hxxps://aca[.]accela[.]com/sandiego/default[.]aspx

Analysis

max time kernel
150s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
08/03/2023, 16:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://aca.accela.com/sandiego/default.aspx

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133227704574843699"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4160	chrome.exe
4160	chrome.exe
4372	chrome.exe
4372	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
4160	chrome.exe
4160	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe
Token: SeShutdownPrivilege	4160	chrome.exe
Token: SeCreatePagefilePrivilege	4160	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe
4160	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4160 wrote to memory of 4104	4160	chrome.exe	84
PID 4160 wrote to memory of 4104	4160	chrome.exe	84
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 1164	4160	chrome.exe	85
PID 4160 wrote to memory of 2912	4160	chrome.exe	86
PID 4160 wrote to memory of 2912	4160	chrome.exe	86
PID 4160 wrote to memory of 3776	4160	chrome.exe	87
PID 4160 wrote to memory of 3776	4160	chrome.exe	87
PID 4160 wrote to memory of 3776	4160	chrome.exe	87
PID 4160 wrote to memory of 3776	4160	chrome.exe	87
PID 4160 wrote to memory of 3776	4160	chrome.exe	87
PID 4160 wrote to memory of 3776	4160	chrome.exe	87
PID 4160 wrote to memory of 3776	4160	chrome.exe	87
PID 4160 wrote to memory of 3776	4160	chrome.exe	87
PID 4160 wrote to memory of 3776	4160	chrome.exe	87
PID 4160 wrote to memory of 3776	4160	chrome.exe	87
PID 4160 wrote to memory of 3776	4160	chrome.exe	87
PID 4160 wrote to memory of 3776	4160	chrome.exe	87
PID 4160 wrote to memory of 3776	4160	chrome.exe	87
PID 4160 wrote to memory of 3776	4160	chrome.exe	87
PID 4160 wrote to memory of 3776	4160	chrome.exe	87
PID 4160 wrote to memory of 3776	4160	chrome.exe	87
PID 4160 wrote to memory of 3776	4160	chrome.exe	87
PID 4160 wrote to memory of 3776	4160	chrome.exe	87
PID 4160 wrote to memory of 3776	4160	chrome.exe	87
PID 4160 wrote to memory of 3776	4160	chrome.exe	87
PID 4160 wrote to memory of 3776	4160	chrome.exe	87
PID 4160 wrote to memory of 3776	4160	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://aca.accela.com/sandiego/default.aspx
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xb4,0x108,0x7ffb998b9758,0x7ffb998b9768,0x7ffb998b9778
  2⤵
  PID:4104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1788 --field-trial-handle=1800,i,4916779096320831033,7645482008991485711,131072 /prefetch:2
  2⤵
  PID:1164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1800,i,4916779096320831033,7645482008991485711,131072 /prefetch:8
  2⤵
  PID:2912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2232 --field-trial-handle=1800,i,4916779096320831033,7645482008991485711,131072 /prefetch:8
  2⤵
  PID:3776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3192 --field-trial-handle=1800,i,4916779096320831033,7645482008991485711,131072 /prefetch:1
  2⤵
  PID:3328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3212 --field-trial-handle=1800,i,4916779096320831033,7645482008991485711,131072 /prefetch:1
  2⤵
  PID:4848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5264 --field-trial-handle=1800,i,4916779096320831033,7645482008991485711,131072 /prefetch:8
  2⤵
  PID:3992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5308 --field-trial-handle=1800,i,4916779096320831033,7645482008991485711,131072 /prefetch:8
  2⤵
  PID:4636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4688 --field-trial-handle=1800,i,4916779096320831033,7645482008991485711,131072 /prefetch:8
  2⤵
  PID:1880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4684 --field-trial-handle=1800,i,4916779096320831033,7645482008991485711,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4372

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4568

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
33KB

MD5
6d1f86e0ece9e839680bb3518c93f700

SHA1
63183514494125175d3f449e8aa5988fe7f05907

SHA256
7478c425e950b75d01d653eda0e607b15333bd77387464bec0f390113a68e208

SHA512
75d8dd0078520947ba183836b1d1021f6d9b18e636807a662edc0e8e0b1ec44a3fe361066ce383d77e96e39807ea8af7af4ccc948a0770dec8f30d055f244785

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
29KB

MD5
2d40a1b2c56b8a9a9b9a8abd993c6b2c

SHA1
b6fc918dfe8f1a1a1567f5beeea8636c9dee7f9c

SHA256
64c9b32b88bbaafd24fb68338e5c6ed432e8cb6691f4d2172e416ba5c59172da

SHA512
36a4996d84468113db7039c26f76b090a5f7af8fca4a92da4db199f55790c7d07437e9e1212a91018d42501a12fb2363254cf1a3f534e73f8f32b19b2ef16b1c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
337KB

MD5
30786379a67ca338c393a90049d39a6f

SHA1
67062080c5ecffc5f28294a0d9d395da5f52f11e

SHA256
55d2f168f88cac01ab85b91548b48cee7ef56b4fc8eca0aba2f7301590be80e4

SHA512
3c0470d31d1739cf4d320a9428ac411248f42087124727098fa9cec98abd8054250d8066303fb48f28240672ee173e4c9db0dc14c4023726813c48186c98ff3f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

Filesize
27KB

MD5
7dfa57206f3a905862fabcc7896c1070

SHA1
ef0f13f6c209cca7c018d5f0c1b0a94e394a1c82

SHA256
1e5b312b83e3f626a5d71b53710955b999ba6cb291cd7234488a442e603d8dce

SHA512
1aac42007429c03aebdf35c066fedc44ee90ea8330b0cf5a4e7450ae518a3706595133374d36b5f4c4ef403956dc15f41477ad1e5678a551b9e2d8c230f29a30

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

Filesize
21KB

MD5
65d49e2d8381bf51e5c886a8ec273526

SHA1
0bb2ea05de1247c157edfed6ea59ee903ef673da

SHA256
7266a99d6c03113c123e2fbf3c98422d28c2ab63f46b6b96a8fa1aaddd6b5e3a

SHA512
34a752ffb841c9fa0f1208dfc80cdb4ba43b19cfe1e8d97aa6dca04e76ec3ccf8bea786331eeff169ea958e68f12aa816000b598ef48caf66031af1514f3d674

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

Filesize
31KB

MD5
6f1d4e4247b55ccbcb1dfe03da8dd2fc

SHA1
cc25c55bb71f886d6a67140a38771b77a6d542a3

SHA256
40bc280c0f9105cb14f2e35ba71548b6209f8d3c3c6fb6db67f4c781c4f36a63

SHA512
bb4dd25f9392898eabe5d42838bb003db807d27de9d87bc591db63f68f3e9ed82683421bcc2d67c7546898c3b910e90843f2786e346a569d4c41fcd6817799f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
bc8c6a9df8cb002458379f2cf38988c8

SHA1
599155a61c46336f505cfc693ea0c6d4e00673fd

SHA256
67322c2de888576c1d619fa15a25e821047198fc3d753b5cccbd1843761745ec

SHA512
521e1fabbeaf9620b7f3cca99bb621e3155efe380cd941934d1885ac084645dd58c21ac3c8ef83d7e66125cd40c4e586ec67599f3488350633d5b51a5f72ae0f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
22c718bb17b202d17252c8fc5a55f46b

SHA1
0eb787b42fbdd99f0d72949f6f379a0f328b0837

SHA256
065b26bb44aa893e7e92a55c880d8c275ac5cf34922259b015e1e45b5a402fa3

SHA512
c6d7c06c9d3552dc4f7af7eb2259016781c30840a179591304a56d534ef860c1245662a88653e34258aa5d35df328240a25871bdab4bf78dd62df2facd38b9bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\2b784abc-a36c-4c40-a92c-27757be04880.tmp

Filesize
1KB

MD5
440c49486c58c481ff2c8e0e385e0a8b

SHA1
393b23dc91bb1625d1c74e95d67b890fbb9a2ec3

SHA256
468dab18b582570945d0ed27d65902d2f77b3c73d0cdb126b406e11b722ce918

SHA512
3e0e8b6d65859031b9dee475db45c2271f97a73e9c778fa04160e9da1d4d25f03a9134bff082943028df3049ccc08674bea33885930dfd559b5469a067d88703

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
33cfcce3f7da82bd8ebaf18c6ccb24da

SHA1
c7712f2c91eef7fc39e66de574d000b849c92bab

SHA256
73be04d89ef088dfe5e01cc9aa05fe73ed881d249309ad97e4a01af92a195311

SHA512
b6b92748204917ee0decf4b788304ded1541a0b27912a60539a548facc9cc27642f3d121930cefe714ddf585e90059ad125c2c8d1a551142efd47229ebf3b919

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
364611a198690c9b05f8a92fc813d225

SHA1
722a350c38ce35a29252e11a7950c4bbd9b7f7a7

SHA256
49ccdc703fde9b79ede1bb41d6e61e2cb2baf63582b498b70e396fce6c3ac155

SHA512
d5df8859cf1683cccfd65ac942e36a66d7bbaff169c0c35dcc911a9d9b543ca0cd7af1df01ebffa04fc3a4f806b6202f6c0d6fa6a5f74699324cd7e0c3c9742d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
8c10464c3ca495d77d32b4971f1076f6

SHA1
a8910cc8f0752e010f6604cae2782dfa2fa86e37

SHA256
306c1762fa64749a3a9d0c4046141e0aad4e83754139ce8c0cd5476ee72287a0

SHA512
67f5a467457b561c53f83d82cfb7415b2e7682cb0f4b6dd61671b0966cc7f6f69de9249cb861469d037dd69b6b421ee030c8c73597ed96a6c7c38c2e0fa2ff1f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
f2240db67633571a541195d29568294a

SHA1
c1f75ec73df74f2148c457af6079eb7f46a7565e

SHA256
e6ad571adc07b440f1ef9e3bf88106189e020a199204715419a89c047840825b

SHA512
7b5bdb5178ba665622832ac5885183fea5df7c36c686c5d6cf75e16781cefceba5a8e6dc6824840d910a29682f9f9f9fe0b40e6fc4dac0490c87714f5d8f0a7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
2492445bf56b052c9fc059aa10ce671a

SHA1
58bf2b3c82661201b15895add59a2546498dacaa

SHA256
20cffc28518419d14b92d8e7395689fcd2ccd11fb01ec466cc40ffad5859bce8

SHA512
a3e3b5c1d05567920a2d63c3516ea7ecea0346847f7e70bc67688d1a20969646e4886ad7bc55fcc975cb9598afb2e6000972536318f461ccff27353cc4b33cb7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
3add1a0465b13ee36717dcaf2c2d675b

SHA1
01f7a26a9df8b481efbc073af5014fc1fc22504c

SHA256
e861e2f23b79441d10486b6b57e033603d138c8407390922d9d123bf86a234fc

SHA512
7500b8fb2b5bd5018e52f565e6798af1fe031633a8483bd14e1b38a0c25b56575e8134aab30cef130f009f46a575721e78205c8f62d4ffbc1580cec4c0c39b9d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
f31b70f584a5446ea1b92726f0a48413

SHA1
455c315c6a4e99a5b0f580c64c64a6477fd0ca56

SHA256
8646db02082fddd69c4ab40377e0bf2271fa2aa36adc903eaf4e882732f6d1e2

SHA512
c239a3a16271086652faa3aa555f8e3ccec3fead1aaf168f8d625f82ebc9e9832ae3fde3437c45641e65711d8b6870a2a8a1d1c5d4239b23546c7919dbbe42b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ac632d90809d09552638c88abc0dc94e

SHA1
3215b41f52ed262a3b145f6eab8deed3c9ba6483

SHA256
8df9d75be544ea9eab1f2f13490b5eee39a62249466e9dc519b767d293208a77

SHA512
2212e57a64ee765255041bc77f03d828be7a7c5f935f664d1b120e680e5d5fc0ba93fd07de5c8b867d2243fe2f06a77f345289cd89dc87b851a03bd5075d505d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
03723546b6a1af28dd5e063653607f99

SHA1
e51d36643b9c78b8c28ba5f91c1b83fbf4f365a8

SHA256
ca03c23a1c37e6dbfaa9d382f28d8e2989edcde1b0c9d0d68372a09993788d43

SHA512
afd5d74f983e1dc95c3d559c3e41e614d5e4f348bcde9961e6a6f9f26987f9c57c44595f4f4034944c0e3848ac65c95efc84fa46ac04b15f0f1f479a40c7a5db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
258417b4d1bdf5f3ef7b298fa35181d3

SHA1
4147e7d1fa237085d1e6324eee69e94a528ff24a

SHA256
5a8e9852b48a2e88ddd90478f1332ac39cacbedf6b498e0a6b637fab1c9be5b6

SHA512
f9e12623759aa17e35c0743e620a856f0ba9a88cfea3219ed033b91eeba27217a81721ddf17708d6b8379eb48fa7092a5c026d089f39ec3043ff34c5a3fbef10

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
07961430bf23f3762b38ac187e2bc207

SHA1
896eb74425e30559963946b97912c3e80bea4a28

SHA256
b7dc8e690ca18d5a49ecd72265d545c2c2968f24bcddbdef3c151564582ec23a

SHA512
90c466e92d8afa462e4eeb7408b5f918f0eabcc568341c2f388651ea5564c1f2589d0d178a6b1b0f4a270092be870ab18fabf9daceee766c3ddbccc3b870dd19

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
f88de143cb46128cdf553e171cc2070c

SHA1
6e94e3dada72da6566b956d3d0f2952f68c693d7

SHA256
79befff7c9afa09221b26ad42d4f26e7dd5f9569657011a33f3098d6689636a5

SHA512
a5bb5c9014e2faf00c9b4af06761bf665d9dda8d4e5dab5b14484fd18b6e4871dd68197c4176f4a91b944ac486df2e176a87d42f55257e95d05bfd34e280786d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
143KB

MD5
5d35aefd4494234a57dab530563df5a4

SHA1
a5a57a97acc19074e266f22125c5764182f173e6

SHA256
9b1e483f7126bcf595cdb0f4ed1cf90e62473ab252f1db74e68fe6cec3b8fe12

SHA512
929adf1a5d562d5e23cfb40e1e0f08bfe580658c292341beaaed295e41760474f09f5542d9bd25916a61ddf1a91e3412e99b8cc28901425bcc4a8de9911c4d4c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
memory/1164-137-0x00007FFBB4E10000-0x00007FFBB4E11000-memory.dmp

Filesize
4KB

Download
memory/4372-566-0x000001F99B780000-0x000001F99B781000-memory.dmp

Filesize
4KB

Download
memory/4372-562-0x000001F99B780000-0x000001F99B781000-memory.dmp

Filesize
4KB

Download
memory/4372-561-0x000001F99B780000-0x000001F99B781000-memory.dmp

Filesize
4KB

Download
memory/4372-567-0x000001F99B780000-0x000001F99B781000-memory.dmp

Filesize
4KB

Download
memory/4372-560-0x000001F99B780000-0x000001F99B781000-memory.dmp

Filesize
4KB

Download
memory/4372-569-0x000001F99B780000-0x000001F99B781000-memory.dmp

Filesize
4KB

Download
memory/4372-568-0x000001F99B780000-0x000001F99B781000-memory.dmp

Filesize
4KB

Download
memory/4372-571-0x000001F99B780000-0x000001F99B781000-memory.dmp

Filesize
4KB

Download
memory/4372-570-0x000001F99B780000-0x000001F99B781000-memory.dmp

Filesize
4KB

Download
memory/4372-572-0x000001F99B780000-0x000001F99B781000-memory.dmp

Filesize
4KB

Download
memory/4636-267-0x00007FFBB5320000-0x00007FFBB5321000-memory.dmp

Filesize
4KB

Download
memory/4636-268-0x00007FFBB4CF0000-0x00007FFBB4CF1000-memory.dmp

Filesize
4KB

Download