hxxps://www[.]eventcreate[.]com/e/proposal-document

Resubmissions

28/02/2024, 10:42

240228-mrxs5ahf7v 1

28/02/2024, 10:38

240228-mpk2jshe96 1

Analysis

max time kernel
183s
max time network
200s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
28/02/2024, 10:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.eventcreate.com/e/proposal-document

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133535903715991939"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4580	chrome.exe
4580	chrome.exe
2900	chrome.exe
2900	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe
Token: SeShutdownPrivilege	4580	chrome.exe
Token: SeCreatePagefilePrivilege	4580	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe
4580	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4580 wrote to memory of 1384	4580	chrome.exe	80
PID 4580 wrote to memory of 1384	4580	chrome.exe	80
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 2196	4580	chrome.exe	89
PID 4580 wrote to memory of 3840	4580	chrome.exe	90
PID 4580 wrote to memory of 3840	4580	chrome.exe	90
PID 4580 wrote to memory of 3720	4580	chrome.exe	91
PID 4580 wrote to memory of 3720	4580	chrome.exe	91
PID 4580 wrote to memory of 3720	4580	chrome.exe	91
PID 4580 wrote to memory of 3720	4580	chrome.exe	91
PID 4580 wrote to memory of 3720	4580	chrome.exe	91
PID 4580 wrote to memory of 3720	4580	chrome.exe	91
PID 4580 wrote to memory of 3720	4580	chrome.exe	91
PID 4580 wrote to memory of 3720	4580	chrome.exe	91
PID 4580 wrote to memory of 3720	4580	chrome.exe	91
PID 4580 wrote to memory of 3720	4580	chrome.exe	91
PID 4580 wrote to memory of 3720	4580	chrome.exe	91
PID 4580 wrote to memory of 3720	4580	chrome.exe	91
PID 4580 wrote to memory of 3720	4580	chrome.exe	91
PID 4580 wrote to memory of 3720	4580	chrome.exe	91
PID 4580 wrote to memory of 3720	4580	chrome.exe	91
PID 4580 wrote to memory of 3720	4580	chrome.exe	91
PID 4580 wrote to memory of 3720	4580	chrome.exe	91
PID 4580 wrote to memory of 3720	4580	chrome.exe	91
PID 4580 wrote to memory of 3720	4580	chrome.exe	91
PID 4580 wrote to memory of 3720	4580	chrome.exe	91
PID 4580 wrote to memory of 3720	4580	chrome.exe	91
PID 4580 wrote to memory of 3720	4580	chrome.exe	91

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.eventcreate.com/e/proposal-document
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa48649758,0x7ffa48649768,0x7ffa48649778
  2⤵
  PID:1384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1640 --field-trial-handle=1864,i,15664630014599307426,2251374645046338972,131072 /prefetch:2
  2⤵
  PID:2196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=1864,i,15664630014599307426,2251374645046338972,131072 /prefetch:8
  2⤵
  PID:3840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2224 --field-trial-handle=1864,i,15664630014599307426,2251374645046338972,131072 /prefetch:8
  2⤵
  PID:3720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3076 --field-trial-handle=1864,i,15664630014599307426,2251374645046338972,131072 /prefetch:1
  2⤵
  PID:5048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3088 --field-trial-handle=1864,i,15664630014599307426,2251374645046338972,131072 /prefetch:1
  2⤵
  PID:1356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4764 --field-trial-handle=1864,i,15664630014599307426,2251374645046338972,131072 /prefetch:8
  2⤵
  PID:2088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5248 --field-trial-handle=1864,i,15664630014599307426,2251374645046338972,131072 /prefetch:8
  2⤵
  PID:3872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4480 --field-trial-handle=1864,i,15664630014599307426,2251374645046338972,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5236 --field-trial-handle=1864,i,15664630014599307426,2251374645046338972,131072 /prefetch:1
  2⤵
  PID:3680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4432 --field-trial-handle=1864,i,15664630014599307426,2251374645046338972,131072 /prefetch:1
  2⤵
  PID:3884

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1624

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
408B

MD5
5b2895ceaa5df02b51eab18213ac34d9

SHA1
a87f3debb507725a7c32e42cbc082c235d6e4f3b

SHA256
7c0b03faa9853798fc8bd71aa92199b41389e0c79861e93b692c37e4feeb53ef

SHA512
7a8a9c18981f5a61091ef2e989188674e71d572d89b2c5c2fa7cc5f9a990a69aeecabed963bcc2b48bb40b72d0cc185e341f125e298bd7db5118cf72f99c89c6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
e4c92eeee2a25e27fe9d5c5426541b1b

SHA1
326cc6a4fcf04651d372af5b640c6b3708b6d1ae

SHA256
9c895808871628ea086ec97443573ee51da85ffa5253fa8bf67bf1389ea52978

SHA512
b777cf9552bae566e4df9f06f3e9c698d06244d9b495d05abd433c91c1981c3baee16f2b8b1ffad3308ade24cd5e220d0f4cc8009da79645cd7f9d52649a5674

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
c6bbfbcac92988c9c95644dc2239dbb9

SHA1
c840f1f810ea2f11fa83b4bf324266d77cf13948

SHA256
516e1e48007625160549fca6df428d99a807e6fb2d0c528a3e34ad7b98fb5fdb

SHA512
137b3fa67556b36137fe1c785da455cc73e41398994395c97b59635495009e9c904a376ca717c4fc64a47bb42e213be63a4e2a5fa58fc0c6ec8379f2093b1d8f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
369B

MD5
2e7650ce2ac96e5947919d0c5a78a89e

SHA1
211472f6fc1f3f253744da5b219c55ebe2f7ba89

SHA256
1c7d414de4fbfd42ce1b808a2521af002b6d82f9be34af2f29c52e1efc6189ce

SHA512
395f50679f9f339062b9c092c86fbe380256362ed54676abad19559995c3462a93af69340a10ad358683e9f2ffd08aad5daf14ee78cbc030005376cae7cdca6f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
01fcd40a7b10b1e363eeb0c2e584a343

SHA1
b7366039d4e2f273de5309dcfebf030a706dca9d

SHA256
73846032dbeafa017abc72f7262014997b4b2ad97783f8cab6cdf534ea09be37

SHA512
c4656525be009f1d0a54164051edb00ccfd28d77a5f1d5932e38685a54afd330370e73048c41b927808bc2385684a9a0b2eacc178ffb5179ff8b1b585f556195

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
6a775e9e7a43db229ec6581b69e96e12

SHA1
9bf49ad441c84d0981f426369f8f9c325cea21b2

SHA256
5d5d78159839ea2a71e2bda68dfb5fa32f64c4ac8d5c818144d0f7442415fe63

SHA512
558931f9a435d2ce758def6e71de8b6923f13fca66ff7c81819f73ab2c74b5d00c7b29e6ed52776f14ff7e732ff17ce315edebc659070280bfc4cd10815ff8ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
21f36bf63f4c1fd03451e950a2412e93

SHA1
ad21f42a4cb28d8ba9d6bb20b6cf80c8122c96ff

SHA256
d9c1f42b492e7a0ac87bd99eae2d7cadb38921980e2822939f242d4885bffbea

SHA512
9c5564cf9c7061dd8602f43b6198759bccbb57d6f59f776cfc6b0e33d868bd3a3279849e68207d9d191a27bbfbd699c638e824da0894d6839790283006137af3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
e4ba5b0dad13291c436700f4113552e6

SHA1
a769d3aa4c881634104107a5b0fbe4f8cf6c610c

SHA256
9d40039a284dd6824f1b131829be15b309e221a2567197bd6fa5e70782b15696

SHA512
48ad8a8cf1a1c786cb00961ff42e26089a3166fdbf281b0d40e5943415485f3c096b6abf6896280667ac4e4d85e0e47d21afe06f7f33e2ad6ef00d02803e611e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
334608554af3f1c4e311a71f4d1911ac

SHA1
9ca5c8a1dcc990771836ac0ec729bd0e7cc6307c

SHA256
fddc59abe534b2d541a4fe3bb3d5ddb8360d2296038ccadd6bcf8be713f39306

SHA512
621d7e7f07c49c65a5bf3edf611b77f09b4fca34f4f0f85e5e742de998971a6ab3b69afc5e43a9c261a4308d168a7dde9f9b7b7041d4a2a2c77cd1ea17d140ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit