cf83051e94269fa7ba8550809e4777093673443fda5b407114f900d1090ee0a0

Analysis

max time kernel
149s
max time network
146s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
19-09-2024 06:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Monaco/package/esm/vs/platform/instantiation/common/graph.js
Size

1KB
MD5

a735a5ca3cc43f0d8fd9becdb48aec29
SHA1

4fe0924d41842b72da8365f8efd9d3ccab1510fd
SHA256

0f0d2c32582e2e81f07c242c4ed457658d5ae522780c294699c5ef9a9eb58b47
SHA512

eb0f080cce2c753ecf2fb79fd1e890bde5989089094f4b16fb24afb369c65706f47c739d335d9d6635c0586934f3849af79eda708e94e6c6b5c6c7902238c0ce

Score

3^/10

discovery execution

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133711994244066269"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1420	chrome.exe
1420	chrome.exe
5028	chrome.exe
5028	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe
Token: SeShutdownPrivilege	1420	chrome.exe
Token: SeCreatePagefilePrivilege	1420	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe
1420	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1420 wrote to memory of 808	1420	chrome.exe	76
PID 1420 wrote to memory of 808	1420	chrome.exe	76
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 1768	1420	chrome.exe	78
PID 1420 wrote to memory of 404	1420	chrome.exe	79
PID 1420 wrote to memory of 404	1420	chrome.exe	79
PID 1420 wrote to memory of 4328	1420	chrome.exe	80
PID 1420 wrote to memory of 4328	1420	chrome.exe	80
PID 1420 wrote to memory of 4328	1420	chrome.exe	80
PID 1420 wrote to memory of 4328	1420	chrome.exe	80
PID 1420 wrote to memory of 4328	1420	chrome.exe	80
PID 1420 wrote to memory of 4328	1420	chrome.exe	80
PID 1420 wrote to memory of 4328	1420	chrome.exe	80
PID 1420 wrote to memory of 4328	1420	chrome.exe	80
PID 1420 wrote to memory of 4328	1420	chrome.exe	80
PID 1420 wrote to memory of 4328	1420	chrome.exe	80
PID 1420 wrote to memory of 4328	1420	chrome.exe	80
PID 1420 wrote to memory of 4328	1420	chrome.exe	80
PID 1420 wrote to memory of 4328	1420	chrome.exe	80
PID 1420 wrote to memory of 4328	1420	chrome.exe	80
PID 1420 wrote to memory of 4328	1420	chrome.exe	80
PID 1420 wrote to memory of 4328	1420	chrome.exe	80
PID 1420 wrote to memory of 4328	1420	chrome.exe	80
PID 1420 wrote to memory of 4328	1420	chrome.exe	80
PID 1420 wrote to memory of 4328	1420	chrome.exe	80
PID 1420 wrote to memory of 4328	1420	chrome.exe	80
PID 1420 wrote to memory of 4328	1420	chrome.exe	80
PID 1420 wrote to memory of 4328	1420	chrome.exe	80

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Monaco\package\esm\vs\platform\instantiation\common\graph.js
1⤵
PID:220

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffaa09f9758,0x7ffaa09f9768,0x7ffaa09f9778
  2⤵
  PID:808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1644 --field-trial-handle=1956,i,1091949954406783019,14650446851807596859,131072 /prefetch:2
  2⤵
  PID:1768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1900 --field-trial-handle=1956,i,1091949954406783019,14650446851807596859,131072 /prefetch:8
  2⤵
  PID:404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2100 --field-trial-handle=1956,i,1091949954406783019,14650446851807596859,131072 /prefetch:8
  2⤵
  PID:4328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2968 --field-trial-handle=1956,i,1091949954406783019,14650446851807596859,131072 /prefetch:1
  2⤵
  PID:4576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2976 --field-trial-handle=1956,i,1091949954406783019,14650446851807596859,131072 /prefetch:1
  2⤵
  PID:4676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4444 --field-trial-handle=1956,i,1091949954406783019,14650446851807596859,131072 /prefetch:1
  2⤵
  PID:1148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4904 --field-trial-handle=1956,i,1091949954406783019,14650446851807596859,131072 /prefetch:8
  2⤵
  PID:1488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5020 --field-trial-handle=1956,i,1091949954406783019,14650446851807596859,131072 /prefetch:8
  2⤵
  PID:2520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5016 --field-trial-handle=1956,i,1091949954406783019,14650446851807596859,131072 /prefetch:8
  2⤵
  PID:4844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5020 --field-trial-handle=1956,i,1091949954406783019,14650446851807596859,131072 /prefetch:1
  2⤵
  PID:908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4796 --field-trial-handle=1956,i,1091949954406783019,14650446851807596859,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5028

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4496

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
212KB

MD5
08ec57068db9971e917b9046f90d0e49

SHA1
28b80d73a861f88735d89e301fa98f2ae502e94b

SHA256
7a68efe41e5d8408eed6e9d91a7b7b965a3062e4e28eeffeefb8cdba6391f4d1

SHA512
b154142173145122bc49ddd7f9530149100f6f3c5fd2f2e7503b13f7b160147b8b876344f6faae5e8616208c51311633df4c578802ac5d34c005bb154e9057cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
052da467aeb8bc9e0911261f24d3dd74

SHA1
dd1e8de724a59160d6f04cf406c8fdff772b7bf1

SHA256
c6b21aeb978fe15aee69fa079205dc61a62c806f40152ca279533a7546dba679

SHA512
f452a211b6eac4c5c834f095dc8a6f8e605c988af8f77a84e82be6a14a74f5ef2103b6955e4140d7413468843acee388854ddac446ab1acaae1c28e08a715920

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
82d508f4539dde213e59c68e9199cffd

SHA1
552a6795e3b19372f03f3953060425ff297419fe

SHA256
3066413f45dc1951b75af10942325cfb54522bf2cbfe961b24bb8d1cc49a35ed

SHA512
81e0ecca7329a64f5e4d79ae06d6f1887f17ea3218c7f2801a7ae6255c0d4bf982b3997d7ac26d7d7f452701f4bee5a78a297fa9fbf152dc4b53f1e77f6ef6b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
5c19167765a657ee11bf4d343b6971fb

SHA1
62cfd6e398485bde34e9ff223f9df5d4a3f9d0a9

SHA256
ae74b4a66bc5d37bb22d777c1c1e5047eea4f0f8fec7973e378dc2f8e34f5adb

SHA512
eb1a83c21d2588b99285c76c7a34b2d8820a62e36b36de3a304d942a63d7e8b9756593b4bd55769130ccbf707eb4c0e521ab2d752b9662236766d019cf0a936c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
151258691462fd4cc44c74ec3419c19c

SHA1
c4e9dffc90c4e32e065c3dbe12f21ca082bd9e86

SHA256
cebe2cfec26bfce5a3b72341a36af2aea4e2822ac2019abd355987ca79deeaa1

SHA512
3c42b79c3edaa3cee9a194738ff6c4d20371e5692d18b4c7e9e2dd20dfb8089d5439dded2b47931a83903910100c8a5527e33c66bafb4b370bb35b51005531ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
74b1cb0dceb3264cf828ffb8b714ea2e

SHA1
ea4702dfc6b6f441de82596300414b7406d1ab96

SHA256
49e281c143bff10d1c895ba1353d890c8f44facd0fc6f9f4f93320351d278514

SHA512
4508194f3729da4e19811de9aae306b790a78bf3247980dd6acd620b8747cbc44b134552e5cc45f91bfbd23604b342faeb2c29036de751151cc45603fa51e24b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
f2e6dbecfb9cef3315a38e1bd5246fb8

SHA1
f8ab0721d23f007f76cfed690f7b0beeb5bf1b10

SHA256
4997e67cf93bf4c3c4f16ed758063548daffd57956259532517ddaad02ea4d91

SHA512
45d31ac78f32d5a871d3bc91d91594628e302ada8e32f4157352fab27472ea05d1a8a80fc55b9749310f4725364c9a1a6e8a3065958e7246bc1ff9e7660e083a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
13ba560206bb887f85255dc122363ac3

SHA1
4e137c897c39d800a3b7affbf571efdaaf643f78

SHA256
45dcb6b568bd042328c83df5d1a96a5408fac746d82b2c6638dd8388f7bb1192

SHA512
0acaf774fe2a4ab9f8075ad700f5de9afaa19d53470e88f436678ed09ddb8264eefcf5135b61efa8f086999a6a9fbb7d5231621f22ca1f9cc89ee3f53f91422d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
2fa7b38831c9caf0ef655b678bff6719

SHA1
3dc999876687f4d80dcac9ecfcf8c2017775d0e9

SHA256
4174324ef0263ea89be807582617ff61be4c185058c052489fa96c369452f6d1

SHA512
d8f81b9e005afa04c6eb16258012c735497f6cba52b21832226ea59d305b7e65d28f95ee8980e70c12f9017374ba5b653841edc73c5919a43e0f1c73d40a3839

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
19317cde3e47df13ae30670984eaeb8d

SHA1
268abdc84f380beda9779e9455fc796a147952c7

SHA256
5e011c617adddfdb16370b7aa3dc9ceef1408f456002a537fc463ac0e5da80e5

SHA512
d5694390d9280f7665e333458b0086e4da47b4e70a1fa3f1d28897e1751bca07e3272f77ca3f01799e57b63efc240930270fbd140719a2e901a5d38e52fea531

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
d9d332743f775bac12d83faf72ba53a6

SHA1
38ee7c3700454b6b64d7b6f827f19205d26ffb22

SHA256
1850e5437643bf8daa11c63a5b363ffbba4a7ebe42018f573685768c1dac6e57

SHA512
69962825a0016677bfc91b12f841b8073594547d604756ff95e7009abe6c44ca5bafd347096dad764070361badbf178a5d97341131dcf850455366556863388c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
12KB

MD5
445779a38d445fd031a90528235c6dd9

SHA1
293cf0b7552864975a0838db3ee544204ef30ca4

SHA256
7a9959a0bc4e2d9f6eed3e720616c21490362b042e389d2c9cd2cd91b87e002d

SHA512
39862868cc5d1b0a735fb04d3c001f775142508deb38b139af335bbb96aa5c546dde66f41f9c4fd6b25ba43da16958f046bc3a5c0fc8947b7ab4267b6f00111a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
305KB

MD5
7879c083bf64efe0455229d4804ac775

SHA1
d728c59257b86238902b82c57645f9dc10eb74ae

SHA256
7ab1a6486a34bd1edefdbf9f22325c2c1a98e1d7241614ffde82e8dad12406e0

SHA512
0307a860157b1bc356c29fc78518263d91f51a7652ad6b3936d2d28fdaac4b82fae3fe8bb0cbbcac6f8bdaacd3582ac3e8e7e6f9931573c74358c79a700f0166

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit