hxxps://www[.]youtube[.]com/redirect?event=video_description&redir_token=QUFFLUhqa0YtaGJqRmdlcWhqZUcwY0lFckl5QWpfU2JtQXxBQ3Jtc0trWnMwd0JNbFF6Q3ctdTUtM0ZRaG9ZS0F1Y3lENndmdFRyeFFkTUttMWdYM3RSMDd6a21uTlkybWJqcGN3czNzMGxNdmVxUFRNU1pVc2hHa25sSWM2N2tGLTMzTHdUb0hJZ1VsNkJTUG04MWlmWmZoRQ&q=https%3A%2F%2Fcopycode-paste[.]com%2Fraw%2FgBzmxn&v=bYyk5Tzc3vE

Analysis

max time kernel
304s
max time network
290s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
15/03/2024, 04:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqa0YtaGJqRmdlcWhqZUcwY0lFckl5QWpfU2JtQXxBQ3Jtc0trWnMwd0JNbFF6Q3ctdTUtM0ZRaG9ZS0F1Y3lENndmdFRyeFFkTUttMWdYM3RSMDd6a21uTlkybWJqcGN3czNzMGxNdmVxUFRNU1pVc2hHa25sSWM2N2tGLTMzTHdUb0hJZ1VsNkJTUG04MWlmWmZoRQ&q=https%3A%2F%2Fcopycode-paste.com%2Fraw%2FgBzmxn&v=bYyk5Tzc3vE

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133549513513630344"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4108	chrome.exe
4108	chrome.exe
1212	chrome.exe
1212	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe
Token: SeShutdownPrivilege	4108	chrome.exe
Token: SeCreatePagefilePrivilege	4108	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe
4108	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4108 wrote to memory of 2640	4108	chrome.exe	88
PID 4108 wrote to memory of 2640	4108	chrome.exe	88
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 1348	4108	chrome.exe	90
PID 4108 wrote to memory of 4040	4108	chrome.exe	91
PID 4108 wrote to memory of 4040	4108	chrome.exe	91
PID 4108 wrote to memory of 1396	4108	chrome.exe	92
PID 4108 wrote to memory of 1396	4108	chrome.exe	92
PID 4108 wrote to memory of 1396	4108	chrome.exe	92
PID 4108 wrote to memory of 1396	4108	chrome.exe	92
PID 4108 wrote to memory of 1396	4108	chrome.exe	92
PID 4108 wrote to memory of 1396	4108	chrome.exe	92
PID 4108 wrote to memory of 1396	4108	chrome.exe	92
PID 4108 wrote to memory of 1396	4108	chrome.exe	92
PID 4108 wrote to memory of 1396	4108	chrome.exe	92
PID 4108 wrote to memory of 1396	4108	chrome.exe	92
PID 4108 wrote to memory of 1396	4108	chrome.exe	92
PID 4108 wrote to memory of 1396	4108	chrome.exe	92
PID 4108 wrote to memory of 1396	4108	chrome.exe	92
PID 4108 wrote to memory of 1396	4108	chrome.exe	92
PID 4108 wrote to memory of 1396	4108	chrome.exe	92
PID 4108 wrote to memory of 1396	4108	chrome.exe	92
PID 4108 wrote to memory of 1396	4108	chrome.exe	92
PID 4108 wrote to memory of 1396	4108	chrome.exe	92
PID 4108 wrote to memory of 1396	4108	chrome.exe	92
PID 4108 wrote to memory of 1396	4108	chrome.exe	92
PID 4108 wrote to memory of 1396	4108	chrome.exe	92
PID 4108 wrote to memory of 1396	4108	chrome.exe	92

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqa0YtaGJqRmdlcWhqZUcwY0lFckl5QWpfU2JtQXxBQ3Jtc0trWnMwd0JNbFF6Q3ctdTUtM0ZRaG9ZS0F1Y3lENndmdFRyeFFkTUttMWdYM3RSMDd6a21uTlkybWJqcGN3czNzMGxNdmVxUFRNU1pVc2hHa25sSWM2N2tGLTMzTHdUb0hJZ1VsNkJTUG04MWlmWmZoRQ&q=https%3A%2F%2Fcopycode-paste.com%2Fraw%2FgBzmxn&v=bYyk5Tzc3vE
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff17449758,0x7fff17449768,0x7fff17449778
  2⤵
  PID:2640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1748 --field-trial-handle=1728,i,9753613908744194781,1078611150852977141,131072 /prefetch:2
  2⤵
  PID:1348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1728,i,9753613908744194781,1078611150852977141,131072 /prefetch:8
  2⤵
  PID:4040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2236 --field-trial-handle=1728,i,9753613908744194781,1078611150852977141,131072 /prefetch:8
  2⤵
  PID:1396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2896 --field-trial-handle=1728,i,9753613908744194781,1078611150852977141,131072 /prefetch:1
  2⤵
  PID:4820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2912 --field-trial-handle=1728,i,9753613908744194781,1078611150852977141,131072 /prefetch:1
  2⤵
  PID:1944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5004 --field-trial-handle=1728,i,9753613908744194781,1078611150852977141,131072 /prefetch:8
  2⤵
  PID:1680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4956 --field-trial-handle=1728,i,9753613908744194781,1078611150852977141,131072 /prefetch:8
  2⤵
  PID:3988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4908 --field-trial-handle=1728,i,9753613908744194781,1078611150852977141,131072 /prefetch:1
  2⤵
  PID:4976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5180 --field-trial-handle=1728,i,9753613908744194781,1078611150852977141,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1212

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3236

C:\Windows\system32\notepad.exe
"C:\Windows\system32\notepad.exe"
1⤵
PID:5148

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
672B

MD5
44270d3e188dad86d0ff20bf6fe81c0b

SHA1
bf8d8e1a5006dba8fdda324da6183d71785451aa

SHA256
a15f2454be1bce4cdd1a826dc534a723c4db6d36b0d11d0ed55ddb2be1416deb

SHA512
277e88f2b287a753b7e0285e8240a942e63c7b1a3673ede10e28ba9d896690892ed6cefe6b012ca717a9f775fea6c38ed4b2d3153371d2b699d75a7c4acc5f70

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
6f5365c9000e7790c2f803b321deb636

SHA1
34bfb06c9dbcf0a3a0d6a0f053a417fa8c08d893

SHA256
e7bc9ddae762c76967bb17ae05c1bebc1547fb2f87f17555eb1408dc06ba8148

SHA512
1666959d4eaa393b6c972105ccb85245a6dc0a42ecded3db04207d3f255bb8a6f54bbf8ca948f131750b28e27954a1b22ddc1f515af178cc052abf593fd50f2c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
528d3e46a993b681a221e6e8af44929f

SHA1
d7203c1be26392ef51ecf4af0b0b4d2441abcfb6

SHA256
9bf34b00da9ce4becdefe6a2b49477a9cd325868e82fe901d3083122c73d481f

SHA512
c2ad9ae40e0ee130f9c0ce8449a131c1da7e2b9a33ae8b809190cbfa76c365dafc1d50f25cc5f380c4d8d6c7a4021ccbfc1ab52b515e013edf8b946ddb43a080

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
873B

MD5
53412efc7c0c89615966200a5cd8482b

SHA1
0aae341390d830404a4499af6e36977f59814ab5

SHA256
178a79c604ed88d2cacfa583f5cd517082b27164cde46c9968b7c82375744611

SHA512
e2fcd7fe8e94e9dd410c6d9f2880d7884e96a8abaecf8ee24f5ddbda6718fea159234d0d7d1cbe3aae057eec6112a12ff540e17298c95598bb4636956e248d3f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
873B

MD5
25a62c409ee9b01476822862a24352fd

SHA1
79cf287b91257f47a9752deb91641c0b4b1a1858

SHA256
2a4e5c3901c559284aa8d2c281f91a74455419f1efd88641c80116b4590b7e4d

SHA512
1b1f97a782977ffb7c11898aef732030585a626c408932c64259bbe7c0582beb7c59bf981c22ff4ec3e48540ace7652b0c85eaa20bb98a69e92f1467fde2f945

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
cb91087d6fa69fcc332a38943b18b631

SHA1
32afb0ef9bc026824971c501a70e7ec525156213

SHA256
13125c4446ff1779658b62b43c9f479fb36a3df991aac928ca7df2a48932351c

SHA512
ffcad2797833e4497fa954f9114ee011a80c459a34c6fdf747fe6ef1215f47c17216f6c94ca7a4ed06ab6095da769bcb006ae288c8ca65a396781edca839b486

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
bd926b72582681d5cf03ef0664a3c6a4

SHA1
548deb17a2be9e26ce6103ad50a82360e24aaf02

SHA256
cb4716b173775e6b3bd244be907d3ef5863d6dad407dd2fcb5737fce925150e0

SHA512
dd88360af927ebd0a7b259643bcc6a82a2d0614d89a714fe685ed92662be1ba8ba2c2e4719533dcc06167a7e2aa9d08fbcdeada78f70aa15df98d74a3acedfbb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit