ff35e97ff94c06689018e0d6eb35ccccab27e37eaff6bffa678226d12261feb2

Analysis

max time kernel
1799s
max time network
1689s
platform
windows10-1703_x64
resource
win10-20230220-en
resource tags

arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
submitted
26/04/2023, 02:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

watch.html
Size

314KB
MD5

c595af1784aa671f8cb94e390e7f8cef
SHA1

19b58b0720845dc9a7e8b6abe90193ac5dda3aa0
SHA256

ff35e97ff94c06689018e0d6eb35ccccab27e37eaff6bffa678226d12261feb2
SHA512

1fc3da092faf3104763618ef56a9ed98ff75dbe746825487363b846181fb7f184bc2e3b78289e7d57c7bae7948bf9250b94ee586bb8eaa85d2988076bb2285ae
SSDEEP

1536:iq0QnWlBoywmOmvwYuh/jpkOQh8pYP1tE0RhpYP1tE0RvpYP1tE0RwpYP1tE0R7U:xm3FL1y1w1v1M1k1T1a1SotUWls1OHuo

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133269582353751890"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2460	chrome.exe
2460	chrome.exe
4276	chrome.exe
4276	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe
Token: SeShutdownPrivilege	2460	chrome.exe
Token: SeCreatePagefilePrivilege	2460	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe
2460	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2460 wrote to memory of 2788	2460	chrome.exe	66
PID 2460 wrote to memory of 2788	2460	chrome.exe	66
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3380	2460	chrome.exe	69
PID 2460 wrote to memory of 3356	2460	chrome.exe	68
PID 2460 wrote to memory of 3356	2460	chrome.exe	68
PID 2460 wrote to memory of 3260	2460	chrome.exe	70
PID 2460 wrote to memory of 3260	2460	chrome.exe	70
PID 2460 wrote to memory of 3260	2460	chrome.exe	70
PID 2460 wrote to memory of 3260	2460	chrome.exe	70
PID 2460 wrote to memory of 3260	2460	chrome.exe	70
PID 2460 wrote to memory of 3260	2460	chrome.exe	70
PID 2460 wrote to memory of 3260	2460	chrome.exe	70
PID 2460 wrote to memory of 3260	2460	chrome.exe	70
PID 2460 wrote to memory of 3260	2460	chrome.exe	70
PID 2460 wrote to memory of 3260	2460	chrome.exe	70
PID 2460 wrote to memory of 3260	2460	chrome.exe	70
PID 2460 wrote to memory of 3260	2460	chrome.exe	70
PID 2460 wrote to memory of 3260	2460	chrome.exe	70
PID 2460 wrote to memory of 3260	2460	chrome.exe	70
PID 2460 wrote to memory of 3260	2460	chrome.exe	70
PID 2460 wrote to memory of 3260	2460	chrome.exe	70
PID 2460 wrote to memory of 3260	2460	chrome.exe	70
PID 2460 wrote to memory of 3260	2460	chrome.exe	70
PID 2460 wrote to memory of 3260	2460	chrome.exe	70
PID 2460 wrote to memory of 3260	2460	chrome.exe	70
PID 2460 wrote to memory of 3260	2460	chrome.exe	70
PID 2460 wrote to memory of 3260	2460	chrome.exe	70

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" C:\Users\Admin\AppData\Local\Temp\watch.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffd73189758,0x7ffd73189768,0x7ffd73189778
  2⤵
  PID:2788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1832 --field-trial-handle=1744,i,2063428122243746600,17087682312412116422,131072 /prefetch:8
  2⤵
  PID:3356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1596 --field-trial-handle=1744,i,2063428122243746600,17087682312412116422,131072 /prefetch:2
  2⤵
  PID:3380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2084 --field-trial-handle=1744,i,2063428122243746600,17087682312412116422,131072 /prefetch:8
  2⤵
  PID:3260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3052 --field-trial-handle=1744,i,2063428122243746600,17087682312412116422,131072 /prefetch:1
  2⤵
  PID:4392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3060 --field-trial-handle=1744,i,2063428122243746600,17087682312412116422,131072 /prefetch:1
  2⤵
  PID:4232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4700 --field-trial-handle=1744,i,2063428122243746600,17087682312412116422,131072 /prefetch:1
  2⤵
  PID:4824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5184 --field-trial-handle=1744,i,2063428122243746600,17087682312412116422,131072 /prefetch:8
  2⤵
  PID:4732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4580 --field-trial-handle=1744,i,2063428122243746600,17087682312412116422,131072 /prefetch:8
  2⤵
  PID:4428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=932 --field-trial-handle=1744,i,2063428122243746600,17087682312412116422,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4276

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1328

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
a62f3cbaf2a6c299a59028727ec1d725

SHA1
23e09748281a217f5b8a32d3490be724fdcd54b3

SHA256
45d7ff01ffa5b78bc9b96b6a55eaf97126d14fc98da4ee18a62997d07a8925cb

SHA512
1fd5a5ae4135272417b816096c67aa1e9069b90b8185c331e8a592ad61ce9d901642854d19d45aa994ad9aa02e0c23200932662a4d42119925cd285286272779

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
4ce19215bf16ac752a997fed54b55257

SHA1
da878e62ead511138ffff7198c7f510f3d43da02

SHA256
9bfe89a163bdd93a1180e238f26b691d09050c5081ac436497d00fe663fa6dbe

SHA512
ad1c12d0fff1d0e3446c160ee2def3517db6beeaf711436564db58d1c0a2dc02955e6565d913721c6bf08c8805602409cb51fb94ff0960c56295b9a01d16bc5f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
65ce841bc0d40d9933f0659454e9e3b8

SHA1
1d73f2f23b695f5aaa1d13464a11ac0b13a5bbf6

SHA256
778f1c74d26061631fd1b92004d4a7cfff501dba85901c4b0d682f1518510c51

SHA512
96b159918b421d2b1b09a50239001658814c2e805b6b9cbaa0d81b085a7b60b8807db6b2d285ed8eaf41de8935e647634fcc524f22cec2563ceafb5b5c00f552

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
667e5b0df520faf66ca23616f417ba8b

SHA1
a77b9d87d54d570e651dff1902d231125a5594a9

SHA256
0c76ee21d2c330b00642b54c08de2b1cfd9e7453167ce8737886fe11a5672d0d

SHA512
b4392584200e11d5a4f894704b8776c47a76d0a06959be110fb3b237d213a697ae848055241c55235c349e0ea79c97a792c36f746f1d77c2bc4854cdf105ccde

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
694B

MD5
c8e7e8ce8538d1b546cbcc41b1b0a4a9

SHA1
4161c3f7de6dbeab40b2ef20bbdc033d238bcced

SHA256
51e7c2f109a2baede04f42a6417c88c89c8d961c607fe8469ac032a8e88ba1d9

SHA512
b184580a7527590246c02592966ea8597acba1635f079fc578853d1fb1937137f05e7ec2fd4739de8ad9097ec97aecf217a3a27ad00414a85db63d6f6ad62174

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
d7eef18e07357da64f99ef6876acb05c

SHA1
c9b94038c875f0fe8383e1d425aa5c7c6accc37c

SHA256
5acdae8b2aa5021025e343c70ef7671813f32443be3510bdff383856acb18464

SHA512
0e53036bd4fac0c7ab46522e970e924ac4f54de1848480f5241462bbca7067f9d7f332c46b13d5c7ecc0881f98492bf30c612b0820f506448b3296753ec4f277

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
aed249c4c706e1187d7f468a77fe6b7f

SHA1
31e6e8bd3c9aa35825c79e04784de1a18d13bfcf

SHA256
d90b2eb4a51855ccccbf3ed70d376275dff87ff338ef28d65878d282047cdf3a

SHA512
2f966869acff90e264a01082c6ce6cd43b0f8cc57b00cfb1c7c2e7c734048d932b163e3dcb820f462de505bbffdae773b64fde4bcda3c329a08d8de0181f81b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
195c80ff29666ce9319e8e3fe7f10a08

SHA1
32ae44e30e6da2d43d5726c64c6393bba1719b81

SHA256
2f8d3d23bfa4242f46ddbfdbaa5ced92f68f49395e5b26ab5cf80030b0e49486

SHA512
7a4ad6afa8d5db6295e5230d3b2e8e7574039de1ab5b02e7d110263e4e114dc520c711f9028aef1c1493d33ad042e1fa43ec07a8d93dc32d6c031fd58e44499c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\3e8ad32ef6e0ff2c8dfb0722a7a862f0a1038fb3\index.txt

Filesize
24B

MD5
9acc69a39612698a60cec73cc2d7874c

SHA1
29e5d3c1490b1bc931334206954167f267232cc0

SHA256
46c2ee6c1d27e3c971a0d77c449037879104f66756549145c08200364f95a3f4

SHA512
27663c88e3dd62cc6f31ba5c025d02b23954eb30d944373dd2600d4ab5652accc74cb36ac6905e72776f9b16b0add3b27e87fb1dab1ed5209611f6ead2ed26fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\3e8ad32ef6e0ff2c8dfb0722a7a862f0a1038fb3\index.txt~RFe573b44.TMP

Filesize
88B

MD5
99dc224e534056ca1283acfec5926c69

SHA1
71104babbf6aa4a8427206abaac0e7dc64e04f55

SHA256
1c24f4e1ff954ab99851b3f471182f7aad481efe1da5fa807b0ee4f99f75121e

SHA512
6b7fb05d719b9b07ade00128ba3b9db3eae6167296f1a20a76fabe33a83a6d1f3ca102ccf05fdfb87b06c2f20102b873137380d5e7677a2688fa664ded72d560

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
200KB

MD5
496acadbd7aab33a0f614cfd990a185d

SHA1
666f0ad2f3e0deaf0778687ecde4dd6c58e61ff9

SHA256
5ce3b2407b3d26273619a6444426a964d4a2b3075fef1f2741c20f029f92ac55

SHA512
4bcc10d05ddcee908189ab77f1f5d8b386114e759dd7332f297a148b619abd207ff6f8f0ffda3a6712d5fb888020bb990aeb52f20d8272aac981ab2bd167f19a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit