hxxps://www[.]reviversoft[.]com/pc-reviver/

Analysis

max time kernel
1799s
max time network
1685s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
25/06/2024, 22:54

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://www.reviversoft.com/pc-reviver/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133638303736755655"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
4632	chrome.exe
4632	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe
Token: SeShutdownPrivilege	204	chrome.exe
Token: SeCreatePagefilePrivilege	204	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe
204	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 204 wrote to memory of 856	204	chrome.exe	74
PID 204 wrote to memory of 856	204	chrome.exe	74
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 1516	204	chrome.exe	76
PID 204 wrote to memory of 3960	204	chrome.exe	77
PID 204 wrote to memory of 3960	204	chrome.exe	77
PID 204 wrote to memory of 3808	204	chrome.exe	78
PID 204 wrote to memory of 3808	204	chrome.exe	78
PID 204 wrote to memory of 3808	204	chrome.exe	78
PID 204 wrote to memory of 3808	204	chrome.exe	78
PID 204 wrote to memory of 3808	204	chrome.exe	78
PID 204 wrote to memory of 3808	204	chrome.exe	78
PID 204 wrote to memory of 3808	204	chrome.exe	78
PID 204 wrote to memory of 3808	204	chrome.exe	78
PID 204 wrote to memory of 3808	204	chrome.exe	78
PID 204 wrote to memory of 3808	204	chrome.exe	78
PID 204 wrote to memory of 3808	204	chrome.exe	78
PID 204 wrote to memory of 3808	204	chrome.exe	78
PID 204 wrote to memory of 3808	204	chrome.exe	78
PID 204 wrote to memory of 3808	204	chrome.exe	78
PID 204 wrote to memory of 3808	204	chrome.exe	78
PID 204 wrote to memory of 3808	204	chrome.exe	78
PID 204 wrote to memory of 3808	204	chrome.exe	78
PID 204 wrote to memory of 3808	204	chrome.exe	78
PID 204 wrote to memory of 3808	204	chrome.exe	78
PID 204 wrote to memory of 3808	204	chrome.exe	78
PID 204 wrote to memory of 3808	204	chrome.exe	78
PID 204 wrote to memory of 3808	204	chrome.exe	78

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.reviversoft.com/pc-reviver/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffbd2139758,0x7ffbd2139768,0x7ffbd2139778
  2⤵
  PID:856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1540 --field-trial-handle=1756,i,5565556389929797833,7751001642561647914,131072 /prefetch:2
  2⤵
  PID:1516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1756,i,5565556389929797833,7751001642561647914,131072 /prefetch:8
  2⤵
  PID:3960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2096 --field-trial-handle=1756,i,5565556389929797833,7751001642561647914,131072 /prefetch:8
  2⤵
  PID:3808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2844 --field-trial-handle=1756,i,5565556389929797833,7751001642561647914,131072 /prefetch:1
  2⤵
  PID:4140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2852 --field-trial-handle=1756,i,5565556389929797833,7751001642561647914,131072 /prefetch:1
  2⤵
  PID:4988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4776 --field-trial-handle=1756,i,5565556389929797833,7751001642561647914,131072 /prefetch:1
  2⤵
  PID:1660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3884 --field-trial-handle=1756,i,5565556389929797833,7751001642561647914,131072 /prefetch:1
  2⤵
  PID:4480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4936 --field-trial-handle=1756,i,5565556389929797833,7751001642561647914,131072 /prefetch:1
  2⤵
  PID:1100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=2908 --field-trial-handle=1756,i,5565556389929797833,7751001642561647914,131072 /prefetch:1
  2⤵
  PID:164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4952 --field-trial-handle=1756,i,5565556389929797833,7751001642561647914,131072 /prefetch:1
  2⤵
  PID:1912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5540 --field-trial-handle=1756,i,5565556389929797833,7751001642561647914,131072 /prefetch:8
  2⤵
  PID:1056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4680 --field-trial-handle=1756,i,5565556389929797833,7751001642561647914,131072 /prefetch:8
  2⤵
  PID:4492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3800 --field-trial-handle=1756,i,5565556389929797833,7751001642561647914,131072 /prefetch:8
  2⤵
  PID:1280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4512 --field-trial-handle=1756,i,5565556389929797833,7751001642561647914,131072 /prefetch:8
  2⤵
  PID:1976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5372 --field-trial-handle=1756,i,5565556389929797833,7751001642561647914,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4632

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3896

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
792B

MD5
3d989f957786cc169f4c4987678a02ad

SHA1
9cac25712521f0015b345ceea5bb82731d5d44f5

SHA256
656317bad97d7e02ece1205c5db450581c73017320d2f9705b9e15e5596e4a0f

SHA512
68e8ac9e82977cd0849d80c41568146f47675c1ac0f78f5f7fc3ed7f505a6a1219b3bda6121dbc5b2598dda9ee38e8072f0b418f58dbfbd43b83589e555309ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
e099085ab8f705e80c540966462d286d

SHA1
d0c402a87e83a964c41ae9f643641bfea8e3b28c

SHA256
14925e0bd81d29d99985109fec67a4391944c98821d69480444a5bb49def1b5f

SHA512
09b1627eff3a43087a7c44403f2a9863593f0bd0b0ee10ee7d305a76a59a8bff59d2959347bc14c2e7d8a0d04001f0c07db0c7184ad50d428f74e7863fa2a270

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
ee12aeb55c9508d610dbdaa7995a2664

SHA1
fbd08ccc6455880d4e7765a2bcb1fa7c47107ec8

SHA256
98fac02e5602fcb641b6699bd0c032bb7612a6d515609ac1b753618997916d68

SHA512
fdac6c9e4449922f4461be15c426904c457aa28f8a4b8cd64939cbf09263f0b466817dbae6311201f5fec12479763dee5e8749011303d28fb3f75fbf93b987de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
b9c09ca12fc170edcf066d42c50e0679

SHA1
7adef64e9d9ea686ec47fc1e408b2c9a5c3be7b6

SHA256
dceca9f573607a4f5d2370e26985aa702ba2e07b2cc27fe5664269fe16c53a62

SHA512
b4197901c095c7346943a8f6334531fef9d0cbdc9f5e0d3952ee2792e6a3c69e5f7098dbf093f05d6bebc44405b12fe16f0d527ac1d57bdc51f2884d126bb93e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
23b782417d8498effc601da7327f73ae

SHA1
6f3da038745abc93d2bf11a3565a741450518f80

SHA256
5e3b12f7951f0c263b0d3a6b0dbadab141adb8a4189f4026e3324dfd9267aa06

SHA512
a5bf057290b405ace437fa75dd0376f6f75c7602248237df4dea32f911643a83ec838d666308be4ab4eb5258719f2b356849c08c5fb6159c98f31aa37493503c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
5c378d106b6ee3676b4df64028577f63

SHA1
11f6e11a8a13e1d25c57bd50696d50d66a87686f

SHA256
988675751086353ad85bfe78c58e95a79ba00261068674567cdd3758b9eaffd9

SHA512
2569cea528ede780d6cb6dbb533cb745abc85f6d3de66cc0115ed85112236a6a29ed6568a25fadf375404fdec3193b25cda390a1240c97876e58957514a6d6d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
138KB

MD5
7fa80ee374464c9ffa3717f875581877

SHA1
9abe8dc13bccb06e087750b22c1de591185babe3

SHA256
f453efbd404caa58e066fd5c3e7dbfe51c2c51185abf34a4876f5272047d7145

SHA512
7a2c17ab32e6be8d92c45989afcd753f0a5697f5cad168bcd005822716711b302a90360cc750208f971c0d9dc8482ae12c0b3794123cff3a6c79201c03cbbc1a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
138KB

MD5
2b1a9f8fed8dd7b0055fe65bdeae0c3e

SHA1
fc7a9789e77b26ca41508e8a077a71a279bc4c41

SHA256
c139e9860eb3b17808a0cb9e4c27f59912507dcb9be4193d703e37259333935c

SHA512
c5f3b9417f2fe2d0c1f8416d4f7cf6e3c3cfcbaef245e98c6ff997e1ea70252611d231e459221932367c20326e330e11308b9b87472f0474e6062c85d2e7adfb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
137KB

MD5
603740c40125bf1e07684be9b530ec94

SHA1
2eb4294576252cdc365ff4c2f03ff2116538618b

SHA256
7e8c3a5e8749f37f47aefefb3ada5b0579016e9cc604349b2c5763f846abcb68

SHA512
043d2b6dcc314fbbb476ecd02ba082e72214dd56ffa229af1a33c4c5c61eed3317802cfae287e5c34b5143ef8d9279bc24b412f4a5a9bcc1fbada57e5fce05bd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit