4992

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
358e4c012809d64b5b678c9dd683fcdc

SHA1
4925379829fa6a5fc5ad544761c03f4d511fecf3

SHA256
02c16fd1f1bdda28be3f3f9ac623454b563831d01091664e1d9fe06ccac572b5

SHA512
0e9b84309c32154d6c2fb6603edbe04add9fee2bd8dd15899104d613a66da475137e9c6f60755b94b931c80866071f788387e42f620bfe9452dfc4a099e95851

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
82447ede3b0b5c536f8f7207bf227743

SHA1
7880b8c7ac9f2731e95b7d9e6da4d53f3af666dc

SHA256
1ea9cd213e049278f509a54cfabfa61b9dfc422727cd266dd32dc4d2e9739773

SHA512
afea6c18e5cacfb1535d0a617c8d4bc51b117d3c97cf74c9c8f8d569d1c05cfd12a19a9b7fea7a5bfd1f49b4127b97da1f618223af2713fafb0edd139f5232de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
1fde0cd7b7a2fa6fc37a3cbf7d2d73a3

SHA1
41fa25f26ff098a345a20205139e5edb3b07dc69

SHA256
79c87f173c6427ad794bbe64a4a0113ba81a06b5d4d4856b2705e9ecb0a70082

SHA512
e17aa620ff9b7501421d1295bd3f07a06c4eabc26d2990586169be5718588acc4e92dbc58db1df85a740b505844363e69dd7e2fc455231c35aadb94514252ec1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
eaa978580397229a8780ac520ba230ed

SHA1
28d81dcfdeb7c31e3ee6543b549923eeaccc7d95

SHA256
86749403f1a976177e9f2d34ef231d771de520de202b1634e9f3a4fd0f9aeabd

SHA512
ff7af5b013de10168ef712ee7ad4cbd1b2a9ad94ea7759aacd412d5804fa3d113b024136dd62704a2f6fd6f5fb2c544c27dc23dd8640b4d9417d6a17a594a8ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
911420db10b1656b1598735c112cd155

SHA1
4d1eab335468d999f45a94873ceb4b56348bc720

SHA256
297e3115d05ca48dbb565f1c4fcaeac5f96caba442eaa22b53f5cc7db172ca7e

SHA512
9332727b2b1ef459a235f793b318ae1a80d2376bcd3c9af1832768eeab9114ab788296d4cfb565197595214c006faafbf1fb8926899c51bce874fc3884bb7318

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
a3ecf7833538548b026edddef009469a

SHA1
39b8f487ebaf67bfcea60124c3592e51a0624f45

SHA256
e8f5d8cb5f30adc942f89304c2c90b90f359f97519137bce8b0679b276cd7022

SHA512
ab3182b4980c41752ec10cfb43c883154a1ab4d455b0ec299844bb592f0fa9f7d0961bffe11c1a2afdf8900a83f1081e73b2de19d1fbdafdb89851b3725fa01e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
f7f508f9df886a29eb7acd71b6db767d

SHA1
e56226ba34f0af99cc88e798be1ef022de30c7f0

SHA256
582ac781e4b71774f0b6639aaac1f10d3e9c69b77f796a85104c82e36a99fb59

SHA512
97f7af2594c1668fdc8260c0bbde6d99992b8d06c8c060cc005950d14ecfbca66386f72758bdc74fb01b173acb5e0d315d238cf9c5ab26585aa7c88451a3099c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
1f9ec02e6f16c0dfdb189f526f4d6491

SHA1
3d2120460320d59e74ed6e61250cfca82599a4ec

SHA256
c8612716911df9def6ee681e400e588a3e1cba3d0ea7b158fcf909964ed64f49

SHA512
5c25e4575dfc966b3b3579dfc38746c5cf55d44ce7a52c8b7456a477deb780e1b32ab5dc3fcd2fa24893233df6d982be959324f2bc4bc333c8bf1d00ee8d2221

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
f02fad1ad64bd6899025ff6c64896f0b

SHA1
131f39178c2433b351d4850df1f11e9cc74ee3d3

SHA256
c17ed5b112d9e5b207090693294133ee05d90080131db84b55d9369b50db29f1

SHA512
9b9475a40b832d580d7be6740bd2d240c6bcf97ceb0d0d166997bbefa12b3647aa87967c1ee8bb3eda5a59de8345172987e9b96c449acac225630a96486b013e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit