hxxps://abstractrecruitmentltd-my[.]sharepoint[.]com/[:]o[:]/g/personal/alexandra_abstractrecruitment_co_uk/EuxwrR3-mtRCvhYJ3HNTcvkBjpGsoQi_V5ElmdrY7iBdEQ?e=sf0YPk

Resubmissions

18/04/2023, 02:30

230418-czdecaba5w 1

18/04/2023, 02:24

230418-cvvstsba3y 1

Analysis

max time kernel
157s
max time network
161s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
18/04/2023, 02:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://abstractrecruitmentltd-my.sharepoint.com/:o:/g/personal/alexandra_abstractrecruitment_co_uk/EuxwrR3-mtRCvhYJ3HNTcvkBjpGsoQi_V5ElmdrY7iBdEQ?e=sf0YPk

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133262582901297197"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1268	chrome.exe
1268	chrome.exe
400	chrome.exe
400	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe
Token: SeShutdownPrivilege	1268	chrome.exe
Token: SeCreatePagefilePrivilege	1268	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe
1268	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1268 wrote to memory of 1820	1268	chrome.exe	84
PID 1268 wrote to memory of 1820	1268	chrome.exe	84
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 4260	1268	chrome.exe	86
PID 1268 wrote to memory of 2428	1268	chrome.exe	87
PID 1268 wrote to memory of 2428	1268	chrome.exe	87
PID 1268 wrote to memory of 3848	1268	chrome.exe	88
PID 1268 wrote to memory of 3848	1268	chrome.exe	88
PID 1268 wrote to memory of 3848	1268	chrome.exe	88
PID 1268 wrote to memory of 3848	1268	chrome.exe	88
PID 1268 wrote to memory of 3848	1268	chrome.exe	88
PID 1268 wrote to memory of 3848	1268	chrome.exe	88
PID 1268 wrote to memory of 3848	1268	chrome.exe	88
PID 1268 wrote to memory of 3848	1268	chrome.exe	88
PID 1268 wrote to memory of 3848	1268	chrome.exe	88
PID 1268 wrote to memory of 3848	1268	chrome.exe	88
PID 1268 wrote to memory of 3848	1268	chrome.exe	88
PID 1268 wrote to memory of 3848	1268	chrome.exe	88
PID 1268 wrote to memory of 3848	1268	chrome.exe	88
PID 1268 wrote to memory of 3848	1268	chrome.exe	88
PID 1268 wrote to memory of 3848	1268	chrome.exe	88
PID 1268 wrote to memory of 3848	1268	chrome.exe	88
PID 1268 wrote to memory of 3848	1268	chrome.exe	88
PID 1268 wrote to memory of 3848	1268	chrome.exe	88
PID 1268 wrote to memory of 3848	1268	chrome.exe	88
PID 1268 wrote to memory of 3848	1268	chrome.exe	88
PID 1268 wrote to memory of 3848	1268	chrome.exe	88
PID 1268 wrote to memory of 3848	1268	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://abstractrecruitmentltd-my.sharepoint.com/:o:/g/personal/alexandra_abstractrecruitment_co_uk/EuxwrR3-mtRCvhYJ3HNTcvkBjpGsoQi_V5ElmdrY7iBdEQ?e=sf0YPk
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbd3f59758,0x7ffbd3f59768,0x7ffbd3f59778
  2⤵
  PID:1820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1776 --field-trial-handle=1824,i,3892809857480521315,1831866574156162881,131072 /prefetch:2
  2⤵
  PID:4260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1824,i,3892809857480521315,1831866574156162881,131072 /prefetch:8
  2⤵
  PID:2428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2236 --field-trial-handle=1824,i,3892809857480521315,1831866574156162881,131072 /prefetch:8
  2⤵
  PID:3848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3208 --field-trial-handle=1824,i,3892809857480521315,1831866574156162881,131072 /prefetch:1
  2⤵
  PID:2780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3192 --field-trial-handle=1824,i,3892809857480521315,1831866574156162881,131072 /prefetch:1
  2⤵
  PID:2320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4536 --field-trial-handle=1824,i,3892809857480521315,1831866574156162881,131072 /prefetch:1
  2⤵
  PID:964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4548 --field-trial-handle=1824,i,3892809857480521315,1831866574156162881,131072 /prefetch:1
  2⤵
  PID:2656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3276 --field-trial-handle=1824,i,3892809857480521315,1831866574156162881,131072 /prefetch:1
  2⤵
  PID:2716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5624 --field-trial-handle=1824,i,3892809857480521315,1831866574156162881,131072 /prefetch:8
  2⤵
  PID:1644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5712 --field-trial-handle=1824,i,3892809857480521315,1831866574156162881,131072 /prefetch:8
  2⤵
  PID:2648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5632 --field-trial-handle=1824,i,3892809857480521315,1831866574156162881,131072 /prefetch:1
  2⤵
  PID:4636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5740 --field-trial-handle=1824,i,3892809857480521315,1831866574156162881,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:400

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4112

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
df7d15cf15b36b233a25129a789de7f8

SHA1
e25aad114b2d5f161b7031f8b0f83b62049e591d

SHA256
7f4b4f428e5c143a49f83f1ce78f766d2c507cc6c7a5124a937638fb16bd39af

SHA512
f17a26beb789fb2166040260c7e2cca83084435b33a5607155f6bd1022914631887de25a23349ba9bc29ed2beef3e03de2e31bf88e37e57517dc058e1751cd3e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
baf13c5f0b919a6507bd86738d8c3621

SHA1
a0bb59305a434de60a7033713be2dc75a9b61895

SHA256
c80b83121daccbea53b9fd8878843074e753944ce76137c16de4fec51bc06d23

SHA512
9f7deaf7b4f2078e365ef3f2cc2bc04d629853ae8992064d34040c740ed4346771da5e62f8f7c99e04b5578abcbe585e351cd66b8b986e9d63b70c0292d10197

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
796530904c76a9df727a81253af4dcc9

SHA1
af1676b98c657b25e318aeed9bf17454703df2ec

SHA256
6f6f584127530154795eb4854c74715e1f142188c66805b9031939a2c39ecd84

SHA512
a83e65d01de25db9e8b775f4340d08d3ee9ad55a3904abb1357603f7bf84315f2bbd01db6d1cb5e0a59a03745430d2a2ca439ff1781a70004654d5b21a40d25d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
e4a4ba4ff5ad5fb7a77f0cd7efae50d3

SHA1
a87f454fa68506f97b330b573807acc1fcca8a19

SHA256
36e72bba5856b4a3d5789b1efadad345e6cedcee2a799a6312d26998e9f3dffc

SHA512
25b5678c6de932542bf860d1b71086770384eeeb240c45e9282645c5806245010da3990cb85009b17602527ded874aecfaca9d260d7e2ae0feb8cbccc2c7543e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
52e6d33448ee378b32f877496d9bcccf

SHA1
2938214068fb3f64df7974eb27187bc9c7d84a70

SHA256
e0e5d0a47e497bba66fd93fcb9d48e9aea4f9ebaa0d6ff27e6ce43d6558fde9e

SHA512
b3a8b615efa473a5fffa8b3f2f270e597aa2c361842c3d9ebd8b0c05b0e5ec8d52156bde88360deff19c2d1d3ddeee3e321dab6b469b32bcc2b51652b7a43440

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
8ca3a9546f1c797af18e219164028fd4

SHA1
f14d552a6bef8fd2c76ade69429c2e4a81853fc4

SHA256
7cae4482021bf4108a4b256eda7a084f694b742a30d978464de78c4807cab73e

SHA512
9c7e2529a90edbef937c8f950251ce939c2e18c619a5ea2ad7b044fab44fe8b66169e4cd12e2960a0edb14d938b4f6dc7de3a8c0eb8b68337c91ea75735378a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
4f10913a3e1311f646dadae3090d95d3

SHA1
f2d164402cfdb3bc5619dc2c87541866e97f4857

SHA256
eeb47ca822743bda938d311331a5504926ce261a140388dc321b9ce8ea16b120

SHA512
569918fabf505dafaafba257f46e0ac0ae0e9d68257e3032e6e91a4c327619c8732f71bb6c943299a36605260324b537ae863cf8cf1672ecd4b7cd494010c579

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
39ca2dc600696b3def2ac623ce2a661c

SHA1
e7b35f7b10a8461b5b48a8e08412db6dae49fb97

SHA256
a76572465386714d5d927db536d3a82729f1ae8f7c06041fce8e520e6e94b7fc

SHA512
342006d75e9709d2e879ac714fc170255df132ba92327977eefafddc51b10eb6cb89c7b78c8a5a223d835a2731480189f707a0213108f3a3aff2c55566a02cd7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
b1554d02f0ed00a99a8110bfcd2f8b92

SHA1
87ea64c79b26427d7877883e07aa6d739f7cbf3f

SHA256
192798fa28912be2c152df523da8496e546c2dbcd84c92e5bcd09ecda17219f2

SHA512
73c67a2728b77660c0c07b98ed7968948ee58a5d69616763900efb09b76d4f699e510fe73e761171b80f0ba5e57cee0f6103ed0c65d6358734dedee18055803c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
6eecac11264d825a158f0f0acc7c93e9

SHA1
ae7b9cdf7fa859e6e2d8c4d8fd41b5c4360eba4f

SHA256
febe7d60d0b5cd50194ef4d71de17652a32936b6a280cbf587550ac8ee2bd744

SHA512
8f2e2ad297e5546588f6a1df51b7b837130c5ea9b837111af80c1bc7cdddb13a23d8d803292f85da8060ad5127cb5bcf821cf520e1d21dad47b6eec331307663

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
6deb1852b48f9f56053a80a177a19eb4

SHA1
8ebc1689d8ba9d3f9184ffeae36b86dd88ca8d57

SHA256
9d080e5d98abce689ece918e959497fdc2ee036a7857e290007c7ef504b911f9

SHA512
e776f0519ffd09bdd46a68ed7766e6822fd85c9b3e01030160dc6dde0d0315eeb067395c136223ea7ab80d255c776ed5165934a758194fb5117f3d0b5a18a1b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
f0f9b70106e4d4c9ee6538d222e6538e

SHA1
ef1b202a72f4298868bc92ffe39fc5b6426cc827

SHA256
9073676ff92cc54b9c5ba7f6dfe9738e2912d5ce6967b68535dfc963fdbaefda

SHA512
bc135d8020aa14d22f8fc16aaaed93d2fcf65c8dd01a1532b01181be8104d9462342005cf1b0c941d249fe20eefabf8dccc95c76cf6e493f8fe11d2160a57ab7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
2db69d31eb17d9e183f61c40444b0f56

SHA1
34952a52c9fa03647c8e9c1f468178e906f8110b

SHA256
7d138e196bd108420ca6711efa2dc6df2aaacb2953771f34a103fc5954d0867c

SHA512
4cb8b461fec239fda3c98d7dc083c9ebc872f40c68669515cd7dce0cffdef9d5911e61e23ae948328d4e08a84ddc0d43a41ae16f405dd54a0f0f3a720ce44df3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
198KB

MD5
4488e474aad5f0b58a3fb08e1c586568

SHA1
92322d9df60c2cbddf8d6c4bc618b2689bb6d259

SHA256
550efe750e8c29a0d075a409b853e199381b9c286d819548664dfcd00740912a

SHA512
75cc99b93b701684d3cba04e9cd5aaee99baad0ef547793afd2299b29492358b5370f405686d20fd17d5538762d47b6c0371535c8a421863e3b0cb1c12c52027

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
198KB

MD5
00cde37fef119ee5d6470d7cdd0f81f0

SHA1
406cbe52f05b072879deb5d93433f82920bf04e1

SHA256
1b62b68851237c204b2320959ba7499809e02958bc9477c2b6ed44777d63217b

SHA512
564bce493ff168005095ab336deb3a5e25ea7224d5a4418e91aab3395fc8af4b3b099c8979ebef245a41aa5c35f457b5d266a75f7ae8a8d5c5ada1ad17b4b3bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit