hxxps://google[.]com

max time kernel
1800s
max time network
1803s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
17/03/2024, 13:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://google.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133551560482304213"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
488	chrome.exe
488	chrome.exe
6092	chrome.exe
6092	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
488	chrome.exe
488	chrome.exe
488	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe
Token: SeShutdownPrivilege	488	chrome.exe
Token: SeCreatePagefilePrivilege	488	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe
488	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 488 wrote to memory of 1184	488	chrome.exe	93
PID 488 wrote to memory of 1184	488	chrome.exe	93
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 708	488	chrome.exe	96
PID 488 wrote to memory of 2336	488	chrome.exe	97
PID 488 wrote to memory of 2336	488	chrome.exe	97
PID 488 wrote to memory of 436	488	chrome.exe	98
PID 488 wrote to memory of 436	488	chrome.exe	98
PID 488 wrote to memory of 436	488	chrome.exe	98
PID 488 wrote to memory of 436	488	chrome.exe	98
PID 488 wrote to memory of 436	488	chrome.exe	98
PID 488 wrote to memory of 436	488	chrome.exe	98
PID 488 wrote to memory of 436	488	chrome.exe	98
PID 488 wrote to memory of 436	488	chrome.exe	98
PID 488 wrote to memory of 436	488	chrome.exe	98
PID 488 wrote to memory of 436	488	chrome.exe	98
PID 488 wrote to memory of 436	488	chrome.exe	98
PID 488 wrote to memory of 436	488	chrome.exe	98
PID 488 wrote to memory of 436	488	chrome.exe	98
PID 488 wrote to memory of 436	488	chrome.exe	98
PID 488 wrote to memory of 436	488	chrome.exe	98
PID 488 wrote to memory of 436	488	chrome.exe	98
PID 488 wrote to memory of 436	488	chrome.exe	98
PID 488 wrote to memory of 436	488	chrome.exe	98
PID 488 wrote to memory of 436	488	chrome.exe	98
PID 488 wrote to memory of 436	488	chrome.exe	98
PID 488 wrote to memory of 436	488	chrome.exe	98
PID 488 wrote to memory of 436	488	chrome.exe	98

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://google.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffe6e5b9758,0x7ffe6e5b9768,0x7ffe6e5b9778
  2⤵
  PID:1184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1728 --field-trial-handle=1888,i,5580671963938771891,978166161017677525,131072 /prefetch:2
  2⤵
  PID:708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1888,i,5580671963938771891,978166161017677525,131072 /prefetch:8
  2⤵
  PID:2336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2228 --field-trial-handle=1888,i,5580671963938771891,978166161017677525,131072 /prefetch:8
  2⤵
  PID:436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3048 --field-trial-handle=1888,i,5580671963938771891,978166161017677525,131072 /prefetch:1
  2⤵
  PID:4544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3056 --field-trial-handle=1888,i,5580671963938771891,978166161017677525,131072 /prefetch:1
  2⤵
  PID:3092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4840 --field-trial-handle=1888,i,5580671963938771891,978166161017677525,131072 /prefetch:8
  2⤵
  PID:2604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4836 --field-trial-handle=1888,i,5580671963938771891,978166161017677525,131072 /prefetch:1
  2⤵
  PID:2788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5324 --field-trial-handle=1888,i,5580671963938771891,978166161017677525,131072 /prefetch:8
  2⤵
  PID:3772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=936 --field-trial-handle=1888,i,5580671963938771891,978166161017677525,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:6092

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3628

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4104 --field-trial-handle=2280,i,11703952675008463361,17436195144517971517,262144 --variations-seed-version /prefetch:8
1⤵
PID:5860

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3588 --field-trial-handle=2280,i,11703952675008463361,17436195144517971517,262144 --variations-seed-version /prefetch:8
1⤵
PID:5156

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
196KB

MD5
813c1b41e435242e7365a4bcd7adcf23

SHA1
2d25e1564eaf93455640413b95646b3f88f9075b

SHA256
70cb2151ee4ef83195855d29819491a23c5eafee2e72b7ffd9041b35363d1542

SHA512
268c4fa1797700a205e37e716c1472592ad6242344645c703ab1ab8d4d68452c3ccce7cdc4d56a0b42d4061bdc793f1c79dffc397f038133387b94b2a1f4051e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
5a8e465254a138e7929e4d9a4d0d3dac

SHA1
90a5ce0160e05cf6786784dddcec18444e73980f

SHA256
9d10e1d56a2933bc7d86100877669ed39c49e1f3a46d86e784460445535c3c6d

SHA512
92ef03d8127fe418aeff144cea8f75a858b1f4d49b220624860c3f89eaa3d83edca4a9f50bd8cce52e96de4d226af51453e8a471444db289aa17b74cdfc1811d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
dba947a13f9ca365f9a1265de6e77d8d

SHA1
5a1a4bc892555bfccb92ffeb77babeae9774b2a6

SHA256
d4b6708e4085243e39f7621a7b8395b15e0e9893f7fd603183fdc84d8ea75e24

SHA512
37de1220941582c29fbaef2f76942f7b0ca9043bee0a8610947e7e700bdfdada1d594918bd7fc48f505a77dde84116a0fb33dafa7f7343a7fa3147f78d936caf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
5e297d323f46928be6e8150b1d8d1146

SHA1
83cff53d3c516145381c9c55a9324b6a8b2bde62

SHA256
f0738fdf2b2fa1cf93d73a5d97ae16e3eb0bab2f3244d33aab34590934b371d6

SHA512
e9d5ca9faba0b75db3e3071c63f0ed9e5c27292c239cbdaae6646fe53e6335646d10ecba0b2535dc352f62eefae78579c77fa00b22c0682ec597f06dd6645f58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
fcc6113e8ea2fadd985a9945214035d5

SHA1
41bb637b452f2bff8c21ee9e2bd9aeb1ba852392

SHA256
15dc0eeae8cb1b31f6bafb764c04bd2237d09f5d45e84e0b5281dd7df577b380

SHA512
84269669a8e9d8ba6d733a2c4164ba6b1ce086dbe906cbce7f639339928a32bf3f6dd242b2956eae1490a789bd539d7cf9a93f26a76770a4f4ad24b44180d604

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
64c883c0a7187359016f2365566c5238

SHA1
c228294b02ebb658ec98881deca8aaf05318b833

SHA256
2350d7f0817a81b07f902c9dea4b72e2980faf8a6e64a0400f9442fc2bba3f87

SHA512
3feef02a0e39f500e1fee947f0f522695203e2f81f89253ba2ea30a62bc74f696db3b81d125eb0c46d7c006de0b45afde77ddbd990b70888e91fafe6d6e08c7b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
7cefae4b97eb43c6f50a0e4df554ed3f

SHA1
e66eae0ddd900eb25400c93d0964ef2a47453332

SHA256
988340d44dc35db488f8d779bbb91eadb08f39978538de7d928b9b3f07368438

SHA512
7471c648fa4743d041e43955451a2f041d658eabcff71881405b48d93727e995dba820f8a71b3735625a88091941448f3258967a6b557cf706163b93104b41ac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
75617bba1c66355ae501e0ad33bdfe82

SHA1
9fae9edccba05d084977282df1284cab8a96ae87

SHA256
f2fa8366517e4944b6c4cbeb4f498e190e4dbe317e5ccf701f5663bfcfcdf082

SHA512
f398b39cd9121bd04657d3a02788ef4a7effd523f566009d9f7e713e838e4ba3d8acf4f0dc58aeb938aa6b3d9204cae60d2b5538b5e24d7a2532a348fe3f07c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
e984e910d6f6630442242d0c035ca818

SHA1
56991e3eb76ecd65733609bf5a7157d72d142709

SHA256
24ea9b327537e5697eccc52dda98817f79afdf5454550c783417b419f1370157

SHA512
0f0bf7e400e6dd4faf30f6a4b1251405c8ea121c25098d836b3dd0be41b01ce9eeaa9ac21831a2d18b2ecd8b55da2ecf9cfa742f6c117baad7d28e212d1ba7d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
94c350b85752ffe4fc22022cf08f8f0d

SHA1
ab3f1661c9185860ecc17f4ead066c9e748c856b

SHA256
9f35491f56ae769fad094e9309dbb3e4a459be2fae655fe8849471119375e2fc

SHA512
b7ac84d34b9d182fc29179d18e4a87c3d23888df27fb73aee00f48732da16ad5897db16e7d13ef7075ff850069f96b8a7296eb9df3924e1200e695420f459117

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit