hxxps://click20[.]bigmarker[.]com/links/JoBSLwv8674/SYPggJSmsm5/H5_KNW1W5ec/5WzmYsmGO?bu=7b9a2e229a7b00d2abf1a67ee21718a45225c6b42594c1e6d21aa5874938f664681d28c07772d2638167396b7079af54d7a7e298b5c68095fda226ae0fb177ff7a20af6764379533286a65285d6d9f2e6a163c1a48658449c698bb1440081c65f3a8c95d14bff77dafa74994b2870d8572e7d528e2af2faf94543201a331fc89baaf2b50510c047f5993d84d5d73840d184f3e36821c52d46927cf15defb5ea18ac2d20c81352a49084a03fe1c3b8c2b23068c7f83b826a0d748baa7fab1475102d6aec794f4a3fb085d4d8baa3a507f

Analysis

max time kernel
149s
max time network
150s
platform
windows11-21h2_x64
resource
win11-20240221-en
resource tags

arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
submitted
11/04/2024, 12:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://click20.bigmarker.com/links/JoBSLwv8674/SYPggJSmsm5/H5_KNW1W5ec/5WzmYsmGO?bu=7b9a2e229a7b00d2abf1a67ee21718a45225c6b42594c1e6d21aa5874938f664681d28c07772d2638167396b7079af54d7a7e298b5c68095fda226ae0fb177ff7a20af6764379533286a65285d6d9f2e6a163c1a48658449c698bb1440081c65f3a8c95d14bff77dafa74994b2870d8572e7d528e2af2faf94543201a331fc89baaf2b50510c047f5993d84d5d73840d184f3e36821c52d46927cf15defb5ea18ac2d20c81352a49084a03fe1c3b8c2b23068c7f83b826a0d748baa7fab1475102d6aec794f4a3fb085d4d8baa3a507f

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133573130737981594"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2520	chrome.exe
2520	chrome.exe
3048	chrome.exe
3048	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
2520	chrome.exe
2520	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2520 wrote to memory of 3584	2520	chrome.exe	77
PID 2520 wrote to memory of 3584	2520	chrome.exe	77
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 4956	2520	chrome.exe	79
PID 2520 wrote to memory of 1248	2520	chrome.exe	80
PID 2520 wrote to memory of 1248	2520	chrome.exe	80
PID 2520 wrote to memory of 644	2520	chrome.exe	81
PID 2520 wrote to memory of 644	2520	chrome.exe	81
PID 2520 wrote to memory of 644	2520	chrome.exe	81
PID 2520 wrote to memory of 644	2520	chrome.exe	81
PID 2520 wrote to memory of 644	2520	chrome.exe	81
PID 2520 wrote to memory of 644	2520	chrome.exe	81
PID 2520 wrote to memory of 644	2520	chrome.exe	81
PID 2520 wrote to memory of 644	2520	chrome.exe	81
PID 2520 wrote to memory of 644	2520	chrome.exe	81
PID 2520 wrote to memory of 644	2520	chrome.exe	81
PID 2520 wrote to memory of 644	2520	chrome.exe	81
PID 2520 wrote to memory of 644	2520	chrome.exe	81
PID 2520 wrote to memory of 644	2520	chrome.exe	81
PID 2520 wrote to memory of 644	2520	chrome.exe	81
PID 2520 wrote to memory of 644	2520	chrome.exe	81
PID 2520 wrote to memory of 644	2520	chrome.exe	81
PID 2520 wrote to memory of 644	2520	chrome.exe	81
PID 2520 wrote to memory of 644	2520	chrome.exe	81
PID 2520 wrote to memory of 644	2520	chrome.exe	81
PID 2520 wrote to memory of 644	2520	chrome.exe	81
PID 2520 wrote to memory of 644	2520	chrome.exe	81
PID 2520 wrote to memory of 644	2520	chrome.exe	81

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://click20.bigmarker.com/links/JoBSLwv8674/SYPggJSmsm5/H5_KNW1W5ec/5WzmYsmGO?bu=7b9a2e229a7b00d2abf1a67ee21718a45225c6b42594c1e6d21aa5874938f664681d28c07772d2638167396b7079af54d7a7e298b5c68095fda226ae0fb177ff7a20af6764379533286a65285d6d9f2e6a163c1a48658449c698bb1440081c65f3a8c95d14bff77dafa74994b2870d8572e7d528e2af2faf94543201a331fc89baaf2b50510c047f5993d84d5d73840d184f3e36821c52d46927cf15defb5ea18ac2d20c81352a49084a03fe1c3b8c2b23068c7f83b826a0d748baa7fab1475102d6aec794f4a3fb085d4d8baa3a507f
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc7ad59758,0x7ffc7ad59768,0x7ffc7ad59778
  2⤵
  PID:3584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1588 --field-trial-handle=1832,i,16389711516656804769,17560085486462666842,131072 /prefetch:2
  2⤵
  PID:4956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1832,i,16389711516656804769,17560085486462666842,131072 /prefetch:8
  2⤵
  PID:1248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2184 --field-trial-handle=1832,i,16389711516656804769,17560085486462666842,131072 /prefetch:8
  2⤵
  PID:644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2956 --field-trial-handle=1832,i,16389711516656804769,17560085486462666842,131072 /prefetch:1
  2⤵
  PID:104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2976 --field-trial-handle=1832,i,16389711516656804769,17560085486462666842,131072 /prefetch:1
  2⤵
  PID:1756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4748 --field-trial-handle=1832,i,16389711516656804769,17560085486462666842,131072 /prefetch:8
  2⤵
  PID:3472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4684 --field-trial-handle=1832,i,16389711516656804769,17560085486462666842,131072 /prefetch:8
  2⤵
  PID:1736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5088 --field-trial-handle=1832,i,16389711516656804769,17560085486462666842,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3048

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:5012

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
576B

MD5
49d1e77190b35d2f33bfd309da90dace

SHA1
ed07ed3215b7040c6236eb7be14bb4e03a9937eb

SHA256
7521730605b785725c94d6a2f727e3ccd4a9cd3eba43a2d2f136baaca3f49381

SHA512
6d138e056fec6306cb49c7b0b2a07765659932d8b76cdea69e789eba221b2f7f6060406546e2c3bd3dec97a256bfd502bd9be84bab16dfd52f00b95e8c249b25

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
7e79589b7f3ab5051a17b8b29f7963eb

SHA1
6e1c184b5360c88be357b7c7bbd3be98435b6f1c

SHA256
35ec35090d9ff143ce676ce1b90a2f7fe6235489e8894ef1bc1eb8af7f9a1346

SHA512
07fdec34684cb43eba8573e825f7c256c8c4ae747cfc595f32e91a808aad9966e321f8f53ddaa5b0b43e6e0bfe944433ab1f2aacf3aa1c402006c7b912b42c39

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
ceceb8b923d8d2c3cc26acbafea23666

SHA1
5a113e7fbc00e792360397000792256908dc348c

SHA256
55434790af08ef89b273063b22788823b8eff81d5c621f5b2f0d4d1d49662477

SHA512
f3deb2400226fa45d7f9e3da8f84f8a802d02a63e86cc11d2cf76261f7b4897b85962f523f5f2c7b0b3f4d3d6b8a1354c736a0c7b5ab725936310b232872fac0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
53fe6d1c0c0cb6d28b90107bd594b45a

SHA1
23948eca8b349a76d414608f8f094d5ea8c30652

SHA256
e462c4639e0d12fa51943770a857dcc3ee45b8de2c7d367908bb4570e6730b19

SHA512
1a1b50770ea2ed186f8a9c93aefe7d47f5bda0be0cf5cba96ae72b818b37d420c112b8ec8b392d0e049f44b486432d733054e3d1c3041af5647f0d2f71b97a9f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
5b0a4269815e7e51f727f94bdde5f904

SHA1
d98b6c7ddfb9cc9fb45c2289831349b285fa287a

SHA256
59033efa4abd2b77bf3538f3263a3d5b1c7d6fd7b70e0ce1574db5298dcbfeb9

SHA512
6190d4218217c77c1fb6ef6fdc7c45c78f183f1c3bc1b663f178f7e5cc8c2f3c2ebf68f98d5aebd320a4d32b6175e7bba290240400ee135a8d6926c6d29e98c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
4e366e1e42f2f5cbb7c5674af26d091e

SHA1
048cb8e54f37396f30662d32ef0ce7bb638b0f4b

SHA256
241be4dd33cbcc38ff2b87834d9f876002c6723357ed5f1ea0f25ebf3cd3b237

SHA512
b34e6d571adfebacab5238fcc4ecd2d688a5fd934d82a228a2e66a6bb8e688fa491741c1552682238544975a74a1ab88d43398a8864419fb78e3c3be042434d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
16cddd647040f74773a8fbe09d4f0adc

SHA1
3e5eb5a26870db10255ac30f6744e4ad2fb3ebb1

SHA256
247d258e4de7afa2eb24fe89922754b7ebcad5288b0f48a4ff1d330aca86a3ec

SHA512
22c22a1ee97c198d4701ca16f13f576f48fae049d11e8747ccdc15af43847a5ccc475837f1390b9625983f829a1db89926ffd52c2ef7cca1e845702f87f5b0dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit