hxxp://www[.]google[.]com

Analysis

max time kernel
83s
max time network
129s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
14-03-2023 20:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://www.google.com

Score

6^/10

persistence

Malware Config

Signatures

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1060

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-144354903-2550862337-1367551827-1000\Software\Microsoft\Windows\CurrentVersion\Run	chrome.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133232995698672744"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3684	chrome.exe
3684	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe
Token: SeShutdownPrivilege	3684	chrome.exe
Token: SeCreatePagefilePrivilege	3684	chrome.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe
3684	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3684 wrote to memory of 628	3684	chrome.exe	87
PID 3684 wrote to memory of 628	3684	chrome.exe	87
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 3104	3684	chrome.exe	88
PID 3684 wrote to memory of 1972	3684	chrome.exe	89
PID 3684 wrote to memory of 1972	3684	chrome.exe	89
PID 3684 wrote to memory of 1096	3684	chrome.exe	90
PID 3684 wrote to memory of 1096	3684	chrome.exe	90
PID 3684 wrote to memory of 1096	3684	chrome.exe	90
PID 3684 wrote to memory of 1096	3684	chrome.exe	90
PID 3684 wrote to memory of 1096	3684	chrome.exe	90
PID 3684 wrote to memory of 1096	3684	chrome.exe	90
PID 3684 wrote to memory of 1096	3684	chrome.exe	90
PID 3684 wrote to memory of 1096	3684	chrome.exe	90
PID 3684 wrote to memory of 1096	3684	chrome.exe	90
PID 3684 wrote to memory of 1096	3684	chrome.exe	90
PID 3684 wrote to memory of 1096	3684	chrome.exe	90
PID 3684 wrote to memory of 1096	3684	chrome.exe	90
PID 3684 wrote to memory of 1096	3684	chrome.exe	90
PID 3684 wrote to memory of 1096	3684	chrome.exe	90
PID 3684 wrote to memory of 1096	3684	chrome.exe	90
PID 3684 wrote to memory of 1096	3684	chrome.exe	90
PID 3684 wrote to memory of 1096	3684	chrome.exe	90
PID 3684 wrote to memory of 1096	3684	chrome.exe	90
PID 3684 wrote to memory of 1096	3684	chrome.exe	90
PID 3684 wrote to memory of 1096	3684	chrome.exe	90
PID 3684 wrote to memory of 1096	3684	chrome.exe	90
PID 3684 wrote to memory of 1096	3684	chrome.exe	90

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" http://www.google.com
1⤵
- Adds Run key to start application
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffd62c99758,0x7ffd62c99768,0x7ffd62c99778
  2⤵
  PID:628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1800 --field-trial-handle=1880,i,7552864949341796466,14815750492486356015,131072 /prefetch:2
  2⤵
  PID:3104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=1880,i,7552864949341796466,14815750492486356015,131072 /prefetch:8
  2⤵
  PID:1972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2228 --field-trial-handle=1880,i,7552864949341796466,14815750492486356015,131072 /prefetch:8
  2⤵
  PID:1096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3056 --field-trial-handle=1880,i,7552864949341796466,14815750492486356015,131072 /prefetch:1
  2⤵
  PID:4724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3036 --field-trial-handle=1880,i,7552864949341796466,14815750492486356015,131072 /prefetch:1
  2⤵
  PID:1104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3700 --field-trial-handle=1880,i,7552864949341796466,14815750492486356015,131072 /prefetch:1
  2⤵
  PID:668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4852 --field-trial-handle=1880,i,7552864949341796466,14815750492486356015,131072 /prefetch:8
  2⤵
  PID:4344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4816 --field-trial-handle=1880,i,7552864949341796466,14815750492486356015,131072 /prefetch:8
  2⤵
  PID:4980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4856 --field-trial-handle=1880,i,7552864949341796466,14815750492486356015,131072 /prefetch:1
  2⤵
  PID:1164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5060 --field-trial-handle=1880,i,7552864949341796466,14815750492486356015,131072 /prefetch:8
  2⤵
  PID:4920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5212 --field-trial-handle=1880,i,7552864949341796466,14815750492486356015,131072 /prefetch:1
  2⤵
  PID:1756

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4104

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\23dce3cc-56f4-4106-9ff2-c3fdf8a16b79.tmp

Filesize
6KB

MD5
44740797d36c769f91fff816b319c8a4

SHA1
456f1526b139175222b964428700743fe0b93fee

SHA256
f334d7bb33af0d3401478f1f8653314c88381e46042c318b3d9f2269a45dff83

SHA512
84fe8a8d5531c11d57bbed6c7b90476a60e00ec53920ce261d0b8ddcf7857c680402bb3837c6b55dc254ac15ab4fc082def80fe84756a91f98c5fbcd1d48ee76

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
744B

MD5
c0d8276db0f00abbffb93cd785955db0

SHA1
907d6c3ea6ee31f029863cfbac5139dc19d9d9c1

SHA256
912cf0d30ab3ef6abf1b89c5d85d31300cb34423703b3023865b39d9f3500906

SHA512
6bb717753badb08e1c4888acc6a3568a567267664606f4ef57bae0749bd3932e1c9d5a18d4dd9ffc32d2a78c9c9e9c2dca8f24252db8f9d970b6d150cc41cf6a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
5c422ea29b0e9e6a9b2d7ca8ba7f65f3

SHA1
5b6d2bce166fb835fe1c10022a3a05fb58a80e0b

SHA256
5a12c902508f2db7a523a8fe69e70b7575ecdb2c464c3228dae2531dfb4a71c1

SHA512
64daa02c9cb6ee73f9124b4c7b40d14fd9c4ebced94709e3327517f6c973cb8519d3dc630e3892a529c27abb380eee29ad292dd8c8b1e5f8e0c93ba7ca1b638c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
269d8d76950d6c35652f57acc5ef71ea

SHA1
748aa88ba958340de42ce98ff3016860d01844f6

SHA256
384b822a60195df8e98b2d59342c96d5242ac980a4fe9e06883dbae7be83fdec

SHA512
2f8e68466e0984a375d063c741f76865aa05bc3a1b45006706a9609c1d1d8313d0f4bc1854e6419fc2fc72e8c0ad025d2133dbc251d4b28d52629e8a53884380

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
81fcdfb0724ddb32b6863dc6a9becc93

SHA1
769ba3205550746c62809ffa8a1a1bb3821f6939

SHA256
055a7bf28753ae4dd7f2d130b03c0f753f949a8dc5d68faea1ddd05c1f24c611

SHA512
78085596e5af4c9488a716a81a804c0459be773aa632fd7e337bcc908731cde8de4c2802c3927dea0c99404994c9ea41bcb9137bd75c070d09070bc10ac9f27d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
b155610d814a628a0a7170626df30c42

SHA1
3f5f48d8e13cda44d39d66737e09c6a74c27c3af

SHA256
7571049193a1497df51baf21d9d0d09d71fe386e416a4f74396b84632aed74e7

SHA512
4cd0bc344005b916040f164f1f08e82884db4adfb985c625345d127c067bc366a5107d0215108d70d8177ea9cb9f60694be8b417c436b617e1efaecea2974cc1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
dac33e3d1e6f2db6315ecd6e4caf044d

SHA1
4d52c5f5645f057716ace5fcddf4610f3487d6b2

SHA256
34860edaa58d7ababa0bebad5ac4a149fc37f0215428ccf9af569e3580e20258

SHA512
37dc02ec9a175197ae4b7f270d007393f1c358ce68894a78bbf245f192b3d04c6de0a08a44e48143578f1cc1ae6de91ef215ae61b8f18735729e882f142a9b0a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
707B

MD5
eea9c6110f94f2fb0943888b80da3304

SHA1
48290c8ed245cf3c6629ec226cadf8870598ff2e

SHA256
fc6343e5fa22efdbb2c2b4562a719700fcc66e90e4a01ff24f6c795dd97112cc

SHA512
2e41dcc0d5b2264e4c8abc8c94cdb727b6cc97c91b6896b4eae03f8fdb82b9ef20dd5ddfbc6708460ec9f5581bedabb858f5aea1cbf2da335424845596393854

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
707B

MD5
f66d4a98dc3e591d069fabb43b1a12bd

SHA1
88a7ccfe4976247c48cc9a6658f34246a0c69aac

SHA256
5147c08335c08999d30446b401ce99a781477d0d409c8259b852d013676cd557

SHA512
87cabfa0e3c7f83f91d4cf86787ac4c742a25585d2f00829f8a97ec06612ab5b772af2d361dc4e1d67eb42e3a748fb6ecf5009f3cc1235995f0dfa65be069aaf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
94eaab463d9c3af3fdbfa0d19b8157c7

SHA1
bf44a14251dceb5c26a919e83ba6a4c57763aa66

SHA256
b61b6c0bfdc7246670dd4082a1c46134a280836e33d42b9132f31c7d23074185

SHA512
a0910f364b081e891875fd499e05e8aa236134b2a736b950074ddfa3f130bd97166657545ef1b60ef3b72a062cf2a57dd87045c628f76eea36cd1ac6aa47193d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
8ade59dfbdf610f95abd1b9533916c7c

SHA1
03dcad31cfa55bffac886f02e6eba9d1df1b58f4

SHA256
6e2eabacc095e3ef6dc06f3c0f21876250b619fc2f57d6363446abf84235bd6c

SHA512
583415fc6b683eb4b2e252ab4547c6b674fff156f65067acdcfafd9614c09c56c5dfe418b60600651c3c09af35b36191b535c5bcb424ec4c7a807b4b1d8bdfc7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
2879da1b341f95dba52c10563101dca4

SHA1
f2556197baa4e07d518ad01f08b0553560c6a88a

SHA256
3a1e1c5d6edb3cbfe02b51f00793b3c32fab4d8b513bf2d1928b45c1129b35f6

SHA512
ee2f758ba19304b1db2216c5bca9ad4a5ea965d1851c72d16c2f47b12f84bf9b1f7133708274585ee578da03d8e5193f7e735a5d3091e7a120a9815841551ef6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
145KB

MD5
aabfe0a17f511071bad0b8056db90f93

SHA1
07e507bd34785fd20234f33d9ef8ce60212b5ccc

SHA256
518776d732a61065779f9c29c8862276d0a26c30b3a0161185cacfdfa71774e0

SHA512
f249b2153fe609af0f95f403399f722d7f9062e82b1ce6ab709d23f6243619e2166214f463869736357eb72968d4f3e26dc713fd16475565904669ef844347b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
145KB

MD5
abfe2b1639ac7ea9404d217e13cd794d

SHA1
5bda178c431231ba527c6c6521200934066a637f

SHA256
13b08ad312ec9c50c8614f69ecf9b4afb53df5859e1b6d3fea0d4174e7d05868

SHA512
60894f31dda277d99b3636b6a5109393233ebf1390dddfe7b0d878ec1e61f92ef9b41d3e0aaaab44a2fb6c717fd52638ed4e47b582a7c373edd41a9c405fe0b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
145KB

MD5
9b165b4c4c1332f04a9ba250fadf841d

SHA1
077291df4067ce30e1402abc8f9c8ae9366e143c

SHA256
974e6f447e57b1b00299605ee7b6c4549cc89b956f78c71d528028f2daedda0b

SHA512
d280585b8a3c266a5f97173176d73ded12b520ca47a490aece13934427e400f4b321ba95511a94b54b587a36e03ce2ba57e772d3170ce6c01ce4a0b7980d64b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
98KB

MD5
1623019755734d9731aa2eba4b5c1070

SHA1
fdebc759ea05e42a7b6fe8864358f9c0e7c0f98b

SHA256
664612e5a7e946ad5a0a528f9ba69876c8312822435919994c847af4f69368c1

SHA512
919cec8966d356ba58140716ad43bf8e2e2f274e336138906c31d85566ddb33b5d644717806b36f6a6146ec4ff871eb9306d0899b36825c658f66f25726aacb4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe573132.TMP

Filesize
97KB

MD5
dc257c2127008bee5333da4c3771fac9

SHA1
ff4927f05a703b89eb413b04baf80911ba6466bf

SHA256
b076d944e1d00dfdda5c63577231494e648d39d98bcb122a3745a40cfed83f5b

SHA512
612571a1b37df605c58706a2c31c73eadb1f9814c8c5ec5568ec140e050a220ebb088d9bdf993acdec4750170c4353ea13a7ab80b67d8238e62ed7d6b8aade52

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit