hxxp://Itch[.]io

Analysis

max time kernel
1199s
max time network
1202s
platform
windows10-1703_x64
resource
win10-20230220-en
resource tags

arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
submitted
11/05/2023, 09:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://Itch.io

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133282708117292310"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2156	chrome.exe
2156	chrome.exe
1760	chrome.exe
1760	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe
Token: SeShutdownPrivilege	2156	chrome.exe
Token: SeCreatePagefilePrivilege	2156	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe
2156	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2156 wrote to memory of 2284	2156	chrome.exe	66
PID 2156 wrote to memory of 2284	2156	chrome.exe	66
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 3020	2156	chrome.exe	69
PID 2156 wrote to memory of 4680	2156	chrome.exe	68
PID 2156 wrote to memory of 4680	2156	chrome.exe	68
PID 2156 wrote to memory of 3544	2156	chrome.exe	70
PID 2156 wrote to memory of 3544	2156	chrome.exe	70
PID 2156 wrote to memory of 3544	2156	chrome.exe	70
PID 2156 wrote to memory of 3544	2156	chrome.exe	70
PID 2156 wrote to memory of 3544	2156	chrome.exe	70
PID 2156 wrote to memory of 3544	2156	chrome.exe	70
PID 2156 wrote to memory of 3544	2156	chrome.exe	70
PID 2156 wrote to memory of 3544	2156	chrome.exe	70
PID 2156 wrote to memory of 3544	2156	chrome.exe	70
PID 2156 wrote to memory of 3544	2156	chrome.exe	70
PID 2156 wrote to memory of 3544	2156	chrome.exe	70
PID 2156 wrote to memory of 3544	2156	chrome.exe	70
PID 2156 wrote to memory of 3544	2156	chrome.exe	70
PID 2156 wrote to memory of 3544	2156	chrome.exe	70
PID 2156 wrote to memory of 3544	2156	chrome.exe	70
PID 2156 wrote to memory of 3544	2156	chrome.exe	70
PID 2156 wrote to memory of 3544	2156	chrome.exe	70
PID 2156 wrote to memory of 3544	2156	chrome.exe	70
PID 2156 wrote to memory of 3544	2156	chrome.exe	70
PID 2156 wrote to memory of 3544	2156	chrome.exe	70
PID 2156 wrote to memory of 3544	2156	chrome.exe	70
PID 2156 wrote to memory of 3544	2156	chrome.exe	70

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" http://Itch.io
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ff845919758,0x7ff845919768,0x7ff845919778
  2⤵
  PID:2284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1840 --field-trial-handle=1768,i,10420829488508207466,4608946343269008920,131072 /prefetch:8
  2⤵
  PID:4680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1600 --field-trial-handle=1768,i,10420829488508207466,4608946343269008920,131072 /prefetch:2
  2⤵
  PID:3020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1968 --field-trial-handle=1768,i,10420829488508207466,4608946343269008920,131072 /prefetch:8
  2⤵
  PID:3544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2724 --field-trial-handle=1768,i,10420829488508207466,4608946343269008920,131072 /prefetch:1
  2⤵
  PID:3680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2732 --field-trial-handle=1768,i,10420829488508207466,4608946343269008920,131072 /prefetch:1
  2⤵
  PID:4692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4668 --field-trial-handle=1768,i,10420829488508207466,4608946343269008920,131072 /prefetch:1
  2⤵
  PID:2964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5064 --field-trial-handle=1768,i,10420829488508207466,4608946343269008920,131072 /prefetch:8
  2⤵
  PID:4296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3760 --field-trial-handle=1768,i,10420829488508207466,4608946343269008920,131072 /prefetch:8
  2⤵
  PID:5052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4456 --field-trial-handle=1768,i,10420829488508207466,4608946343269008920,131072 /prefetch:1
  2⤵
  PID:4920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3760 --field-trial-handle=1768,i,10420829488508207466,4608946343269008920,131072 /prefetch:8
  2⤵
  PID:1008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=872 --field-trial-handle=1768,i,10420829488508207466,4608946343269008920,131072 /prefetch:8
  2⤵
  PID:4112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2680 --field-trial-handle=1768,i,10420829488508207466,4608946343269008920,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1760

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3536

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
aaa66b137f91584548fc9e9dcdf73787

SHA1
eb2865c9a9c61f662e2916d4ef4368a70800b5df

SHA256
f547e2d82279d39bcc88487b738bb84d64380ea103bc38b9436d02b3c606f01c

SHA512
16190f195856a58c56650f787c80ae3086acb12533481c53d95cbe74408e2656eb734faf044a1514b9ba57b62c58ba73ed8c28eface1d9e4b024f0259e2ee9b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
efd578c07c9a40363ab79ab52ae539bc

SHA1
d8b2a560c8025f9857d9728727586f48929b8796

SHA256
902c6c1a7a84d3bba0ee84931c38077137aaef8b2dc74d3d17818b32156d73c0

SHA512
caad04baeb8102039367065955545d95ca2e004a1dbb5e8c3ac8aa0646304e1cb5edf73601b1fbe157ed2230868fddcc0a5a20021db3acc791f19f7afa3db43e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
ec26ae4cc954c1afc7d58cf71c8446d5

SHA1
99d690e9835907fa4a2400bd8981263362ec1e04

SHA256
330c040824c4cf803f4b7c12e1fe9db425bcbcd8b1cd20dfb0a698db7f04af38

SHA512
a0d45a32456f273e95533006a5e1c83fb7e2eaead5b53d47640b62995ea6ade574f098c12619fdb7317000b77453ca071ce3f2d0d88c18e4c07fe67dc804f42a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
942819b74c49afd6bb0d2913c97e31d3

SHA1
35d7d2b90f681173a469e50848057c24daa20771

SHA256
8b4ec4bd92163cf78b9553221417e32241118097b85932d899ecaed68dd2e11e

SHA512
434610cd7af44a9ec6839d7854c96b5c22d77dbe9e4d5284e1980a53be163346ec1041e4541876c56e147e10953628b0bc7726cb61e6eff73613ffd4bfbab717

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
08405779cd6346b53349de7257df623e

SHA1
3e390d3254f308ceaf033a07f0d9ea821a34a3e3

SHA256
643cd577bca7c75710f24f1c37e6d2cd5758b89856d974917c8f598249c18cc8

SHA512
ca697f5c91ceeeb21222f827b91ecb86e5a3397da1f188ee8cf9940f5745fd8e44c0c68d237cf91124747fd0df63597a8ee9c627345bc6881c8ef06124e80bce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
0af24379cb0cb9d44d26e7dab8d90655

SHA1
222f09019f4c615fb97293588ae279383f966897

SHA256
42ab421081dde69284d16504fb11c39d02fa2084e36a33c63c3111d60eb740c0

SHA512
644796f079b3861ee34d2e2b45865ae1471428e8e553b09b9fe9bd2d97a774a2ae5a5c633b3a4f60d7fa2162e243c974e95131ae7c1446c06d9ea6c9ac547745

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
6cd1888bb275f43d20acc05956af548f

SHA1
f710a741a2238cf093b94cefb48944b62c7edd5a

SHA256
1e70900a06812d370f8fbf6c7409dd3017f6b84bad64420b43ba5e21c39f5cf1

SHA512
a05288e0e170c0d40ec1f335ad65d0d24bafcdc35662f27187c5ffcdd3898f8642ace7cd3a02cee827c33fb80070bb3fe85c8c72a6811284387e93a070f43cd9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
33cbcf2d05ab0043d9c5685f783b40e2

SHA1
dcf4f778ab3497bc69d711bfdc01bf4277e566aa

SHA256
16bf1861992d6b27da59a3d29d950d4e550237b82c0d2aaea0252b81774efc9a

SHA512
5f31c28e34cfbf318f4a6c625b82cf398be544d413887eb9abc6e696f134c86649fc797c39789677bb396edea7edaa9df61303eadbf1c4286e09684988163817

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
c47473c8ccef0746429f5784ce3cab31

SHA1
714b89b3c892ddb84f98744e4790b1ecdb82c453

SHA256
8136f9c80e6856e91f2022e0b803d8083d27166ac46f8aafee7d5b127a933978

SHA512
afaf587649e72b3442d1f5cf7de16e8967da0e37b3cdbcdaaba17aa2518a85c05d3d6aff522f2b45a3095ecedd0673a8420ecd14bc19b3948d33a926e4276108

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
538B

MD5
59c7b6bd1ae1ef26ca1951915f1defb8

SHA1
45a3d2ce497dfee6cd3dd2f559434e25c1b379c9

SHA256
426060b0ab037e9130677ff926a590e15538e063a522f559528fb7705f8497e5

SHA512
1c3d17ac70a42cf9e8b351cd31ec5c87fe85cae1595fbce4df290ce8defa5926c62291a838ccade456c1cec4b8dfd037078e519f5fd7d2d707338cd4810ca7ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
ffbef95de23c9020019b434432afe5a5

SHA1
acd02ab8c8ab4ff84fef18a0e792fdca2a6fc44d

SHA256
36a9aa001b6c5db5f93de1e7d46ec9b4a1a441a8e1676193c3f8353bd4a3ab39

SHA512
873999b1b0cd19504a572784d91dd5e5df853d9029da9fe5d0d82b2d67c1d5d6754b1a463aa9a1fb0398d225b15cce8dbf56fe8362d75820a536fdd47db4d9ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
fd5dcc72a6471365d554c26e35b4fc59

SHA1
407666720b3da583fdabae38c2acd6a650e627d7

SHA256
6720972bfab0576504f3e3e79a91bcc3b19240d08891fdf4b2bdae8a95e96099

SHA512
15d35a47463d265dd1470d3f2dec9d978dbb8a0b3c8ad59e3cc69e8a41a6388d4ef8ca6c7575d517ea1d8e1b664bf0e92501bac4ff5be2998f6669bf274452a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
5302d7f98a07f9cfb0cfe2ced6a07c3e

SHA1
b07823904bef3723be0da8a07e2b85009b36d96d

SHA256
6b365f0fc0ba11538dc9a6c210a612dbdbecf50009b192ef2b26b01e4e4b35ae

SHA512
f8830536562a7171a02d7f05673dc5c7aaaa2f21bb99e22b233761e8c21829995871e6e3777d8e3b592ab76127cb59fb70120ed36af6977aa4e0a8a8bc5f19f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5743ee.TMP

Filesize
120B

MD5
78c46814bebc34521adf7e8691bbb8ab

SHA1
8619aa0bbbed0c51064455c56ef7f7e5902ad124

SHA256
fa58756d559e837716aaa0e2019f4937a87a5cec1fc8dfc73bbd3cdeef55d195

SHA512
052808b163f1d0771c6b95e966c252994800f93bb1b8fd086c6da13e75b4b692c5490d57a09df2603be37a27390958eb97e0d63f65227a27a31f12ef9e6e2a81

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
149KB

MD5
e8d1196f8b5434541fbf3e40d6952c48

SHA1
c5577c35b27e98004111d17d84ea233600d85423

SHA256
f293677078d73675ab161a266d600fcf1fef9c9861a5af65975021e593b6e24c

SHA512
156e876e40d44c51883518017a48840b4b3cf7b8ca3505ef9ec4664ed703122ce070722102128faa08eaa58592983f4ceefba382c65f93e9c01973bf2a2b0a04

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit