hxxp://psjr[.]mj[.]am/lnk/AW8AABRQqz8AAAAAAAAAAMTnrPgAAAAAAAEAAAAAAANY2wBkNfjqxgic8-ETT3iJE6sOQBt9LQADNJU/1/-KFpVCsTjG9vRd7AaRb2oQ/aHR0cHM6Ly9pbm1hY29sLm1pdGllbmRhb25saW5lLmNvbS9jb250YWN0Lz85MDYw

Analysis

max time kernel
1200s
max time network
1186s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
12/04/2023, 16:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://psjr.mj.am/lnk/AW8AABRQqz8AAAAAAAAAAMTnrPgAAAAAAAEAAAAAAANY2wBkNfjqxgic8-ETT3iJE6sOQBt9LQADNJU/1/-KFpVCsTjG9vRd7AaRb2oQ/aHR0cHM6Ly9pbm1hY29sLm1pdGllbmRhb25saW5lLmNvbS9jb250YWN0Lz85MDYw

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133257995831402225"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
5032	chrome.exe
5032	chrome.exe
4516	chrome.exe
4516	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 17 IoCs

pid	Process
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe
Token: SeShutdownPrivilege	5032	chrome.exe
Token: SeCreatePagefilePrivilege	5032	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe
5032	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5032 wrote to memory of 5088	5032	chrome.exe	85
PID 5032 wrote to memory of 5088	5032	chrome.exe	85
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 3856	5032	chrome.exe	86
PID 5032 wrote to memory of 4288	5032	chrome.exe	87
PID 5032 wrote to memory of 4288	5032	chrome.exe	87
PID 5032 wrote to memory of 224	5032	chrome.exe	88
PID 5032 wrote to memory of 224	5032	chrome.exe	88
PID 5032 wrote to memory of 224	5032	chrome.exe	88
PID 5032 wrote to memory of 224	5032	chrome.exe	88
PID 5032 wrote to memory of 224	5032	chrome.exe	88
PID 5032 wrote to memory of 224	5032	chrome.exe	88
PID 5032 wrote to memory of 224	5032	chrome.exe	88
PID 5032 wrote to memory of 224	5032	chrome.exe	88
PID 5032 wrote to memory of 224	5032	chrome.exe	88
PID 5032 wrote to memory of 224	5032	chrome.exe	88
PID 5032 wrote to memory of 224	5032	chrome.exe	88
PID 5032 wrote to memory of 224	5032	chrome.exe	88
PID 5032 wrote to memory of 224	5032	chrome.exe	88
PID 5032 wrote to memory of 224	5032	chrome.exe	88
PID 5032 wrote to memory of 224	5032	chrome.exe	88
PID 5032 wrote to memory of 224	5032	chrome.exe	88
PID 5032 wrote to memory of 224	5032	chrome.exe	88
PID 5032 wrote to memory of 224	5032	chrome.exe	88
PID 5032 wrote to memory of 224	5032	chrome.exe	88
PID 5032 wrote to memory of 224	5032	chrome.exe	88
PID 5032 wrote to memory of 224	5032	chrome.exe	88
PID 5032 wrote to memory of 224	5032	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" http://psjr.mj.am/lnk/AW8AABRQqz8AAAAAAAAAAMTnrPgAAAAAAAEAAAAAAANY2wBkNfjqxgic8-ETT3iJE6sOQBt9LQADNJU/1/-KFpVCsTjG9vRd7AaRb2oQ/aHR0cHM6Ly9pbm1hY29sLm1pdGllbmRhb25saW5lLmNvbS9jb250YWN0Lz85MDYw
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffea7ec9758,0x7ffea7ec9768,0x7ffea7ec9778
  2⤵
  PID:5088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1788 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:2
  2⤵
  PID:3856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:8
  2⤵
  PID:4288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2176 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:8
  2⤵
  PID:224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3008 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:1
  2⤵
  PID:3408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3012 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:1
  2⤵
  PID:4936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4576 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:1
  2⤵
  PID:656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3352 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:1
  2⤵
  PID:1084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5312 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:8
  2⤵
  PID:2540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5468 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:8
  2⤵
  PID:4732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5336 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:8
  2⤵
  PID:1552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4964 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:1
  2⤵
  PID:2248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3132 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:1
  2⤵
  PID:4220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3212 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:8
  2⤵
  PID:4720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5328 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:8
  2⤵
  PID:4792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5780 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:1
  2⤵
  PID:4744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5416 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:1
  2⤵
  PID:3380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5476 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:1
  2⤵
  PID:4792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4960 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:1
  2⤵
  PID:1760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6040 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:8
  2⤵
  PID:4724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5712 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:8
  2⤵
  PID:4952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=3116 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:1
  2⤵
  PID:2612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5412 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:1
  2⤵
  PID:3060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5332 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:1
  2⤵
  PID:1840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3968 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:8
  2⤵
  PID:4632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2788 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3052 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:8
  2⤵
  PID:2036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=5272 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:1
  2⤵
  PID:4856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=852 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:1
  2⤵
  PID:2900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=852 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:1
  2⤵
  PID:3176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=4504 --field-trial-handle=1768,i,9612886892762130524,16483280836000654048,131072 /prefetch:1
  2⤵
  PID:3188

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4728

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

Filesize
27KB

MD5
1a6da364d64a2045c28a69c4136d0f9e

SHA1
1798e6a2fdfcc70a0bb6dee4df6526218c869c9d

SHA256
ebe7377559fa54e159375903ee92c5f5bf6514c4a15798e6dbcf368b615e7b20

SHA512
baefde1a18c9f807367bc5215370be44e9410a377aa254a004e1bb39a7edb00c583ffc2a1bd7601f23bfe2cca1e16c00469db175437e65dccdca05cc3efe4a63

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
111KB

MD5
d5001d88b51ca19d493964a67733e6ea

SHA1
f6e51851e7d7acc9012df74228980fd9aa5febec

SHA256
3cf1166f64929786e324c9611c05431e2b790a9e286516b00a64b7f84c4cc811

SHA512
76270bf5d05482b276f0ef0f1bf056c6b1c974c936e791bbce40e4a5dc3ce9206abae8236963768936216e80a855f0536e8095c2e7d19b83552637218e68ec2c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
46KB

MD5
8009824478a530bc76391cdc85bb7060

SHA1
1bc736a07b8b30c60371cf80962d5b4611d3234a

SHA256
e8d75d6bfb13ed4a3e648aa769094aa10883cd060034e4b2cd3d0531635fdf3d

SHA512
4aa925bd981e12f4c3f931bde6ef397edee53408c2d6bec23553f5e88ea88b736055a5912e56b8f8ca93533adb77b837bd859b1c2c48a8ea1f93303e222da4db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
78KB

MD5
6e4ac474cd488a7666d2e442dd7241fd

SHA1
c32b090d84b06746dbb8194235b682f6cddd4619

SHA256
30c6beb75786a1f116b5ff07ad0d1b56634294044beeda59118be54158d97d13

SHA512
06adf0aca7d4d3d16b46ff396023b3f77b75f2ccc2129120fb0726c9b89b9c62a647666e89f8f1e592876b007d85288fd6355d8030be129bdc74975e573ebca5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
449KB

MD5
26870b293cf9099fdb5456874cccddb1

SHA1
26fbd046ebe8f1834e2e8bcfbce26f3831182f1b

SHA256
e955c4d0f92e53d99fb76a2c0d56ee1c0b8345fef39c4e49d7bc9ff1148e27a7

SHA512
6db275087860e9b60a53d42d8e73c15752b1b4b9386b6041b19d02a1fd879852f2aeaf53f6e32e05acc29e13b162c7dfd590a6e3e95a5cf47637d2c01fad8a37

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
821KB

MD5
1a199584d4132b518a769a73bcdeffe1

SHA1
a59bb09720390b68fa03fee2401a3ef8c99f86c4

SHA256
4c3aa0d7e82af7d84a6175146b2359c6676c482a455c41959f97d3817f476bb0

SHA512
1641e1385f9cc0dfa054a9c7345f9708da12182a0b5e3ec1a692321e6513692a539af83bd0cf6e3ca1d65aa3fcba6ef755926bfdbdac623e94f514bc5d27e8c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

Filesize
162KB

MD5
fdfdaf63d56b4a9cd6641d79f7159fdc

SHA1
18b413d8b6b9f3bec32026b7e9d9f4e5e366922f

SHA256
f4dba3e15f08cf0686e6d89370ed42e8a5dafc38973501f0aa6baa9b93c720f3

SHA512
06fd67f1a2d5f168c75b5b833d3222d6c0eccfadd4021173a7ec7f949971554d1c7df322b1dc512ef14941e76a9ff6445ba3bd16d940be5bc177be989ec39c2d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

Filesize
37KB

MD5
47ae9b25af86702d77c7895ac6f6b57c

SHA1
f56f78729b99247a975620a1103cac3ee9f313a5

SHA256
9bde79a1b0866f68d6baa43f920e971b5feb35a8e0af7ffadc114366f8538224

SHA512
72b5296e3dd1c5b4c42d8c3e4a56693819779167b9f02bc2d5f5a626b519a9cf10bee59846d614c929c42094b65d13039f6024f6cb1c023e740969aaefd060c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000034

Filesize
25KB

MD5
435f01c68324880b3bbcb4d7e62f4a4e

SHA1
96a17d301af03416b941cb8d741af31c14c02c35

SHA256
dcd73b424d1ed1c4c5fdcbb5e4c2268fceac9ea9302adb549b87cbd793f53588

SHA512
981f5596e302ecd9d5b3c0619acc26cf127d7ecb86d6f7b2cd3e805c997bd34a8baecf91ea19242c9e43f834d9ab475540551a60a5bb2f5d69c98af7fe4fecb7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000035

Filesize
91KB

MD5
8c636777842c1f8b146dc16b84c0b154

SHA1
298f9cf40268373e9dbdfc9827cfe49fa657f5a1

SHA256
d6705ae380fd64cc417987292cff8c5e7b8bde1ce8f51e032fa8aca216a3edff

SHA512
182e178a0a59db3eb8e1d6a9ab182f3ded92257dc9269ea557d3692896c0320166f7ab6015fe26527ebf9bd78147ca2857347fd27b1d0fa1ee7459b2d9c726d6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000036

Filesize
21KB

MD5
628b30f1e7eb31f3b8c78b0611819f55

SHA1
83ff4899b9d2f5bf743d678665b91f9cff94d786

SHA256
3087e953d4de6bfa5e6b597a9f1673ae24a9cd954a4d1e469fe10f345967ebc3

SHA512
6768438111044fac603020bd6400cb2aae8c3ea8622eea8c71021ecaa739a1c375d855cb9365e86794889b06b84ab9098f6ee1709ee2854592534fae4e5ce483

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
2df2f7939d4b7c9d044b15e4be244fe4

SHA1
92b8e636e917a851bd88aa476180f32ad5cc35f8

SHA256
bd46a5c18ade084b76e8ada5745418d0fa9b1edb0fdf3662ad865330b3ac78d3

SHA512
826a7145dda661f2bec2d7789bbf2f53426aa15abc6ba42f4fbda6778367472d81e86e4d07788c51fa1f3acc2a7ee818c20aa20cc8eae0c466276a28adb719d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
469b88d5400cf418a90ba1c369ff624a

SHA1
58ec0874dd9a88c2274d0b061c421f81b1902c4f

SHA256
2644fc22e0c95845f680f7738c0abd26e9198a8cab1dc983203a1c8b2be15aee

SHA512
35abc1f20c856e8701cbe3ea307ea9390da7a48fc3f04b9f33019c6842c1f25568abe8a56f4eb3bf02f80fc670d671849301594f2b371aa85510b3f809c7516d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
53317d01f62f10f0f7a3bf00aae483f1

SHA1
9755f3c406a1958c992ff9b05093627e9993f177

SHA256
618c69abcf76dff4e5a9b579e123a72a4c18883c6472fa7037f89ecd5489a7fc

SHA512
fbb904aee1c4804a2c36b3323d6178ef1c6a7b92060db7652f1370efed3072655a168ad9b2d021c0fc58937c086786d9de8b5a44fe6e9bbff1a1bb3d39dbeba0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
4638c5d68956c19c980fac9ca0fcaedd

SHA1
f3c5357c2bc9bf2d73a386270f207b7a1c767b35

SHA256
cff7fdbf8403b1c5f85da77850e54b15380e5d744489e113f9e9416c0b1c470a

SHA512
7eea9a9d7830f346285661198ff1b00f1edabd72a11e162faad3a11bd4dab9517482497d55daf5974b0e00a7f0d60945da90b5fe38b601357547fd5c4bb0452f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
1921f4943d1bea53a5a68ffafa9023a2

SHA1
cd1df8fa32d309e46a03073704274dda552f14bd

SHA256
e66a7841bb2125d739cbb2e696a998daab489348a42a88d45927da378404830e

SHA512
2ea961ecb6133d191ff5758801d00ee670f065a2c30ba797969ac10e718fbd5bfd65d0814aaff78b3f511db05e119bd0241dde403ba5d0d6e4605c3ae37ee046

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
b253ce97cc3f0b61bc7803b71d67f010

SHA1
13e1b90ac42fe06c0555dd633b81744013bae1b7

SHA256
504f8b1b9cf82f7159b1d36c0e5aed0930f671b4ccbf4e94626c5b2f45b2c94d

SHA512
e54ec6b4df0e1a10c99036d630a5360ca3d306e349a0f84aca95a1ae168f3baaeed8c9b8b4423440355d20fc637deea9ac4b302ab6cc8a4902f97c301772c594

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
fe719792f9c7429665e7cba3df329e7e

SHA1
92d3158b4191dfdc83d62a631eed21206ab1ea9a

SHA256
1b4028fd41be9c1cea988080ac0ccf5f4b12ccb060c5cb02b71359955ffbfb76

SHA512
010565ad5bf081d6077e22ed092a81d5e040dd5507afa3fd7231f236c877438103523aabe8656c61760e6be83497aeb96ccd0542841277c7b891e3ad9b8cbc3f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
d8eaff72e50db50198f90740bc10a63c

SHA1
cf1817daf2ab3ff7361208c0887acbdf2a5282fb

SHA256
c6b8bd3def7da33087e5ae9016d873aa9f483e59cc0ef53800f4205d355b9544

SHA512
6afd3b5fc2cd86db8649a72b08f4d6de619d3af29b5fe0ff7e3d51b54c757cb7bac9da7c89041dd9352343d9766acc49184de1c4bb78a8acd59c88a63ba87cd3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
206925c94698aae37b86c9721ec27c27

SHA1
c072a4b3c8357ed10246beeb60a21ad679634402

SHA256
4bb7f08a4d93bb8d0e5aa706fb240f89bd48b753aad06e394421bc3e389724df

SHA512
5e42f6742a71508c2c014d70b98f033b54efda68899aac12e390119910fb17cd3917bb53cb6ed0cab917a5c65ee93510bc8c4bf0606e6f3de080620295f11766

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
1fd2e5d9e9f0680e23eec957228a01e2

SHA1
2a6e0fad0c53d63fec76410002d9f90bcf22c5bb

SHA256
b7f5810c66a4dfafcb87ff46ccab2ed69c30819b57aa535e273338bf4fdc7920

SHA512
bcf6e2a02886bc905caf6578f7a0b2d28eaf36d91ff13045a58d98206ee02ece1187364f28c2c1c55fb1972b1b2d9c00cdbb94f5afdb29e54ed5a00c6f44704c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
865B

MD5
1211ae99d9d7e11818b6aac17cc98857

SHA1
1b3dd1a6cc9a1d5818656f7f84ebdd95b8d16192

SHA256
b5c240b25aa58cba94ea9d034807275a5b25f1186f97cd24c6a3ca3ec49998b7

SHA512
24fd458e58e4a5682ce978f9398933408957485056e3fccf4d2dccfcd010ffe6ce8d6b85063344cd6d594c9db938776d4c2b9e69b1f078895f9d7b72869d7af6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
d64028f943437784df560b64a380751c

SHA1
6e0cbecb1b9defe12a3b9f2ac46a5461b2b32120

SHA256
e4f12a44ebae36fe75a97ba04ac8aa2fc9b53103ac4dd325b298128bee12c71c

SHA512
4e9bf6f137a0966be5759e589e755149f906d76aadaa6d6c485e6ff1d7a5404d77b0ba0e6432f7ff2d2e078dbfaa5e7701b574a9e5f9e39b768eec724e4f00b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
865B

MD5
d5cb33402a5a4705ca2bb3b7c378622a

SHA1
1447857db8938c6f8f479409f3d5abe226d43cfe

SHA256
914b1366cfc30933ef8b657a41674623d40050831ea308221695bda9931f372b

SHA512
37a29d525e5f191cf3bae0344e86683cfa610ed7916d846f01376ee2958fc81bbd27ca085eebf14857161180db8d0a52c7cae14e145f3983f8ed6d8213a4d7fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
865B

MD5
5cd9e3ec2e1ee9ae8b212c7e4a63691c

SHA1
3f6488994e3b01ddb1317b7337ef746273a465f4

SHA256
6cddc034ff547c40a08881c5bd7ab1a2f7864c5426000ba4ec22cfa7544742c0

SHA512
6dfb386af3cdefa70ee1f00b879608bd7e4e1af54b1879152d7f274aa5be1310c491630fbfdac5f0526dd7535097a55dc3708bc4450aea61b0492ca09a23eb77

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
867B

MD5
9ca2e74e0bd40b2fcbc1c0914cd1b232

SHA1
54d763c7816d19256e3bc56c2c48224b82222307

SHA256
d192a76062464ac77e4e87f6f8b0e0321005f4025416db2adec1765c3e8a2d11

SHA512
9f1f88278cca6aa238fac4146cdd7b65f67eb9bca17ae1d233090526922f63ef8bb244a649afe60d730b80587ecd9020fc1c8de74540e4c57d141ead4adc7061

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
865B

MD5
e18d6e589bfbebd69dd5f7136e89e184

SHA1
a8bd1e8afcb18145208b79eb2e412218facf098f

SHA256
7b3aa93c60ad86919a8964cd3d943ea0b06f9f8a1c243154143685afda19e914

SHA512
191bd8a6c0cf8792fc261168c6622d6805e0215882f5c4f17a5a096c00d233f163654cc273e849a86d365a3bfe0bfc887187b7113e5a7e7acf5e7c8c55cbd48c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
867B

MD5
131893dc6c314698e3c5e9c812c3af90

SHA1
5f51425b42190537f61848773249473eb1150b20

SHA256
d7b413e1f54690dae21274d593ceeb39ce2e575d6c2050f808e422d176af51f4

SHA512
096def8fc82c4b344117377092f6984644a47ebae2de70354c505197e98fd34cfb0baf9741b1b33e79444d1e481262ab34194c1b451e211a102e42e374c96ae2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
700B

MD5
8cf7f458c2df8f15526a96b57afc7cca

SHA1
45e79f5241cb6e4963b20237fbe008238d67d618

SHA256
bb6cb39316e399337e74bec8ec738ea2cd088be70f46849ef0a449375d7e0369

SHA512
e5d5cf1c73adf4c3a7b48964c901a36fbed8eb19bd9b923716ef6fa9ce0dc3fa4281135e56f1901b0a8aa2c3a99ba12bc976ff636d2005a71e1f4aebff8775dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
865B

MD5
9c1f9ddaa7db01d8c024a1e787c7d214

SHA1
b1b050f6ee3f3f92559ce2a87c38c99f8c8eed14

SHA256
16f94e1c39acc22257b124fb7b01fd5760aca5d0d2fbbf2027405b39ea9dc122

SHA512
833872b346037fe2287254e088eeab0ebaa41f40203f65e8d6ff9275ca6960f92883355df203efccd038e58b50b1ea01f433c877a9cf0e147f307fda531df092

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
865B

MD5
8671ce0383ba71b88ddb238392806d62

SHA1
ed51d937265a9dbb519731acbebd3780c4f94da0

SHA256
c39bcb52cf6812d8231f4611fe041a1cff08ebcb23170df7c88cc94e6cfead49

SHA512
c9937896cefb74b21650ff02448b0389df2b9266427815a1cdd67a58beabff575cb641e53ef15088212ae5b473579911ef8bb07b4e867a96cd608692d22f3da5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
d82e860bf6e0bda4e8b3515a1e93cec3

SHA1
eed1a2e8306539430a06e1fcec8ce44189fd8e58

SHA256
3a09cb7bf891bfe2a61051b0a9f5ec1dd947cb0c84c728a868b411d011e432cb

SHA512
486d7b15be9117fa3039c66f4cdbd3c4ffef76d9420ccc26f3325a624b78610e0ab00b8f75afd3dfd4404699cc23ef6d0417de02beb33dd5bfadad940b059688

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
c087fa73a0b65df281879a26162f49ac

SHA1
00885b2d15062481c618c5d28d45b67af12c3db7

SHA256
5ff1bf0cc36358939f8d9c420bc88599a0c94a14a4ece76d1a9ec770538d0ef6

SHA512
4810656208f266dd3b3f8d2546121f2a24c71884657de153188f06d2987c41e7d683227e20acd417eff6b7593de4c2b80afa6f6c5f3942a6cf143c6b93e2a660

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
bd4aed9c1cf02984683ef4cc88c8cdfa

SHA1
d1a59256c9bbb3cf5f86efdc6e538f4fa1625d9b

SHA256
6d2bab801bc0ecbe2fd310acd27f7432f1e03afc09c64a9360ddc2c59b4eaae0

SHA512
2f48d0993a25d1da1db1861d8210e9f57b508e8e071a6aeca5b928ccfc38266ae9393dc8240de0142d5369133cf1276716edc77e1197df69306f16a32ead3b60

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
c2e30a0d73f1b2a504b83fc4605fa1ac

SHA1
8c8db5c912675bf800d0fa77e56047b66170c80c

SHA256
10234e4c3830b142f470f17b5f17635d629d32fae4ef5ca9427612afec8450f4

SHA512
8f8e333180b63a71d3dfa293789baa66914d03340a74b03e8357a0a5f7a57dafbac9ec904e03fee789613ae2a311676c9425c7270eaf7515291f27aa2a7be71a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
7089a21c3051b70589081eb7180537a6

SHA1
2ac94afb7d9222b935e08986ba909521dd1a4f4f

SHA256
4cc1af3813f62e67e78063f03c2c6ad868c41d067833d2a0d84d56e114474daa

SHA512
b1d853b340860649ec740f89bba22308dafecb042cdf38b956681ac0a9bcc186cec5b48af5f92c3fb262ed68100191e67f8b7da64b1529e17b0784a08cb9604b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
e968f685046d6f61917acb0db475c7e9

SHA1
350b286c309aa9cc099aa83b300d42d36baeedc2

SHA256
5c440b18aec3118f37f30dbd4d96477d418db18b6e24023d5dd4bc0b6daf1bee

SHA512
49d5f50159c369ede41355c336e6c09a38dd35be3676b40f5970174542c5a763e3484c7e94fd0b7d737f759a29c065f5d7b62d645ccca1f56e50f6eb2c80ebca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
76f9298341e94ca56ab2df7f2a0f90e1

SHA1
a4550c24149da7a26cfdfa9328a03b432f276651

SHA256
dbb2fcf985063d5d1ecd181f9b6750aa876a37d55a64ed1a09da2f209fbc3cbf

SHA512
dccd6c3f352dd763dc316b3b52ee03513e27cbcb4969f1b4733447a513e21612e68ede098eae209dded2b9cdf6c309440be63c93e1c08e2ed5ed3f5b4aab0926

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
bb372271723ea4b7f1c1afe9474153b0

SHA1
da3be1a379bfc8b7d045f69eecfc5497faac4740

SHA256
943e207710c2ab4d9b483f016fd9d7c7f952b954f58de1f2895a51436d606b7a

SHA512
b2938e353aad8c15aeb36ba144c2859d61b85b63f6a28712682535274d562bcfd718a3f3f3e96569198cb129c343daa321e52520bacc8642885620b57ac8028f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
7c70b5aa702960710badb2281bc45e0d

SHA1
80746a6ec8c65157bb5a42e9d72e8b68f0ed4876

SHA256
ec29ac0a1ba2098d26fdeddd3c08e06f1f9ea57c43b11785e7e844cacd0b8227

SHA512
6c4c148ce2e7db68a95d70bcf984c330c06975bcb5f99949db00518dd579b6d549de688300a7f370e561e6c18ae359f3cb049c874ce1bb4523ada710069d062d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5798e4.TMP

Filesize
48B

MD5
046685e4b284cec76a660cc512e52229

SHA1
823edf74994dd9cce29042bc0c828f762166b561

SHA256
de132cb4a5b0522d4739ade20b26c4209c6590b677b59267db254adf1371b38d

SHA512
4d1f05081b048b6ac678b0a145d0c2664b1e416765ea62bc140a966323cedd5e60309a65a2e55ffbe865653bdad51c39d9b6474cb320c83ac16a6425d83364e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
199KB

MD5
476c851640dc21d84ee1f102dcf33454

SHA1
91256f57f2b6249e7599a0d094cafb2fe3c4534d

SHA256
95bccd559b53f57200235b8dc7229e68d7dc5e792b9ae67cc33ef119859c8381

SHA512
c3e30612b8ac19a02f973f174bed4d53e4095e0f855bee2712d7f8101f44d835ab3c51e713e44864a2f16440f1d290150d6d591f9c6181dbd70905cbd8c6612b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
199KB

MD5
4304acad36bbddcef282b93c3abe4d67

SHA1
0071226ee0844f40b2722828c080b723b375de18

SHA256
8b3bfce58fa06cb3f3ad1c5dc38f1e6c370cbad10c9c66771312cd1b6dab524e

SHA512
9457a4838ff66595ff00a235d063c098f0d2fb20a4d23e43162fa3064c6481230d8e89cb30508538b33afd9bb050bd3bdd85189a33821a48bde47c2a864ac92a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
199KB

MD5
735a6a3725b00c34eb5cb9f5c5cc6647

SHA1
a15115cc66e72fc7c7d8b6525a73011760a15956

SHA256
5b6b55d121b77031c1377a53fd491960d1409f4fb06494deb4b67fc1ac73a603

SHA512
912748405f94ab7a9ee7d93e78a4e0b3f63233c0afbeb428ea8967c1fd903f0848f35852333264605a0a7dd56bf94cb72b168237302dab210171f12bdf30463b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
106KB

MD5
0c2aa2db8d0ea689d668509dcb599837

SHA1
27008173efb4c8e321c682cc124ed7638a8245ee

SHA256
c3787c1bddf233835ec0892f08835d1fc1cddcf5872030d9fdb60be4549493bf

SHA512
24ce8c70465ff691f25df7338113d2bf5b010de799fce6381115d9c9f486dd3590c4a3def2b9fbf2487525a5c3a461e01d226cbe3c3e0b6e77286f5d706a1e69

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5cb146.TMP

Filesize
100KB

MD5
c7501ab47d0165e864a45dde7a9a06de

SHA1
95f58b4aa4d670570ea37a8332d9f84c5e275393

SHA256
f17141948bd5a78e9ed98ae8c4da7c90aa198adfe734878e1205c5304796007e

SHA512
6901b5a36637d84d8799ff51fe4cc30e41ed02234081d82399aeda2b62c1860c813b258579dc705ca3aa6236212589372864313ea2415d281b43796dfd0b05fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\efd20e90-cd5d-4c8a-b16b-a98885c9b619.tmp

Filesize
199KB

MD5
2928a06e2cdc1097fc0434d256b074ed

SHA1
c8b384ba2cecf3d889f2b2a8c61bc5e40c8339c3

SHA256
27a8990f02632adee75d3d480f4bb76147485ce532ee81e25a2f8bd897db66c1

SHA512
d542a9b018d36a27690a2f3411caf4d12fc0ece8c0bbddfc90799bbb5c5681ae060a14a52dc8da2802e63c974c411252384ce4cf8d936e3d95df12d224658bc3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit