hxxp://hyujc5bn[.]web[.]app/f1

Analysis

max time kernel
145s
max time network
144s
platform
windows10-1703_x64
resource
win10-20230220-en
resource tags

arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
submitted
20-03-2023 05:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://hyujc5bn.web.app/f1

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133237683730849192"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exechrome.exe

pid process

1308 chrome.exe
1308 chrome.exe
2124 chrome.exe
2124 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

Processes:

chrome.exe

pid process

1308 chrome.exe
1308 chrome.exe
1308 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe
Token: SeShutdownPrivilege	1308	chrome.exe
Token: SeCreatePagefilePrivilege	1308	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

Processes:

chrome.exe

pid	process
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe
1308	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 1308 wrote to memory of 1324	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1324	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 1556	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 2212	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 2212	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 4796	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 4796	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 4796	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 4796	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 4796	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 4796	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 4796	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 4796	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 4796	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 4796	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 4796	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 4796	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 4796	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 4796	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 4796	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 4796	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 4796	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 4796	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 4796	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 4796	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 4796	1308	chrome.exe	chrome.exe
PID 1308 wrote to memory of 4796	1308	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" http://hyujc5bn.web.app/f1
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1308

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffd65f79758,0x7ffd65f79768,0x7ffd65f79778
2⤵
PID:1324

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1808 --field-trial-handle=1736,i,15742709555734687850,8410464986705660689,131072 /prefetch:8
2⤵
PID:2212

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1584 --field-trial-handle=1736,i,15742709555734687850,8410464986705660689,131072 /prefetch:2
2⤵
PID:1556

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2056 --field-trial-handle=1736,i,15742709555734687850,8410464986705660689,131072 /prefetch:8
2⤵
PID:4796

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2708 --field-trial-handle=1736,i,15742709555734687850,8410464986705660689,131072 /prefetch:1
2⤵
PID:4656

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2716 --field-trial-handle=1736,i,15742709555734687850,8410464986705660689,131072 /prefetch:1
2⤵
PID:4780

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4272 --field-trial-handle=1736,i,15742709555734687850,8410464986705660689,131072 /prefetch:1
2⤵
PID:3912

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4848 --field-trial-handle=1736,i,15742709555734687850,8410464986705660689,131072 /prefetch:8
2⤵
PID:4476

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4960 --field-trial-handle=1736,i,15742709555734687850,8410464986705660689,131072 /prefetch:8
2⤵
PID:2716

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=776 --field-trial-handle=1736,i,15742709555734687850,8410464986705660689,131072 /prefetch:8
2⤵
PID:3288

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4748 --field-trial-handle=1736,i,15742709555734687850,8410464986705660689,131072 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:2124

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3460

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
288B

MD5
be6ee12672dc623b1987ea2e370a124a

SHA1
cc99404471bcfd13c60e897f8dfe0207a0088f0f

SHA256
13f70279a49a41a6c053839370293ac7e63bbbc3e016c20c801a8be57b81f1b9

SHA512
efcb09b69673257cc7defbb2056a2207b652e81603d0440193cde626a7051802a147bce1322b000a41085e0fa4431ed8a7adbd655104b82e3b1322400270824e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
312B

MD5
a1688330c06e80ce7f412e5a208bec0f

SHA1
d9a5ef5a755bba8e5ed1e77bace1f9d6715d296b

SHA256
6e4b1f3dae88213d5771572946567aec6454121d727cca0282c1f32dc19dbf0b

SHA512
dce3d97ba8ffd07cda94bc927b4502c05194136b798ae20bb018a6e2d52ca4657f04b7d8e731d6a6cad3a0b6f33aed9797aa030eb346e2047a14a65ba0331829

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
360B

MD5
39ea1d6d3bcbfb1575d6c8fdab71e4c3

SHA1
17bc0e3b4d13114d88345d673159930c7508f8fd

SHA256
c0cd2ec106fb6141320f8e5b652eca3fd7d1441a1b24e7a2332de5344a0366b5

SHA512
45514cd0c330b1bc8febdd6021ae991ab47671921a59a950e667e3bf68c75edded31763189979cb97d4c33efed7e8d48474a72cf030812da693716f097692cc5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
264B

MD5
92555c532b3034676a9d9eeae6cbf30c

SHA1
da9e9703d67fc3965cc7d147f2d96842530786e3

SHA256
f553bb637dede3d6539c827fcf8fb578ba433fc513fd0d3d4c841d671b6dbc55

SHA512
3638e25879325820052b9ed129bbe82d12e62c40d597635fe0242f202fc0195849e125f8bf5ce53252f06be499ee0e9aae2bb64fce5e5b70d9a4ae4e463750e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
2KB

MD5
38aa32d273092b4c113d85f3a2a2177c

SHA1
bac14a19aa30f6d02eb5e425b6fe756fa3be5e7c

SHA256
a2aecb0a985d13646c6c27f227efe9688116e19d8defe4e4322cebf78eee5b0d

SHA512
da8d6fe2eff5fd5a86113f420224dc921f4c25eb91d0d8632731cbc12b57a222a9b64ab3f8eea250651c1aa73278717c55bbdda8d2fc7bcf8a6a8623fb338762

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
538B

MD5
dbe47fb9124451dc93aea9107e961429

SHA1
e24bd9cb9b40c48de9694985dba2084a4f71d955

SHA256
e711547d9704348f57395bd78c8ddb457e4643776861aea77b5ec1faaffc824a

SHA512
cc17a1fee3423ebe801bec7041596bc87f99ff41aa2af221bd4f59f85df3023dfde20a54ae81bf476278125304439ae37ccc0fd2b24dc36332ae292736d87b91

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
538B

MD5
aad3a7cfe2f0214c1caf3bf54b5e5e37

SHA1
a5552bc083e1aa27925e25385c0f62399ec10587

SHA256
0a9fbe3319eb4af7eff1ff992b9c319fe263061496b3b2bc0d9a050eab7d2371

SHA512
754775e04f7e6d29c8de1920de533a53e3cbe89050909346d34e75718f89a3df59ebeb43bc51be0b7bed961744188c5483d037bce24ec18f4034875ac7951449

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
538B

MD5
5cc731e3fdffbff0d2b81c5559885a21

SHA1
2b75c9678aa8f950406a4aabf990f7617cbfcc50

SHA256
3241d41eb786efa544daa2222f74889be36aec481fbd888c508e830e67464e32

SHA512
13748d8b56f1a012df2dc54f113faf2395a04002eaa7b92f857fa9a4ab6ade901b07aa8772065d3222d3ee20367443c296aabddbbea4e42acf567fd0bfb49d57

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
538B

MD5
2d79824c9d824a036d0d6bac191dd51b

SHA1
83dab2fb6bbbc6a9ed7c280c80f85acc61db0cc8

SHA256
1260eff933410f803f8fb09590f03910dd8749efb8e58a229e7a7a0fc04a1367

SHA512
0dc8ced2e3e5339cb9c92713257fb3af47c5f1ae6430d03bb78e6cc2771ee24ce246a7b46955074f59f750857c5d9e4d9512a0459ea67632f734c2ca76640cde

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
536B

MD5
13e21787630a6ba741d26835e54221d9

SHA1
81a31eabeff5fd085df67d89d064a04a87128913

SHA256
66883b903cf08aae75e1fd58d3eda0296810cec6d39ca1c029e04557ff09ea8c

SHA512
cc9c80c462e329a5bebbe8e486a87dd1572d27b3718d6e9c3429c38cd3f2b9ad9f127058e7276f7cdef03ee5b64e9701574860cf8492faaf31e3be5a5ee0988f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
5KB

MD5
4f75c1009a84c55ee54410cdcd5eccb1

SHA1
34b40b5c6f22f2bef3d56bb311471f68a5d6787a

SHA256
51340a3141d617992ae9265e4caeeb1356d7c7b7ba811a269a3faae6a68212ab

SHA512
1dd480a89ecdbc2447ea48d5c9571bfe7fc11671c06e88dc06bc78db6a0a4d2cff8ede479d4e8e71f956e609c2b7e1c2ef9b4ca0f497d8ed38ba035b978e517d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
5KB

MD5
8609ff880506e51048fb5867de4a85a3

SHA1
1c7825f2a60f6b963ef32e3e6f71ea8a4e6d810f

SHA256
4d0365c62205f64921ed13dcc17e812ea387c30bf6c2dea89c523dfc8c7388a6

SHA512
2b6ed8314a4871523022dd831b925a0c4424457c1ac5023e2b79e7f181faa52063f413db55fdc759cb0428607a2fb60ee4917bb17ff6deaeef4facb01e2652d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
5KB

MD5
6dcba65ed8b1790caf7d5924534665e4

SHA1
81050841f61bdb8caa487e875d4723b56422fcb2

SHA256
680ec3b4a700551120f83c139db831562232fe82f54f1a46f72de21dec5598cf

SHA512
3c23f40a0b8464a0cca7fbae7a0ba1ac9bddfc48f4ccbb203824f3140c9c7816ce5b7e1eddc221db9dfc6404fd216afbfda452b7853456930d2085346e07bc39

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
143KB

MD5
1ded98ca525b99a90d448a698e622f09

SHA1
bbc52ffca0c3165acb0242e28388e31bf92e3100

SHA256
4f7ed0034a2d8285bff4e03613ce3470877d742b1a2946cc3cb219476ae24869

SHA512
e89bf91eb71504b4b409c9063bc6298ed3e2cffcbf17b7336eec2e7a47a029b1181b2ae7cc0718e75279ffa329d61d75dabaed883926808efb77d350edd7db80

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
Filesize
99KB

MD5
e9760769db1ea34f0fad5ba4c16eadf0

SHA1
19a2737c2981fb08a2fa6ca5bf106b7e324b5c2c

SHA256
55e76d53d249d9123b7544208cce72d245c1be2b07d45c43d8ed611732b154ee

SHA512
325bf8710215aa55f5ef60ba5ab38e02384b2e8e9bcfd7fb042f7c8469f85da2b9514ee876f05141fdb80479202212bb7b60249f0f0025a7d92bf4144edec047

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57a827.TMP
Filesize
98KB

MD5
fd15521f224836b6bac97a296116f451

SHA1
6986ad887aaf63b5c695ab9dbe5e5cd82c67109d

SHA256
c266c60631e1ea96cdc21fbeab0888b4e77307a4d972eae9449cd5e73f870fc2

SHA512
8ac9acca07fc6d365a91c47f024aa1e40d34e0208fbf0461ecd2d51f8d0e2973991096599223911ec0727390b0cc4d029fc4a36cc224c0c1b7efe5a3fe20f88c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
\??\pipe\crashpad_1308_RHFIETGKIBYOQJTQ
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit