hxxps://shareasale[.]com/r[.]cfm?b=922594&u=1803968&m=68204&urllink=https%3A%2F%2Fasiavedder[.]com%2Fnew%2Fauth%2F/mmzq2h%2F%2F%2F%2Ftest@test[.]com

Analysis

max time kernel
1800s
max time network
1689s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
15/03/2023, 15:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://shareasale.com/r.cfm?b=922594&u=1803968&m=68204&urllink=https%3A%2F%2Fasiavedder.com%2Fnew%2Fauth%2F/mmzq2h%2F%2F%2F%[email protected]

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133233726139861984"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4276	chrome.exe
4276	chrome.exe
1508	chrome.exe
1508	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe
Token: SeShutdownPrivilege	4276	chrome.exe
Token: SeCreatePagefilePrivilege	4276	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe
4276	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4276 wrote to memory of 4968	4276	chrome.exe	84
PID 4276 wrote to memory of 4968	4276	chrome.exe	84
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 1720	4276	chrome.exe	85
PID 4276 wrote to memory of 2024	4276	chrome.exe	86
PID 4276 wrote to memory of 2024	4276	chrome.exe	86
PID 4276 wrote to memory of 3372	4276	chrome.exe	87
PID 4276 wrote to memory of 3372	4276	chrome.exe	87
PID 4276 wrote to memory of 3372	4276	chrome.exe	87
PID 4276 wrote to memory of 3372	4276	chrome.exe	87
PID 4276 wrote to memory of 3372	4276	chrome.exe	87
PID 4276 wrote to memory of 3372	4276	chrome.exe	87
PID 4276 wrote to memory of 3372	4276	chrome.exe	87
PID 4276 wrote to memory of 3372	4276	chrome.exe	87
PID 4276 wrote to memory of 3372	4276	chrome.exe	87
PID 4276 wrote to memory of 3372	4276	chrome.exe	87
PID 4276 wrote to memory of 3372	4276	chrome.exe	87
PID 4276 wrote to memory of 3372	4276	chrome.exe	87
PID 4276 wrote to memory of 3372	4276	chrome.exe	87
PID 4276 wrote to memory of 3372	4276	chrome.exe	87
PID 4276 wrote to memory of 3372	4276	chrome.exe	87
PID 4276 wrote to memory of 3372	4276	chrome.exe	87
PID 4276 wrote to memory of 3372	4276	chrome.exe	87
PID 4276 wrote to memory of 3372	4276	chrome.exe	87
PID 4276 wrote to memory of 3372	4276	chrome.exe	87
PID 4276 wrote to memory of 3372	4276	chrome.exe	87
PID 4276 wrote to memory of 3372	4276	chrome.exe	87
PID 4276 wrote to memory of 3372	4276	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://shareasale.com/r.cfm?b=922594&u=1803968&m=68204&urllink=https%3A%2F%2Fasiavedder.com%2Fnew%2Fauth%2F/mmzq2h%2F%2F%2F%[email protected]
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4276
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdf8199758,0x7ffdf8199768,0x7ffdf8199778
  2⤵
  PID:4968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1796 --field-trial-handle=1812,i,9326182750710473564,2729110889621208379,131072 /prefetch:2
  2⤵
  PID:1720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1812,i,9326182750710473564,2729110889621208379,131072 /prefetch:8
  2⤵
  PID:2024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2168 --field-trial-handle=1812,i,9326182750710473564,2729110889621208379,131072 /prefetch:8
  2⤵
  PID:3372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3128 --field-trial-handle=1812,i,9326182750710473564,2729110889621208379,131072 /prefetch:1
  2⤵
  PID:3612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3100 --field-trial-handle=1812,i,9326182750710473564,2729110889621208379,131072 /prefetch:1
  2⤵
  PID:224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4452 --field-trial-handle=1812,i,9326182750710473564,2729110889621208379,131072 /prefetch:1
  2⤵
  PID:3924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3140 --field-trial-handle=1812,i,9326182750710473564,2729110889621208379,131072 /prefetch:1
  2⤵
  PID:3616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4720 --field-trial-handle=1812,i,9326182750710473564,2729110889621208379,131072 /prefetch:1
  2⤵
  PID:1180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3092 --field-trial-handle=1812,i,9326182750710473564,2729110889621208379,131072 /prefetch:8
  2⤵
  PID:2196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5052 --field-trial-handle=1812,i,9326182750710473564,2729110889621208379,131072 /prefetch:8
  2⤵
  PID:4508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5212 --field-trial-handle=1812,i,9326182750710473564,2729110889621208379,131072 /prefetch:8
  2⤵
  PID:4284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4628 --field-trial-handle=1812,i,9326182750710473564,2729110889621208379,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1508

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:732

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
430cd0f577d4885cacb1fbff5547af1e

SHA1
f4f0451c2995bd337702e2cd4e92fa9a70030028

SHA256
5435465c44b53928f3944d6f0745abddb24c9105d902df96d730351a43ec2094

SHA512
bb3ea61eb060b730772acf1b1a9fb2a8f5db6c6b0ae71da19440f00d3e4455db48bb39f631a216a0c448023d88a5075175eaaaaa891515b850567fa96e8bf5ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
16fcae9b1271adbf6d30b3444ff22d6e

SHA1
e8f53dbc6c445c5fb59a7a403d8c170e9491cd60

SHA256
edb95a70c00a504501688a0286b3eba03d20743154703b156ebae842c4f759c7

SHA512
54466d2d0269b5474a83d2874f4fda2b5816f8a12f0ee2b09790b9229db9f095871e648d809e87bc573d2d26679c96fb372b0d8fc81ca62897a07a67ed4a828f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
86f5a7cb941ce41aa39a6e8f4e3b2416

SHA1
c79f432712e3fa8b3f724fa769b7a3a9ae64ec20

SHA256
4251ad0a8edb4c0305b754e6126b550785fce9d0285b507ff48eed1a196fae23

SHA512
c19006d4a53b83a40f488a6f16fdf7e440224a6d9e7a36cb20d240e86a633948f96739f5300184a58fb5e6f4be54654d3a1ab8523d8024e5b0f3899e15734232

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
7effcbc0d8201e10cc5922eaebbe90d6

SHA1
f6a76b98fc1c06d738edfe15112e00e617a76aa8

SHA256
04c399f194d4672641724c1a0dab743360e2e3c58c4a479dd43c62fe5969710f

SHA512
f50d511f25ba48bb9035dfb250f4c9cab3184c5b9a76fed0273013c93690e1147532bbe2d22974800c9cd7b99d9f58247c0cf319032e29913d95310e15c56de5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
5dfb3a055822d487a6c1c0fa343b893b

SHA1
b3154a184cfb707ea7c0cb28d07c646797ea89a1

SHA256
ae37edf6eccd4ac8447862c51306f63fcf8fbbf1697c0f90bd3d072b90bc2059

SHA512
76399c2a4d725820e11140315355b4278665bc191ac50390c003ba6941914f7e3b04667c9729eaf92f27c937c8b86b550b96670f464948f1e369db611b724789

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
1fceb1f6b0229d1c2b0b7b8f19de10e3

SHA1
daedecfd50d6c13f691f5be1fe56f005d0361899

SHA256
0a3817238dd150db12ec6feb5f0ac31557afc2cf7155cbdff572708a7d006e01

SHA512
a8ce34ef33de746f16fc125f77dde3d37a87baf07988a41e2b9ad4c382d102395aad0778949b3012808465422c544c27630d2774aef20f3d7c3b3fa816ed3f3f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
d577d36e9833f17a53bda21c3af2cb6d

SHA1
2369d05b271f0a0d92b57a4ee6ecef69c97b9b37

SHA256
dd8f0c667675c9ce4618f6f4c259b876c2166c01c1fffd3b0f1257f92f938270

SHA512
c12870e7fdb67c6dd1bd2e7360c4e2ee21025eeb98cb7569d01de9eef93bf7a912677a2e8093c0523e4a45740f7db566755814057f6dc87a3871a39147240dc0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
216ce6c31c4e0addf3acd17c90171df8

SHA1
4c0905ce5935c9ea5c84bd1f31f5e52854102008

SHA256
3358e19253441cbd6a72c2ef5af7580ab6ec54e17737dca03ed809250ea98e6e

SHA512
7484af71cc453a071d8c3fa12a4d1782ff4ab660008bc2d089876ccce0263ce3ef536a8fa36389e918395c51cce33c6fe290ee6781b4f12e76032692af61f1a0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
571acf4ef1505c09d4fd5f876d1344c7

SHA1
c27a924201915c64843061ea0d7830b4e39fc4b0

SHA256
a6e367f0de49e2fcf5318a675420d5385329efa134f4b517c271da0f1de13427

SHA512
7f351acf3ce78c61add40f75b44075690f06e4a0142fb057f2c6ed4acc1f5a4ade872348d1af808be86b72725038a31edcf4db4cb26839a5b324bc2c0886c8bd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
145KB

MD5
bf2452a4e57e280563c80f20a985c40b

SHA1
a7461fafb25411b51322a951cbe83d589016b28d

SHA256
a9e3f475a2a8fa28245852e22f5b8cbb960dfd5783d7e8b0ba865a4eebcfe97f

SHA512
eeedcd2f565492f43ae753298eaa79abd0f346018c3de1c0798dfa26a73a05913b497bd1d71db4b83b1cc81a00559d248a19b662ced22a3def175f4be86469a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit