hxxps://acrobat[.]adobe[.]com/id/urn[:]aaid[:]sc[:]AP[:]96a46cb1-60c1-4eb0-b709-8e51d583c2d9

Analysis

max time kernel
209s
max time network
214s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
02-05-2024 06:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://acrobat.adobe.com/id/urn:aaid:sc:AP:96a46cb1-60c1-4eb0-b709-8e51d583c2d9

Score

10^/10

adobe phishing

Malware Config

Signatures

Detected adobe phishing page
phishing adobe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133591049339808122"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3808065738-1666277613-1125846146-1000\{9229847A-1588-4B20-85C8-28E3A90FAF7B}	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
556	chrome.exe
556	chrome.exe
5696	chrome.exe
5696	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe
Token: SeShutdownPrivilege	556	chrome.exe
Token: SeCreatePagefilePrivilege	556	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe
556	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 556 wrote to memory of 2332	556	chrome.exe	92
PID 556 wrote to memory of 2332	556	chrome.exe	92
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 3372	556	chrome.exe	94
PID 556 wrote to memory of 2520	556	chrome.exe	95
PID 556 wrote to memory of 2520	556	chrome.exe	95
PID 556 wrote to memory of 2392	556	chrome.exe	96
PID 556 wrote to memory of 2392	556	chrome.exe	96
PID 556 wrote to memory of 2392	556	chrome.exe	96
PID 556 wrote to memory of 2392	556	chrome.exe	96
PID 556 wrote to memory of 2392	556	chrome.exe	96
PID 556 wrote to memory of 2392	556	chrome.exe	96
PID 556 wrote to memory of 2392	556	chrome.exe	96
PID 556 wrote to memory of 2392	556	chrome.exe	96
PID 556 wrote to memory of 2392	556	chrome.exe	96
PID 556 wrote to memory of 2392	556	chrome.exe	96
PID 556 wrote to memory of 2392	556	chrome.exe	96
PID 556 wrote to memory of 2392	556	chrome.exe	96
PID 556 wrote to memory of 2392	556	chrome.exe	96
PID 556 wrote to memory of 2392	556	chrome.exe	96
PID 556 wrote to memory of 2392	556	chrome.exe	96
PID 556 wrote to memory of 2392	556	chrome.exe	96
PID 556 wrote to memory of 2392	556	chrome.exe	96
PID 556 wrote to memory of 2392	556	chrome.exe	96
PID 556 wrote to memory of 2392	556	chrome.exe	96
PID 556 wrote to memory of 2392	556	chrome.exe	96
PID 556 wrote to memory of 2392	556	chrome.exe	96
PID 556 wrote to memory of 2392	556	chrome.exe	96

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://acrobat.adobe.com/id/urn:aaid:sc:AP:96a46cb1-60c1-4eb0-b709-8e51d583c2d9
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffee7ce9758,0x7ffee7ce9768,0x7ffee7ce9778
  2⤵
  PID:2332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1788 --field-trial-handle=1848,i,7456450359036883317,14467967866911455077,131072 /prefetch:2
  2⤵
  PID:3372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=1848,i,7456450359036883317,14467967866911455077,131072 /prefetch:8
  2⤵
  PID:2520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2204 --field-trial-handle=1848,i,7456450359036883317,14467967866911455077,131072 /prefetch:8
  2⤵
  PID:2392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2912 --field-trial-handle=1848,i,7456450359036883317,14467967866911455077,131072 /prefetch:1
  2⤵
  PID:2680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3264 --field-trial-handle=1848,i,7456450359036883317,14467967866911455077,131072 /prefetch:1
  2⤵
  PID:760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4608 --field-trial-handle=1848,i,7456450359036883317,14467967866911455077,131072 /prefetch:1
  2⤵
  PID:2804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4904 --field-trial-handle=1848,i,7456450359036883317,14467967866911455077,131072 /prefetch:8
  2⤵
  PID:2432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3908 --field-trial-handle=1848,i,7456450359036883317,14467967866911455077,131072 /prefetch:8
  2⤵
  PID:5020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4908 --field-trial-handle=1848,i,7456450359036883317,14467967866911455077,131072 /prefetch:1
  2⤵
  PID:4384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5376 --field-trial-handle=1848,i,7456450359036883317,14467967866911455077,131072 /prefetch:8
  2⤵
  PID:5028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5388 --field-trial-handle=1848,i,7456450359036883317,14467967866911455077,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:1552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4584 --field-trial-handle=1848,i,7456450359036883317,14467967866911455077,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5696

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1624

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3744 --field-trial-handle=3192,i,2785050981002401924,4037047756083432660,262144 --variations-seed-version /prefetch:8
1⤵
PID:5284

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
768B

MD5
f8c83eabf4ba6ea8730fc1daf8f0ef3b

SHA1
f03ba6d5ce413633eece46421faa6f94ab642d45

SHA256
a1604719416694ed52b8759d54dc4c4b50e68b2cafea3a041e3d367fffee81d7

SHA512
8749da216f065930594e73823a3f60e5521522d565ba0b27abe4b87c0fbaa572f9f81398e0921370ff0256410aacbe970bed85aff060dcee002b2f11ecf2f4f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
8395321ed50911f761cabdadf8d8f25a

SHA1
482e81e2c1a4db15a7c80f1fc795115dcfecfeed

SHA256
d238dcf7ce6be36e8e469359cb40027addae84d5529b5c432de1fa09716e7004

SHA512
c8a78bbdcf0eb2eb00e19465beed6f2a808b05d5eef29242955a6e1d2a9c3faa1b8f5ac55a53bbb3571dc7a74585d57ee0b3d33709eb0a9d20b2702f6c7c5cb5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
82ac9af317d6885ae7c6bc8636a66c1e

SHA1
31d65cbdd460ae27c72d284595d0e55e00c1a30c

SHA256
1f20a4b36dafbbdd2fed05b3a4aa3180027d326064f605f1488f870e980b8e66

SHA512
e371a0d242492768d8298af79550bb5a5d2020e61685e1a6ec224ca32d5b0d1a19bcf268d79d2f45785816b0efb5df4eb8d52bb659a25512d8bef3729e695c4e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
523570c86c42856f704425eab816b0ac

SHA1
7934af7feeba86d67edbe2092941bc4fd08e213b

SHA256
58b771318fae1d2344b004d37219676ab2e35993018847bf617009ba9c2fcfb0

SHA512
e2ffd721ec3f958ad28f1ffb954ef19c246bafcf21288677f658f105d68d0abe1c9cb5150c8930ca876170c027c9658ff3f9c59cc9540841d65c7a7359b4f213

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
e8184fd1fd8ca8b946ac2db933cfb161

SHA1
deefee4f9011faf80dbc814d5867954d4d247119

SHA256
370d57ea6e27d5b27d1274f97ecdef18fbf63897e69f4e1edde7755fc3b8e3a6

SHA512
da17057a433b883ef1164cf492d23d17f867af6143aa0d3f981deef6625ba7f2c2ebcb626de55a93be7e7fbea749ebd46485e692819db748c14799371aa1ca4f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
a1407f05a1fd62ad269fd6f8c23a351a

SHA1
8ceeebf7cf0bc976baac57e576528ad74f36d677

SHA256
c5bd5986a6e3c08576df8816b6a9b503674fa64f1fbda6fee9d24d73ee50a7a7

SHA512
286010bd2cda48e25ca0fdbda83e4b0ce901ad3d1558bae260f27f8696efafad3234aef9a2534375d47a5c7d19ae7c4aa6b79691afa7a9f52d35637d9e250b80

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
34ba2678e243d5638ed76945fc9eb766

SHA1
16413167ba77f8cb2bc46d0a7d27eb740fbcc937

SHA256
97ff2b93560ee6bf70ebe2ef9404d5dfda91682d14858ab3ffeec7d16cf2c71e

SHA512
db0023476b31f8e6d94c8ebbfd28dddceda3b20e2fa6bb095c28e56835fd4c7deaa747fe25605cf69c3a43ad2f3629ebe9e06059aecd06163fede69e28f82959

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
5c08972dfafc9743b34261a3ac140ab0

SHA1
6388cdd88a57d13794bf25cff53db7d5141b24d8

SHA256
13da5e4bc3a749cdd5fbe44ee253288ec2be71ca788042f827d862ec2111071e

SHA512
5408cdcb9ebb9e171d82e5be6bfc1a3e199d61e039f2886718dfa0dbe732cfb01c0238154dd58ceb6ab63a0c353d5b98ee5c1b77af22c35dd6920342bf61451c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
259bd3e65ad7d2420e7bf20881417e49

SHA1
c83a03f89d7d0ea9dc44dcb3ee1af6087849dfda

SHA256
cd19a51b019297595c303da741d2f5f45c238ffbb2eb8765d86829a88fe30b1f

SHA512
00351be73051e7bb72ac57f180bbf779f1af78ea2148fcd398c7f58c1b791caa9e021aa6fee13575d07bb27046570d5b97654002a16a1f615ffd299cf9935412

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit