e74d310de606aaa382a81d428c7805c41c0d33013b1c2c071b2a6cd9424388e6

Resubmissions

23/12/2022, 02:34

221223-c2s8ksff79 1

23/12/2022, 02:31

221223-cz7yysff77 1

23/12/2022, 02:29

221223-cylpbsag81 1

Analysis

max time kernel
116s
max time network
123s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
23/12/2022, 02:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

run_gb.bat
Size

37B
MD5

0f99a1400a1c269e7c5130e8092ca378
SHA1

e5230e5b475142250cd11d7c9765c4dd2bd39682
SHA256

e74d310de606aaa382a81d428c7805c41c0d33013b1c2c071b2a6cd9424388e6
SHA512

688f59696ef85780846082cee8fd141198d7afd35d0ca3704821f7c06a286e347ef2124511ae2ebbb0d75306357a25c7280ed093448885454a34607661ffc4d9

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
1988	chrome.exe
764	chrome.exe
764	chrome.exe
3028	chrome.exe
2860	chrome.exe
2860	chrome.exe
608	chrome.exe
2480	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
2860	chrome.exe
2860	chrome.exe
2860	chrome.exe
2860	chrome.exe
2860	chrome.exe
2860	chrome.exe
2860	chrome.exe
2860	chrome.exe
2860	chrome.exe
2860	chrome.exe
2860	chrome.exe
2860	chrome.exe
2860	chrome.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
764	chrome.exe
2860	chrome.exe
2860	chrome.exe
2860	chrome.exe
2860	chrome.exe
2860	chrome.exe
2860	chrome.exe
2860	chrome.exe
2860	chrome.exe
2860	chrome.exe
2860	chrome.exe
2860	chrome.exe
2860	chrome.exe
2860	chrome.exe
2860	chrome.exe
2860	chrome.exe
2860	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 764 wrote to memory of 268	764	chrome.exe	30
PID 764 wrote to memory of 268	764	chrome.exe	30
PID 764 wrote to memory of 268	764	chrome.exe	30
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 816	764	chrome.exe	31
PID 764 wrote to memory of 1988	764	chrome.exe	32
PID 764 wrote to memory of 1988	764	chrome.exe	32
PID 764 wrote to memory of 1988	764	chrome.exe	32
PID 764 wrote to memory of 1124	764	chrome.exe	33
PID 764 wrote to memory of 1124	764	chrome.exe	33
PID 764 wrote to memory of 1124	764	chrome.exe	33
PID 764 wrote to memory of 1124	764	chrome.exe	33
PID 764 wrote to memory of 1124	764	chrome.exe	33
PID 764 wrote to memory of 1124	764	chrome.exe	33
PID 764 wrote to memory of 1124	764	chrome.exe	33
PID 764 wrote to memory of 1124	764	chrome.exe	33
PID 764 wrote to memory of 1124	764	chrome.exe	33
PID 764 wrote to memory of 1124	764	chrome.exe	33
PID 764 wrote to memory of 1124	764	chrome.exe	33
PID 764 wrote to memory of 1124	764	chrome.exe	33
PID 764 wrote to memory of 1124	764	chrome.exe	33
PID 764 wrote to memory of 1124	764	chrome.exe	33
PID 764 wrote to memory of 1124	764	chrome.exe	33
PID 764 wrote to memory of 1124	764	chrome.exe	33
PID 764 wrote to memory of 1124	764	chrome.exe	33

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\run_gb.bat"
1⤵
PID:1344

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=89.0.4389.114 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6624f50,0x7fef6624f60,0x7fef6624f70
  2⤵
  PID:268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1020,3120460827294607904,15427154171241554685,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1036 /prefetch:2
  2⤵
  PID:816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1020,3120460827294607904,15427154171241554685,131072 --lang=en-US --service-sandbox-type=network --mojo-platform-channel-handle=1392 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1020,3120460827294607904,15427154171241554685,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1680 /prefetch:8
  2⤵
  PID:1124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1020,3120460827294607904,15427154171241554685,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2020 /prefetch:1
  2⤵
  PID:844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1020,3120460827294607904,15427154171241554685,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2168 /prefetch:1
  2⤵
  PID:1716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1020,3120460827294607904,15427154171241554685,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2888 /prefetch:8
  2⤵
  PID:1280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1020,3120460827294607904,15427154171241554685,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --use-gl=swiftshader-webgl --mojo-platform-channel-handle=3364 /prefetch:2
  2⤵
  PID:1660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1020,3120460827294607904,15427154171241554685,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3012 /prefetch:1
  2⤵
  PID:552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1020,3120460827294607904,15427154171241554685,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3652 /prefetch:8
  2⤵
  PID:2068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1020,3120460827294607904,15427154171241554685,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3676 /prefetch:8
  2⤵
  PID:2076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1020,3120460827294607904,15427154171241554685,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3672 /prefetch:8
  2⤵
  PID:2140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1020,3120460827294607904,15427154171241554685,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3680 /prefetch:8
  2⤵
  PID:2180

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
PID:2288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=89.0.4389.114 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6624f50,0x7fef6624f60,0x7fef6624f70
  2⤵
  PID:2300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1048,8850931390135902280,3198033031904820971,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1064 /prefetch:2
  2⤵
  PID:2428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1048,8850931390135902280,3198033031904820971,131072 --lang=en-US --service-sandbox-type=network --mojo-platform-channel-handle=1396 /prefetch:8
  2⤵
  PID:2448

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
PID:2476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=89.0.4389.114 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6624f50,0x7fef6624f60,0x7fef6624f70
  2⤵
  PID:2488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1036,4440615230217558379,1201742372778880733,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1028 /prefetch:2
  2⤵
  PID:2620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1036,4440615230217558379,1201742372778880733,131072 --lang=en-US --service-sandbox-type=network --mojo-platform-channel-handle=1436 /prefetch:8
  2⤵
  PID:2632

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
PID:2664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=89.0.4389.114 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6624f50,0x7fef6624f60,0x7fef6624f70
  2⤵
  PID:2676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1028,17122742746464675857,16106173217158439024,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1020 /prefetch:2
  2⤵
  PID:2816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1028,17122742746464675857,16106173217158439024,131072 --lang=en-US --service-sandbox-type=network --mojo-platform-channel-handle=1320 /prefetch:8
  2⤵
  PID:2828

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:2860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=89.0.4389.114 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6624f50,0x7fef6624f60,0x7fef6624f70
  2⤵
  PID:2872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1008,14702571611932194411,15065169720795971464,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1012 /prefetch:2
  2⤵
  PID:3004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1008,14702571611932194411,15065169720795971464,131072 --lang=en-US --service-sandbox-type=network --mojo-platform-channel-handle=1324 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1008,14702571611932194411,15065169720795971464,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1740 /prefetch:8
  2⤵
  PID:2104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,14702571611932194411,15065169720795971464,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2000 /prefetch:1
  2⤵
  PID:2152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,14702571611932194411,15065169720795971464,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2008 /prefetch:1
  2⤵
  PID:2156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1008,14702571611932194411,15065169720795971464,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2872 /prefetch:8
  2⤵
  PID:2224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1008,14702571611932194411,15065169720795971464,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --use-gl=swiftshader-webgl --mojo-platform-channel-handle=3324 /prefetch:2
  2⤵
  PID:912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,14702571611932194411,15065169720795971464,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3388 /prefetch:1
  2⤵
  PID:1576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1008,14702571611932194411,15065169720795971464,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3516 /prefetch:8
  2⤵
  PID:1704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1008,14702571611932194411,15065169720795971464,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3640 /prefetch:8
  2⤵
  PID:1072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1008,14702571611932194411,15065169720795971464,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3540 /prefetch:8
  2⤵
  PID:2436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1008,14702571611932194411,15065169720795971464,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3560 /prefetch:8
  2⤵
  PID:2376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,14702571611932194411,15065169720795971464,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3888 /prefetch:1
  2⤵
  PID:2420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1008,14702571611932194411,15065169720795971464,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3308 /prefetch:8
  2⤵
  PID:2580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1008,14702571611932194411,15065169720795971464,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1008,14702571611932194411,15065169720795971464,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1008,14702571611932194411,15065169720795971464,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2136 /prefetch:8
  2⤵
  PID:2692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1008,14702571611932194411,15065169720795971464,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3868 /prefetch:8
  2⤵
  PID:2780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1008,14702571611932194411,15065169720795971464,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2208 /prefetch:8
  2⤵
  PID:2220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1008,14702571611932194411,15065169720795971464,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2020 /prefetch:8
  2⤵
  PID:1988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,14702571611932194411,15065169720795971464,131072 --disable-gpu-compositing --lang=en-US --extension-process --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1340 /prefetch:1
  2⤵
  PID:968

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
13996aa3ec9f8dbe7e64bc0730e33763

SHA1
57b69eeb6c656a4caad21b86b67815a5729e3ab1

SHA256
a2baaec15a6ad1d0ca97f0644ec9a54b636327f34b76f37f6988fd1cf43f17d0

SHA512
70c988c4441a6ff4f40e84e825c916b3c850712acc23d83d866959af4b22aa95918d654293ad1ae8cbc1d431a763ba7e6f8e764aa93758b2a2eba3994d13e076

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
13996aa3ec9f8dbe7e64bc0730e33763

SHA1
57b69eeb6c656a4caad21b86b67815a5729e3ab1

SHA256
a2baaec15a6ad1d0ca97f0644ec9a54b636327f34b76f37f6988fd1cf43f17d0

SHA512
70c988c4441a6ff4f40e84e825c916b3c850712acc23d83d866959af4b22aa95918d654293ad1ae8cbc1d431a763ba7e6f8e764aa93758b2a2eba3994d13e076

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
13996aa3ec9f8dbe7e64bc0730e33763

SHA1
57b69eeb6c656a4caad21b86b67815a5729e3ab1

SHA256
a2baaec15a6ad1d0ca97f0644ec9a54b636327f34b76f37f6988fd1cf43f17d0

SHA512
70c988c4441a6ff4f40e84e825c916b3c850712acc23d83d866959af4b22aa95918d654293ad1ae8cbc1d431a763ba7e6f8e764aa93758b2a2eba3994d13e076

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
13996aa3ec9f8dbe7e64bc0730e33763

SHA1
57b69eeb6c656a4caad21b86b67815a5729e3ab1

SHA256
a2baaec15a6ad1d0ca97f0644ec9a54b636327f34b76f37f6988fd1cf43f17d0

SHA512
70c988c4441a6ff4f40e84e825c916b3c850712acc23d83d866959af4b22aa95918d654293ad1ae8cbc1d431a763ba7e6f8e764aa93758b2a2eba3994d13e076

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0

Filesize
44KB

MD5
6ccba33f1b79bd815c5376d6fda249b1

SHA1
54473bfb0d6628daddd6e755159a6c13ead45a63

SHA256
314c3c3a68def7237024e2c7696cbc3a34c1fef56f155b6719194db4458c069d

SHA512
2cf83133503247e2581fb9d07aaf0f420d1e01ce155aecc486d35f2394763b8230a49f5032613ed4c3ca41f1bb1e92dce51f996b87f8b99eafa7b7b6d910939d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1

Filesize
264KB

MD5
e2f53d51960b9191ab21a086fb18919b

SHA1
b2a99eb76424cd8dea3c4f84494cce3bfc98e5e3

SHA256
fe775b9358880fadc814e7121998711c749b4daaa705c6bc9be1fe299ebdca31

SHA512
ad9770a418741cf2ce4cf6798e7afd35e80fcf4bf4225e45db57b131d05e5faf277e96678f4863d19d4392ffe4710a052ec0b6388f633dac1bccd93c4d855118

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3

Filesize
4.0MB

MD5
f68c29a5c4d77859586fdcfc4af14c06

SHA1
02b827f7e465403ab88018604e64568249c7f796

SHA256
bc7135411033f79dfa3e3a990252a3180d861c3c3c14687fe1c9ef412f552488

SHA512
4878dfe05dacfb2373076e6a1fa9d9732a82e2f7e6049a2c8353b335ae8c7909f8f57bd9474956d0130d73bc6847cf872ff1c359d6667dabbf5f7b94211b5cc4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

Filesize
329B

MD5
bc16dbbcdf5d03908ac18d0f6608844c

SHA1
525a72df42c4c56a6103e3d594c49755db6e9734

SHA256
cceed4ebb8f561d49e747c53539bfe356afb9482be9c847c90724fbc92782ff2

SHA512
9f9ec745bcf55707ef994edf096abeea0b5d9462118745ce6e15fc26e437421a319b92ca745759f0270444bbc9f987b3588b32de3b8a7ab15a17a8cb020ce34c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State

Filesize
1KB

MD5
4521ab6aa0a351cf8842b96429d5a598

SHA1
96bb041fd1355a502562d41c1eb1d5ee6c9b0099

SHA256
a3be573a63c9a360f5c7ce0fa0efd5fe8acb72aeaa83d2fe6e5cd4bc938b6530

SHA512
e55f15d4d1c189844ebc8313f76e6d9298b6631c56d7c18eb77ba91e90d25c381c45819f3767c0961cb73a38fb678fab138e4b8f4aa8bb859139b47f67f63e32

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG

Filesize
331B

MD5
ca0632a4c027767edede23445f564d07

SHA1
f4473213b35d814b419f2a579b748f9fbda8b8f0

SHA256
17a5e158f61689ef93bd2451161b88b444fbbdfcee6ca702629d990f67ad176c

SHA512
22ba250f78141a595430d81d031b042dee58ebe9f8f5ff7156a7c8973c616d9c03b907eda94de84ca584cb96a023e0e30f152058d7b4597510b755a888a10125

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
be7522bec066f78db13f7d09f282a91f

SHA1
950fc95df67315167cbf1cfc03fb173663b2ee70

SHA256
4efa3b76a770c926bd9996d36d1b36cf74d3bd5141a59e24c01960541f248b57

SHA512
5ff6436ea0bfc5fc9ad82b89c390cdffcbcbc0077f4ce7db507586610b62476de9dcc552548f41b9984635627399f069c3eb43d6ada354e0fcf7833bcb5a703e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL

Filesize
36KB

MD5
7fb0221fd830228c48fad8a727c87a27

SHA1
e94264b5ec7d06cf532ac674242dda599978bed3

SHA256
3a9800080ff337bae11a985105a7f47cd4a01f29306246dc77346dd255058181

SHA512
f5fa2c382ce3f283006b29fb752f402961334027c51d300662775dbfd4aaecef1847117d7b944793e0c3e093dec87174500b5df3dc4d3d698dc7ed0392bdbb72

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Search Logos\dark_logo

Filesize
10KB

MD5
839a66e670f67c88d1be6dcb1533af2a

SHA1
ed0490701530a80746fcc48a5b171a4966d5adcf

SHA256
3654ab3d67aa83f431bc0d21a6582ece5bb102462c8637225a3d97bf68319829

SHA512
636ed3e52abe08748501d6a51b14eb687588656adbf81e6a5bcce1c0cbe59ca87e0f6702b4bb1c0669e976d982a532bf1d646276b120174982e90e4ad288ebc3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Search Logos\logo

Filesize
10KB

MD5
839a66e670f67c88d1be6dcb1533af2a

SHA1
ed0490701530a80746fcc48a5b171a4966d5adcf

SHA256
3654ab3d67aa83f431bc0d21a6582ece5bb102462c8637225a3d97bf68319829

SHA512
636ed3e52abe08748501d6a51b14eb687588656adbf81e6a5bcce1c0cbe59ca87e0f6702b4bb1c0669e976d982a532bf1d646276b120174982e90e4ad288ebc3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Search Logos\metadata

Filesize
2KB

MD5
8dafcceaf42e6cae2f8a886bc093a034

SHA1
5693c8f8dd1b449e45ecb1cb8557c5f14787e895

SHA256
1e0d0fa226c3714402b9599bba235e41da4ffddbede554c00ea5ed4053ebb76a

SHA512
88c06a98e5de3df793957d590aef046ecbca1c3327a082e6c7c4bce1623f5ec056a36617e83ab63bc1e797fac47421fd323c4bfdc0b7a3a69efc3549305bb668

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
9b88f643ee1c28c21d1bc3eb5cb57d53

SHA1
b2e85a874e6244f15c0748aa1e8aee59ff7d34e9

SHA256
34ba2590c164891cedc4ccb144186db33e00552223cf07cdcc54db6e8b4dbb4a

SHA512
ee7ce1304f2165f4d76080a30be9ec5892c1d7f75fa9cfd84b08ddb352bc3772851d02d335936ac3728e924e85edd1ebc6956469d99534818a3ca627e7645fb8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log

Filesize
194B

MD5
d7d9437445aa960dcea52ffe772822dc

SHA1
c2bbf4ac0732d905d998c4f645fd60f95a675d02

SHA256
4ff49903bec1197017a35995d5c5fc703caf9d496467345d783f754b723d21c1

SHA512
335eb1ba85670550ed1e1e4e14ea4b5d14f8306125bf147a42de4def5e5f75f14c422b014414030cf30378c04f748ac875cf056adda196511a0b057b3598fe9a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

Filesize
317B

MD5
f54b690b9cc7cb41e0a37ca8aecf22f3

SHA1
41467e5e2dd80119eb8f241db6ff88a52e400b15

SHA256
a0f06a80ce70a8e99d067da3ad39c729c5e8e8dd2f280248ee802c87195c6a8b

SHA512
74fcfa2059ce4c830ee7c7c4f95e98ed5f6d54a6ff3c80910abb19fcbbfb6ca4ef18d6bbc5fa0796b2ad82fb5f806245d0a31fffc549d1b81bac493a24f4258f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13316240109240400

Filesize
669B

MD5
2cdf732678de07db14b1d3a81d3cc960

SHA1
c8a8577db1b640f95df765015c1e3232b3685eac

SHA256
352923fb2c3bb65a5f9c84b00db97d1387294b1fc6056cd02e2728fd832bf69d

SHA512
4e25ef61dc050ece141bb9aa4da8f2153f686c0a8c91013b79a2495535a9ea130ffa6cbaa1b1a62654d89f7e401d0e9e31df59a8d39cf112ffa7ca32525e5bc8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
345B

MD5
446d3e20847706a10151b222fd5c3266

SHA1
1abe803ae2fe12b2fc49b04051d7e2c158a75096

SHA256
e0d7ec4712a3106083e533d026326f1cde2ed68b42a9a299bf8736d271c7929f

SHA512
18c8afddd85151d696f8680970f276fa265740dd61886ef9b78e37d883f174dd08ddb009d3682d8a8b19282fef8da7413b2970a661fa2583612df199a9fc62ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log

Filesize
160B

MD5
de92ad90be6d3364745b2f73f4c3cf73

SHA1
9158681463bd30e5af4dda4baac81f93cedbda77

SHA256
0025a3e0d3b834401b3b5f820e1991ef7e810d9a4b8b6b579e6301c94e7031a0

SHA512
9e81cefc195439439f4b23ee7696309d7bc3c08e5b444d2abde26d2f12b2d3bcfd124fb9a2d40c6389e9f787741676fad366a2e9982674e7b931028c014d8a79

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
321B

MD5
91787ddd2bef1dc72d9c6ae7b05e9e54

SHA1
8fc26bd8df2cbff7b3e6ad6582066c6a5e3a8b39

SHA256
f6f948777812add627cda3cff26c3d49681314e1f9d3223b7991e15ddcc2a5a9

SHA512
c5ebc0b97a11de1feaa1d2a3919382f239971c4ed1a092be6299c3c356eee4fa294cc3dc0e9838c2d05c7ad26b1016ee082f4a571286ca380347b832becc8077

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity

Filesize
526B

MD5
668e3a8edd385e6b2d8155f9119b3861

SHA1
d36c02a78a42801440e4eefd6e19606de7713d33

SHA256
ecfea77ee0eceac1123a0624220114cb369dbd856cd80383e082b2a3e6331b46

SHA512
6e69ea580bc96ff0a7606ad3643541f40a90b94eb86ad7ee008e520ea2bd40427d44b5cac01ae7cb751d1b0c46e051a9987aabf72596de12481cab34e3212092

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
13B

MD5
b63048c4e7e52c52053d25da30d9c5ab

SHA1
679a44d402f5ec24605719e06459f5a707989187

SHA256
389caa40ea458e84bc624a9af1e0dec60fa652b2db2b81c09b1dfe22822cc3d1

SHA512
e86c58c5a25e24f21ad79ed526a90c120a09c115f4820663bd2ebbc59e7bb1c4c418267eb77645522aa20b2c1b53fba8e31690db7bae9b21e4eff3db06316359

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
105KB

MD5
26cc791dad29405feed2f186ca3f8895

SHA1
e8c10e52121d58026ab8505baaf0b32325fb1d0a

SHA256
c910e6cbf47753657c82d1dc892d1719ce5455eb00ea21f99e2b29bfbb08184d

SHA512
b94f75993d857334be3cb895c26b206cf70227b9cce6412540b90bfd350bf599c9a21eb401cecafca35475858f656e6d6f2537209689ca129e465126f4633f17

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
105KB

MD5
316d1190c74bffcce273be7398bb01bb

SHA1
1fb2d50f1056d10eeeed715bcdbf13d1f49d5833

SHA256
f7cb739e66eded6e5eddc9d20f7d1751380279234c15d93bbcc31fe0d3d9103c

SHA512
973f56a57f71cf4797500b19fbc13318cce1e4031fb5744f5b7d2d5179943e32f86607226029172b75537d582f06fa370127a38e24fe5b2042c82712e3642acb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
105KB

MD5
1e3784ef72488e417e820cf12a41d284

SHA1
169b608f2ba4d5b3c37d2868f4f66ac9d6295e32

SHA256
8f9d211427579e4dcf88d2da313ae5da1c5e67641237ea096569e06dfe7d6ec2

SHA512
f3272a189c659bcb555f3f06c69a28032a73cb2e2c3fa18903fff8869c7a08327da0b97c873ffa85894ef6116e29bbde2fab220f94101518a48fe336d43016e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
105KB

MD5
e1a1c575ac5cf1a7f3f023b2851527a1

SHA1
9dfe1cfa71495a4117368eabf24d372c392a8883

SHA256
753938252691a1f2056644919fc25a5764d247f0d8d151918169224c99127153

SHA512
5132540ba90b05f92a55115fd08131f925a0f7a6f89b2bc637805c3bc065b0bc2e8372f4d1cd2b3279b5af2f6dc74311264fea9a8af5b8bed0f2d40d26577447

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
memory/1344-54-0x000007FEFB731000-0x000007FEFB733000-memory.dmp

Filesize
8KB

Download