hxxp://www[.]highconvertingformats[.]com/a6a390f1751e1e7b24817a0bf0f384ea/invoke[.]js

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
08/03/2024, 23:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://www.highconvertingformats.com/a6a390f1751e1e7b24817a0bf0f384ea/invoke.js

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133544140807777380"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1792	chrome.exe
1792	chrome.exe
5000	chrome.exe
5000	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe
Token: SeShutdownPrivilege	1792	chrome.exe
Token: SeCreatePagefilePrivilege	1792	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1792 wrote to memory of 4056	1792	chrome.exe	95
PID 1792 wrote to memory of 4056	1792	chrome.exe	95
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3496	1792	chrome.exe	97
PID 1792 wrote to memory of 3100	1792	chrome.exe	98
PID 1792 wrote to memory of 3100	1792	chrome.exe	98
PID 1792 wrote to memory of 1836	1792	chrome.exe	99
PID 1792 wrote to memory of 1836	1792	chrome.exe	99
PID 1792 wrote to memory of 1836	1792	chrome.exe	99
PID 1792 wrote to memory of 1836	1792	chrome.exe	99
PID 1792 wrote to memory of 1836	1792	chrome.exe	99
PID 1792 wrote to memory of 1836	1792	chrome.exe	99
PID 1792 wrote to memory of 1836	1792	chrome.exe	99
PID 1792 wrote to memory of 1836	1792	chrome.exe	99
PID 1792 wrote to memory of 1836	1792	chrome.exe	99
PID 1792 wrote to memory of 1836	1792	chrome.exe	99
PID 1792 wrote to memory of 1836	1792	chrome.exe	99
PID 1792 wrote to memory of 1836	1792	chrome.exe	99
PID 1792 wrote to memory of 1836	1792	chrome.exe	99
PID 1792 wrote to memory of 1836	1792	chrome.exe	99
PID 1792 wrote to memory of 1836	1792	chrome.exe	99
PID 1792 wrote to memory of 1836	1792	chrome.exe	99
PID 1792 wrote to memory of 1836	1792	chrome.exe	99
PID 1792 wrote to memory of 1836	1792	chrome.exe	99
PID 1792 wrote to memory of 1836	1792	chrome.exe	99
PID 1792 wrote to memory of 1836	1792	chrome.exe	99
PID 1792 wrote to memory of 1836	1792	chrome.exe	99
PID 1792 wrote to memory of 1836	1792	chrome.exe	99

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://www.highconvertingformats.com/a6a390f1751e1e7b24817a0bf0f384ea/invoke.js
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc9dd89758,0x7ffc9dd89768,0x7ffc9dd89778
  2⤵
  PID:4056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1708 --field-trial-handle=1864,i,16965542176768329114,1349991498427619730,131072 /prefetch:2
  2⤵
  PID:3496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1864,i,16965542176768329114,1349991498427619730,131072 /prefetch:8
  2⤵
  PID:3100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2184 --field-trial-handle=1864,i,16965542176768329114,1349991498427619730,131072 /prefetch:8
  2⤵
  PID:1836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2884 --field-trial-handle=1864,i,16965542176768329114,1349991498427619730,131072 /prefetch:1
  2⤵
  PID:4088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2908 --field-trial-handle=1864,i,16965542176768329114,1349991498427619730,131072 /prefetch:1
  2⤵
  PID:4728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4048 --field-trial-handle=1864,i,16965542176768329114,1349991498427619730,131072 /prefetch:1
  2⤵
  PID:2496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4324 --field-trial-handle=1864,i,16965542176768329114,1349991498427619730,131072 /prefetch:8
  2⤵
  PID:2056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4448 --field-trial-handle=1864,i,16965542176768329114,1349991498427619730,131072 /prefetch:8
  2⤵
  PID:760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4424 --field-trial-handle=1864,i,16965542176768329114,1349991498427619730,131072 /prefetch:1
  2⤵
  PID:5924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4612 --field-trial-handle=1864,i,16965542176768329114,1349991498427619730,131072 /prefetch:8
  2⤵
  PID:5964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5080 --field-trial-handle=1864,i,16965542176768329114,1349991498427619730,131072 /prefetch:1
  2⤵
  PID:6076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1652 --field-trial-handle=1864,i,16965542176768329114,1349991498427619730,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5000

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4048

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=808 --field-trial-handle=2676,i,447940133669489189,1353734109898858672,262144 --variations-seed-version /prefetch:8
1⤵
PID:5712

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
194KB

MD5
f5b4137b040ec6bd884feee514f7c176

SHA1
7897677377a9ced759be35a66fdee34b391ab0ff

SHA256
845aa24ba38524f33f097b0d9bae7d9112b01fa35c443be5ec1f7b0da23513e6

SHA512
813b764a5650e4e3d1574172dd5d6a26f72c0ba5c8af7b0d676c62bc1b245e4563952bf33663bffc02089127b76a67f9977b0a8f18eaef22d9b4aa3abaaa7c40

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
64d0a59254a62451dd6e5144e0fdc1e7

SHA1
ba168743e5963850e30c1834fdb893b674762569

SHA256
24d4265cb71db6446954a0c8eb063cd089d42ae8158bdf80168b4a4f588ce84f

SHA512
682a0d4203069a271756fe9fe7fa00f75ecdcfde1f3cb2dd2bf94270ecc125e6144febe7407f66f5f4a52659fb0129480e105dc539958b58d8ba74f5d4dfef1a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
b8d00735f7334b6ce7076723cb5c713f

SHA1
aa9a5b0c8f0059fa39d67dee327a127822711944

SHA256
2c294534a3c2009a207b640adb526cdf677bb28af3f6df767ae1c2c67bc549a4

SHA512
31dff6b635402a48cc5dda6de32ee10dc0ed3f28fdf66f82a8c74b88933090f47f576aacf7a369866037f34969c371e3e25a92fb298ccb7b06cf2e9c424de701

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
369B

MD5
8353ff5aa42323181a4af6c51a174134

SHA1
aa42a0261679d3d8bd8a585b9aa3c29563a34a9d

SHA256
64aa3842f69f0eb1d958fe7d39d0969864a370b510da6cdfbdd6a0e1f7426506

SHA512
fbb35d849b4cf221f88e46c53f04776435f11ad887d202f93e924bfec5bf9c5a6a1eff3a468ef5d0113b46f7d29256476e323fbe4878c36318ebe28f35aca5c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
cf71c29b37914127086313f6e8d7719d

SHA1
364ca7671529b3a7287c02611b43fd18df15f9ad

SHA256
309611ca1e3787d2e94f3aea9aee6871059b6c9551d6cd21e42b926a6a699c87

SHA512
8f6da5b2801ad4afdf3e740515b78010d338ca7732d9336b598ac3dd2111f41daca625d217e06f237726b6c47ce70a66e630c33f61a82f9993001346fa33f3d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
c7b03697eea9adaf762e46d65fccef66

SHA1
d5ef170337978df3f623bd09964de10697ed3123

SHA256
09d82d76fb6b39507cc10ac92c3e7566592c9850dd8405014dcda03c86c91ac5

SHA512
5c642180d5df06885b6ffad3a2c3719c4284a8ade521b3d8799d1db62c6c2a476b7914e09529df7e0a4e0b72f65049a164c05b0199b4d0d0f808d22a7b569d12

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
eec742ce199891cbc0f5dd1685a305e0

SHA1
9bf51ab0df91e52e96b060ad9e5d73afe5e6cece

SHA256
dbda72e80993777e0c56d2b96232c9b12491ede006f1f24025817f47a3d3cc11

SHA512
bea2aa0cdcdc6a5599f8860906c3f3ebfc9b47ad5d82a661bd14e942bc4701811580b66be6f305abd1f98856cd0ca124d0adcbcf84274703e163614901f34c5d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
41f5573d87cb92e16af4f7027ba2361a

SHA1
846a48dff691ca51c7cb570eda942498cc7fb89a

SHA256
59ce7327e334f3fe91c31eec261f637437c6eccdc84deb190617a64f9ce8e2ef

SHA512
8798284d2cda535b8af798d8467b206d9b29e2a87256b715543011469a2e3de846eafe190d7f9b7ce9cafe5f391dc55643fc6df2c143bcf53a5bc204633d27a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
97KB

MD5
588a52bde8f9e0f2c674b3446d63e196

SHA1
9e56cf4178a5e1f14f7c77e67702eb2ba817e1cb

SHA256
b428d252cd332e5fed471eee4473dd96ad6f1137a699f9331fb4419a434d17ea

SHA512
94a4c15a291df6909a5e4783c0e14c570f8d96303afdafc2ddd8e9303e9c41143b3fca4f9f6701b395292dbffdbbdf7bfa1858a79f28bd4ff1f1f7ff9e3b620c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5929f4.TMP

Filesize
95KB

MD5
fe45309f2e52343013b4b2149780890b

SHA1
5f1cc246fd12d3a41e6d899d7c3d74c3e0573061

SHA256
23d03a043e4626905d2988ddf2980f5baf9b83aada53602026f4707b99c4ec35

SHA512
ed55aa9c76af4980c878602de580d76053ea5e59798dbb6e65e481d2e0d03319175d377bc99bf23fd37af032eb5fae52c42bd6f08a054fb52d4ad00aba077282

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit