hxxp://secure-web[.]cisco[.]com/1fAwaMvGYV752q_SwnXZmknhUG70fyCPpQw6ksuWVy3MgD-izVJ8Ige6QE0ar8uvMQVwWeCLh3QBrq9sDaNS8nuNq_g8lGrEV21d9SSfw5_B2-PaIm1JyD0KlcIpNaPVamf-mo-sInkxhutKmT5eOs5ve2KjmX3mKNGAs0_BNbcUXmJejTfNXMiPj4cJSUduxHyVUHTzOEDQJjq2Zbrad5LLKMh0eucMnrVpq_Ze7SPdX8bEYg65F5p32mgczsLjz/http%3A%2F%2Faga[.]linksto[.]net%2Fls%2Fclick%3Fupn%3Du001[.]ZyCroDt-2Fbrigq-2FePBgjN0e-2BX2dTOG-2B-2FBHQTtamVAjhM-3Dy0Su_2ss3lZEKJb2yL1gecHBb9VVNP3iF1yBRKq02h9WVTxUuOerK5t-2FvVkRjOdBZt-2Bq28x4EsTGc4RrcDZFlu63jRynHtbroj415Crtqs7H8q1IKDUTJJJmwVe4SNSwVwx6ZFvoNVt3-2FOO1kXiCQCnipitokHFtRCz3L70HzbGCxYO49Qvwp8mfdfXRHyBMd-2BoI3tIg-2B8GyuWT8CutFC9FtunCgCs4INnRSvNl9XDpguWIngTrxSWXwbgCKcr8Xj7C4OpZtpUXPMuX3o0jI-2BctFX4qi0G4v5BZ2D7ZU8kHx0NShpE4CPYOWE-2BHCvDaubUpOHMZJMLyOuS3iaSA2AoVo7Zw-3D-3D

Analysis

max time kernel
69s
max time network
75s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
12/03/2024, 18:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://secure-web.cisco.com/1fAwaMvGYV752q_SwnXZmknhUG70fyCPpQw6ksuWVy3MgD-izVJ8Ige6QE0ar8uvMQVwWeCLh3QBrq9sDaNS8nuNq_g8lGrEV21d9SSfw5_B2-PaIm1JyD0KlcIpNaPVamf-mo-sInkxhutKmT5eOs5ve2KjmX3mKNGAs0_BNbcUXmJejTfNXMiPj4cJSUduxHyVUHTzOEDQJjq2Zbrad5LLKMh0eucMnrVpq_Ze7SPdX8bEYg65F5p32mgczsLjz/http%3A%2F%2Faga.linksto.net%2Fls%2Fclick%3Fupn%3Du001.ZyCroDt-2Fbrigq-2FePBgjN0e-2BX2dTOG-2B-2FBHQTtamVAjhM-3Dy0Su_2ss3lZEKJb2yL1gecHBb9VVNP3iF1yBRKq02h9WVTxUuOerK5t-2FvVkRjOdBZt-2Bq28x4EsTGc4RrcDZFlu63jRynHtbroj415Crtqs7H8q1IKDUTJJJmwVe4SNSwVwx6ZFvoNVt3-2FOO1kXiCQCnipitokHFtRCz3L70HzbGCxYO49Qvwp8mfdfXRHyBMd-2BoI3tIg-2B8GyuWT8CutFC9FtunCgCs4INnRSvNl9XDpguWIngTrxSWXwbgCKcr8Xj7C4OpZtpUXPMuX3o0jI-2BctFX4qi0G4v5BZ2D7ZU8kHx0NShpE4CPYOWE-2BHCvDaubUpOHMZJMLyOuS3iaSA2AoVo7Zw-3D-3D

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133547421835758451"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2152	chrome.exe
2152	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe

Suspicious use of AdjustPrivilegeToken 36 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2152	chrome.exe
Token: SeCreatePagefilePrivilege	2152	chrome.exe
Token: SeShutdownPrivilege	2152	chrome.exe
Token: SeCreatePagefilePrivilege	2152	chrome.exe
Token: SeShutdownPrivilege	2152	chrome.exe
Token: SeCreatePagefilePrivilege	2152	chrome.exe
Token: SeShutdownPrivilege	2152	chrome.exe
Token: SeCreatePagefilePrivilege	2152	chrome.exe
Token: SeShutdownPrivilege	2152	chrome.exe
Token: SeCreatePagefilePrivilege	2152	chrome.exe
Token: SeShutdownPrivilege	2152	chrome.exe
Token: SeCreatePagefilePrivilege	2152	chrome.exe
Token: SeShutdownPrivilege	2152	chrome.exe
Token: SeCreatePagefilePrivilege	2152	chrome.exe
Token: SeShutdownPrivilege	2152	chrome.exe
Token: SeCreatePagefilePrivilege	2152	chrome.exe
Token: SeShutdownPrivilege	2152	chrome.exe
Token: SeCreatePagefilePrivilege	2152	chrome.exe
Token: SeShutdownPrivilege	2152	chrome.exe
Token: SeCreatePagefilePrivilege	2152	chrome.exe
Token: SeShutdownPrivilege	2152	chrome.exe
Token: SeCreatePagefilePrivilege	2152	chrome.exe
Token: SeShutdownPrivilege	2152	chrome.exe
Token: SeCreatePagefilePrivilege	2152	chrome.exe
Token: SeShutdownPrivilege	2152	chrome.exe
Token: SeCreatePagefilePrivilege	2152	chrome.exe
Token: SeShutdownPrivilege	2152	chrome.exe
Token: SeCreatePagefilePrivilege	2152	chrome.exe
Token: SeShutdownPrivilege	2152	chrome.exe
Token: SeCreatePagefilePrivilege	2152	chrome.exe
Token: SeShutdownPrivilege	2152	chrome.exe
Token: SeCreatePagefilePrivilege	2152	chrome.exe
Token: SeShutdownPrivilege	2152	chrome.exe
Token: SeCreatePagefilePrivilege	2152	chrome.exe
Token: SeShutdownPrivilege	2152	chrome.exe
Token: SeCreatePagefilePrivilege	2152	chrome.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe
2152	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2152 wrote to memory of 3448	2152	chrome.exe	91
PID 2152 wrote to memory of 3448	2152	chrome.exe	91
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3024	2152	chrome.exe	93
PID 2152 wrote to memory of 3556	2152	chrome.exe	94
PID 2152 wrote to memory of 3556	2152	chrome.exe	94
PID 2152 wrote to memory of 3032	2152	chrome.exe	95
PID 2152 wrote to memory of 3032	2152	chrome.exe	95
PID 2152 wrote to memory of 3032	2152	chrome.exe	95
PID 2152 wrote to memory of 3032	2152	chrome.exe	95
PID 2152 wrote to memory of 3032	2152	chrome.exe	95
PID 2152 wrote to memory of 3032	2152	chrome.exe	95
PID 2152 wrote to memory of 3032	2152	chrome.exe	95
PID 2152 wrote to memory of 3032	2152	chrome.exe	95
PID 2152 wrote to memory of 3032	2152	chrome.exe	95
PID 2152 wrote to memory of 3032	2152	chrome.exe	95
PID 2152 wrote to memory of 3032	2152	chrome.exe	95
PID 2152 wrote to memory of 3032	2152	chrome.exe	95
PID 2152 wrote to memory of 3032	2152	chrome.exe	95
PID 2152 wrote to memory of 3032	2152	chrome.exe	95
PID 2152 wrote to memory of 3032	2152	chrome.exe	95
PID 2152 wrote to memory of 3032	2152	chrome.exe	95
PID 2152 wrote to memory of 3032	2152	chrome.exe	95
PID 2152 wrote to memory of 3032	2152	chrome.exe	95
PID 2152 wrote to memory of 3032	2152	chrome.exe	95
PID 2152 wrote to memory of 3032	2152	chrome.exe	95
PID 2152 wrote to memory of 3032	2152	chrome.exe	95
PID 2152 wrote to memory of 3032	2152	chrome.exe	95

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://secure-web.cisco.com/1fAwaMvGYV752q_SwnXZmknhUG70fyCPpQw6ksuWVy3MgD-izVJ8Ige6QE0ar8uvMQVwWeCLh3QBrq9sDaNS8nuNq_g8lGrEV21d9SSfw5_B2-PaIm1JyD0KlcIpNaPVamf-mo-sInkxhutKmT5eOs5ve2KjmX3mKNGAs0_BNbcUXmJejTfNXMiPj4cJSUduxHyVUHTzOEDQJjq2Zbrad5LLKMh0eucMnrVpq_Ze7SPdX8bEYg65F5p32mgczsLjz/http%3A%2F%2Faga.linksto.net%2Fls%2Fclick%3Fupn%3Du001.ZyCroDt-2Fbrigq-2FePBgjN0e-2BX2dTOG-2B-2FBHQTtamVAjhM-3Dy0Su_2ss3lZEKJb2yL1gecHBb9VVNP3iF1yBRKq02h9WVTxUuOerK5t-2FvVkRjOdBZt-2Bq28x4EsTGc4RrcDZFlu63jRynHtbroj415Crtqs7H8q1IKDUTJJJmwVe4SNSwVwx6ZFvoNVt3-2FOO1kXiCQCnipitokHFtRCz3L70HzbGCxYO49Qvwp8mfdfXRHyBMd-2BoI3tIg-2B8GyuWT8CutFC9FtunCgCs4INnRSvNl9XDpguWIngTrxSWXwbgCKcr8Xj7C4OpZtpUXPMuX3o0jI-2BctFX4qi0G4v5BZ2D7ZU8kHx0NShpE4CPYOWE-2BHCvDaubUpOHMZJMLyOuS3iaSA2AoVo7Zw-3D-3D
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff848759758,0x7ff848759768,0x7ff848759778
  2⤵
  PID:3448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1652 --field-trial-handle=1788,i,14381381629716931102,1027344888297831982,131072 /prefetch:2
  2⤵
  PID:3024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=1788,i,14381381629716931102,1027344888297831982,131072 /prefetch:8
  2⤵
  PID:3556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2236 --field-trial-handle=1788,i,14381381629716931102,1027344888297831982,131072 /prefetch:8
  2⤵
  PID:3032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2916 --field-trial-handle=1788,i,14381381629716931102,1027344888297831982,131072 /prefetch:1
  2⤵
  PID:1480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2936 --field-trial-handle=1788,i,14381381629716931102,1027344888297831982,131072 /prefetch:1
  2⤵
  PID:4644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4888 --field-trial-handle=1788,i,14381381629716931102,1027344888297831982,131072 /prefetch:1
  2⤵
  PID:3588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5272 --field-trial-handle=1788,i,14381381629716931102,1027344888297831982,131072 /prefetch:8
  2⤵
  PID:3524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5364 --field-trial-handle=1788,i,14381381629716931102,1027344888297831982,131072 /prefetch:8
  2⤵
  PID:1464

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2520

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\42b58c65-15ec-4593-9a49-32bb95abe48d.tmp

Filesize
128KB

MD5
fc26a01f8301672ece87cf2cf1d6c8b4

SHA1
5bc18e2c38bec1672034b1867492f0882ec695ce

SHA256
3b92774e0219b842b6244e5e6fedaabf852251ccfc7efc6cb4430fb22cc5a5a9

SHA512
298a99d34e0a1af8a9b24b155c6a2725507198ecc0f769f6bae8e67493c4cac01e57a3ba853faffd16b8997313e4159017b508384f154eb7c2273260e6ec6981

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
acbde48811d35808d96ea10839c3827f

SHA1
e99a9f14651bbb9f1d7950b131c67ebcd97770c9

SHA256
a2e236b23e062e5ab0b39cd07ef187a29833fc2cdbed4fe7c5b9ed4954731c04

SHA512
78419800437e5ff72ad8263f84cab83d623e0dd3677590e8507545e0e9bf8941c1ec82a89209775de523427b49babb735c90dc8242c6e654aed91cd90a8db9a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
6c8f9d49263050e63ca626dee8eab135

SHA1
6982ebcf636858ccb8f9a74fba230e82bc197db6

SHA256
7882387bbe5018a3ca73743247ec79c6103bbdcaf5db09b7de6809140d7ac428

SHA512
5dbbbe091d9a63caa54f46c4f403e99047f612212d78ffa0f40595c2ac15826c2133954c10f621eaf2e41a2275ae79ec95532daa75582a472214671d9f7fa247

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
868B

MD5
c2e59f3e91d7a4a40b7e0d9e0789de59

SHA1
8d408ebb2ac7dc5cc6a47d0cfaf70a810cad31fe

SHA256
a433515e0d32c6e2163333b9757649eed89aa10783a76dc803cfd20cd21b4106

SHA512
462db1ac3b0e6338013b29c355dc669ea8f7b593c9add21144be43dcbfcd66d89d065efb9409c5e454b99c79efae6768499d9e479cef51e9f1e4c36af4a02a67

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
803a13c2e24f39a7831a1202c9e3d0b1

SHA1
af238784d06d77c08ef1fff7ad5d7f56c65e9c0d

SHA256
44911cbc3acc128e837d58713f1141fdee80fd9bb979024b381116a320b6a500

SHA512
45fd3ba46a4603ce03349099985b6e237f8e07466eb171e6c56a746e2329ba8df7416d234dd957a6eb10e4bb63651a3ccdd1d75d8267cf9e10ad5f5fba419059

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
6b3cb45cd2dfe178992883cbf66a60c1

SHA1
1059c9847ec96a6825c6c4de5686674b468b8495

SHA256
a3a4a1abcbc0db0fea0d158a479a57135032959d0638bcbb89f61c94cb0ea236

SHA512
4e8ce6f537036e8ad672b665eedc93aa8f05f0d72803c2f6e8fcc7b0c8af1a96d7b4415192d4e99a1cdd478e5076f11d6b65c1a2b2e22a1ab04d079824c04c9a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
ce284e70c3bfa6aadddf8ec499945b3c

SHA1
bc1d7d60075705a061c5e3555ab6360256c4184c

SHA256
508fef90aba245ca2f236d2a6f2ba19eeb76713157274f601a4ac4aff2cbe036

SHA512
0ad8df7d408fd1491d4b561aeba36dbe9af79db315ea381cf1128d9089e901c7e4d9341e9da5f50488e7defabc2286f089ff4a517278a5fe3c634cad844068b7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit