hxxps://district305-my[.]sharepoint[.]com/personal/juandirusso_district305_onmicrosoft_com/_layouts/15/onedrive[.]aspx?id=/personal/juandirusso%5Fdistrict305%5Fonmicrosoft%5Fcom/Documents/View%20and%20Print%20Online%20Viljoen/View%20and%20Print%20Online%2Epdf&parent=/personal/juandirusso%5Fdistrict305%5Fonmicrosoft%5Fcom/Documents/View%20and%20Print%20Online%20Viljoen&ga=1

Analysis

max time kernel
149s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
07/03/2024, 02:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://district305-my.sharepoint.com/personal/juandirusso_district305_onmicrosoft_com/_layouts/15/onedrive.aspx?id=/personal/juandirusso%5Fdistrict305%5Fonmicrosoft%5Fcom/Documents/View%20and%20Print%20Online%20Viljoen/View%20and%20Print%20Online%2Epdf&parent=/personal/juandirusso%5Fdistrict305%5Fonmicrosoft%5Fcom/Documents/View%20and%20Print%20Online%20Viljoen&ga=1

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133542534698039343"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2932	chrome.exe
2932	chrome.exe
4200	chrome.exe
4200	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2932 wrote to memory of 2256	2932	chrome.exe	88
PID 2932 wrote to memory of 2256	2932	chrome.exe	88
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 3112	2932	chrome.exe	90
PID 2932 wrote to memory of 5112	2932	chrome.exe	91
PID 2932 wrote to memory of 5112	2932	chrome.exe	91
PID 2932 wrote to memory of 880	2932	chrome.exe	92
PID 2932 wrote to memory of 880	2932	chrome.exe	92
PID 2932 wrote to memory of 880	2932	chrome.exe	92
PID 2932 wrote to memory of 880	2932	chrome.exe	92
PID 2932 wrote to memory of 880	2932	chrome.exe	92
PID 2932 wrote to memory of 880	2932	chrome.exe	92
PID 2932 wrote to memory of 880	2932	chrome.exe	92
PID 2932 wrote to memory of 880	2932	chrome.exe	92
PID 2932 wrote to memory of 880	2932	chrome.exe	92
PID 2932 wrote to memory of 880	2932	chrome.exe	92
PID 2932 wrote to memory of 880	2932	chrome.exe	92
PID 2932 wrote to memory of 880	2932	chrome.exe	92
PID 2932 wrote to memory of 880	2932	chrome.exe	92
PID 2932 wrote to memory of 880	2932	chrome.exe	92
PID 2932 wrote to memory of 880	2932	chrome.exe	92
PID 2932 wrote to memory of 880	2932	chrome.exe	92
PID 2932 wrote to memory of 880	2932	chrome.exe	92
PID 2932 wrote to memory of 880	2932	chrome.exe	92
PID 2932 wrote to memory of 880	2932	chrome.exe	92
PID 2932 wrote to memory of 880	2932	chrome.exe	92
PID 2932 wrote to memory of 880	2932	chrome.exe	92
PID 2932 wrote to memory of 880	2932	chrome.exe	92

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://district305-my.sharepoint.com/personal/juandirusso_district305_onmicrosoft_com/_layouts/15/onedrive.aspx?id=/personal/juandirusso%5Fdistrict305%5Fonmicrosoft%5Fcom/Documents/View%20and%20Print%20Online%20Viljoen/View%20and%20Print%20Online%2Epdf&parent=/personal/juandirusso%5Fdistrict305%5Fonmicrosoft%5Fcom/Documents/View%20and%20Print%20Online%20Viljoen&ga=1
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffe8359758,0x7fffe8359768,0x7fffe8359778
  2⤵
  PID:2256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1716 --field-trial-handle=1780,i,11719363266486510377,15818432231398243561,131072 /prefetch:2
  2⤵
  PID:3112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1780,i,11719363266486510377,15818432231398243561,131072 /prefetch:8
  2⤵
  PID:5112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2088 --field-trial-handle=1780,i,11719363266486510377,15818432231398243561,131072 /prefetch:8
  2⤵
  PID:880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2952 --field-trial-handle=1780,i,11719363266486510377,15818432231398243561,131072 /prefetch:1
  2⤵
  PID:4760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2964 --field-trial-handle=1780,i,11719363266486510377,15818432231398243561,131072 /prefetch:1
  2⤵
  PID:3316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3896 --field-trial-handle=1780,i,11719363266486510377,15818432231398243561,131072 /prefetch:1
  2⤵
  PID:1568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5184 --field-trial-handle=1780,i,11719363266486510377,15818432231398243561,131072 /prefetch:8
  2⤵
  PID:4156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5180 --field-trial-handle=1780,i,11719363266486510377,15818432231398243561,131072 /prefetch:8
  2⤵
  PID:2456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1668 --field-trial-handle=1780,i,11719363266486510377,15818432231398243561,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4200

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:5096

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
23f96dbee40fb2385f85e8baa40c8e08

SHA1
0bba0bc233e0ff0e53527e27b2da0ed829d1e032

SHA256
b38ce863c80ed01cff77cc37fadba00b9c92337d88f08de9af7144a3a5598d09

SHA512
72a24b5f075d8a6371d70ec6f1548e55a44708a4a61a73b2603913752de7233b004d714a2d81e3fc2e3f0f0cc54e87e466185a5cb70fafc78e98d28a70049f4a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
28e2778147b9e51b191ba330d5d564b8

SHA1
65315e804ba6463a20b23b839f86bed99bb6b21d

SHA256
db8ed349c8c9387801efb0edc7c102ea9d02dd213f27c63a07e5161230ad332f

SHA512
0c66ae0b3ff8f9ff88217f9e9b59fe8c726bea5676d6c0cea37d3f41705aee6f804c508d19ad2b23c3b84e95580d3f1e0435d9655c46cc9da95d832d6be49cba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
adeb5c1587a3c4e0f15a8c293f43d503

SHA1
78160b0be635fe5a03ceae417d3b3cac930347ca

SHA256
ce556ce33af8b8892554725108d21a641ed2ec7b64bf6bcab941fbb989d5dcea

SHA512
5963696847af63550a016e81797a61ba62a8ff2e1b857bd04c838019959d1f0cab6e7d467c20b94e3023f159e17b9c50441cda88cb59ebb334736cd08630ef90

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
7c596db025f20691050698e8a2c817b9

SHA1
d5520369d7d5c66eeb4e6e8b1247aac42f1a8582

SHA256
f317a4facd3954620d39d2f11e21373ad28aff76b408c68bdab278f89c2f0f57

SHA512
3aa869cfc2528512645027d31e0edda7a6e82fbe5010df7ac9f7735333db2a1a753979610e5d5dbbab56f82ff9fc27734c9a6e21853c0ce645e5c5fcde5eb9ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
e41218f84c9be3dcaa174c40f16fbd38

SHA1
8ffa62684f26ea6932f6c492cc34331884b58e36

SHA256
0d6cbe408f20f3747d3556ca066f872297e99956b7068eb9d651bfb75c1b3eae

SHA512
6452887e2f0c82739d223402fb1c004f084f7bd8af1d8bac7d47c19d16ea762af23ad4594af381452ea4c6b09d5c3dbb79c3d5645fbcecd805d5af98a1d5d966

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
d836b763afeafbf79c06abeca2ff88ee

SHA1
bf1bafcff6d6a85534751216c3c5907799cd0612

SHA256
949e378bedf8c4392d66e9f743fcb9594dc1c7344b51e3ee9e92f9b20e0c1fd7

SHA512
81c14263af82da616d24c57b4ca24ced602d1f5806d04b0494452bf03e0abcb8acb321515c5ed452b6a1d8e7a28ed0922cd51c763521a2c32a8be03cfd9a8941

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
808f413d9aa7e92499beb1a748dcdd77

SHA1
95ad2b2ca5ec1d41f06762eeea4ac80ae77ec6da

SHA256
db4d460fa13fd3923b87ba7ee4ca5ecde2fad2cb78081dea90cfa2cf93e1468a

SHA512
40f59c84cb230c2de9047c8b39ebd2c69be1d99595f2b15373bbf87417e7eadde1b9fb0fdcff87c8618d557301173f422aef6f857f56278958fa0b62dd18d1ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit