95b2373fdfdb434437ae4bea42905462d2ec00db74632a69b75fe497bcac0c20

Analysis

max time kernel
150s
max time network
141s
platform
windows10-1703_x64
resource
win10-20230220-en
resource tags

arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
submitted
15/03/2023, 10:28

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

.html
Size

1011B
MD5

c2f17938ca44c632e2cada8cb962d1bc
SHA1

d8cf08eb6166e02773a52641a1d0d72bc4d05b96
SHA256

95b2373fdfdb434437ae4bea42905462d2ec00db74632a69b75fe497bcac0c20
SHA512

af714580d6efd7bd7320e1cf610ba70a39053cb6a06d3d845bdc026486246add7c4b85b6823fda9bc7b88e16d9670017d221d4b093e7dff15a7588d8ebef3fb5

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133233533237586629"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3704	chrome.exe
3704	chrome.exe
4788	chrome.exe
4788	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe
Token: SeShutdownPrivilege	3704	chrome.exe
Token: SeCreatePagefilePrivilege	3704	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe
3704	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3704 wrote to memory of 3628	3704	chrome.exe	66
PID 3704 wrote to memory of 3628	3704	chrome.exe	66
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3912	3704	chrome.exe	69
PID 3704 wrote to memory of 3908	3704	chrome.exe	68
PID 3704 wrote to memory of 3908	3704	chrome.exe	68
PID 3704 wrote to memory of 4776	3704	chrome.exe	70
PID 3704 wrote to memory of 4776	3704	chrome.exe	70
PID 3704 wrote to memory of 4776	3704	chrome.exe	70
PID 3704 wrote to memory of 4776	3704	chrome.exe	70
PID 3704 wrote to memory of 4776	3704	chrome.exe	70
PID 3704 wrote to memory of 4776	3704	chrome.exe	70
PID 3704 wrote to memory of 4776	3704	chrome.exe	70
PID 3704 wrote to memory of 4776	3704	chrome.exe	70
PID 3704 wrote to memory of 4776	3704	chrome.exe	70
PID 3704 wrote to memory of 4776	3704	chrome.exe	70
PID 3704 wrote to memory of 4776	3704	chrome.exe	70
PID 3704 wrote to memory of 4776	3704	chrome.exe	70
PID 3704 wrote to memory of 4776	3704	chrome.exe	70
PID 3704 wrote to memory of 4776	3704	chrome.exe	70
PID 3704 wrote to memory of 4776	3704	chrome.exe	70
PID 3704 wrote to memory of 4776	3704	chrome.exe	70
PID 3704 wrote to memory of 4776	3704	chrome.exe	70
PID 3704 wrote to memory of 4776	3704	chrome.exe	70
PID 3704 wrote to memory of 4776	3704	chrome.exe	70
PID 3704 wrote to memory of 4776	3704	chrome.exe	70
PID 3704 wrote to memory of 4776	3704	chrome.exe	70
PID 3704 wrote to memory of 4776	3704	chrome.exe	70

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" C:\Users\Admin\AppData\Local\Temp\.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ff9eec69758,0x7ff9eec69768,0x7ff9eec69778
  2⤵
  PID:3628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1856 --field-trial-handle=1716,i,3322321294822369655,5747817626728602835,131072 /prefetch:8
  2⤵
  PID:3908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1616 --field-trial-handle=1716,i,3322321294822369655,5747817626728602835,131072 /prefetch:2
  2⤵
  PID:3912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2100 --field-trial-handle=1716,i,3322321294822369655,5747817626728602835,131072 /prefetch:8
  2⤵
  PID:4776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=1352 --field-trial-handle=1716,i,3322321294822369655,5747817626728602835,131072 /prefetch:1
  2⤵
  PID:3640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2972 --field-trial-handle=1716,i,3322321294822369655,5747817626728602835,131072 /prefetch:1
  2⤵
  PID:2900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4420 --field-trial-handle=1716,i,3322321294822369655,5747817626728602835,131072 /prefetch:8
  2⤵
  PID:4400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4732 --field-trial-handle=1716,i,3322321294822369655,5747817626728602835,131072 /prefetch:8
  2⤵
  PID:4364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4776 --field-trial-handle=1716,i,3322321294822369655,5747817626728602835,131072 /prefetch:8
  2⤵
  PID:4372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4892 --field-trial-handle=1716,i,3322321294822369655,5747817626728602835,131072 /prefetch:1
  2⤵
  PID:3396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3680 --field-trial-handle=1716,i,3322321294822369655,5747817626728602835,131072 /prefetch:1
  2⤵
  PID:4284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3000 --field-trial-handle=1716,i,3322321294822369655,5747817626728602835,131072 /prefetch:1
  2⤵
  PID:3352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3252 --field-trial-handle=1716,i,3322321294822369655,5747817626728602835,131072 /prefetch:8
  2⤵
  PID:848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4700 --field-trial-handle=1716,i,3322321294822369655,5747817626728602835,131072 /prefetch:8
  2⤵
  PID:2112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3272 --field-trial-handle=1716,i,3322321294822369655,5747817626728602835,131072 /prefetch:8
  2⤵
  PID:1608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3244 --field-trial-handle=1716,i,3322321294822369655,5747817626728602835,131072 /prefetch:8
  2⤵
  PID:2444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5204 --field-trial-handle=1716,i,3322321294822369655,5747817626728602835,131072 /prefetch:1
  2⤵
  PID:2096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3652 --field-trial-handle=1716,i,3322321294822369655,5747817626728602835,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4800 --field-trial-handle=1716,i,3322321294822369655,5747817626728602835,131072 /prefetch:1
  2⤵
  PID:4828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5288 --field-trial-handle=1716,i,3322321294822369655,5747817626728602835,131072 /prefetch:1
  2⤵
  PID:1336

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1132

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
284KB

MD5
109254cf93b79c0481a0f60badc660e7

SHA1
314ae2d196b7fdeec077fec7c20e2553c2229c34

SHA256
64aa40abd110ac0adc1622448659433a66cf053e5b3e0a8231bc4c12f87587e8

SHA512
75b1c947635cde5759f2a8520e36a0a1647400b9a57a0d146f6e16dbc365d3e302c8e43340d78041e4b7971a902d04da60ef7c18555ea25bb95527ba13d14d89

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
63KB

MD5
70dc47be9924660f51a6d7919e4f9ad9

SHA1
34988db27376f170f200e7bc6d0eb76b5acd025c

SHA256
0c059a225e1e6dc4d4c629bfb1d61af1fb60d4eee4d7dd664a7bde9ed3b23df8

SHA512
128dcb8e0149620feb5bf7de4483a7d0c00f6edc6668cbf61fcd7cde863e223e940be8940c0d619142b076cb787831bec3e4974c6c88a4af919f001b6688757d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
37KB

MD5
d90cb261f4a509d886611473296e188e

SHA1
23551f9039c8b855b496f017c8f75b32f6e56671

SHA256
ca6c7cdd1e68e9f251fbf58e0b0ad9e883b38979e264c3cf4125f603b21c8bb4

SHA512
1cca6c9490c8f7adca7441ffea3e7445309d0c52fbaf7252e4c3c73525e00233a8173536c031747a55343bb86e96618d9c96afc6e4f8d25b0106729cca5c8031

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
68KB

MD5
7142ead408a8f9685ae59da88ba30073

SHA1
15ed382e2c7ad6a3388036cf1abf956619daf77b

SHA256
e4bab4fad0892697153cc1d7d086b7992c16a4b8ef75bff5d16fdb0707fcb41c

SHA512
855e1096f540cbf0d80a861c23a6973fdb8b5f0a05402784eceebec10ffd01f60e09f4e9b4220e1972cf172e545cee68cfca3bb2db147db50853b7640773693e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1008B

MD5
26070e03ef8c1a3b2262591fe267cc68

SHA1
0391b0833b188d3112347d33215a095db4aeed9e

SHA256
24a0e7667add1154124a1aed99eaec7032ec1bafafc666e1b5bb0d4afabd09f6

SHA512
b6af38ca889497942fc02a76e2437df21430cb4dfc13f24ddefaac48ff9767bc9eb798a090e2751879102f9ab20fe2caa4c2de29e673c8be23c6f342d541b862

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
f15134867b8aed0c41392877d2ae71bd

SHA1
bb0722d85052b881784e220574868bf88d9a4860

SHA256
46b50e4876a5e4f47bf6947acb557c17fe5cb2d4cbde29979af65efc9ce3ffff

SHA512
1ab07473b2ed2a863b8b231ca2045923f9a7581e7d949aa607955662b80fb4de061ab32b79bca33c65a208f2b0d41fb272d52a5fb3cec3d8c78c519858e60f03

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
969d96a930162732d177d2e4fef13fab

SHA1
6a013d378a7a380f9465e98a4c727762b53f8b98

SHA256
6ee8ee5a75cf56d284628a4b29e44c92e8eac55fa7859883c6bc25d393612464

SHA512
1a8e822f825f643eb9da4b099f6964b414c29c5ab5a3dedd188e67631a09fedf4b7f97cf0844ce192d3e2853cadd8599b0e38b903400bdda2ead1e7acdcd1419

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
0ca79c8e9b1564bc1d46f30e2e6fbd9f

SHA1
ea4137ed025d049077286ccfcdcb1d5d0afdfa9a

SHA256
61861fc7e450dc0bd0934014aead00b5489a1cc9d77aae6ff828eac5a940d7ee

SHA512
b735506463db99a4c312b434ce2a115c73b1cae462e78663a69a18e56bba1ea7571bef5cf486576a16c257530c7e924659c65e390a81c8fbbb3f518849d13137

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
2a432941e2a2cba82da22d9522592590

SHA1
0472877df8f33064644c1decbf00b908825106b3

SHA256
541d4dd43043a2d3ed10d19a132f2d0b1aa671c03522e3a249cb75bf0ae96851

SHA512
caa40aa98bcf61ae91d49eae6d54c486c4cba0d57c3ee471f96f42ad26dcef3211ed2b2028ec4ee8f5acdf2e61ac59bf9a33407ccc1e0195b152eda2d60dc08d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
6a250ff9dcbed6163d171040fd79ee42

SHA1
dae4eaa30c6efa106ca853b8772e9c51ba1e1b01

SHA256
29401f1a0b55a40161f59b68af3cc94ff4328173c85f88aca076cc6e0669b8df

SHA512
8b8f23f63750ffdf0d48f00a3a064486bc82a1c4db98dcbd221bca3ce7549d8b12dbeb5bc9eef80bef14a98d5a0c2e25c37c75ed9fd385420399a8c9e5edf8db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
e9c65ea064da0f631d25614caa3f3cdc

SHA1
f71a7ac64742d6ff580e729166f96abaeca95ede

SHA256
23e1da2e32bc4818fc5c8f970d97751e5a6c5705e6d443ed312f32152edb21c6

SHA512
e3a65d578b07b69624e93495392c185d1b7bb3b70345ca528b2b7eb452057c65be116521d5c8bdd647258166691a84eb790c0ca18fad2b30557d64f69e95e9b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
56f58e6f2244e208c1cc5c3b9f66faea

SHA1
35844d0b436ec6785c2e4a53e034c6e6833e422d

SHA256
5306731fc0adab98b6fa698c66a7d86626b11f4c9b422bab980558a7d52b9631

SHA512
b5f82d11f071366628007da53208f3206e646783116c1cbfea0a518cd620b2c20899f2d824ba51640143dbf24b2d070d831dc7b5b98129fb6e6729a442d24aef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
248d07557a4ee6efdfe221223d44946f

SHA1
2da0201d6d0f949140ee4fa3a8269b021c79c1f8

SHA256
a2317d8058d640a3a1756605c80d91e4df30b435dc8d4ec7cbaa6315af219956

SHA512
123080b04cd9680f4b1c7d7977a58fa6c0d173dc58688d843d3a355dc2d400a228d398dd73cda5fbd372fc1df6a02f567de6a1f4ca8acab20dbfe0683b11c14b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
a829a92e9946c121e2f16ed6260c8e9d

SHA1
cab47e4f147e829b32ef7bbefb8392258b220c77

SHA256
71c714fd2f1462c88b162fe22fe0b9c65600cf94a81c409f830a987ba2234bbe

SHA512
ebcf81215cf45ab482f5db9663b097fb7b60ced8a1a1e165ddc74a7efbd9109bbddb98121391073856de710aaf8e6b6596cfc9ab86246f9687e5e39100a3b448

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
2582a6f415f536399f245b5def8cc537

SHA1
9751f8c9e4a23e6d98e68c5165e872e9d6790e89

SHA256
7c2f58137e536f872acb1ab5de0af92b50950cedb533e178077fed67f24ea638

SHA512
a1b0bc58c5a61887ac25089cb05a2833ebfa74777927d4322d558ac37b12efcf661903fccb6953a78ef34dc83e3ea0335c1dff3d6ad8fb96c2d6547cffebb482

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
afff3d6174dd402d864a3c361854133f

SHA1
67ba75bb392d7440f26fdf7e4cc2d3e25fa0591f

SHA256
629da9e3c06caae0c554b78bb4df2106c967fbf87e0299126b4548c7ddad7ed3

SHA512
c83a3ca740a6bae1da4fb6e409c5b548e73556f3a0bd6467be06c320afcb0a715fd6da7dd894d08fb627a44d143c83e1b2ae7aa709e12b20c479101411255def

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
f213e622b60e2f9527e563775adba5ae

SHA1
bd60b3abe84e3043c860ec6fef9bf613cf6e9afb

SHA256
09fad3aa6d422a4f1e3aad4a7b14952c35fb90885b7c07a72e1fc2c2fa4170e3

SHA512
8b3466b45af86ea9c8b88e6382277f6ca2d9d35e002886cc0b4db2dd0bfc2d4de8ec8ee037bba5982ae5ffe429172d80cc2b1f5b4fc198cf0960a122dec00b33

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
10840cb72f4c3bfe9aa34d1e1db71091

SHA1
3a366faf3c21ae7abe299462df1cabca82d867a3

SHA256
5d8e07006a196a891a60718d7878ff7db3f1cf1d33177ee18fa010adf65fc587

SHA512
4673ac4394f9d6946e679c0457b851375520de076fbdc4cc7f755efeb05a276a1b0e484788ae529804b8274a662fa4c4dcf596fab2481276829e88f6042dc2c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
12KB

MD5
2554b53891a6293d1b0036ac3bbfa9a0

SHA1
255c5c7caf0d19359241fa0111476adff0fe957f

SHA256
fd8b722a82c0a11273a769a06201f470c9cb4f8cecd4a55a9075c2adc344c3b3

SHA512
09b0f34d8e34ba9081651883d50296fe50b37cd75e68d1c56bdb6a9e4b14da8e4c16f2e7a66c02c1948319b362bf8c516eec8fc383b36db2e23cf89a8f6787c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe584774.TMP

Filesize
120B

MD5
6eb0f3abefe9f1c982c2f2dcee206040

SHA1
c4a97adca90885eeb49bb9cb9c105d867f018521

SHA256
09d589dc338b2b22e25a9d25dad3804abefc51ccaeb15f693b8a37f81c4e5b90

SHA512
a0766b112ac4b0a9510a0f6b833fda5e8329548fbc74982a270edbc35a9bc92748a8c2b06d1633b4b2bad94ca0ac6839d6b23abef93776d111d6a15a5aedf673

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
145KB

MD5
97a0e0254c2a8495da0253daf2847bfc

SHA1
71b70772735f4dfd9eb312cf46f856c345d30531

SHA256
75059c5cd5bc01116222856b8f402336b5f2515ee152016277c4b48c91d9aebb

SHA512
7851b98a0f2e8d2ad338488d491b3ff4e0f7ea4ef98a17362acb6b4ed72606dc7a1d3580f5f97ffbb6567885d8990e92a1b9d78a512338dfa96587dfe51e706a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
145KB

MD5
d82e490b929bfbf6323bdcbb3f23819a

SHA1
a57ce2b39a54df68338db610d09cbd7181e884b5

SHA256
d127d5812244327bf3007ea7e75d21daf0f2998ff6937ce72f326a58ce7c6937

SHA512
4fa7cf1d4ed08c8842336267fe9fe1e180ba5a4f029f5b017c0ba82ac7accb81b761a34c678da868d8301358eeee6985629e390724ed066adaee0ef7e957ab94

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit