hxxp://google[.]com

Analysis

max time kernel
1799s
max time network
1684s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
11-06-2024 18:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://google.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133626041114364328"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exechrome.exe

pid process

2676 chrome.exe
2676 chrome.exe
2920 chrome.exe
2920 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

Processes:

chrome.exe

pid process

2676 chrome.exe
2676 chrome.exe
2676 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

Processes:

chrome.exe

pid	process
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 2676 wrote to memory of 4116	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 4116	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 2232	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 4456	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 4456	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 1072	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 1072	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 1072	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 1072	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 1072	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 1072	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 1072	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 1072	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 1072	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 1072	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 1072	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 1072	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 1072	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 1072	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 1072	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 1072	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 1072	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 1072	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 1072	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 1072	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 1072	2676	chrome.exe	chrome.exe
PID 2676 wrote to memory of 1072	2676	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://google.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2676

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffa5f7d9758,0x7ffa5f7d9768,0x7ffa5f7d9778
2⤵
PID:4116

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1516 --field-trial-handle=1840,i,12170365212415228276,687847628391104957,131072 /prefetch:2
2⤵
PID:2232

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1772 --field-trial-handle=1840,i,12170365212415228276,687847628391104957,131072 /prefetch:8
2⤵
PID:4456

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2056 --field-trial-handle=1840,i,12170365212415228276,687847628391104957,131072 /prefetch:8
2⤵
PID:1072

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2588 --field-trial-handle=1840,i,12170365212415228276,687847628391104957,131072 /prefetch:1
2⤵
PID:4680

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2596 --field-trial-handle=1840,i,12170365212415228276,687847628391104957,131072 /prefetch:1
2⤵
PID:760

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4328 --field-trial-handle=1840,i,12170365212415228276,687847628391104957,131072 /prefetch:1
2⤵
PID:4812

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4604 --field-trial-handle=1840,i,12170365212415228276,687847628391104957,131072 /prefetch:8
2⤵
PID:3908

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4564 --field-trial-handle=1840,i,12170365212415228276,687847628391104957,131072 /prefetch:8
2⤵
PID:1084

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1828 --field-trial-handle=1840,i,12170365212415228276,687847628391104957,131072 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:2920

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:5096

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
62d7332ea33ba697bc4be9c390b4faaf

SHA1
38f7f83a9c0fc21f12890bc35fd388086d42d0ae

SHA256
8adf0ca7095d46ca92f78572c690ee9fe898f98498cc47cc6ce94316b6d85f92

SHA512
3d52e83059495f6298bcacc250d0bca3f8e4f81085e8a0048aae84e2433807d2be47e6c4f17d0c5686536f647f2030b645a9a2af931152f522e2559039955bcb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
04ab60e5f5a6f050fa06170b707d1ba2

SHA1
de4d98a5eb68fd268dfbd360369861525299da7b

SHA256
8f26230ad78105458cbf81d9525cb395c664a4faf8a47b036560935057932e81

SHA512
1062e0a05eb00babeec2077c19bb2a18682af9a4272d621a2632fd56e3235cde0e34c3be99ffea40d00fa8f00a423bb1117a9bd781f4e1d3da5a1311e9f9e666

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
7f1224e861dd2883cc5786a6ff22289e

SHA1
08b3e8f813332db116a860027354a8f69af0b19f

SHA256
a7cb3fc0d417e96923b53e324a64d97a17282de0e8402e1b887fd4008aabb69e

SHA512
43077b03b5670a6a19af1847ff6f077caad8f1cca6fd7fee6035dbfada31938092c6155054117976892db5d1d97f4a34003c9d2926fbaf0f95f3618caa93690d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
da41462684ed5684e20b499273df7dfd

SHA1
0d621c70cff3db9891dd4d742058ccd2ac6753c8

SHA256
8caff6501aad3e4f5021934357bd84ec0253a4484547b51ffeb9c7c36a545295

SHA512
9d697b6d5bdb19d6d856c6dea9e656aa02401974a3127ddbd1b11230e2e35e440f5298c778d4cf17f67d32385153a3f813d9770d2f3bac0f3879779567150bdf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
dddfc484dbb989585b4425f36d277ace

SHA1
b96fdf4f37d3169e89727cc404f3501236b51477

SHA256
bd6f2566775aef4a5f267337213378774137e3857cbb068f0e84f9da60157286

SHA512
83dc9830d1e1d653fdf54cea2f95bbf9da6da4680a912332b7f7351d30b62db543b5badfabf4ffa2cd82a22a8dd57f37d18c1c258619ce45b7faa7181f3dff92

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
721161ecd9aded1d1c780ba3e90fde20

SHA1
c73a30615e39c0488676e9a9daa5654408097e0f

SHA256
96dc7393fb433b0fd04b61f578b641d7003db0cf4ac25c8f6c4a1aa97ad96e3c

SHA512
60d369263062fda9368378633da571efcd42f51ae17651cc6f8fd5029a9d20135a77690ceca4c9793940cb6ff815e60f8c27c712745a37baf55b6dfa253df67c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
edaaa6e5a4b506d43741a92ec6b46bd7

SHA1
704f887f6c3c50f5e1d737213110bb0bd76cb254

SHA256
7404c36f734943dd8c98216cf47eb232dbc6e4cd9f99238cd8a19927953f03ab

SHA512
373f40911c336b22f16d39cf171e3b5a02bfb9791fe64a5d860891aa7a0e10191d0fe8365ea7c4344e67c0922bd26648730a42d4c084163b1d46ca63d60fc9c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
b39099b71bc784ac42c0e8237f0caac7

SHA1
f90b5d5e181ddfc1cb318c72da9ab90633a80e15

SHA256
c214756139d390bb07bc407572e08760234ec3d62b99013f98b4d0d3b6b0d5c7

SHA512
ad064a2cc23fc9b945c8aa68e35b27f15781e3218afc463ee2eb77fb1533a026987e2bd8e11787e8f6b261ab15805eb1291a105f83b7505b216c91719792563f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
136KB

MD5
812059be155e3a6c4ac102feb0dde2cf

SHA1
fdf6d873dbbd9c5141607c1a30808a135dcb488c

SHA256
51213481fd4ce88b3bb61028142c60659b9ec1e7f28e9bc3127c7239fd16a716

SHA512
b145cc108d03eae8061071126d300846e9e62ffb334330d5e4759547dce6178d44e29a3b4b14870e510ebda935b441f8d5404d4ac978fbec4c9f068652bfcf37

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
\??\pipe\crashpad_2676_HMWJGEMWDSNKUGMW

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit