hxxp://Google[.]com

Analysis

max time kernel
1799s
max time network
1685s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
17/04/2024, 12:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://Google.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133578298046958764"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2316	chrome.exe
2316	chrome.exe
4820	chrome.exe
4820	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2316 wrote to memory of 4268	2316	chrome.exe	73
PID 2316 wrote to memory of 4268	2316	chrome.exe	73
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 4400	2316	chrome.exe	75
PID 2316 wrote to memory of 5104	2316	chrome.exe	76
PID 2316 wrote to memory of 5104	2316	chrome.exe	76
PID 2316 wrote to memory of 4676	2316	chrome.exe	77
PID 2316 wrote to memory of 4676	2316	chrome.exe	77
PID 2316 wrote to memory of 4676	2316	chrome.exe	77
PID 2316 wrote to memory of 4676	2316	chrome.exe	77
PID 2316 wrote to memory of 4676	2316	chrome.exe	77
PID 2316 wrote to memory of 4676	2316	chrome.exe	77
PID 2316 wrote to memory of 4676	2316	chrome.exe	77
PID 2316 wrote to memory of 4676	2316	chrome.exe	77
PID 2316 wrote to memory of 4676	2316	chrome.exe	77
PID 2316 wrote to memory of 4676	2316	chrome.exe	77
PID 2316 wrote to memory of 4676	2316	chrome.exe	77
PID 2316 wrote to memory of 4676	2316	chrome.exe	77
PID 2316 wrote to memory of 4676	2316	chrome.exe	77
PID 2316 wrote to memory of 4676	2316	chrome.exe	77
PID 2316 wrote to memory of 4676	2316	chrome.exe	77
PID 2316 wrote to memory of 4676	2316	chrome.exe	77
PID 2316 wrote to memory of 4676	2316	chrome.exe	77
PID 2316 wrote to memory of 4676	2316	chrome.exe	77
PID 2316 wrote to memory of 4676	2316	chrome.exe	77
PID 2316 wrote to memory of 4676	2316	chrome.exe	77
PID 2316 wrote to memory of 4676	2316	chrome.exe	77
PID 2316 wrote to memory of 4676	2316	chrome.exe	77

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://Google.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ff9aac39758,0x7ff9aac39768,0x7ff9aac39778
  2⤵
  PID:4268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1536 --field-trial-handle=1756,i,10638668892683203834,18338288120644251696,131072 /prefetch:2
  2⤵
  PID:4400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1988 --field-trial-handle=1756,i,10638668892683203834,18338288120644251696,131072 /prefetch:8
  2⤵
  PID:5104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2056 --field-trial-handle=1756,i,10638668892683203834,18338288120644251696,131072 /prefetch:8
  2⤵
  PID:4676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2692 --field-trial-handle=1756,i,10638668892683203834,18338288120644251696,131072 /prefetch:1
  2⤵
  PID:2824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2700 --field-trial-handle=1756,i,10638668892683203834,18338288120644251696,131072 /prefetch:1
  2⤵
  PID:4900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4336 --field-trial-handle=1756,i,10638668892683203834,18338288120644251696,131072 /prefetch:1
  2⤵
  PID:884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4540 --field-trial-handle=1756,i,10638668892683203834,18338288120644251696,131072 /prefetch:8
  2⤵
  PID:2328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3132 --field-trial-handle=1756,i,10638668892683203834,18338288120644251696,131072 /prefetch:8
  2⤵
  PID:4388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2160 --field-trial-handle=1756,i,10638668892683203834,18338288120644251696,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4820

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2552

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
336B

MD5
29db7396221bebef695ee21b8bec32a4

SHA1
f0c1e4308fb773d94619c6a2ee290274ef1c0024

SHA256
bd9ec771e5c064fbfa34a49f3a0b49dfd790b75a3ef36b33638846a7357ae2c0

SHA512
50287cfbdccec64e3317be2093ab758aca1da37d2bb350a80999a94128ba5cd81c1a3ca73d5cc557d389a80d373ae6fdc9795cc996eec5577a3a2d3f272ff238

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
38683993c729d5c03e44bc12eab42196

SHA1
eef2d04fed3b6892608a30c9635585ca7cd655e4

SHA256
046857e02e25e31020e3e19c8303f02535e0fa4a47cf631d3821e99fb664c103

SHA512
c8397f7f309bf278c0abe04429ef4657e05f06b69ce22524078161285624ba970a6eca175f299979701f362e6b0a1ff734b9f42cab30b1b2a41b1fcde7f4f563

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
1a3faf033f29984f50f6f9b7dfc2d5b0

SHA1
c5801fa137c7455130a882fe161c58fcfac4691a

SHA256
043045b1e05c51f7f44fa4dc41544239d8f1fa33b8153938f97d79813fadbd8f

SHA512
32bfabeeb60420c95cfb912d43386d8077aea2d7476b91b04c188ad0abe98b0b87377839f9b0d82818c18c5ad70084dff3d3ad202b1c04ba4ca28fc64577f646

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
ae4da04080ef0792c7fe18d776d9442b

SHA1
8c9c7c1be62499f7b91e727c8024c7aaf976251d

SHA256
ec257cfdfbe00cc4c8cb328514edafbdecf7b5110a2b785d93813f4c8857df17

SHA512
a6e8ef77466a6e2cc0706e30f5cb0ba78a4bb0cf29d156a9b1809058d1a06bfcc440bd11af4e69d0f484abf167d0186069cdf409c576e93698ad5e4bda7df3a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
810f43408e7b7aa6b83763d5c9eaf517

SHA1
9f8c5db03d5f0740b7a8d0d0d1185e9091244836

SHA256
d8c717217953f1a8e76c51a285c329fd1164091f2c68233c5eba8e9627b0a7e7

SHA512
d289eecfea7a9e8435aec82b2b16e89e3b848dc7fc423f263354f55a64e2a3d9fa5727a5ecf09253b63da041f4271fda9ba5b8e3b1838965ad176aef0159f1fc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
2da804e7fea568430066adb45df34c1e

SHA1
5f8761efb27722a06b2fd38e72ce4ad316b97439

SHA256
035a7a441bf35e2270c59fa8174f9ebed00131752aecf01412616d01d53856af

SHA512
c00b68137308c4d005b40658cfe2ef8643d75f561ed0a66b1c2fc756b5a8b3292623338f80629e87f45c0091c361df9a275f4f44a9a12aab4051044b9e02cf3d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
ce1d287faae7547c2bcce98413dc1742

SHA1
d733c34931be2c0fe8126fa03b01cd995d7fe2ea

SHA256
8f7f30b6a9402f112da6f063fc6c65e8b69a872b47f3b63de2cef50c7a7308ce

SHA512
9d15261eee7c643dfad7e930a705e826356e1368b4481f833cc88e113c7fd1db99cb34faa1f60bba98b2f28130a1a12ebc5d5d3be7c1f0c0ccf5562eec8c2337

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
19fd1f6203bc8d7b00d037aad526f5ec

SHA1
d9b7f11355545bf63fa14bc60c375babcc58e15d

SHA256
4acf7e216c22c25c902662691a1b4327f9d5cbf91de34a784f83fcab7716fa8e

SHA512
d6b117e5a51dd73870884597c98564b8f8dbe9f76466995bda756233355eea52f53ee42dc7ce062b1d3b2b6939ec68c7341154d2c5e57e43358d62b9a57fbc5f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
78ac34ef751b7f38445e3ec00c4c460e

SHA1
ef188b3bb38047961552272b2138d6f2658a1a5c

SHA256
f98eb5c37ed937b17924a3d24ce060f60f338c61a650b86ff796a7ecfd307b11

SHA512
bce27e5c380cf0d5738f45d7c35d37602f043a9125c65b25c20a0ad4cf79fdf3f919e68f57da5368ff1867ee94646907afd7221fc6dc9fff9b0dc9589599005f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
67a8f28c89d186002eba14be09e0dad6

SHA1
878acba21b5e6399dea3f5258e75124bd453525e

SHA256
d754a09dcc7cbdc422406f3f7d0fdd69a43aa5325e19ff03a2f6ec2eb130a19d

SHA512
174e221d2846a2e650b812b8f81e08fcad9e0afe4f6e509d59dba7d0e3d9f99486891de01b0dd6642f02197777c41904f4a529daba9137d973ed2ad922845b44

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
136KB

MD5
af4fabc6ed4260adf75483554a119413

SHA1
3d22cbe79555282623513a9fc729619fefebe8a9

SHA256
0c4c27647abc742816e7ba659acf6a9c142893f26b0d695a4b6feb725f672e53

SHA512
44b4692f74d3ccec1edda7348c139db1c7d9cb3b50a8cdac6732821e6544348489beeb496c4e1e68c4418935db0ac890599d2aa1bdab5d1e627f8e370e5ebb3f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit