4bc27087b01498c32ed1d1614cc9c598ebe28a85970bf646d9eb90dd949fa9cd

Analysis

max time kernel
150s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
31/05/2024, 22:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

LJ7tm7fYZss.html
Size

13KB
MD5

b08baa9cf178238490f9710d7ad4fad9
SHA1

f03f50db37e36807af99d06af3ef3445151173e5
SHA256

4bc27087b01498c32ed1d1614cc9c598ebe28a85970bf646d9eb90dd949fa9cd
SHA512

c888694d7b3124715b3a588cb71b7bbbfa5066c5ffaaa14af6955330b9b0883456982d31e4909be6a30ddd9b11408f40d9f34e1b8c6455b8446a68f5d93634b2
SSDEEP

192:8C8CaCNFjL9N9ETRQZQNmN5WNllYo+lnnaXjnhx+DYKYbYGo2j9Vozyk62FTBEZa:tyNmN2/Yo+lajocViZEa

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133616680074980769"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2116	chrome.exe
2116	chrome.exe
2736	chrome.exe
2736	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2116 wrote to memory of 4860	2116	chrome.exe	91
PID 2116 wrote to memory of 4860	2116	chrome.exe	91
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 3828	2116	chrome.exe	93
PID 2116 wrote to memory of 2340	2116	chrome.exe	94
PID 2116 wrote to memory of 2340	2116	chrome.exe	94
PID 2116 wrote to memory of 4640	2116	chrome.exe	95
PID 2116 wrote to memory of 4640	2116	chrome.exe	95
PID 2116 wrote to memory of 4640	2116	chrome.exe	95
PID 2116 wrote to memory of 4640	2116	chrome.exe	95
PID 2116 wrote to memory of 4640	2116	chrome.exe	95
PID 2116 wrote to memory of 4640	2116	chrome.exe	95
PID 2116 wrote to memory of 4640	2116	chrome.exe	95
PID 2116 wrote to memory of 4640	2116	chrome.exe	95
PID 2116 wrote to memory of 4640	2116	chrome.exe	95
PID 2116 wrote to memory of 4640	2116	chrome.exe	95
PID 2116 wrote to memory of 4640	2116	chrome.exe	95
PID 2116 wrote to memory of 4640	2116	chrome.exe	95
PID 2116 wrote to memory of 4640	2116	chrome.exe	95
PID 2116 wrote to memory of 4640	2116	chrome.exe	95
PID 2116 wrote to memory of 4640	2116	chrome.exe	95
PID 2116 wrote to memory of 4640	2116	chrome.exe	95
PID 2116 wrote to memory of 4640	2116	chrome.exe	95
PID 2116 wrote to memory of 4640	2116	chrome.exe	95
PID 2116 wrote to memory of 4640	2116	chrome.exe	95
PID 2116 wrote to memory of 4640	2116	chrome.exe	95
PID 2116 wrote to memory of 4640	2116	chrome.exe	95
PID 2116 wrote to memory of 4640	2116	chrome.exe	95

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\LJ7tm7fYZss.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc9dd89758,0x7ffc9dd89768,0x7ffc9dd89778
  2⤵
  PID:4860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1692 --field-trial-handle=1584,i,1409091099860690486,4770098920429419338,131072 /prefetch:2
  2⤵
  PID:3828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=1584,i,1409091099860690486,4770098920429419338,131072 /prefetch:8
  2⤵
  PID:2340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2244 --field-trial-handle=1584,i,1409091099860690486,4770098920429419338,131072 /prefetch:8
  2⤵
  PID:4640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3064 --field-trial-handle=1584,i,1409091099860690486,4770098920429419338,131072 /prefetch:1
  2⤵
  PID:3316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3144 --field-trial-handle=1584,i,1409091099860690486,4770098920429419338,131072 /prefetch:1
  2⤵
  PID:4760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4948 --field-trial-handle=1584,i,1409091099860690486,4770098920429419338,131072 /prefetch:1
  2⤵
  PID:1640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4000 --field-trial-handle=1584,i,1409091099860690486,4770098920429419338,131072 /prefetch:1
  2⤵
  PID:3864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5656 --field-trial-handle=1584,i,1409091099860690486,4770098920429419338,131072 /prefetch:8
  2⤵
  PID:4116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5744 --field-trial-handle=1584,i,1409091099860690486,4770098920429419338,131072 /prefetch:8
  2⤵
  PID:4184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1784 --field-trial-handle=1584,i,1409091099860690486,4770098920429419338,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2736

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4328

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4040 --field-trial-handle=2676,i,447940133669489189,1353734109898858672,262144 --variations-seed-version /prefetch:8
1⤵
PID:316

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
1a85a7ff9f69601e580f14caa7b3c69a

SHA1
f30a6423876831538ed565ec9280320e31ca64d4

SHA256
6b1900bec69b618e21c535774ca5ea778193280be6facddc55934e295d539043

SHA512
8e0f56157bd22cd4a258ab1455935672b946b02dca790b2308ac98600a3e6bf9bda8992e7c92baf773dbbf1bed74cfa450a8373d5492dc579dc447d0500898d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
b031e4962090cb59935b6d6a9142a254

SHA1
32987e7328dfafeed05fb89f664911da29c3e07c

SHA256
b35771a0835165e98499c9104d1906ac9b82495a872ec469acda05cf9093fbce

SHA512
805213958224ec140a1e3c422f9cc0f1b90cd0e4cfa5db30a70be796d4f2bf967dcad3a51810c4d763a1ee35afb3dcf1f0e8a29a1d63f55559ee740a8280e648

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
577c334b5f2ba58fae548e459741a971

SHA1
87e3f336e90f1edf8aa45c36f72c3b222eb38ff1

SHA256
317f1c484adc7c0fba11bccb09eda47cce5faad789cc59fc9862ba6e46ef8bdd

SHA512
07f43ba2de9170f054ef5d4196bf09b90f814f0382235dad2d1422dc30134a915a68016ee5773d9bb283ff410750d9f823003902a43b1ae1a4645a733c0e92bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
e150fc43c3e2ca48cbcdf043d2c8b33f

SHA1
cebda6d6fd6d5e671472e3f01c5399e6c5c3412b

SHA256
9fd8ff89cbe7460f1b44cb8a84fccfd19d5cbe7d6f5c567fa68a16c246dd3dfe

SHA512
e0531a73cf2f1bd43c36f605b553890ca48a909ce48cf412b25e6cd1a96597fc1439b1df2e049c7d90e1e834f304e11aeb10d30a0e3c00a45cec81dd8df729c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
2f6ecdc49bcd57a769a92e5286bf59d0

SHA1
cc9e08dabc4e0b02ec728de78f389fbcac81d205

SHA256
c91d41dd91fbc49fb09585ef980f9c9d6b16f902c384d3b882c244de4e2e6606

SHA512
8561760bfcd6f9a77eaa8750325aac7e5d0c85a7574597421eae8ecc9b32d60c52e9dd160f79eda78046105f265a3e7bc11a31982b864ea2b8244c2b53c8d3ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
b6dffd50dc2cf08f096915fe055bdc9a

SHA1
88fd695e33a1d7518438112cdfff4b787877958a

SHA256
38e6dc37ee0be51c3e533958b0d6d50f92e3bfa81068cdfbf2fc6e6818e0015a

SHA512
2e0e2812581d2751352049223b715b73c0bed452be6c7e74dfc662314c916c8c7983271ded704cace78ec22470da7a82d0cf8a314564d3a15c2ca43972c46fa8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
12a08a8530aee823fc32f98de2c0b509

SHA1
af29a3171a8dd186291c237476ed03585c469247

SHA256
07ed802a8577efcc7ae670617f20becefd1698dea02d74c9667514c4106eb512

SHA512
2980a54e7282b371d9381138718bd1268e080f1f3274c6ec50217ab24160747be000028cf446455f8c0454d8f026dc7753e7d6b876fecc513fede2770a87519b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
36835fe3b148006bad66cc57d41d0698

SHA1
fc0d6f3241422624fdb39d952b9485f8e43fb911

SHA256
559da15ac426403ba269a8da810df6ce7963a712c1e20c94d41e4f572b947937

SHA512
779ec1a7af014a00c5976a4b4536b9e37dcd45a1ede1da8e1baacde5d1068b1fe217d85ecbba0662bfa44fea0f75b76ebd5a69c45e02df32ac49ea7049fdd644

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
a72a7245aff4d21ce86211b00164aea0

SHA1
45ecedd53c26f20d4b117d2df14beb20382593f6

SHA256
1b26900662526bc2efd13891f8418fa63aeede382651bdbc7840ab92049424c8

SHA512
6e8dbd363240737578e309ab3b27fb2910137009a7d334005826e78139983d3e9b669719a0e846103315d3c58b4e50f135a3e9b5cbbe9f3c8355bcd74589cabd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit