hxxp://apaturescience[.]com

Analysis

max time kernel
1800s
max time network
1783s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
19/04/2023, 17:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://apaturescience.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133263988513493992"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4484	chrome.exe
4484	chrome.exe
2396	chrome.exe
2396	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 30 IoCs

pid	Process
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe
Token: SeShutdownPrivilege	4484	chrome.exe
Token: SeCreatePagefilePrivilege	4484	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe
4484	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4484 wrote to memory of 4268	4484	chrome.exe	84
PID 4484 wrote to memory of 4268	4484	chrome.exe	84
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 2212	4484	chrome.exe	85
PID 4484 wrote to memory of 1876	4484	chrome.exe	86
PID 4484 wrote to memory of 1876	4484	chrome.exe	86
PID 4484 wrote to memory of 216	4484	chrome.exe	87
PID 4484 wrote to memory of 216	4484	chrome.exe	87
PID 4484 wrote to memory of 216	4484	chrome.exe	87
PID 4484 wrote to memory of 216	4484	chrome.exe	87
PID 4484 wrote to memory of 216	4484	chrome.exe	87
PID 4484 wrote to memory of 216	4484	chrome.exe	87
PID 4484 wrote to memory of 216	4484	chrome.exe	87
PID 4484 wrote to memory of 216	4484	chrome.exe	87
PID 4484 wrote to memory of 216	4484	chrome.exe	87
PID 4484 wrote to memory of 216	4484	chrome.exe	87
PID 4484 wrote to memory of 216	4484	chrome.exe	87
PID 4484 wrote to memory of 216	4484	chrome.exe	87
PID 4484 wrote to memory of 216	4484	chrome.exe	87
PID 4484 wrote to memory of 216	4484	chrome.exe	87
PID 4484 wrote to memory of 216	4484	chrome.exe	87
PID 4484 wrote to memory of 216	4484	chrome.exe	87
PID 4484 wrote to memory of 216	4484	chrome.exe	87
PID 4484 wrote to memory of 216	4484	chrome.exe	87
PID 4484 wrote to memory of 216	4484	chrome.exe	87
PID 4484 wrote to memory of 216	4484	chrome.exe	87
PID 4484 wrote to memory of 216	4484	chrome.exe	87
PID 4484 wrote to memory of 216	4484	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" http://apaturescience.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb0b619758,0x7ffb0b619768,0x7ffb0b619778
  2⤵
  PID:4268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1800 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:2
  2⤵
  PID:2212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:8
  2⤵
  PID:1876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1300 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:8
  2⤵
  PID:216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3096 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:3940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3120 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:1724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4508 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:4000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5104 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:8
  2⤵
  PID:3876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5096 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:8
  2⤵
  PID:4312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4868 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:1128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=832 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:3320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4400 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:3540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2436 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:4252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5436 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:4060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=212 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:4416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5504 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:2416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3148 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:3388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5124 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=3460 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:2256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5052 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:5112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5444 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=4752 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:4780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5484 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:1992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5464 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:2800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5212 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:3336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=5208 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:4956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=3148 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:3020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=5112 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:1956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=3800 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:1656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5800 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:8
  2⤵
  PID:768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=5588 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:3832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=5384 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:4252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=5432 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=5992 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:1444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=3128 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:3908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=5612 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:1020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=3344 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:3760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=5848 --field-trial-handle=1796,i,10967988442052532464,11498290530903429953,131072 /prefetch:1
  2⤵
  PID:1344

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1992

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
20KB

MD5
923a543cc619ea568f91b723d9fb1ef0

SHA1
6f4ade25559645c741d7327c6e16521e43d7e1f9

SHA256
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

SHA512
a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
298KB

MD5
5cf2e74a95e36781ad40fc5c488e5c7c

SHA1
1753d325c005636977f7eff2d49d55231d8b5c79

SHA256
afa117e05405fe921cb10093987084a248c9b1a9f7b7bfdd8ac2fae578d755df

SHA512
96e81f0052d0c2e14a3d9475e9f0742da33cea0f0c0273ac49d977a506a120b3caba9d50ab366895371f3b3405147c06f7b761415955ebf490d3c643c7f4c1f4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
65KB

MD5
a7b7e7918a12587fee69cc84717f74cc

SHA1
6d002c60853e5c94a48817fb947ac1b3d16f1b6e

SHA256
605b901bc776b2358a2ea914f06c9da0ce5b422b01f764f308c68e9a789ca3e3

SHA512
85b0c4cdc2e67f6125ce2abc45bb934ea14c0c1a27b9bccb9e1fea7638ca7680765c39e15ad64f00f1fe8568c9ea10a57e6f6d96a21c1d10a339991600b7dd2c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
37KB

MD5
47ae9b25af86702d77c7895ac6f6b57c

SHA1
f56f78729b99247a975620a1103cac3ee9f313a5

SHA256
9bde79a1b0866f68d6baa43f920e971b5feb35a8e0af7ffadc114366f8538224

SHA512
72b5296e3dd1c5b4c42d8c3e4a56693819779167b9f02bc2d5f5a626b519a9cf10bee59846d614c929c42094b65d13039f6024f6cb1c023e740969aaefd060c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
71KB

MD5
5aa24aa3b15841adfa6d56fbec40af73

SHA1
84d4be52622ccb166d7475a58372f48b2d33919f

SHA256
f68a61c078ee1007fe60a054c220f3282d8999128913e31e5c3aa9e4e0c55059

SHA512
2655f23094ae37c472ca2c39bb7ca2080a8271d1561b66f0c69314487ee5087265639d01f5d2c6749301461cf93d1e368d8da4e3a0896431f31865ea6b085048

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000034

Filesize
61KB

MD5
a99099779e098de1d4bfa563f0b9dae3

SHA1
7a8009b630bd43fed6360679c07545938c6ff2f1

SHA256
dcbf929af100e3fe37b5e10af53a350213395f61b0dbc5efa80086b437c252ec

SHA512
c1a35710331e04faae52d84c52ae77e59a0d378acdd17d540a403f88279feb76ba19810a898348e56b7597de6b7176430117d420df68a17ce09eb42f227619a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000035

Filesize
50KB

MD5
e8d65c9595f015a370ae80a89379a18f

SHA1
b65b808836fb247381079bd2d1464f89cd418b91

SHA256
5682b1aee678ecf58c16a5a80fe5fc5f4d72ea2049123a995864a5943563fa44

SHA512
d3f1e6776189417d5079e859236f69b89b4aa12afb8fe56f15c1c70768c40b8f003ca6453620e1e5ef90f08dc1c2302f07d21f2809662c47b7b9a7547e6847f7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000036

Filesize
108KB

MD5
d3e3341e50a0a55efdda7134ab839d98

SHA1
9904bcb0077dba9b8f7071c97ed4e700473f8807

SHA256
925bc9ffac7e3827348bd85ca32f713009f870e203c81dd4f65bf7be2617bd0a

SHA512
7baedfe241e5b28d8563d148ea922fcc436dffd5b43be2d9a74d1e90ccbae6071d18c2379ae20caa83443be5f77a6708063ae957757ff651a393adf094ef476a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000037

Filesize
620KB

MD5
eb6d8773775975811200d059f6bff1c7

SHA1
1fa6e5194224f47f0fb9d3c2a8f273ff7722235b

SHA256
0b0c7fc0562c681e35aa0112e0a828fdb2b91e0fe2f0f2a670f6fbf96e867734

SHA512
7369803ee8b160ab6681331265d55eb0678aae2eb15c2795f81384359267f9c29e44f0e89d6fb4e7bb82bb5230a6379910b91720c2a5ad5b4f4b41d144169057

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000038

Filesize
35KB

MD5
8363fbe08d08c8b1a7fef7685b4bd208

SHA1
265c2c0d1b3258579ab9999ae5f3843601f65830

SHA256
8b3635103e2b5ebdcbcd655be4f63919eda27c53b970cf163d5594d648dc13c5

SHA512
c7df47a2cf635ee34e61f784a57ff889adae6d8ba49cc15df71ff458f7d31a9ea8727b3f29b9d8bf1c3616e11e84dd43f6f0709846a9f38059c65a1dba1a83d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004b

Filesize
162KB

MD5
fdfdaf63d56b4a9cd6641d79f7159fdc

SHA1
18b413d8b6b9f3bec32026b7e9d9f4e5e366922f

SHA256
f4dba3e15f08cf0686e6d89370ed42e8a5dafc38973501f0aa6baa9b93c720f3

SHA512
06fd67f1a2d5f168c75b5b833d3222d6c0eccfadd4021173a7ec7f949971554d1c7df322b1dc512ef14941e76a9ff6445ba3bd16d940be5bc177be989ec39c2d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
bf5dc885de112a265315a608455333a2

SHA1
6b00baf22192cdaaffc5b206c019ce9ae1169d26

SHA256
32c91a65ad99f9a64003621c41271e2d381e4fef1aac0e4709aefdf98f4ca4b8

SHA512
d5a331f9d8143cd4cc7feb1d57f9dd3e56234f55e99c5bf13d7f6067f22cf1f68d0949c82b4054c80104af39938936ab2cb488e9004cdc87d23b3e7ab9a74420

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
b203891d0659b0e6c632ca5911e8bccc

SHA1
cdec6962c9a5d6c81f1fc1df6f77f3d347f2d932

SHA256
477865da7eb648b6b93a3494dcd0061d31d9b2b80d7a19bee9f0329bf9e0d424

SHA512
65553974141838ab012763be40da1020756ad6cfc977cf75175825d933f4de4c0dd4336c807c378c36c5179e35d644dae76321281cfc83662438eea3aeadd4a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
336B

MD5
adf7b7a6ae2594a61b411e647214c0bc

SHA1
ef2e6ff5e2bd278854fa746c2a91887e51347b05

SHA256
04e14a7edd7e6339e72db29538bbc583e6a603a439848769913839fe76077f14

SHA512
17bd6e0438e6b2f56fe9760d1ab610af9348c38c5d33ac44b0814e300b70fb05dd6bade04f8f57b530e077d6f9ca82d3965553d2bf9d8d4349220f68167a01f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG.old

Filesize
392B

MD5
8f96eae421392deedc3877d7b052c1fd

SHA1
806ed665401d8be2f7eb0580aaff09534c5af4f7

SHA256
3e8b231e0d5d687f6b2312ee1c36ac7610a2e9cceacb24b593a298fbc502e246

SHA512
d11cf6b33281fb81de914b1cf7ba4ff3097042ce72348755427f90b4b87dae659a6ab4ab5a1b27b215711bc51ad6dbc39e8fe5c48d17ea949158bc26ec97fe67

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG.old~RFe59f3dc.TMP

Filesize
351B

MD5
c6a57e468382fc8cb951a4a7d2812369

SHA1
b2a9d800cf93e43082971392335bd127ee7db7db

SHA256
a206e9c6e77c4f7076010015cca0e4aa229b3111ec4979d3c9a22dcb83daf2dc

SHA512
c41a2bd5328f1a41474b53c1b39d6fb7cefd9489196c84e66fc5b71ec537cb1d45d0fdf604287048ebdf419624c2677b2759515d0349527bb72260afe2d386b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
c84d17698645f8417e173a83e06fad48

SHA1
65621d4e8289c49218bf9702698577861d417d41

SHA256
8f64d85790be5d89aa2f87fa0e5de39a958112edad1181187239b2a9687a3092

SHA512
74e20de4ff94f8a71d7c74625762eda3b43c1e4c634d8a695bf908502fcb23ffb8f6801fa2e5d9cd64e2970c65597eded6401d7c433c05a2b028b0108008e208

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
7KB

MD5
bb8ee2859d52b0227f35f1024137d9ef

SHA1
c92c500dee135344d61d37c135ab6dae61533b7e

SHA256
b2b2d6e9c0c5f4c15c2f49242108725ef67c2e0b3609fd3e8dc83637ec26a403

SHA512
ce2ee533431172c61ef5379d2f4f25595772ba6e81fe9cfe7847ef81ead18c98d39d640693d4991130a3f2c907d8e03f45d027303509df23c5144c590cfbf3e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
8KB

MD5
15cb5a5277a0a347747213861c2d366e

SHA1
95753f6088c5b29fcc389fafbad41ba0c1afad7e

SHA256
ae3f015060ddc3349c4fae81a9896883472cd4d2a8c09b30032d4bbef9f0cad3

SHA512
73dc3cb0af96b8da6b9c80a838d3153d61549ae4942b740645f7f9bae4414839e4f7ca5f613a4eac2f875f1c0a0c4dc525586b7b698cce93bdc62b5d03506489

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
708B

MD5
af8359e2bcb1d315cc897df641de554f

SHA1
5a8a6399344ceebe7db216865f0ba30c59012a37

SHA256
7af0b8b8ca95ab74f6125ff8d4ba03b71de6f4d43c754537f5fedf968db65a66

SHA512
a8edccd408bd750bbb60c48dca83632cfdf324fa64a66b1bc2ee97c4d814a1ed7a081e5998dcedf1c23dd767cd602d24f6832fe7bd6f6bb5d0980da9cd39557e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
873B

MD5
23230cffcbb026f71fd9d0feecf8e209

SHA1
d7208facbbf383100d467430b55a0d4e838e18de

SHA256
dd3ae650852b5e4851655d07b2c6fd196b620e1bcae4f88ffc6ae805d836d4bd

SHA512
8a4155093abe81d4eeee97bfb558c41982d42cd3f7a7145e3b595ca149cf9a9bb4b26d0e97e0eba2456b3ef17d026661fb053ca42a2b13fb9c00d7c934058c27

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
0c9cfe990bc30363a0bc67cc1764ae73

SHA1
c6883bcb7ce9bd8daaa742272a2ccbec862507bb

SHA256
b33f555747315c91ef65ddbc5ae58c4ceffd2d08451da700d0efec46730c0de5

SHA512
683c359e751170fe7a3c4f7ff728e3de5c26449f3773cd5c7ac884cd9eb7054c89ac252ea78c3a25cb69c203d7624e47e9616f676cbfd25153c2130f686382f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
3a66b79bca36ac9b3b8542823608cda9

SHA1
0cd8f6c863941e5f21d4bdf36a7427b94c0d7417

SHA256
639d06572cad0977eff3f57e3433f1d5fbfa4532bb90caa4dedd0e757c683f8f

SHA512
0e31d630992b4c74fc5d7b05cfbbdc43ade0b361a8af0bc415686a05f0adf209f3fec07ff928612ee49b13683f48fd6a048e652df10705da3c58e2cfdaed4b04

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
b67918b07e859999446bf5c356a4c411

SHA1
f531f69ce0781d00b80643a486a15a10ab0f6b3f

SHA256
485980a9f74cc7410084e3bbe06d6232982ac60f24e9620199eeb49e854ebc9f

SHA512
a2faa34f585dd21b2155429a3f769ed0a210d342c75c1ca6eaeee46980933f46d66d3aa6f4e102b5690206be5c97856e9dfd73cd2aa91a930ee8e867f18bdcac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
6ffc3e2f71f95f78bdc19a7b9d18bda6

SHA1
c64ddf4b3804da2b82d7540660a543d1b5d643a5

SHA256
7825fcdbfc2231ad5c162b7c08d5da886c290baf5e71f344354f1e2edf77c2e9

SHA512
306804d25876527840de0bf733fe7372962b76fd4a7392d8e2a768e1e9763d4843940ce7ae231a01e7ad56076eae6d1386ad71a132e5ae6b36a50550d0489039

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
12127ba93f24f73df6ba013204c63597

SHA1
d579a3d57ca5026fe91b4c3c53561a7ad0d31ba9

SHA256
0c32935cd77c5fa89bedcae082684fb821fff0fe5eea3602a9e340e471c6deae

SHA512
2548dba0f11c0105d8d4d9877717dc91a96fb589695fbd915a6b9670ba722a2aba8015661e191597b3267c4e3e12c7bc39732d94084b7fdbaeb0ecfb7c64af35

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
dd2afd7b9a49000bea2a547437da3462

SHA1
2414064082a532cc9490ddfedd449ff6ac903357

SHA256
914f04ac968345f0a308124d05457ebc0180d67a03b638af67791fdda28367c9

SHA512
fbd91f99815479603302f19cfc7200182d5453f941715ebb9562907f6ae15e47ee463995b76e1cf22794e87ab392815b3d230fa04973ccc618e7d72adfbe75e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
534e2b5ebd6a06d94c9b1d127ca09ac9

SHA1
c06cf627956882ddb1a454a9a0d072042000b042

SHA256
61273cc8a65e3e1657991f2763ab2ef62b91dba3f639e5e2b748cd5871782f87

SHA512
e6d301ea26f092ed76e1f25f44b4589e16c76600402d0c46c025e9213d42068deaefd082775e6fa2f1185afd916c0a02d3587d9062fad14783f64b91ff021a8a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
2f21d6d78b50cb2a5489e99b9718cb6f

SHA1
c415b9cb722d2a9a7c8f512895f49bc41b27c850

SHA256
6c565b5a9755c3b6e1966e2ef5a775b0cc8acd4ee3628372797147be5dc4eb9a

SHA512
11996fbaed7c8769c458e8124ba7a311dcb3004a178717f601edef0d3f493c1f6bcdc93047bc01f001d94ba43a6bf74fdf0babdf29b98336693d055c64cb5220

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
d538ca2439887e3ff0b2df201431c948

SHA1
a4fd708e425d7b37f466b336b06475d6e40008e6

SHA256
539aab9db7369d5839bbdc4349680f22c32a608779ca45be62f69c8250837178

SHA512
001835f338a37359838065717169a071ccf9790cb0666536669594de63e93647f0c70458e0eb6f3b77da31580fde9646b80ccbb7cc2b9bf2d80d305199ddb4e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
f450cd6c0fdfc82f70a094ba28f84e37

SHA1
d938ece2bee2ca1d3420a162f64de2cee08b6912

SHA256
6521b5c649c4325cbfc8abea32a955808b775247f646b9ff684f8bc0f7553e5c

SHA512
675192fcf448ae471c341a93435e3e5105f948339a1526a98324f4be01375ac62eb5d5b0a0952f97f7d4020603fa1acd021e0790d06f32b41957d4155fd3d9e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
333ea0ad6baeca618a6437afa1e67cae

SHA1
416f82ee5bedc5b857dff0057738e6858e3bc39d

SHA256
1212f1e6a7b4f3f1bda8d31938866409bb605353264e2c311e79f94000c1647f

SHA512
11919024205bb22c3bf0a514ba33c14673060ad6fea790664b67201c06e9001b8a12327d88d5d00c1b7f12b22011fc514cf91ede18c7fc50ba85ac13b3d9b449

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
f2e952a557d0475f443766f0c34232e5

SHA1
f57db2ae4ffe604d8f9fb39036144c404a701045

SHA256
6e7c9142f3659b647c3e82f00c9b588bf95d7dca4a94b1dc170f765e24957ac0

SHA512
8417e2478456048877201fb53a1a8034e6b9d41271c63c5a48a4ecc143417d85f0a966c92b55f23ffcfed3caa792930316af952d63b8c3d5ea5c65b75d6c6fa5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f5d98173c9dd39f62bda17a8943256b2

SHA1
1fd9703bf5aa8f9c91389134279d78db5f788639

SHA256
4a94cecb9add40e97e694d54c0fe09e3cf64ebb081b50544286ecdd1e70fafab

SHA512
b9a7a1369614e512a2cabc8de3428bf6f3e3f77a9c34ef715507d5cde459dcfb4f98950f9255fdfeacb31e4b8bac354c71f8d8f93d686e69621bf443126be5f7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
147416edade4ea7a321b0dfc9df18c93

SHA1
773ef127ff580b588591ea192042863e13c77f84

SHA256
78c6214a5d2d05e85b916bce53ac73402f9979d40ec13b87f9a6172b4116a844

SHA512
46229b97c53591c78b0e2eeadfafbdc6da90d824e10e8d85c4ee38dcd7a0dd76e55373720ed241d94c09e03b0ee5eefab6d66f3f6b09499195f1e18a9173a1c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
aae469f9439d3171fcddb7a8e762e521

SHA1
03be50d47f30a9b01606e792dd08eb751cfc58cd

SHA256
571264fcb7ac3dff950cc741d74c91d29a93d925fb02479e5ba92969db8216ec

SHA512
44277c4915bd8fc7e90a375f47de482efb110eba0f33b5aa6c3ec069dc509bfdb6360510416be3f9028b43955f20db382fef9f81220b3b41d3cf1fdbd61d39ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
dddf12fd08b279dd4c77a699d241a38b

SHA1
5d532c95895594ab30a7ee5f6ef87de7accb4ad8

SHA256
bf7e67f2fe373e91e94c48e261f85108b0ee65d6930ca7a34b14f84ac8a19bbf

SHA512
93573788f39a30a9681b70d3fd56b157627de10f23d5f1c7c4fbd7800cfb257e6dc84f4bd95b97050ab6a0c362725d25aed48136a00098edaddc717680b5c23a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
ce33bae018e4fd81ddde90c2d9270d42

SHA1
2012f27488a5e1d261e9fea913638610f736a5c9

SHA256
af694f92ae500ea1d25c3e17089ffaae9bd38145f1a27120538e2083bb4332a6

SHA512
00d84b26dff62adbfe66e6ba3a32f0db0fb44a59acf4e05153ce8f060be7af8d514fe818722f1b2b44719592b720a452e425012eeb174d040eaba1f220d9c8bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
59701144715ed515047841dc275ed03f

SHA1
86e5d5d4d1735f08bb73a2ad4d56d50c413311e4

SHA256
e45131d5a67c9b88699e1bef2438f9f0cbfaea270cdb4daa6c3beb2ba1562e47

SHA512
9e382b10db21151ef215ab480c6612323ab0b054a2aa94412357d84d39eced5df1dfe06efa21be18fd29c557ccf4bf2bf5ab8255813d410f04f463992e2c1914

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe593b2b.TMP

Filesize
120B

MD5
97a7457452b2bc95688d9a6f8f7bf038

SHA1
55eb3c0347cb9bcab6b9bada23d40b86efffe7a9

SHA256
43d3c9e6cd09ac09d82cc6f9f1e8a37edd1880cbed287a1bd0e15b605daebb7a

SHA512
f0040c764a349717078594fc9db2f741a4d660af22254a2c5cd8d85591150f2f62ad9f68e76563dfc3bc3d4e8810d2fd172766bb62112e78857fc13bb012829a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
200KB

MD5
2084f77056d66a0ef0f196efa13b3c4f

SHA1
b9c70d777923fbfbec058a36d84ee8bc2c74ed1b

SHA256
4fc4c2868cfa9839c22245bc1bd5093ec0b48f32e9fad4187ac4041aa0e2080a

SHA512
e78051d96e0b0dbf8ee9ef5334226d0eeb5555c07e10680f7801e96db8e0eb3936cbc1928953a9702d35e9c810a2ed338958a5b8a01d59158917cbd769706d23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
103KB

MD5
5b7285232250def4fbca714dd3c8a895

SHA1
7510fe82d50465d0ffaff605253f3a383e71b4d4

SHA256
caf80a49f02dfab59608d12c5f29865be4d2448c608e26355ed0c13c6f2879f6

SHA512
f52a3712e8248d529ed81de1e2358a6d333b2a38d33a26a3a77547187c582f99e8930462d80bd86ac59416210f57865ef89b8686b594233b6d19bc064217cb11

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe592512.TMP

Filesize
100KB

MD5
cef2aed2a59bd5c190ee188dc35fc087

SHA1
ba35adec23a7333557b01b1f785ca8f13a6d4e97

SHA256
ad2137175e7194fc00920af59223c56ebecce7a4b9bf72edeb7117ae4e26517c

SHA512
1829d51c1cdf327fd646ae78285863161b4bc2f7f37e6355667e0f25c6737e54f3af7da343bf4511b91822f93f63cddddc6479279cdc7e786434da5398a3afba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit