hxxps://mxm[.]mxmfb[.]com/rsps/m/FCj0lxFNnZPWJPT1orZMtfvYKunFEwZIp7edtFsMLw0

Analysis

max time kernel
149s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
25-04-2023 08:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://mxm.mxmfb.com/rsps/m/FCj0lxFNnZPWJPT1orZMtfvYKunFEwZIp7edtFsMLw0

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133268940140923449"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
2128	chrome.exe
2128	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe
Token: SeShutdownPrivilege	4084	chrome.exe
Token: SeCreatePagefilePrivilege	4084	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe
4084	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4084 wrote to memory of 1160	4084	chrome.exe	82
PID 4084 wrote to memory of 1160	4084	chrome.exe	82
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 3456	4084	chrome.exe	83
PID 4084 wrote to memory of 736	4084	chrome.exe	84
PID 4084 wrote to memory of 736	4084	chrome.exe	84
PID 4084 wrote to memory of 2792	4084	chrome.exe	85
PID 4084 wrote to memory of 2792	4084	chrome.exe	85
PID 4084 wrote to memory of 2792	4084	chrome.exe	85
PID 4084 wrote to memory of 2792	4084	chrome.exe	85
PID 4084 wrote to memory of 2792	4084	chrome.exe	85
PID 4084 wrote to memory of 2792	4084	chrome.exe	85
PID 4084 wrote to memory of 2792	4084	chrome.exe	85
PID 4084 wrote to memory of 2792	4084	chrome.exe	85
PID 4084 wrote to memory of 2792	4084	chrome.exe	85
PID 4084 wrote to memory of 2792	4084	chrome.exe	85
PID 4084 wrote to memory of 2792	4084	chrome.exe	85
PID 4084 wrote to memory of 2792	4084	chrome.exe	85
PID 4084 wrote to memory of 2792	4084	chrome.exe	85
PID 4084 wrote to memory of 2792	4084	chrome.exe	85
PID 4084 wrote to memory of 2792	4084	chrome.exe	85
PID 4084 wrote to memory of 2792	4084	chrome.exe	85
PID 4084 wrote to memory of 2792	4084	chrome.exe	85
PID 4084 wrote to memory of 2792	4084	chrome.exe	85
PID 4084 wrote to memory of 2792	4084	chrome.exe	85
PID 4084 wrote to memory of 2792	4084	chrome.exe	85
PID 4084 wrote to memory of 2792	4084	chrome.exe	85
PID 4084 wrote to memory of 2792	4084	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://mxm.mxmfb.com/rsps/m/FCj0lxFNnZPWJPT1orZMtfvYKunFEwZIp7edtFsMLw0
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd177b9758,0x7ffd177b9768,0x7ffd177b9778
  2⤵
  PID:1160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1812 --field-trial-handle=1832,i,2341054887927292092,13109268819072926463,131072 /prefetch:2
  2⤵
  PID:3456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1832,i,2341054887927292092,13109268819072926463,131072 /prefetch:8
  2⤵
  PID:736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2248 --field-trial-handle=1832,i,2341054887927292092,13109268819072926463,131072 /prefetch:8
  2⤵
  PID:2792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3188 --field-trial-handle=1832,i,2341054887927292092,13109268819072926463,131072 /prefetch:1
  2⤵
  PID:1764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3208 --field-trial-handle=1832,i,2341054887927292092,13109268819072926463,131072 /prefetch:1
  2⤵
  PID:2224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4640 --field-trial-handle=1832,i,2341054887927292092,13109268819072926463,131072 /prefetch:1
  2⤵
  PID:3664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5328 --field-trial-handle=1832,i,2341054887927292092,13109268819072926463,131072 /prefetch:8
  2⤵
  PID:3556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5480 --field-trial-handle=1832,i,2341054887927292092,13109268819072926463,131072 /prefetch:8
  2⤵
  PID:272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5040 --field-trial-handle=1832,i,2341054887927292092,13109268819072926463,131072 /prefetch:8
  2⤵
  PID:1748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5020 --field-trial-handle=1832,i,2341054887927292092,13109268819072926463,131072 /prefetch:8
  2⤵
  PID:2148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5024 --field-trial-handle=1832,i,2341054887927292092,13109268819072926463,131072 /prefetch:8
  2⤵
  PID:4712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5248 --field-trial-handle=1832,i,2341054887927292092,13109268819072926463,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2128

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4516

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\1c25780f-f171-48a0-99aa-e29e03ee3aaa.tmp

Filesize
203KB

MD5
da97a6beffff725d0a985a6e51696787

SHA1
583a03f48e3665743b018f9534f10cab116f6b83

SHA256
2e05374394d4fb58b925869b29cbec2a1b64a803ac99c5c565ac4e924e5e6b59

SHA512
4ecc95d5bc5d7099f2aae60f8209a8c6c4f79883e7a3641b2bc05db68369714f34d448dd5adbc4ee7773d9f5cc2d4d09d5386343dc7926ab875f48e63fe91beb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
816B

MD5
68aaf5b51062cab09322c262a00ce634

SHA1
9b6092f6186dff7504dcaeba8d23b01f06a4f423

SHA256
639ce3118cd1c6855b3a6ce73366322c647d48b26e2c54e2acd3541e503da2e9

SHA512
801c022b027700a6dbba1a5face0ba10a1a2b1039a916a60ea8067b075c3ff59491ba483138870adad696d67c5517e589f1fea243ca51d50404ebe82b683b6c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
22fc304be9e85e083cf74df9141ab69c

SHA1
46402d5359a2cd9bce30d433016029c9fb7570be

SHA256
91e1c293155218cbc8d6cb13e926b410834b219094027996e642993ce04e0faa

SHA512
658ca40c051dd1add70243b130707e8539996124312b9e1c6f54ea8c86341b2581697124e40a2ad75cc0c7fe3a1bd908d1763d5b1ed55275f6afa35e7441336b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
ecc660e2e779ba8ad10aaa97776527d8

SHA1
2a440d8a59fdd0476baac3158a8a4b96ddc6de6c

SHA256
351c566a4906f19bdfc3362da8e924909f65c0c50688ec36f08f0005d3ca133d

SHA512
bbee5ddb19039b413e43d2db753beefb64843da3e03b8ca788a54bb888d55bea0adb285b487a41e1614b3b103008964b43fc22c30e38d9e82ce74d44183ac753

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
f52bccec007a3f2d7d1378d441630029

SHA1
b22ac376173598c579d624ea4566271fa442e421

SHA256
23602ddce4c3255092d6496bbb5a7ab39d42092c4abcfa70deec8285762289e4

SHA512
bea2e2fa9e5d3fcc227c648dabd9602317bd9674639bf3ad2f5b9ebe73587dffedb69cacc35c622e06ad2ed333c191b3f9d360883f1e05c75d7b34babaeab7d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
82313f361bc5a845fc862c8d00234d9a

SHA1
ea496e7921991225bfd27cbfe322308b6cef5589

SHA256
09f637b1eb2ec03d581d1448d57b56b301e7d4f0e253d740dfa5bbec9122ab18

SHA512
a116af5084723d8df4603613f791e5407b7defb14ca0f872b7b0bed608a480ebfec770ec0e8cf40ca842c90673c1e5a83a065aab423b455ea4b3d58c7b77b6e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
61187cfedf5f7d8b94bfadf6c08a28b8

SHA1
3329c34e7a35cea381ffc7e3a9925c44a0b2d59e

SHA256
c078d51e9aa34375bda6f68c58ab6603be536bbb21fa97eef43a7e2675fe7d2e

SHA512
03b581410d808577963857c71850efe7cbb13b3a71b15d5b2f6991d6cb6f9565b6f650257a566eaec51c9e886a57c971957a9b75937aa4ad5fdf06ce63c34be3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
2afa1416c551fb180083770462fd17d6

SHA1
39bc07dcf66b469389ebf778a93d20ab5a994297

SHA256
ce29117cf641481c87bd812305164e6bda4b446a561dfdca71b9fa155b9956ca

SHA512
eb8f1a46b9fb8160d289e04a9a9396a7e31c3d8edface364a33689518945c7c68cd3c9d3542d897d48652330c4b8431c0ed6b7db556eb282ad9bc5311cfce346

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
94b68c52a664dac642b1475c0b5662a8

SHA1
d0e11d9d51814454bad8d529b364ac88ba10516c

SHA256
64940c8cd00d268a93220d817cea7a3bc6079d5edcceb58c666cf86d1fc0f2db

SHA512
3b498753c96094beba23084ae60c0de60f3ce0c73a59306cf7ee7589e8a3768d2b8de566798e1b27b0073e34b1159ac4fb686f16ab7d206d10aee5c6b1341440

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
cb42afeab50b589a3e41f83890511b63

SHA1
841c29fbf56878e4780bfb34126e08028c43f17b

SHA256
ec7c57dbb3a04ec3571f8e5393ebcf24fab156b94911c669f760b560d989b252

SHA512
466e85563cfc4e4f52de4044d3e0893f78f11f224520dbf9101d1ca31217dca7a355f90b95e6439d9a92d1634b7a2c71a9ad1eab34abcc24d9b598c829f9107b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
4b7a827e1b41a2ba30e0ca51fde47aeb

SHA1
d2b4c6d6ea93843cc5553874f298db7531ba3d89

SHA256
61b8175711336bb4bbe4ce0cb8842a97d56117dec77a337bafdd2651e85c8b59

SHA512
4ca5b77a23a5f62d406cfaaeb3109a6449f08e6c9dc2807e093003339637c110861d5ad287fbee6d888a2f6acea4be17a417ef4371904cdad1c7fbb3807393c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
e8a166810c87689d54f1f69c2f213a89

SHA1
a9692f302abc1b875eff7f26892eef3e492887f4

SHA256
2792937169a904309e99af8d7112a6ad6a39544af4ecf1b186d5266d76ebc779

SHA512
ce8aadbe07ade05904470d9522b5f46fc343d2d1bf393691e9f06a22eebb68fbd768b61246533930191fd35b3bda1863ff3c7d81b65438a390b342ec3e9a2d67

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
72KB

MD5
27baff6f66b560688cc7694064b99a9b

SHA1
e98e54d5b02871f2dd2c2b109030c7f4fa2617b8

SHA256
8ff66269613c4d060ac2f89bcda4959ab2c615742cd3f1dbaf0692fab46351cb

SHA512
9d30efad46b0bbf7f3c598f3cb20c0f61672cdbd5797a50ff7dba02018e1ceca64d90dbb9949d7d1d64843dae6db19dd2cf6cde638297de02a1348c6b49b624e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
202KB

MD5
b49c9360b8fa070438891a8fae75f680

SHA1
6dc82294724080047529b8d9b288bbd36f133493

SHA256
8fa1e57ecd72dd3a726921ec8f0238157c50361b15f382161821ef70883ec59f

SHA512
27e5fc68cf9f451f0ccd8c329d27c5569dc282f5c97b6cb38ad2c55b9c9af16df162f335a285d8c98fcd959e861727015894515478945c0305ed8901508abe39

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
202KB

MD5
d9bd94a358dfd1bf9e22c49f780a204b

SHA1
4aec2fe8d4810c32ef52c82318872e2ace323b57

SHA256
2a1fb351561012f677c09b1568ca22de7503216fcd64b8536bc6da876dd067e9

SHA512
e4d5b83949f9398e9dbb15cba1fd6fd6eccfe8e357492a88135199d39fff5e5141775c0d359eb0978df80c311277e1f1b6ce22fc70a1de672347f3d429327692

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
202KB

MD5
82746015ede5e9fe2adb39484f9550e0

SHA1
204d548d1cfefd10aa7b47d78fff968fd136d5bc

SHA256
eef913397913f5513cc34392c2405bfab98b902265b1aa19941838d04f6f2662

SHA512
d083146c625c091242c50bdd64be4cc01705f0da21cb56bbadfd9576cf21224bd1dd388dc36e4e28cde64600b28ebc47cb2eb6c5fc0c8ed7a409e4280d4ee5c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit