hxxps://cme[.]stanford[.]edu/wgea2024

Analysis

max time kernel
150s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
09/04/2024, 20:49

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://cme.stanford.edu/wgea2024

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133571693688849571"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4664	chrome.exe
4664	chrome.exe
2004	chrome.exe
2004	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe
Token: SeShutdownPrivilege	4664	chrome.exe
Token: SeCreatePagefilePrivilege	4664	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe
4664	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4664 wrote to memory of 1872	4664	chrome.exe	86
PID 4664 wrote to memory of 1872	4664	chrome.exe	86
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2068	4664	chrome.exe	90
PID 4664 wrote to memory of 2836	4664	chrome.exe	91
PID 4664 wrote to memory of 2836	4664	chrome.exe	91
PID 4664 wrote to memory of 2740	4664	chrome.exe	92
PID 4664 wrote to memory of 2740	4664	chrome.exe	92
PID 4664 wrote to memory of 2740	4664	chrome.exe	92
PID 4664 wrote to memory of 2740	4664	chrome.exe	92
PID 4664 wrote to memory of 2740	4664	chrome.exe	92
PID 4664 wrote to memory of 2740	4664	chrome.exe	92
PID 4664 wrote to memory of 2740	4664	chrome.exe	92
PID 4664 wrote to memory of 2740	4664	chrome.exe	92
PID 4664 wrote to memory of 2740	4664	chrome.exe	92
PID 4664 wrote to memory of 2740	4664	chrome.exe	92
PID 4664 wrote to memory of 2740	4664	chrome.exe	92
PID 4664 wrote to memory of 2740	4664	chrome.exe	92
PID 4664 wrote to memory of 2740	4664	chrome.exe	92
PID 4664 wrote to memory of 2740	4664	chrome.exe	92
PID 4664 wrote to memory of 2740	4664	chrome.exe	92
PID 4664 wrote to memory of 2740	4664	chrome.exe	92
PID 4664 wrote to memory of 2740	4664	chrome.exe	92
PID 4664 wrote to memory of 2740	4664	chrome.exe	92
PID 4664 wrote to memory of 2740	4664	chrome.exe	92
PID 4664 wrote to memory of 2740	4664	chrome.exe	92
PID 4664 wrote to memory of 2740	4664	chrome.exe	92
PID 4664 wrote to memory of 2740	4664	chrome.exe	92

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://cme.stanford.edu/wgea2024
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xd8,0x100,0x104,0xe4,0x108,0x7ffd75379758,0x7ffd75379768,0x7ffd75379778
  2⤵
  PID:1872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1652 --field-trial-handle=1960,i,5623147702115716387,16299350857854486288,131072 /prefetch:2
  2⤵
  PID:2068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1264 --field-trial-handle=1960,i,5623147702115716387,16299350857854486288,131072 /prefetch:8
  2⤵
  PID:2836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1780 --field-trial-handle=1960,i,5623147702115716387,16299350857854486288,131072 /prefetch:8
  2⤵
  PID:2740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3044 --field-trial-handle=1960,i,5623147702115716387,16299350857854486288,131072 /prefetch:1
  2⤵
  PID:2672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3052 --field-trial-handle=1960,i,5623147702115716387,16299350857854486288,131072 /prefetch:1
  2⤵
  PID:856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4700 --field-trial-handle=1960,i,5623147702115716387,16299350857854486288,131072 /prefetch:1
  2⤵
  PID:2592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3792 --field-trial-handle=1960,i,5623147702115716387,16299350857854486288,131072 /prefetch:1
  2⤵
  PID:448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5052 --field-trial-handle=1960,i,5623147702115716387,16299350857854486288,131072 /prefetch:1
  2⤵
  PID:972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5228 --field-trial-handle=1960,i,5623147702115716387,16299350857854486288,131072 /prefetch:1
  2⤵
  PID:4564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5820 --field-trial-handle=1960,i,5623147702115716387,16299350857854486288,131072 /prefetch:8
  2⤵
  PID:4224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5364 --field-trial-handle=1960,i,5623147702115716387,16299350857854486288,131072 /prefetch:8
  2⤵
  PID:2608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2724 --field-trial-handle=1960,i,5623147702115716387,16299350857854486288,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2004

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1824

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
198KB

MD5
319e0c36436ee0bf24476acbcc83565c

SHA1
fb2658d5791fe5b37424119557ab8cee30acdc54

SHA256
f6562ea52e056b979d6f52932ae57b7afb04486b10b0ebde22c5b51f502c69d1

SHA512
ad902b9a010cf99bdedba405cad0387890a9ff90a9c91f6a3220cdceec1b08ecb97a326aef01b28d8d0aacb5f2a16f02f673e196bdb69fc68b3f636139059902

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
7bff9fdf5e569a51d6fdf6f9af13a98a

SHA1
9c4ad4c37061ece554efeb0bb33e906b15bb5860

SHA256
9de73463c48c969e355b045bf2b56f3fcc62ef096f1bf6c26ff2a805c3da0ac2

SHA512
31cb74a5b4d521032ccd96ddf2fc290e286a22bacff9457ed8ae2b6c1dd4af707934bc96b56f42b06d2d944e19e36f6a88cf4d1fa3ba7baefaa58b96e79f8e54

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
f2b287fe34da3358e2d1933eb721f859

SHA1
ff42fa5a5363960bc44759c833aba2e65bafce35

SHA256
adefc7d2804780606cb732c598aa9a7523d6ed10c99377b1b6cf4b2c8ba87bd1

SHA512
14b8c897270934f0c5b9e020c375f125d17a6b230359fd1f4712a3c1dfd972912b3976ad054e59898084daffedf4f86725d0893f4cd8d24e8a868fe992d98a90

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
62e61cc0b49ec837d1c199875f5309b7

SHA1
b30603405efb0e7965d3897457b8cb461138979f

SHA256
0d4005940285d693f39cae98d711a2ff951155f56600b814751b6921e6acda03

SHA512
e9d113e66fcbae2576872415e14424afd5d580d19301ddcc830858c0609bbf02ecf9ab840e7481fa1a58d66b4626aa8216ac31b6c2b4975d5816b853ca579211

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
53487dfa3670f9d5b120f332d6cdd22e

SHA1
3e78ed8228efe45fd518e3945cdb90bbae56c73a

SHA256
1578a5f57c0bf9db3298ec7fe4140fcd2daf99a1a33e5af325506d2ddbd6de83

SHA512
ce5eb2c88168fa45b0c4e1d157131aeb0ffb6dc460c4cf7d8929c5948b22d7267e9f1e13a13d36f1a00ecb283ced4c804247d1786cfd2d8fa549079200d22a51

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
114f7d6730aca658c8ff86c021697e32

SHA1
cca1f0d7c5b271082ae6e5074233932511598bed

SHA256
75f392718acf42248c4d22f5a8a46d61311c5e0caecdc54abf3de76d9dfe9372

SHA512
0ee7feedcd9f9d8d058b2203f86c7b3d8044b9b9487f79fe6dbabd32695f35d0390360f903d02222b040e95aeb05a2d185843ba93bd30d76aa063172d492187a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
4a104eaf86179f056700d4edd88ea05d

SHA1
fcbfd68f71365e0f83879f78c0dd07983ffa9a20

SHA256
a740fc96b6248670caaa01a782cec8567886447b59ee8523d6e5ddc9b5b050ab

SHA512
4bdedd87e3147057b6fdf08a469cb9b5f61a0e2364d39df49e9e6fa7a7a911f38b0361948e73405cd5f49b733922fc638fff5843f289d109f9cf2f63317f87ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
dce43129dd56ee3ec936f4e00610776a

SHA1
8b55e7c57c4d7af9fc25ac13437b7ef383f0bacb

SHA256
6d93807aa7ae9a13995bd5ecd34036e31669040b89372bf5097c76a1f06137d1

SHA512
4a24d25529edcaeb4423b2ea518f6f78fe48c3c5b699154e065cdbc00b6fcde139872d3bedb54891cf255b82093b908bf97d2c24b85f9756b646cd6b139b710d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit