hxxp://adv-technoiogies[.]com

Resubmissions

28/03/2024, 06:15

240328-gzxv7sef7t 1

28/03/2024, 06:04

240328-gsqtbaef5x 1

Analysis

max time kernel
106s
max time network
98s
platform
windows11-21h2_x64
resource
win11-20240319-en
resource tags

arch:x64arch:x86image:win11-20240319-enlocale:en-usos:windows11-21h2-x64system
submitted
28/03/2024, 06:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://adv-technoiogies.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133560801238609561"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3816	chrome.exe
3816	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe
Token: SeShutdownPrivilege	3816	chrome.exe
Token: SeCreatePagefilePrivilege	3816	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe
3816	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3816 wrote to memory of 448	3816	chrome.exe	78
PID 3816 wrote to memory of 448	3816	chrome.exe	78
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 4428	3816	chrome.exe	80
PID 3816 wrote to memory of 3872	3816	chrome.exe	81
PID 3816 wrote to memory of 3872	3816	chrome.exe	81
PID 3816 wrote to memory of 784	3816	chrome.exe	82
PID 3816 wrote to memory of 784	3816	chrome.exe	82
PID 3816 wrote to memory of 784	3816	chrome.exe	82
PID 3816 wrote to memory of 784	3816	chrome.exe	82
PID 3816 wrote to memory of 784	3816	chrome.exe	82
PID 3816 wrote to memory of 784	3816	chrome.exe	82
PID 3816 wrote to memory of 784	3816	chrome.exe	82
PID 3816 wrote to memory of 784	3816	chrome.exe	82
PID 3816 wrote to memory of 784	3816	chrome.exe	82
PID 3816 wrote to memory of 784	3816	chrome.exe	82
PID 3816 wrote to memory of 784	3816	chrome.exe	82
PID 3816 wrote to memory of 784	3816	chrome.exe	82
PID 3816 wrote to memory of 784	3816	chrome.exe	82
PID 3816 wrote to memory of 784	3816	chrome.exe	82
PID 3816 wrote to memory of 784	3816	chrome.exe	82
PID 3816 wrote to memory of 784	3816	chrome.exe	82
PID 3816 wrote to memory of 784	3816	chrome.exe	82
PID 3816 wrote to memory of 784	3816	chrome.exe	82
PID 3816 wrote to memory of 784	3816	chrome.exe	82
PID 3816 wrote to memory of 784	3816	chrome.exe	82
PID 3816 wrote to memory of 784	3816	chrome.exe	82
PID 3816 wrote to memory of 784	3816	chrome.exe	82

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://adv-technoiogies.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffea7c29758,0x7ffea7c29768,0x7ffea7c29778
  2⤵
  PID:448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1704 --field-trial-handle=1800,i,1558794824142522869,12252480038499491458,131072 /prefetch:2
  2⤵
  PID:4428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=1800,i,1558794824142522869,12252480038499491458,131072 /prefetch:8
  2⤵
  PID:3872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2168 --field-trial-handle=1800,i,1558794824142522869,12252480038499491458,131072 /prefetch:8
  2⤵
  PID:784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2808 --field-trial-handle=1800,i,1558794824142522869,12252480038499491458,131072 /prefetch:1
  2⤵
  PID:3900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2824 --field-trial-handle=1800,i,1558794824142522869,12252480038499491458,131072 /prefetch:1
  2⤵
  PID:4720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4460 --field-trial-handle=1800,i,1558794824142522869,12252480038499491458,131072 /prefetch:1
  2⤵
  PID:548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4760 --field-trial-handle=1800,i,1558794824142522869,12252480038499491458,131072 /prefetch:1
  2⤵
  PID:2736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5124 --field-trial-handle=1800,i,1558794824142522869,12252480038499491458,131072 /prefetch:8
  2⤵
  PID:384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5252 --field-trial-handle=1800,i,1558794824142522869,12252480038499491458,131072 /prefetch:8
  2⤵
  PID:2136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4932 --field-trial-handle=1800,i,1558794824142522869,12252480038499491458,131072 /prefetch:1
  2⤵
  PID:1092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2944 --field-trial-handle=1800,i,1558794824142522869,12252480038499491458,131072 /prefetch:1
  2⤵
  PID:2168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4384 --field-trial-handle=1800,i,1558794824142522869,12252480038499491458,131072 /prefetch:1
  2⤵
  PID:4424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4900 --field-trial-handle=1800,i,1558794824142522869,12252480038499491458,131072 /prefetch:1
  2⤵
  PID:1300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=1516 --field-trial-handle=1800,i,1558794824142522869,12252480038499491458,131072 /prefetch:1
  2⤵
  PID:2660

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4396

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\88a34aae-175a-4c4e-9776-b5970796e706.tmp

Filesize
10KB

MD5
0a1674a225bb55502fda4bc9f8ceb0f7

SHA1
08176713990bfb16a0cdd330d0f454001d1b7088

SHA256
d2cd5fb26fcc5bd33231f3f92568ad57f725d8cd991c1856d78aa7cf146c220d

SHA512
05f6c5b97a3b1bde8bbec7d54dde8f20f9392362de1bae669a72fadbdd4093eef2968b390c24a3c98c41bea4325c7d39c802bc8318a6121cf5f43d74dc45912f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
8188cd5772e6d8e19dfb3dae38ba8585

SHA1
1d39e0881250ba81f7df3b3fe6f51c37a06f9a27

SHA256
fd531aa9cff40c5ca3d676f51d84c29405ce568259439acfd9c26b8d50f215c9

SHA512
3eb93f17d93ec62dfb6755799898dee8f46ae011f07050e7b1cf3a4cd702fa7f16e0de6c7c58483e5bbc0f91584836b69984e6ce7885cc25074a0843f83cd9ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
240B

MD5
740889d6f0d9ada72ae29bfde437e6b2

SHA1
2a07f4306f5c281296b30d0c53589f47f0f036fb

SHA256
b07ad9f74eb5714f88f83458c2195b60e9bfc6a5f04fc4a2475fd2598022a0d0

SHA512
1da85a120e7841bcad71640858c54d186822417a631a038a1d2bf7b967036234493e98f8bbe72c4ff55309209c7f39ff261f2a55292d25aad7b24d8284b0fc9b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
67dc4a6e2eafacee077288da51499c71

SHA1
61289079b7abb119e29df2d4b458b964640f2e28

SHA256
dedf8e907820b03137497a321879ba4e18b8312dc63b336da1d1bdb8e0c16376

SHA512
e2cf31695a1e50fc2a78fff506140ff89d78a503f1ca02a273bc526f3758edebf924865edb3847aa15eed78dc836b6cc3d9d725195fa819a2779b21315491659

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
ad78265ae17738d4382a35948de8685d

SHA1
4e010b27289d90e8add7312bf39ed151e1c3ff32

SHA256
191f12796c9cc06175d4b7c2567ad5da62b60b9296ba284c97763e6922484e65

SHA512
714c4bf04498d54168e92e295b046116580996cf964d5460a9e381eb2dfb2d6a87e86182cf5c2a76364624fa4f5157f6382535a1cc55ab2e2399093266298b3a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
901a6e0f1bb031d8ee1d55d483a1a77e

SHA1
1c900a0e172b52d4cd733560cb8e1afdd16377be

SHA256
be3f5b8d221faf4acdd225be4449f6e741dd21f5235b7bb6338cf30c36930bdf

SHA512
9729c069402e431dd3f891b11be73e8127092a909a2137a6fa04d43c7d854470222c1db775b13f785fa06991d59aca37fee4c2c043b50d7a83d0fc45055ceb12

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
ac071c0874504d1d00064947b5a537dc

SHA1
442d311cd1586f498085a45b687e60f0414b37fd

SHA256
6858ecb05d159c093bfdccf1bcc54fff40b6d67a229033c4fc37930ca866bda8

SHA512
41df6c51b1cffbc716b40d6760198a7fee2e95f672773dcdf6dec3e456f655709c57d6885756d3f14550489687aac6896a8ebf7a381d436672e86a18aea6ddd3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
228ff12c9ad294cbcfa3735f5b2506d4

SHA1
c2158fece56f9c786d9adb33424579c4e956289c

SHA256
1218102fb2afbd73ae632973f400db1e7287fb0e6e2dcb024c16fd5e03c3436c

SHA512
ca920bb7695cb3ed6dec861100cde59d556a0650ffad7c1f10d13df4e5d6a5d52059a24c2cab9d4219da694498c3e2f72826d02097e6ae6f741e30752175f40b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
f2a84825fc5ced66ffccce0cadee89c5

SHA1
c6334f527abde600e86d2515b6bfaa47ab2862df

SHA256
74f1eb598ab797ce7ad47643706a3d801d9a8aabed243bdd86b43cdb0892716f

SHA512
64d4edddc69a33e8e4e6a2b5c2f11110b6bdf06f5280115f6ebfc1315c53655bbde8837798a8ab4bd5231d8d58064c207e1ec3f5f003881d88f739f4a651662b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
134KB

MD5
87a594a98ecc6ed56d3ff17696861d65

SHA1
209d2d57494b98212e398e84d5edec97f4f45ea2

SHA256
00494f29dfee6fd8cf51aa57d2856b1c7c009451f2d036daf36c1047d7f94aca

SHA512
12eab118d05b861794e30bb49e795fa763b6d901dc9b292907299f85cc7abf7d97d6bd57e4810473084eff95968ad130d18579e86095036ccdeba7424d5e6a36

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit