hxxps://github[.]com/topics/discord-nuker

Analysis

max time kernel
1799s
max time network
1685s
platform
windows10-1703_x64
resource
win10-20240214-en
resource tags

arch:x64arch:x86image:win10-20240214-enlocale:en-usos:windows10-1703-x64system
submitted
25-02-2024 09:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/topics/discord-nuker

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133533259857947305"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
2728	chrome.exe
2728	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
4668	chrome.exe
4668	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe
Token: SeShutdownPrivilege	4668	chrome.exe
Token: SeCreatePagefilePrivilege	4668	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe
4668	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4668 wrote to memory of 4088	4668	chrome.exe	74
PID 4668 wrote to memory of 4088	4668	chrome.exe	74
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 4488	4668	chrome.exe	77
PID 4668 wrote to memory of 2748	4668	chrome.exe	76
PID 4668 wrote to memory of 2748	4668	chrome.exe	76
PID 4668 wrote to memory of 4444	4668	chrome.exe	78
PID 4668 wrote to memory of 4444	4668	chrome.exe	78
PID 4668 wrote to memory of 4444	4668	chrome.exe	78
PID 4668 wrote to memory of 4444	4668	chrome.exe	78
PID 4668 wrote to memory of 4444	4668	chrome.exe	78
PID 4668 wrote to memory of 4444	4668	chrome.exe	78
PID 4668 wrote to memory of 4444	4668	chrome.exe	78
PID 4668 wrote to memory of 4444	4668	chrome.exe	78
PID 4668 wrote to memory of 4444	4668	chrome.exe	78
PID 4668 wrote to memory of 4444	4668	chrome.exe	78
PID 4668 wrote to memory of 4444	4668	chrome.exe	78
PID 4668 wrote to memory of 4444	4668	chrome.exe	78
PID 4668 wrote to memory of 4444	4668	chrome.exe	78
PID 4668 wrote to memory of 4444	4668	chrome.exe	78
PID 4668 wrote to memory of 4444	4668	chrome.exe	78
PID 4668 wrote to memory of 4444	4668	chrome.exe	78
PID 4668 wrote to memory of 4444	4668	chrome.exe	78
PID 4668 wrote to memory of 4444	4668	chrome.exe	78
PID 4668 wrote to memory of 4444	4668	chrome.exe	78
PID 4668 wrote to memory of 4444	4668	chrome.exe	78
PID 4668 wrote to memory of 4444	4668	chrome.exe	78
PID 4668 wrote to memory of 4444	4668	chrome.exe	78

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/topics/discord-nuker
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffec5b79758,0x7ffec5b79768,0x7ffec5b79778
  2⤵
  PID:4088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2020 --field-trial-handle=1772,i,2762560511116714219,6131433621386638794,131072 /prefetch:8
  2⤵
  PID:2748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1536 --field-trial-handle=1772,i,2762560511116714219,6131433621386638794,131072 /prefetch:2
  2⤵
  PID:4488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1656 --field-trial-handle=1772,i,2762560511116714219,6131433621386638794,131072 /prefetch:8
  2⤵
  PID:4444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2880 --field-trial-handle=1772,i,2762560511116714219,6131433621386638794,131072 /prefetch:1
  2⤵
  PID:1548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2872 --field-trial-handle=1772,i,2762560511116714219,6131433621386638794,131072 /prefetch:1
  2⤵
  PID:4152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4800 --field-trial-handle=1772,i,2762560511116714219,6131433621386638794,131072 /prefetch:8
  2⤵
  PID:4284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4504 --field-trial-handle=1772,i,2762560511116714219,6131433621386638794,131072 /prefetch:8
  2⤵
  PID:4008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4460 --field-trial-handle=1772,i,2762560511116714219,6131433621386638794,131072 /prefetch:8
  2⤵
  PID:1016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4984 --field-trial-handle=1772,i,2762560511116714219,6131433621386638794,131072 /prefetch:8
  2⤵
  PID:4836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 --field-trial-handle=1772,i,2762560511116714219,6131433621386638794,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2728

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1216

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
1bf7e243d0aacbadff0540f4765121fb

SHA1
5eabf5108c197ddbe542563288c8c85858af7ac6

SHA256
fe899442518b717a3e60ae24923c6fca4e8f3dfade1b34f9e1c0f0fa398a8bc3

SHA512
91f4ab588a4fa3990135b34940acfc6d0c5e169005cee626e0010c2329c17f71561518728fb49341994fc833a2997e5b0acfc11d17b5b7d595b258075ac850af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1018B

MD5
0ee1e311fe3d3feb83df18197b4a2717

SHA1
12e40f3720d8b82f17d37d1901f7884fb38be1b3

SHA256
f68bd0b1a10f6011668db37d47c3cd6b2373a4e8c397f8b7d8d3cff11686e5c4

SHA512
e9ca9574ab785fe25a30abef7a27712365bfd2b612bb5c61f78f816441956dd3405a27a0d4a358326bfa5502d6ed7aa102dd354ba56611e6cf7a5cefc4b9c7c0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
01a18e6a4fd9faf7dbaa7276af9830c0

SHA1
d33079df2b5cfaf580e4f7ccf72760385ea37181

SHA256
3441b1c94c81b0a79a3a889ae40e2df8bc019dd128d3bef735aeb72466fd7d99

SHA512
f76f6f6a1827f4042b3dbe80e6c21f138c1feaa672b201222612fcea2eaa7c5671868016406336b659e328c8922fbf4ebbc93a0ceee741d9f915c5dd917a0668

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
11d2635fcd1961a3161e16bcb656409a

SHA1
b5c693265e32c65889aa17e85e1b4b614f5cfd08

SHA256
3c3bd1c7706ec74a9fbddd6b78337314eea76c753cba46bfa74b17f6d4ac01f4

SHA512
d098945c3ed5ab1d64a786578a1743e8bc55ce106ab2a2d45d0ae38d1b813855121811a31b7e585c270c94a82f8639cfcc0c5f635de26503857e1148cc3f2bcf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
6ad4d6039aa916d637ca2913fbdafe65

SHA1
0c30e5a128527098aa45cfa435314464bb749ce5

SHA256
6931e570996a317ef4cd799f367ccfc336c69f873ea0468414b4ee7641f9d7f1

SHA512
6e3ec93c36a7e742069d886b07bce28fdd2cdc634041edc774523d6b0b24358371b1fc3e12be075b7942145750e8211cf789d59660b2c63d7e9ec3200f4429f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
5d917be7e97192f3f2fce7483339149c

SHA1
3fb42e1968891f60e9836413e0425be402419462

SHA256
cd89b8963608bc7ec0accf9e5cc811171525ef7e24f9f6feb8d3c092ff7b4e6b

SHA512
38a465ccd61d61d342f5f905d435f3d5a4acd83b7d9137c259e41a1426de77dd168bd0f82140a29464dbf6f4a852c68df3730de8daee4df3c131644fd0319483

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
8825304438aa022e3ddc7d2689b87e75

SHA1
2e749f2ee07aed8c5fd53e5ff8e158e6a714b85d

SHA256
537a079657b62a0315b111f4a4fe63ceaee2a80c9657ec587f3577e7f63729a9

SHA512
46a7d99a7fadd05dc23c513de2a50dea067cbe0e5e5d5fd0a83878e91b6e80310228592731190ff6bd54b61d7966fd4e9ed32604290740bb7d30949203dba3a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
131KB

MD5
2ebde5c58fcbd97476fda78680b5602e

SHA1
0ea7ea01fb1fb244627574c9b38f116bb26d1da7

SHA256
271eab400e2a7fb8bd9128da02e4cab567fea31220420de1a5bbf915eac3c0cd

SHA512
5a19bcc38f753d598f7a0f382eeefcb04496ec0199ee1c9347699f7d3a41acece3f4711a22898f628803f43764650b9de5fb94a119f752667a81dbd67eee3f2e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
162KB

MD5
5af62bd29474a6b13bc8ec7e2b14b056

SHA1
6295e73cd8a1d5e05d0f6ba5600ef83d903161a0

SHA256
95dacbe4467ef0763c99bba7206025a1d39db8adc2e1c94adc10499ba62d9f88

SHA512
dadc86d9b52c69431debce7696d5805a61cf4e043985fbc9de9e24f5e57294d74d98f2d5e198f08bfdcf906a7733d489f99c32e1f45da0b9a88e75ec39ce2884

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
131KB

MD5
1a312b7fdd7b5c40cb1dbb73bc3f9837

SHA1
4a0f39ca2f6c89b8f2ad424b973ab5e85c743a93

SHA256
a491b4d6ca1cb3fca4e0d1f4b6badacc21eb883f3bdcddeec344b8e4924efda1

SHA512
fb83002ae36f1c50dd667503600eb01336cac6471701f0fd1a70166095cd4e1c83ab5d98adc348f2d467e62a55182bfa22f24118806de1290e3e61728c9b7276

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
fdcf0f5f6a393bec3218cfed59fc6d49

SHA1
8030cf035f1e515e383c720f6c7841751b6ac177

SHA256
0ac50dfa21e1acd6014f123834a4b9cb24347862f672d118ff3a817481dc8e69

SHA512
392d284bf3eba9b27e702fcbb8a872b20e47d73ab24d86e2f75f4c5252d1d6f64d5cfb8ca1808ee153c435d12514751e06fdb4dbbdb4bb598379dfb737ce35fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit