hxxps://www[.]youtube[.]com/redirect?event=comments&redir_token=QUFFLUhqbHp4T3NCWkdSSktWVU1PbXhULTJvc0NKZU15d3xBQ3Jtc0tsZTRKd19fUlBlYVlXaDdKbi16NndLTW10blowdEJrdlVaV2hGTm9DbXV3b3EyejVNQmFnMWE3VEFPQ3ZnaWg1dVFoX3N5QXJvOEViY2dhN0pwOU52QlJ0bktFMUw3OHNoUDJOaV9US19YVTVSTGQ0TQ&q=https%3A%2F%2Furlik[.]ru%2FaAFy&stzid=UgxV-b2kuoICcYRb4NJ4AaABAg

Analysis

max time kernel
64s
max time network
70s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
12/04/2023, 22:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.youtube.com/redirect?event=comments&redir_token=QUFFLUhqbHp4T3NCWkdSSktWVU1PbXhULTJvc0NKZU15d3xBQ3Jtc0tsZTRKd19fUlBlYVlXaDdKbi16NndLTW10blowdEJrdlVaV2hGTm9DbXV3b3EyejVNQmFnMWE3VEFPQ3ZnaWg1dVFoX3N5QXJvOEViY2dhN0pwOU52QlJ0bktFMUw3OHNoUDJOaV9US19YVTVSTGQ0TQ&q=https%3A%2F%2Furlik.ru%2FaAFy&stzid=UgxV-b2kuoICcYRb4NJ4AaABAg

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133258125157207603"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4752	chrome.exe
4752	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe
Token: SeShutdownPrivilege	4752	chrome.exe
Token: SeCreatePagefilePrivilege	4752	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe
4752	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4752 wrote to memory of 2840	4752	chrome.exe	85
PID 4752 wrote to memory of 2840	4752	chrome.exe	85
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 4232	4752	chrome.exe	86
PID 4752 wrote to memory of 1680	4752	chrome.exe	87
PID 4752 wrote to memory of 1680	4752	chrome.exe	87
PID 4752 wrote to memory of 3368	4752	chrome.exe	88
PID 4752 wrote to memory of 3368	4752	chrome.exe	88
PID 4752 wrote to memory of 3368	4752	chrome.exe	88
PID 4752 wrote to memory of 3368	4752	chrome.exe	88
PID 4752 wrote to memory of 3368	4752	chrome.exe	88
PID 4752 wrote to memory of 3368	4752	chrome.exe	88
PID 4752 wrote to memory of 3368	4752	chrome.exe	88
PID 4752 wrote to memory of 3368	4752	chrome.exe	88
PID 4752 wrote to memory of 3368	4752	chrome.exe	88
PID 4752 wrote to memory of 3368	4752	chrome.exe	88
PID 4752 wrote to memory of 3368	4752	chrome.exe	88
PID 4752 wrote to memory of 3368	4752	chrome.exe	88
PID 4752 wrote to memory of 3368	4752	chrome.exe	88
PID 4752 wrote to memory of 3368	4752	chrome.exe	88
PID 4752 wrote to memory of 3368	4752	chrome.exe	88
PID 4752 wrote to memory of 3368	4752	chrome.exe	88
PID 4752 wrote to memory of 3368	4752	chrome.exe	88
PID 4752 wrote to memory of 3368	4752	chrome.exe	88
PID 4752 wrote to memory of 3368	4752	chrome.exe	88
PID 4752 wrote to memory of 3368	4752	chrome.exe	88
PID 4752 wrote to memory of 3368	4752	chrome.exe	88
PID 4752 wrote to memory of 3368	4752	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://www.youtube.com/redirect?event=comments&redir_token=QUFFLUhqbHp4T3NCWkdSSktWVU1PbXhULTJvc0NKZU15d3xBQ3Jtc0tsZTRKd19fUlBlYVlXaDdKbi16NndLTW10blowdEJrdlVaV2hGTm9DbXV3b3EyejVNQmFnMWE3VEFPQ3ZnaWg1dVFoX3N5QXJvOEViY2dhN0pwOU52QlJ0bktFMUw3OHNoUDJOaV9US19YVTVSTGQ0TQ&q=https%3A%2F%2Furlik.ru%2FaAFy&stzid=UgxV-b2kuoICcYRb4NJ4AaABAg
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffde50c9758,0x7ffde50c9768,0x7ffde50c9778
  2⤵
  PID:2840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1792 --field-trial-handle=1804,i,17141726422475430338,17030057630391255885,131072 /prefetch:2
  2⤵
  PID:4232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1804,i,17141726422475430338,17030057630391255885,131072 /prefetch:8
  2⤵
  PID:1680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2240 --field-trial-handle=1804,i,17141726422475430338,17030057630391255885,131072 /prefetch:8
  2⤵
  PID:3368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3184 --field-trial-handle=1804,i,17141726422475430338,17030057630391255885,131072 /prefetch:1
  2⤵
  PID:1684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3164 --field-trial-handle=1804,i,17141726422475430338,17030057630391255885,131072 /prefetch:1
  2⤵
  PID:1544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4788 --field-trial-handle=1804,i,17141726422475430338,17030057630391255885,131072 /prefetch:8
  2⤵
  PID:1936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4888 --field-trial-handle=1804,i,17141726422475430338,17030057630391255885,131072 /prefetch:8
  2⤵
  PID:4936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4808 --field-trial-handle=1804,i,17141726422475430338,17030057630391255885,131072 /prefetch:1
  2⤵
  PID:4436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4512 --field-trial-handle=1804,i,17141726422475430338,17030057630391255885,131072 /prefetch:1
  2⤵
  PID:2068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3420 --field-trial-handle=1804,i,17141726422475430338,17030057630391255885,131072 /prefetch:1
  2⤵
  PID:3028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3280 --field-trial-handle=1804,i,17141726422475430338,17030057630391255885,131072 /prefetch:1
  2⤵
  PID:4840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5668 --field-trial-handle=1804,i,17141726422475430338,17030057630391255885,131072 /prefetch:1
  2⤵
  PID:1612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5788 --field-trial-handle=1804,i,17141726422475430338,17030057630391255885,131072 /prefetch:1
  2⤵
  PID:1584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5484 --field-trial-handle=1804,i,17141726422475430338,17030057630391255885,131072 /prefetch:1
  2⤵
  PID:3180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=6136 --field-trial-handle=1804,i,17141726422475430338,17030057630391255885,131072 /prefetch:1
  2⤵
  PID:1276

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2072

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
a819dfa2301959b6d9cfee0cb4fb84aa

SHA1
2bc849e8e8fe231685d52e1fee68dc1b9d114971

SHA256
22ba2e13739260d3dd9735f1bc8c1453bc55cc95b0159f79a52c5cdd13c7ccfd

SHA512
2d97ec6adec927a577c03057fe0b8f3933622046437f0bdb9a6d5b3afe833bf2570da358f7a4b1325685c5acdd08f8153978fe892c3da2339d6bb645b6a648da

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
686f3d032ad97c4c09e6da59a44dbc4b

SHA1
e0391bf9df2e4afe6d975758f2136e4d4cb3870b

SHA256
277bedc5f59ade64d9ed69ed76645ba2e5c61b7550ca335f0c891cf773e1aeeb

SHA512
475a13fc56c7b2fee396dd2f4815b4265e5f3d1920db071e5e4e704b6c1ec0bca9f07862ca47fab1d16cafd28123e0d08c9aa6d1729b132275bca6d1d0f5400e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
44a606debfa14964e0a90377789de503

SHA1
de9dcc8116335dc8fad25693af36fd6be06be1db

SHA256
c15a74ee41ea472ff60f1e6c9f2a8c147ecb00e3cbc4a7a1549ab75409ec498e

SHA512
c3521272de4e66936eb9f6e735285fe19d5c742f5fcf9c95915f5d1ff0d281a1c649b07fcda2a3796d650d457440e99e62fff8c67dd5ffc41f3e7f61bc64059b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4a144c3d9dcc276b47dcb98a1d4370b0

SHA1
6e866b12617030739fe61a1df3ec66a4b1b3dfbd

SHA256
f905bbd3211597846a3667144896fddf9f502e1950752ee31080e63d252ad85c

SHA512
1d26961d79fc5c4dea0297cb097bc2f0d9b781b12210b34ac2fd583128dd6553d3b2df5a549de5bd26f2a4025f3f1b770ab06115566e28d3bf553913f0afee2c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
182739752ecbe91cc5d0ec3b4568be4b

SHA1
4110e75eda975af3c2c8bbe82e72571659c49f51

SHA256
85a441be2fe9c6fa3236e463dc65802381c5cc2cdb2dc370e204ee0df45b3d45

SHA512
2d385bba220c80a3f51cb162a51176470eff432de5444bca24601024a2136eee88e898c276102af91c59c19ebd6576ad0f72192ba372948ebe679c0332a2b3c6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
199KB

MD5
290848f39d57c434d84b681886366ab2

SHA1
f9acd8a9a2daf47557999d22aab5f4d36e829c8f

SHA256
7ac24a8b4ea85a6490bc1cd3952d9548835b1f2d04d1581ac1c58f4088a99835

SHA512
96a38f8fd2d2a777dce74bf6d6260933044e9438715acbbd4b20a047f7f2918ea887c15df65ba58b6f628a62d66da6de64fb4a23757a9abbf8f576e5fa926ca7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
199KB

MD5
fbb139dfe694406353567f6f2c09a441

SHA1
ddc6f4d7df1e170a0701a31efab03d85aa878d8d

SHA256
b15b7a0c3bb9fae326cba841ef66ee133dc256ab9ea5fea62401435bfdfaec42

SHA512
6186a50ac9dfb0438e6f035d3531d4b0d43a17446dd96135a9b44e790b0162ec8154c10dac163904eb797a9e77f3ad27590782190e7204ff5f2f1000a74672e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
108KB

MD5
10bac58c40d86791e5ba034678c3a3ce

SHA1
95074bd8484ce202fbc162b476967473a331961f

SHA256
fa55b90ac269df2ee0404869bff63e889bae1abb8910b34d3e566e96106ff670

SHA512
75dafc98ba7a84c86e964792552363245a5b95f5d3f13492afd5aee0efa52cca98e5bc006ab6d4109afa9c1e14da53910fd9fdf269afbc1b855e5ea96154db32

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5753dd.TMP

Filesize
103KB

MD5
825625465d0e62d647e1cc04b5b1640b

SHA1
55858138c03772bf97098a5099384ba64d0797fd

SHA256
c85ba0c34c5f5c41a96e5b00305d61a3c7b2024637e9d1e46f3c69d3b0df341f

SHA512
d5c36f98ab9884f3a6f9a69dd9beffdf919c44e45c5678f087ecd7689720618460a359015a878f8a2f654f63fd7dbee45a37a2cc5cb9645f5b004c094c4f7991

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit