hxxps://drive[.]google[.]com/file/d/1A2tZc_UtWrYRPphDRUcnZAnlYZeZD88z/view?usp=sharing

Analysis

max time kernel
149s
max time network
145s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
03-09-2024 16:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://drive.google.com/file/d/1A2tZc_UtWrYRPphDRUcnZAnlYZeZD88z/view?usp=sharing

Score

6^/10

discovery

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs

Web Service

T1102

flow	ioc
3	drive.google.com
5	drive.google.com
6	drive.google.com

Network Share Discovery 1 TTPs
Attempt to gather information on host network.
discovery

Network Share Discovery
T1135
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133698562718598814"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
1780	chrome.exe
1780	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe
Token: SeShutdownPrivilege	4196	chrome.exe
Token: SeCreatePagefilePrivilege	4196	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe
4196	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4196 wrote to memory of 3780	4196	chrome.exe	72
PID 4196 wrote to memory of 3780	4196	chrome.exe	72
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 220	4196	chrome.exe	74
PID 4196 wrote to memory of 5096	4196	chrome.exe	75
PID 4196 wrote to memory of 5096	4196	chrome.exe	75
PID 4196 wrote to memory of 4928	4196	chrome.exe	76
PID 4196 wrote to memory of 4928	4196	chrome.exe	76
PID 4196 wrote to memory of 4928	4196	chrome.exe	76
PID 4196 wrote to memory of 4928	4196	chrome.exe	76
PID 4196 wrote to memory of 4928	4196	chrome.exe	76
PID 4196 wrote to memory of 4928	4196	chrome.exe	76
PID 4196 wrote to memory of 4928	4196	chrome.exe	76
PID 4196 wrote to memory of 4928	4196	chrome.exe	76
PID 4196 wrote to memory of 4928	4196	chrome.exe	76
PID 4196 wrote to memory of 4928	4196	chrome.exe	76
PID 4196 wrote to memory of 4928	4196	chrome.exe	76
PID 4196 wrote to memory of 4928	4196	chrome.exe	76
PID 4196 wrote to memory of 4928	4196	chrome.exe	76
PID 4196 wrote to memory of 4928	4196	chrome.exe	76
PID 4196 wrote to memory of 4928	4196	chrome.exe	76
PID 4196 wrote to memory of 4928	4196	chrome.exe	76
PID 4196 wrote to memory of 4928	4196	chrome.exe	76
PID 4196 wrote to memory of 4928	4196	chrome.exe	76
PID 4196 wrote to memory of 4928	4196	chrome.exe	76
PID 4196 wrote to memory of 4928	4196	chrome.exe	76
PID 4196 wrote to memory of 4928	4196	chrome.exe	76
PID 4196 wrote to memory of 4928	4196	chrome.exe	76

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://drive.google.com/file/d/1A2tZc_UtWrYRPphDRUcnZAnlYZeZD88z/view?usp=sharing
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7fffadd09758,0x7fffadd09768,0x7fffadd09778
  2⤵
  PID:3780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1536 --field-trial-handle=1788,i,2489788589265749342,6414309601182180783,131072 /prefetch:2
  2⤵
  PID:220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2008 --field-trial-handle=1788,i,2489788589265749342,6414309601182180783,131072 /prefetch:8
  2⤵
  PID:5096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2072 --field-trial-handle=1788,i,2489788589265749342,6414309601182180783,131072 /prefetch:8
  2⤵
  PID:4928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2868 --field-trial-handle=1788,i,2489788589265749342,6414309601182180783,131072 /prefetch:1
  2⤵
  PID:216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2876 --field-trial-handle=1788,i,2489788589265749342,6414309601182180783,131072 /prefetch:1
  2⤵
  PID:4016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4488 --field-trial-handle=1788,i,2489788589265749342,6414309601182180783,131072 /prefetch:1
  2⤵
  PID:1900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4876 --field-trial-handle=1788,i,2489788589265749342,6414309601182180783,131072 /prefetch:1
  2⤵
  PID:4904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5244 --field-trial-handle=1788,i,2489788589265749342,6414309601182180783,131072 /prefetch:1
  2⤵
  PID:4200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5472 --field-trial-handle=1788,i,2489788589265749342,6414309601182180783,131072 /prefetch:8
  2⤵
  PID:4880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5136 --field-trial-handle=1788,i,2489788589265749342,6414309601182180783,131072 /prefetch:8
  2⤵
  PID:2828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5148 --field-trial-handle=1788,i,2489788589265749342,6414309601182180783,131072 /prefetch:8
  2⤵
  PID:2592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5192 --field-trial-handle=1788,i,2489788589265749342,6414309601182180783,131072 /prefetch:8
  2⤵
  PID:2884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3212 --field-trial-handle=1788,i,2489788589265749342,6414309601182180783,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1780

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1656

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Network Share Discovery

T1135

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
6cee7a9a4ced7e1528317d7a47ce847f

SHA1
3e7f2231f03834af3b2d0c805edc2597e069b0fd

SHA256
e6fd66945f0e6fd520e96494b8cf58b57ddcc82e0c7f1afb3dda513e63531d62

SHA512
c01da98e94f7213799cbe80d33fb0a8b4199d2112f310da80937e5016ebb20545ae3aa4418192d7e61b339e50a0b80d3fd9b12406503f51ed17f3798d1fc1d57

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
0d50807fdecf4928f40705751cb9f415

SHA1
05a02124e86d2dff007a2fd3b23552eb47439081

SHA256
aceaffb3bd54a38f436063fdb861705e2b0162a656de78af7505e4d247ea3c2b

SHA512
2bfc87207162a2e726db6675d985836ba54b2271b3f0b56bef1d1b270f067ec28d9069f936387fa9959a77c7228352715c6cd15bb647ffba8c8f2cb839248670

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
541f4ee13ee87fbeb929d6a162690462

SHA1
81a19dc165fe2db4f0ca5429f1563327630cfe05

SHA256
76dc5cb1a47cd4f0a276d37bd696b87f847b57d72c77580f0d2449c29cd9b3f3

SHA512
0cb775e20d226dc9cf9b12e2738da5bcb63ddc5ea43270be1709beafb3f0024e88f0a1226d22ce8d7aec2613e62901545e5c5c4b9ce396f189f9841ee251782b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
d1f4f01145a5183ae6dd9c13e9a4764e

SHA1
8fa93e518d93357cf9cd4366e9d3f9698e06f129

SHA256
fdbe71b091c3dc7b1c91f6425349e5fd7c06ab848163709e2f6f74c2ba995db4

SHA512
afe668da6307f28903a401e6835d93c63b415220eb7a31d548b2036573f7cb8c33d9fdac562dd3fd8f6f2196a2275ee69963c443af28284385599601ac590dd4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
76ec8287f14f95ad65ce23a41f9a11f4

SHA1
e1ca06ee70214885f65ad35a26a398f4f9557321

SHA256
2753719f1a91d97a9296dab320d6aadb067c02726013521eb0082169d1e1fc2e

SHA512
27c6c5b507febd704735a809a17624fd53c0515de564cddcc9349af893d228f2496f4b72ef279854f58abc03962e2875b36a57c9bc3680dc05451bbb1712e583

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
138KB

MD5
31ec4ef24b5de2767f90aa8ff49fd946

SHA1
c02a0428d8edb4501463237aa5066d636f171b61

SHA256
fd971cac14022265ab23f053294ae1ee8eef416b53656de8799590d38b0edc57

SHA512
fc9326dac49a2c77d349046d38d625ab7e740ae0ca20a3fb0c25201f92301ad54a2454fefbb68fb65eac94a7f33bf1d6920446890de4646be88fa45f78f2dd68

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
157KB

MD5
cf2d3d11249fcf817e84a5f6ef0a89b2

SHA1
5bf3eb2839d822e1ca9d6f2cd81449a04a9865b8

SHA256
8a5e23306410bd4b5f2389327fd2b5613eec5c41d32c70aec3507046367614c8

SHA512
a7aba612e1d41cd696646449a9db62a442dabf165139b146c727fbb2e8a551f8c4e4827e7b7316f9895280f58a2bbf3c3fac866d9183eea60c59d249641c0f6c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
138KB

MD5
bbd49927925906f716ec61ede86f4fdb

SHA1
3212080687dad01f70d5ba7ee9ad62ea0eef3620

SHA256
d73af34f2e76673395a787574fbc8af468c8d4856c51840f3d84f288034e8896

SHA512
51db0728e7f9ce90ef0e4172b13944e315a5657eda7ef484f8f08a27079cdfa798252ff28773ecb66dc1ac994c355fbc07cb59dc38e53f03aefdf4269e616e76

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
137KB

MD5
9b9625c1f356e03e902c8bb5d0b3d954

SHA1
2e5d019a7cc83dcac0221a75ab8d3b145d109855

SHA256
6528d77f190a071a1ad107f958d522b85b297b66b6ffb359a392cbe3fac91562

SHA512
84314984630cb487910f71221a344d9626ae3a7392958a745f30b436dbb323afbae4d5cdc3e43b6a0e689606eb32b9c6dd0623dc35639405d6d51764bb22069c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit