hxxp://carouselsignage[.]net

Resubmissions

21/03/2023, 13:24

230321-qnpvwsad67 1

Analysis

max time kernel
149s
max time network
142s
platform
windows10-1703_x64
resource
win10-20230220-en
resource tags

arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
submitted
21/03/2023, 13:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://carouselsignage.net

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133238822982183831"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2256	chrome.exe
2256	chrome.exe
4700	chrome.exe
4700	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2256 wrote to memory of 4268	2256	chrome.exe	66
PID 2256 wrote to memory of 4268	2256	chrome.exe	66
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 368	2256	chrome.exe	69
PID 2256 wrote to memory of 4500	2256	chrome.exe	68
PID 2256 wrote to memory of 4500	2256	chrome.exe	68
PID 2256 wrote to memory of 4568	2256	chrome.exe	70
PID 2256 wrote to memory of 4568	2256	chrome.exe	70
PID 2256 wrote to memory of 4568	2256	chrome.exe	70
PID 2256 wrote to memory of 4568	2256	chrome.exe	70
PID 2256 wrote to memory of 4568	2256	chrome.exe	70
PID 2256 wrote to memory of 4568	2256	chrome.exe	70
PID 2256 wrote to memory of 4568	2256	chrome.exe	70
PID 2256 wrote to memory of 4568	2256	chrome.exe	70
PID 2256 wrote to memory of 4568	2256	chrome.exe	70
PID 2256 wrote to memory of 4568	2256	chrome.exe	70
PID 2256 wrote to memory of 4568	2256	chrome.exe	70
PID 2256 wrote to memory of 4568	2256	chrome.exe	70
PID 2256 wrote to memory of 4568	2256	chrome.exe	70
PID 2256 wrote to memory of 4568	2256	chrome.exe	70
PID 2256 wrote to memory of 4568	2256	chrome.exe	70
PID 2256 wrote to memory of 4568	2256	chrome.exe	70
PID 2256 wrote to memory of 4568	2256	chrome.exe	70
PID 2256 wrote to memory of 4568	2256	chrome.exe	70
PID 2256 wrote to memory of 4568	2256	chrome.exe	70
PID 2256 wrote to memory of 4568	2256	chrome.exe	70
PID 2256 wrote to memory of 4568	2256	chrome.exe	70
PID 2256 wrote to memory of 4568	2256	chrome.exe	70

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" http://carouselsignage.net
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0x44,0xd8,0x7ff85b049758,0x7ff85b049768,0x7ff85b049778
  2⤵
  PID:4268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1844 --field-trial-handle=1356,i,7298409866191621230,11352077910478821793,131072 /prefetch:8
  2⤵
  PID:4500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1572 --field-trial-handle=1356,i,7298409866191621230,11352077910478821793,131072 /prefetch:2
  2⤵
  PID:368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2072 --field-trial-handle=1356,i,7298409866191621230,11352077910478821793,131072 /prefetch:8
  2⤵
  PID:4568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2760 --field-trial-handle=1356,i,7298409866191621230,11352077910478821793,131072 /prefetch:1
  2⤵
  PID:4584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2816 --field-trial-handle=1356,i,7298409866191621230,11352077910478821793,131072 /prefetch:1
  2⤵
  PID:4672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3860 --field-trial-handle=1356,i,7298409866191621230,11352077910478821793,131072 /prefetch:1
  2⤵
  PID:3828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3228 --field-trial-handle=1356,i,7298409866191621230,11352077910478821793,131072 /prefetch:1
  2⤵
  PID:4352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3876 --field-trial-handle=1356,i,7298409866191621230,11352077910478821793,131072 /prefetch:8
  2⤵
  PID:3020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3988 --field-trial-handle=1356,i,7298409866191621230,11352077910478821793,131072 /prefetch:8
  2⤵
  PID:5004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4872 --field-trial-handle=1356,i,7298409866191621230,11352077910478821793,131072 /prefetch:8
  2⤵
  PID:5064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3964 --field-trial-handle=1356,i,7298409866191621230,11352077910478821793,131072 /prefetch:1
  2⤵
  PID:4944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4480 --field-trial-handle=1356,i,7298409866191621230,11352077910478821793,131072 /prefetch:1
  2⤵
  PID:744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4892 --field-trial-handle=1356,i,7298409866191621230,11352077910478821793,131072 /prefetch:1
  2⤵
  PID:1032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=2632 --field-trial-handle=1356,i,7298409866191621230,11352077910478821793,131072 /prefetch:1
  2⤵
  PID:2008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4572 --field-trial-handle=1356,i,7298409866191621230,11352077910478821793,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4700

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4728

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
dfb1992badf23632c92a71b29401758f

SHA1
f128045e746d22dd28966da94569546818628a9a

SHA256
2ba73a273ccfc34ce545614f8e978c0c21188f5d97df08a5c83568d2f650ca92

SHA512
eee0276924722e2df7fe61a72f43c1ac7b262f0afa92aaa05801e698151fdc826456bf404e1223224bcbc66b50b79812d93836d076693688831af3e70aa29975

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
741bc7b065130875291cc001eed7ae88

SHA1
d4bcf2d4253f69dabc83690961899599de7da61d

SHA256
842ceb7ffb5407e1636522e85ad84a3757e6482914eac2c86dfb429329d91216

SHA512
c3b3f948f14bcf6787b8037ff48ed874dd725f41eeb38ef0d8f827a3cab1857a7da549577727ce4cb65ef02696d571012392d156eeb987babb8bb51a5ec00ba1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\8efa4c98-1fbb-45a2-a66a-917315887c9a.tmp

Filesize
539B

MD5
2f5b20c351d342281d78c94d193cdd34

SHA1
c6badcead7f0c646d94f26a893ecbec763df10ad

SHA256
ca587a1a91f923109bdb03097fe46805b2bee2f6ed07f61625313c987fb73b41

SHA512
a5b5b6c3f5d4994d0e32500e7a17b9cbdbac921583f5be7b278a7ce7ea8ed9f7d90b0aa0cbf83332d253153161f554c834ca24d866fe5741d087a524cce33b70

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
fd0b94b32d5c3852e0cbb6a3c9bdc136

SHA1
7897a4ca8369fde49ad109e5a4b001246c3342fa

SHA256
9aba11fa090b97869f60fc0a8942e76deb850a6cfdb5df57a52a4342156ca787

SHA512
a96de00c2440fc4f124a30ecda61cb86c0880bb2b286b6cb5d793a701160a8e46f35ae885ef899d276aab4667eff2765c68718671e3d582dbc90e9d18ffba073

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
ec8ae9f2506d16ac96d920e5cf28ac83

SHA1
578d40da36bf506f6a5eb803da8c76022a6fa93d

SHA256
10c19103cb80bc28eeddf2d36cfcb7277283ff62f656b37c064fcff96942d6a2

SHA512
4b34d37d742dc344a32dae86fe672842caf1f33fb8cf322698bb7ce6400b5f6a6922c9dd0ac4a9e947309a51013ec2ee549ef484913b555567d037ff1db33a4e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
93496c5049408a5018c70331bec401d3

SHA1
af49921919c13d37b23dfb74d35ebd5359b06adf

SHA256
0c830825b267442be5271f4f62d467d555823d2b803b398d0830c275ed82bfb8

SHA512
cc68416926fb13fad5443961a7a16ea8be5b1a1dd444c5ff31a5e3cc64ed73a88be4cfd13a6952e4446020bd9288293d4f9707e80aed9f5c5e46f1af8356c8f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
873B

MD5
dac56ab9b7cb2c63c87fe065b875dfbb

SHA1
07232f28d7a4129b5fd2d64827bcf3add8c22aab

SHA256
84cfdcac849217a9c9c5e381186c33a22a3b5b8433c652af53bedece8d8b6074

SHA512
39c0a354d40d831ad6fb0483bf4f0085ebff8496c6ec5f99ab48bacc0408a2dde2204ca3bd15f507de42db8be1df87a79cce9bedff8fcf04e91fbfae5ecb77ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
05a0b1bd4c2d8b6f423bf3136925ba16

SHA1
758f7ad1a234158882dfa589851c231e125e90c1

SHA256
89fbf4f45cc026735b0ae77fffba38fb2f0a4ba311c29fe4e8a4093f4d2c9084

SHA512
7a3a5ce3d0a6c89226fbbe1c8135e50e973a17bd9d8bdd0d2040cf7edc21d803b739db08f349c10cd0f301ac78d56bc2a407d6551af043d539777c339c9182a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
0362a194b03020b3ca5befd5073d0857

SHA1
7128d47fa4d15d166d89684a87be55468e1bf3f5

SHA256
9ed91fe99f2e58ecde100f35ac1b135a16087cc67646d7acaba7251ca1cd53bd

SHA512
8ed5806414e02ac861d746b0505839c04b8ad04a557256a11fee7001e2bb932ddb7e76c4e16b5247330d7dde4efd7e8195ff6ab639d5d28804f79cd8215d186d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
7b89ab9d94070a2a4ddabd1221178304

SHA1
74f20572290979f73afebe6ee2cc230d37d1d697

SHA256
72f553460f8396c1e02563f84f57b999aa4732716271af91f06c98814b78247c

SHA512
6e7bf01c351a62845344a910cad0091da0ac54e1c712665ff3f0d70b5215b38a4e616190b5372fe97250c309a3e47cb76ccbd2f84328d8ae1eec88721ca6bbb2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
7fc11033b2107eb917b96a945dfefb92

SHA1
33ca286e95843ef0ea0ddaf5c69f9b03283181c7

SHA256
20c398ba3bc1e9b168fb4794819871035ad29091d320ddacbc4b788de2eb9537

SHA512
98a08eeb40556f1379edb9c3246823f8825419c24d36413543648a55a95199315be94a6f18ee5bfd979bcbfaaed8213d8fd2b4ced17513f55b97a5cca683dcd6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
12KB

MD5
ecd589e3279fa0f2669bdb4a8329e148

SHA1
c1e384a186db815b60230c58198eb6a2cb112755

SHA256
3771c6b6dd429a7e562a5e0921d681cff4dfa9ee5fb7c4f1ae874eaad9189b70

SHA512
3fc8c9a193859d8296a56bf365f7e8722f090bc6cf17f200251b72bf5721d168e7aa04f932d475b542b43f7f2aed0e9968e345cb433be71db654a86bbda3aa5c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
144KB

MD5
03887063d62488be92bf075c6c20c2c1

SHA1
4d63e3082950d12513b86e32e8f20be233d3e8e4

SHA256
18954a0022ac9544c3ee22f185bbfcdf3c1f567261d9c69739ad85690e3a12c0

SHA512
868edb96c3420f9f0a6a742858954118f1be0c2083cea1eed8c4c7c9899879fb761864e307beeb6347676d6f311e1a3f968c914794751854a81466a071327adf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit