2e77c25df446ea659c94666e83edbec64d43dea22442f7873b9c972fd159fec1

Resubmissions

11/05/2023, 18:20

230511-wytvgsbc7t 6

11/05/2023, 18:14

11/05/2023, 18:11

11/05/2023, 18:08

11/05/2023, 18:05

Analysis

max time kernel
149s
max time network
151s
platform
windows10-1703_x64
resource
win10-20230220-en
resource tags

arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
submitted
11/05/2023, 18:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

images (1).jpg
Size

8KB
MD5

15bfddd120961155c9916cc4722fede7
SHA1

07e719cbbf059fce7ca319aef2082a4a76fe2011
SHA256

2e77c25df446ea659c94666e83edbec64d43dea22442f7873b9c972fd159fec1
SHA512

fd611523297af8bd7a9e89b51b4c9cbd844de474b0f6410a40c2373d474cd73413aaec32cb7e03fe7c62036226a26c37e33b205d18ddbdc14beff1aacb9e3ebd
SSDEEP

192:ecnVjZeox2kxnYzYoU6KQM402Om+DVD82E14YWJt4Yph:ecnHrLxnY0otKQG2OBVo2P4Y

Score

6^/10

persistence

Malware Config

Signatures

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1060

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000\Software\Microsoft\Windows\CurrentVersion\Run	chrome.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1716	1984	WerFault.exe	93

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies Internet Explorer settings 1 TTPs 3 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000\Software\Microsoft\Internet Explorer\LowRegistry\Shell Extensions\Cached	PaintStudio.View.exe
Key created	\REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000\Software\Microsoft\Internet Explorer\LowRegistry	PaintStudio.View.exe
Key created	\REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000\Software\Microsoft\Internet Explorer\LowRegistry\Shell Extensions	PaintStudio.View.exe

Modifies data under HKEY_USERS 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133283091866269693"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 12 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\Extensible Cache	PaintStudio.View.exe
Key created	\REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\Content	PaintStudio.View.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\Content\CachePrefix	PaintStudio.View.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\Content\CacheLimit = "51200"	PaintStudio.View.exe
Key created	\REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\Cookies	PaintStudio.View.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:"	PaintStudio.View.exe
Key created	\REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache	PaintStudio.View.exe
Key created	\REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings	PaintStudio.View.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\Cookies\CacheLimit = "1"	PaintStudio.View.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\History\CacheLimit = "1"	PaintStudio.View.exe
Key created	\REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\History	PaintStudio.View.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3853465373-1718857667-1861325682-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\History\CachePrefix = "Visited:"	PaintStudio.View.exe

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
1984	PaintStudio.View.exe

Suspicious behavior: EnumeratesProcesses 24 IoCs

pid	Process
4508	chrome.exe
4508	chrome.exe
3380	mspaint.exe
3380	mspaint.exe
1984	PaintStudio.View.exe
1984	PaintStudio.View.exe
1984	PaintStudio.View.exe
1984	PaintStudio.View.exe
1984	PaintStudio.View.exe
1984	PaintStudio.View.exe
1984	PaintStudio.View.exe
1984	PaintStudio.View.exe
1984	PaintStudio.View.exe
1984	PaintStudio.View.exe
1984	PaintStudio.View.exe
1984	PaintStudio.View.exe
1984	PaintStudio.View.exe
1984	PaintStudio.View.exe
1984	PaintStudio.View.exe
1984	PaintStudio.View.exe
1984	PaintStudio.View.exe
1984	PaintStudio.View.exe
932	chrome.exe
932	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4508	chrome.exe
Token: SeCreatePagefilePrivilege	4508	chrome.exe
Token: SeShutdownPrivilege	4508	chrome.exe
Token: SeCreatePagefilePrivilege	4508	chrome.exe
Token: SeShutdownPrivilege	4508	chrome.exe
Token: SeCreatePagefilePrivilege	4508	chrome.exe
Token: SeShutdownPrivilege	4508	chrome.exe
Token: SeCreatePagefilePrivilege	4508	chrome.exe
Token: SeShutdownPrivilege	4508	chrome.exe
Token: SeCreatePagefilePrivilege	4508	chrome.exe
Token: SeShutdownPrivilege	4508	chrome.exe
Token: SeCreatePagefilePrivilege	4508	chrome.exe
Token: SeShutdownPrivilege	4508	chrome.exe
Token: SeCreatePagefilePrivilege	4508	chrome.exe
Token: SeShutdownPrivilege	4508	chrome.exe
Token: SeCreatePagefilePrivilege	4508	chrome.exe
Token: SeShutdownPrivilege	4508	chrome.exe
Token: SeCreatePagefilePrivilege	4508	chrome.exe
Token: SeShutdownPrivilege	4508	chrome.exe
Token: SeCreatePagefilePrivilege	4508	chrome.exe
Token: SeShutdownPrivilege	4508	chrome.exe
Token: SeCreatePagefilePrivilege	4508	chrome.exe
Token: SeShutdownPrivilege	4508	chrome.exe
Token: SeCreatePagefilePrivilege	4508	chrome.exe
Token: SeShutdownPrivilege	4508	chrome.exe
Token: SeCreatePagefilePrivilege	4508	chrome.exe
Token: SeShutdownPrivilege	4508	chrome.exe
Token: SeCreatePagefilePrivilege	4508	chrome.exe
Token: SeShutdownPrivilege	4508	chrome.exe
Token: SeCreatePagefilePrivilege	4508	chrome.exe
Token: SeShutdownPrivilege	4508	chrome.exe
Token: SeCreatePagefilePrivilege	4508	chrome.exe
Token: SeShutdownPrivilege	4508	chrome.exe
Token: SeCreatePagefilePrivilege	4508	chrome.exe
Token: SeShutdownPrivilege	4508	chrome.exe
Token: SeCreatePagefilePrivilege	4508	chrome.exe
Token: SeShutdownPrivilege	4508	chrome.exe
Token: SeCreatePagefilePrivilege	4508	chrome.exe
Token: SeShutdownPrivilege	4508	chrome.exe
Token: SeCreatePagefilePrivilege	4508	chrome.exe
Token: SeShutdownPrivilege	4508	chrome.exe
Token: SeCreatePagefilePrivilege	4508	chrome.exe
Token: SeShutdownPrivilege	4508	chrome.exe
Token: SeCreatePagefilePrivilege	4508	chrome.exe
Token: SeShutdownPrivilege	4508	chrome.exe
Token: SeCreatePagefilePrivilege	4508	chrome.exe
Token: SeShutdownPrivilege	4508	chrome.exe
Token: SeCreatePagefilePrivilege	4508	chrome.exe
Token: SeDebugPrivilege	1984	PaintStudio.View.exe
Token: SeDebugPrivilege	1984	PaintStudio.View.exe
Token: SeDebugPrivilege	1984	PaintStudio.View.exe
Token: SeShutdownPrivilege	932	chrome.exe
Token: SeCreatePagefilePrivilege	932	chrome.exe
Token: SeShutdownPrivilege	932	chrome.exe
Token: SeCreatePagefilePrivilege	932	chrome.exe
Token: SeShutdownPrivilege	932	chrome.exe
Token: SeCreatePagefilePrivilege	932	chrome.exe
Token: SeShutdownPrivilege	932	chrome.exe
Token: SeCreatePagefilePrivilege	932	chrome.exe
Token: SeShutdownPrivilege	932	chrome.exe
Token: SeCreatePagefilePrivilege	932	chrome.exe
Token: SeShutdownPrivilege	932	chrome.exe
Token: SeCreatePagefilePrivilege	932	chrome.exe
Token: SeShutdownPrivilege	932	chrome.exe

Suspicious use of FindShellTrayWindow 53 IoCs

pid	Process
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe

Suspicious use of SendNotifyMessage 48 IoCs

pid	Process
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
4508	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe
932	chrome.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
3380	mspaint.exe
1984	PaintStudio.View.exe
1984	PaintStudio.View.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4508 wrote to memory of 5100	4508	chrome.exe	69
PID 4508 wrote to memory of 5100	4508	chrome.exe	69
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1912	4508	chrome.exe	72
PID 4508 wrote to memory of 1636	4508	chrome.exe	71
PID 4508 wrote to memory of 1636	4508	chrome.exe	71
PID 4508 wrote to memory of 1256	4508	chrome.exe	73
PID 4508 wrote to memory of 1256	4508	chrome.exe	73
PID 4508 wrote to memory of 1256	4508	chrome.exe	73
PID 4508 wrote to memory of 1256	4508	chrome.exe	73
PID 4508 wrote to memory of 1256	4508	chrome.exe	73
PID 4508 wrote to memory of 1256	4508	chrome.exe	73
PID 4508 wrote to memory of 1256	4508	chrome.exe	73
PID 4508 wrote to memory of 1256	4508	chrome.exe	73
PID 4508 wrote to memory of 1256	4508	chrome.exe	73
PID 4508 wrote to memory of 1256	4508	chrome.exe	73
PID 4508 wrote to memory of 1256	4508	chrome.exe	73
PID 4508 wrote to memory of 1256	4508	chrome.exe	73
PID 4508 wrote to memory of 1256	4508	chrome.exe	73
PID 4508 wrote to memory of 1256	4508	chrome.exe	73
PID 4508 wrote to memory of 1256	4508	chrome.exe	73
PID 4508 wrote to memory of 1256	4508	chrome.exe	73
PID 4508 wrote to memory of 1256	4508	chrome.exe	73
PID 4508 wrote to memory of 1256	4508	chrome.exe	73
PID 4508 wrote to memory of 1256	4508	chrome.exe	73
PID 4508 wrote to memory of 1256	4508	chrome.exe	73
PID 4508 wrote to memory of 1256	4508	chrome.exe	73
PID 4508 wrote to memory of 1256	4508	chrome.exe	73

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\images (1).jpg"
1⤵
PID:3648

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Adds Run key to start application
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffd6f989758,0x7ffd6f989768,0x7ffd6f989778
  2⤵
  PID:5100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1852 --field-trial-handle=1728,i,3922075921969296302,1704681086490314732,131072 /prefetch:8
  2⤵
  PID:1636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1636 --field-trial-handle=1728,i,3922075921969296302,1704681086490314732,131072 /prefetch:2
  2⤵
  PID:1912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1704 --field-trial-handle=1728,i,3922075921969296302,1704681086490314732,131072 /prefetch:8
  2⤵
  PID:1256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3020 --field-trial-handle=1728,i,3922075921969296302,1704681086490314732,131072 /prefetch:1
  2⤵
  PID:2412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3108 --field-trial-handle=1728,i,3922075921969296302,1704681086490314732,131072 /prefetch:1
  2⤵
  PID:4548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4404 --field-trial-handle=1728,i,3922075921969296302,1704681086490314732,131072 /prefetch:1
  2⤵
  PID:4396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4384 --field-trial-handle=1728,i,3922075921969296302,1704681086490314732,131072 /prefetch:8
  2⤵
  PID:4324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4724 --field-trial-handle=1728,i,3922075921969296302,1704681086490314732,131072 /prefetch:8
  2⤵
  PID:4716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4712 --field-trial-handle=1728,i,3922075921969296302,1704681086490314732,131072 /prefetch:1
  2⤵
  PID:5072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5032 --field-trial-handle=1728,i,3922075921969296302,1704681086490314732,131072 /prefetch:8
  2⤵
  PID:424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5112 --field-trial-handle=1728,i,3922075921969296302,1704681086490314732,131072 /prefetch:8
  2⤵
  PID:3492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5040 --field-trial-handle=1728,i,3922075921969296302,1704681086490314732,131072 /prefetch:8
  2⤵
  PID:1080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5536 --field-trial-handle=1728,i,3922075921969296302,1704681086490314732,131072 /prefetch:1
  2⤵
  PID:1756

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2528

C:\Windows\system32\mspaint.exe
"C:\Windows\system32\mspaint.exe" "C:\Users\Admin\Desktop\RegisterResize.jpg" /ForceBootstrapPaint3D
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
PID:3380

C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe
"C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe" -ServerName:Microsoft.MSPaint.AppX437q68k2qc2asvaagas2prv9tjej6ja9.mca
1⤵
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:1984
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 1984 -s 3152
  2⤵
  - Program crash
  PID:1716

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffd6f989758,0x7ffd6f989768,0x7ffd6f989778
  2⤵
  PID:4636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1896 --field-trial-handle=1808,i,14874940405462975351,1827215295610191274,131072 /prefetch:8
  2⤵
  PID:2332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2100 --field-trial-handle=1808,i,14874940405462975351,1827215295610191274,131072 /prefetch:8
  2⤵
  PID:4816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1544 --field-trial-handle=1808,i,14874940405462975351,1827215295610191274,131072 /prefetch:2
  2⤵
  PID:1312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3100 --field-trial-handle=1808,i,14874940405462975351,1827215295610191274,131072 /prefetch:1
  2⤵
  PID:1308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2960 --field-trial-handle=1808,i,14874940405462975351,1827215295610191274,131072 /prefetch:1
  2⤵
  PID:4120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4380 --field-trial-handle=1808,i,14874940405462975351,1827215295610191274,131072 /prefetch:1
  2⤵
  PID:4016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4528 --field-trial-handle=1808,i,14874940405462975351,1827215295610191274,131072 /prefetch:8
  2⤵
  PID:4804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4512 --field-trial-handle=1808,i,14874940405462975351,1827215295610191274,131072 /prefetch:8
  2⤵
  PID:4696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4968 --field-trial-handle=1808,i,14874940405462975351,1827215295610191274,131072 /prefetch:8
  2⤵
  PID:2856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5012 --field-trial-handle=1808,i,14874940405462975351,1827215295610191274,131072 /prefetch:8
  2⤵
  PID:1824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4992 --field-trial-handle=1808,i,14874940405462975351,1827215295610191274,131072 /prefetch:8
  2⤵
  PID:2644
- C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
  "C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --reenable-autoupdates --system-level
  2⤵
  PID:3444
- - C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
    "C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff72d407688,0x7ff72d407698,0x7ff72d4076a8
    3⤵
    PID:4364

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4332

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
7c48dd2f4e33b67ffa3236b9ea4aaff2

SHA1
f66927a44e7de0c0038ce744d1d1d7251742702a

SHA256
b496c6028f1d5fe18f50705c8108ae84820748a3a2286cc9b56d2bb5a38aab02

SHA512
6ccba975ea123b1f59ddda5ec486be685df0ca1def0d34ccd160047a3fc9b126ec58092ed3f98b0cd6cf9df53a95083ddd979ed311d06fcc70eda216501dfa50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
7c48dd2f4e33b67ffa3236b9ea4aaff2

SHA1
f66927a44e7de0c0038ce744d1d1d7251742702a

SHA256
b496c6028f1d5fe18f50705c8108ae84820748a3a2286cc9b56d2bb5a38aab02

SHA512
6ccba975ea123b1f59ddda5ec486be685df0ca1def0d34ccd160047a3fc9b126ec58092ed3f98b0cd6cf9df53a95083ddd979ed311d06fcc70eda216501dfa50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
23d54bac1c511c98ccd2f9a8140a8cfc

SHA1
622828f8f472a67e7dca15dc2c2fad7434761292

SHA256
19422c15e251c8e3618189b082255bb103707a22ec14325b8b640a487c388095

SHA512
3bb8bf3b7cd8f1cd8853001eaf859e524647034498835cb275f90ec00228af65835da6edfbd99de643997e9f4e97d9ccfa8a6f8e3f28b2b157ffeb5bea8353cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
bc6846808f09f3fe5c153da783bbf19a

SHA1
c2ca1bde29550935cf4731facc7e566e686a0a7b

SHA256
907007c43a32ac00f002a3f4ad8cb2dcaa7c092ff76e277474a07d6d268b5b2d

SHA512
6d373788487d915ffd9273be75d36aa534cbaca01f6fd7c39c421f877c702d27c5b91c5346b0c5b95efe691ebe120a9c0fe46cd6fdce0547483ae5647d0f4da8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
72c9986413b435fb2e3970e61b8d76d8

SHA1
1891e5c894100c17656d57be54b2347d938eb82c

SHA256
0456c393bfd4ca1b938276ab7f98296707a23cba22a9d6020c683d42de63c417

SHA512
c3058d861be4a4e50d4e0e48abce2f6ab67da14e9023ff5ce04b9c7ecf1d0e2d49d2f1d671667ea964f57c411943fbae2ee200a1555d6fe332e548877988f8f1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
cbabe93da3212e87a408e9e9c9d8834f

SHA1
8ab39687988ab17781a2a0d8e2617e82fd8c65c4

SHA256
acf92d6a2c0c1c77f7109b7e0524247a7d67a177674d7dfd5069c780c10460ab

SHA512
668bbfbbb4f4d0740daacdbcbd6b79244fa34c9c78cee2e2d96a258d4f0cffd491668b80c823c438755f3a9911bc70f09acf4a16da169fc7bf6ddcbb09c1888d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

Filesize
37KB

MD5
7da4ef3fc3b3172753a4f24fce079736

SHA1
113ca45d435b212caba97eb854a0ae6be5e2b340

SHA256
0a056f5003c41b0b672b9fd59e3a1ba4206d58b2c3371d4cad46349968c4d163

SHA512
ff1ba179dfe0539473a17b7ee25025cd10a80a1bfe1d10e21571bb3e0f4721158b31347138b08619ddc74c31ee0fa1bbdbffa21bdb31ce4c3581b52ceed9e4b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
37KB

MD5
519005befdbc6eedc73862996b59a9f7

SHA1
e9bad4dc75c55f583747dbc4abd80a95d5796528

SHA256
603abe3532b1cc1eb1c3da44f3679804dd463d07d4430d55c630aba986b17c44

SHA512
b210b12a78c6134d66b14f46f924ebc95328c10f92bfed22a361b2554eca21ee7892f7d9718ae7415074d753026682903beba2bd40b35a4eeb60bf186dcdf589

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
37KB

MD5
519005befdbc6eedc73862996b59a9f7

SHA1
e9bad4dc75c55f583747dbc4abd80a95d5796528

SHA256
603abe3532b1cc1eb1c3da44f3679804dd463d07d4430d55c630aba986b17c44

SHA512
b210b12a78c6134d66b14f46f924ebc95328c10f92bfed22a361b2554eca21ee7892f7d9718ae7415074d753026682903beba2bd40b35a4eeb60bf186dcdf589

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
648B

MD5
c80c677bbb8feb290f96ff69a024d4a2

SHA1
4a59bd12f51d41d051576dc822a2e21f6138a315

SHA256
5b473c74122c61fba8239a8790fc1356d4fb59371df58ec01c5eaea7e5ab3a40

SHA512
0aa4607eb08358f64f184c780e2e6790d8cd47d0ec13cf87578463ae609b6fe19b0918a1757b10da8694886f185486c9e1b0bb5b61317c75f0f03552ce80146b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
648B

MD5
c80c677bbb8feb290f96ff69a024d4a2

SHA1
4a59bd12f51d41d051576dc822a2e21f6138a315

SHA256
5b473c74122c61fba8239a8790fc1356d4fb59371df58ec01c5eaea7e5ab3a40

SHA512
0aa4607eb08358f64f184c780e2e6790d8cd47d0ec13cf87578463ae609b6fe19b0918a1757b10da8694886f185486c9e1b0bb5b61317c75f0f03552ce80146b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

Filesize
317B

MD5
29a59792139a47171de1aad748e6d1f8

SHA1
7069ac39f65c5964ffe9c08f03317f55090a888f

SHA256
6c61902f4bd33d9b684781dd994706b8f8b5f6f33ac7e83519ace22937986cb4

SHA512
21be60da00fb6a6911aed2baca2221a1762786f1cbde9f0f7b3d1436767015ece3fb3c395e1dbd6debe4bfe935c3c9bc24b89040b4573b301b7e8d4891db2be4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

Filesize
20KB

MD5
b93c7dc6797426089ce070a56342fa9f

SHA1
a1ba5bf7e4b58179f29441dd5b93cd2681dcac61

SHA256
6064766ae2b44816a69f7c50c01a21524f8dfb6a7d196f23fb524ac43bb471bd

SHA512
e4e67443da1ddc96b5184937658ab865fb04380e2ff822e502fb29c3b622825dd580d5ab2759e56d9ca7faac54b361dd5cd86efe3f5a5ae371f864f30388cd63

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
148KB

MD5
7f99d08b84fc840f3aa74edba3de015f

SHA1
fee6f1ef7d0bf99dbd1d739cb48f6484308702db

SHA256
5c4de9a04e3d4cd9f5708c95d808048bdd18645b6d3abb2b0e6a02fdedfcbe57

SHA512
9b07d437c7ce9600c5293550b281e9c010720cce49545c9909c0264456090620d83b40ea5a1c7cca0e3c617afbfeccb8be2fb48a0d177db442644c57a312608c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log

Filesize
1KB

MD5
704a64f7a0684b0614c9920b80d35d12

SHA1
7b73d6def65a843e1fb014189afa448627d06e60

SHA256
2a2a8146f97938a52f94b4218ba3af824ae3dc3c1fae7a0117b3c463c4096a1b

SHA512
ebda24c3f6d7dc6262a4e17d4cdbc2e6e939620d2d8da2b79ecbc7bda90de567a07f4f41a6c5f1b9774f624edd7a70e557e6acec80029313c13939fff5a7fae1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

Filesize
329B

MD5
50621e718a8acd2614b8698dbd93488e

SHA1
d4b5452b53fd9adbe86358fe8f7bff0773db2010

SHA256
957ceb87e5cc6921d92aab66cca6cc519b89619d322ce16c8ae8204caff4b039

SHA512
cbbb0105a8320c8db7257e66c16654f03b6cca0ae1006330a89a6a6861f1792d40cb3226b35fca2c8bc1ad8fcd5265acc1765f45309905e371c06a8750a91374

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor

Filesize
36KB

MD5
efab190aa018f2f21ab0cc085bf2239b

SHA1
5f3ba363e9cc588505385ad694aceabf39948cfd

SHA256
fb55ec15533ed2700db353e8dac0efb4a0b3c7bb581712b062a23cc0e35448e4

SHA512
73837f708b2ad5f7b6a8c64fc698d1871e549c1138debf3ce7ef77897101241d3b87852c15949963b4bd4643942282437b93ff63fef9527a808e047698112034

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

Filesize
20KB

MD5
111c6d717e2b35642af36ba0a6a25dac

SHA1
84d37f72190b48f03e01556d699ab9757705b3cb

SHA256
d7cff82ee93b53a41409ff8d24f596f826099a27438dd59974ba0874a358a9b2

SHA512
2251f62892392fe0e1d7cf9de4627a1c29fd9e8158285ed7768580b1b85665b88a87b00389f8c96a8a4e7528415da5dd28005bce675bf4818f0941685dc40ef8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
7857ed264e5dad3d3e38006c143f61f8

SHA1
3c6e89d1fc8b4edf21b647d35d97a789a95f66f0

SHA256
aeee69ad5cde46e45aa125ad0165dc87d07f52eeeb6f5bdc8b40c9d827be565d

SHA512
f516161fc7b4829337e4ed423351d678e83fcaba9d58cca8eb234bd0fcbd8bb711aa4d3cc4601c69ed0b3ffbb7850b0796abe62f134b539ade4be83102962afd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
7857ed264e5dad3d3e38006c143f61f8

SHA1
3c6e89d1fc8b4edf21b647d35d97a789a95f66f0

SHA256
aeee69ad5cde46e45aa125ad0165dc87d07f52eeeb6f5bdc8b40c9d827be565d

SHA512
f516161fc7b4829337e4ed423351d678e83fcaba9d58cca8eb234bd0fcbd8bb711aa4d3cc4601c69ed0b3ffbb7850b0796abe62f134b539ade4be83102962afd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Reporting and NEL

Filesize
36KB

MD5
8702ac68cac64b5e38222747289355e6

SHA1
59136892d46c708a7cee368f19a6986c11f43a68

SHA256
c85f0d1a76c7214e4471495b22ad6ca2deff1723d6b8db47bac82dd402c594fb

SHA512
3df010d51cdba88686c154861d44b9b070f4ac30bb41fad428a9a36ababb18f9dfc87c5f9a102a5e83a6e556d71e9dde6d7908e6399d539b4381fee4a5042822

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
7914cb475556a4db947d54aea71f9eeb

SHA1
cf58e9658500dbd1634b2da56b757314b7e4a9e0

SHA256
b90e78b71c205b24779828664f62f8fe6632748436265be48a9e71b1a8327092

SHA512
a6adbd23426179064fbc34ecf7de597b72e40fa60ab886c7536a79a48456c4cc8e5b87673c54ffabb5fb23e3ca5137ba3e37ad02b714ebce2fd0c7edfac983db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
b5bde6a3ea0faf1f242182aa4a010880

SHA1
cd1853fd928f8964f7489956263785b43720343e

SHA256
a2f81d476c806c5f50a5674be91a18657ad9431029c3b1a52fb97a0269d879d6

SHA512
952be488348bc157270fc60d1211f8863ca2a43913d0c9333229ebafadf1a1571b4de288290211b055707a4d06e76dac50edaaeff840047522fab28d1b2596c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
241b64933f156065a3d72ad9baeabfdc

SHA1
405c81dc326e9d1c4e180587ca6e89100c95f1ba

SHA256
1cbb0e4f99026692b1870fb4ee6d30ee2b5e49b467427a8cd14eaa760f07bf59

SHA512
fa6d455ac42cce543d1b54312b2642f250de4542d125499895b4bab5000b2fd837b22bb275d770072dc59fa48a0d4cfb16e43725f6667a7086134a076980bb07

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
241b64933f156065a3d72ad9baeabfdc

SHA1
405c81dc326e9d1c4e180587ca6e89100c95f1ba

SHA256
1cbb0e4f99026692b1870fb4ee6d30ee2b5e49b467427a8cd14eaa760f07bf59

SHA512
fa6d455ac42cce543d1b54312b2642f250de4542d125499895b4bab5000b2fd837b22bb275d770072dc59fa48a0d4cfb16e43725f6667a7086134a076980bb07

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
ff0fd05b65e15f0c3c248fd334659090

SHA1
b4c8b0f7888e664bb3a0fdd28f9b1c6fa6e43074

SHA256
3829f49dc6b90fcc56b203178cae2b1c4ef7257d497fad637a506f9c41e53670

SHA512
6456f28fc7e412f4d4707f315124d35fd038d24e091e051c2ec7bdc83d302bcb3602800113aca41ec03469a6cc37cb0da3aa6cbd7a0252968f90acdb39d847b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
8e9301891996a138698f0726076407de

SHA1
a8f0f8af128f7b9e0c99d16eb05d761c72ba8e8a

SHA256
2603e73fc84500efd9f1db302ff744d5867237ccd407da2d7a94e6b220be2205

SHA512
e89de3b72fc9944de2bd3f0f7efef4092f69bdb8c9f6ef5a09fd23352c484e03daf9b84a26d3a544a183b7eb5ddd10337833c3217416c81a142ac796bbe61d80

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ce93e5b9116821daac29637712bf0068

SHA1
4e856b48be07b600cf5f2bc54a3fe55e769dc7f6

SHA256
d0f2a9cc7ada4ec0b73b39a72326121d268a1e94f0fc91363c070f66241d96b7

SHA512
cc9d7d649d83f117b4953cd7c4f9086ae6c5c4a6ef81ec5b9b899b33c00c03215f6cb65b6de12760516faaa73b0ca5f067a8dec058d7f8215031fb65b6b08043

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
06ba9e5232c4d3da9e8fcebb60acc103

SHA1
ab25a1d3499c6b7e94bf8edc931854ff49a6a69b

SHA256
137f093aadca095f60556334f80c088cf2faeb1bffc0021cbd9dfc747ddd5d90

SHA512
b6217ea88f02a4b32f2398b3d0907489b9a22e2ee2cb51dca551d79d7f50b9f96f51b854e4384002f772fde7d4f59dd27fb02eb9fdf7613cc6390f52fa93167b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
06ba9e5232c4d3da9e8fcebb60acc103

SHA1
ab25a1d3499c6b7e94bf8edc931854ff49a6a69b

SHA256
137f093aadca095f60556334f80c088cf2faeb1bffc0021cbd9dfc747ddd5d90

SHA512
b6217ea88f02a4b32f2398b3d0907489b9a22e2ee2cb51dca551d79d7f50b9f96f51b854e4384002f772fde7d4f59dd27fb02eb9fdf7613cc6390f52fa93167b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
12KB

MD5
4b45ba199590110d49c9a48393f56d27

SHA1
01ec4e85c12212c43bf28225cafba5099b0a9289

SHA256
6c9e936f2c852fcb60cbdb580eb5361123b1ecfb0beaecb6db60eab5931034ad

SHA512
485f948e708b575a63b32c09f70c9d88199ebbcaf1c5350b311a4cfc732c925d1272df66a8d39597ab0e135a7c3311daa59caaac78274ae821f792491ef6cf15

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
12KB

MD5
4b45ba199590110d49c9a48393f56d27

SHA1
01ec4e85c12212c43bf28225cafba5099b0a9289

SHA256
6c9e936f2c852fcb60cbdb580eb5361123b1ecfb0beaecb6db60eab5931034ad

SHA512
485f948e708b575a63b32c09f70c9d88199ebbcaf1c5350b311a4cfc732c925d1272df66a8d39597ab0e135a7c3311daa59caaac78274ae821f792491ef6cf15

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log

Filesize
1KB

MD5
b8b8689ebc9d567bafa5057a3d846b2c

SHA1
fbae7084f3e8d7ef533dd26a01f8720773972b3e

SHA256
35fbd8f4efc09cda9f87889aed183b299532918084570265556d06819898b5d1

SHA512
0b3939bacb899163cd62cb03cebe0559b61cc22488c01d407cfdc2a96d7e99bbd04d6156dbe0187141dd70d6fec5d6ebbcc92a7dc1779d59eecc71122f496108

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

Filesize
317B

MD5
75f2bb123c6dbb7fea4fccbda5794625

SHA1
22e2d6972dfb92067109c21c8ae6e8f6f48d4217

SHA256
159ed0a3d61de539d034b38616c87824cc8f9fa3c0dca119b98bb6196d2bc02c

SHA512
c80485437e0e92ec5b6c3658fad0afe599c56d45982795760c2b981ce78d31588c019470a515c748dbce54a02f7ade53d200283b7fd90a515724a61067251483

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13328309185716855

Filesize
15KB

MD5
508a18f335627f983c9176f2b8c8bc58

SHA1
cc02da2caaec876ae8812d034c501d92c9cd5d42

SHA256
462a0b4b4d5fa70e327ddc6b11aebca0ff4946d02d26a9039c652b1ab591d1f5

SHA512
7dd99a1257fba570fa7b54876c0685d4a900ebf072fa455679c838bffe08b7cabab633b19cde75cba9116765fb0879dbfb503eced5f2be0efedf3d41a9c9111c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13328309206714855

Filesize
5KB

MD5
e90813cde02a21a6ef23d47cdf0791b7

SHA1
176d7a19269505e2955d3d04b50e9c324f5af1b7

SHA256
44ed8a05114224a639518a322a0ec38c08654a9eb87edb678ca43ad055b31f87

SHA512
25674372862b44e9a92088d655f6f6fb9bd7fe212c34624d2f9131ce20887c0acbf33017639fbab5da6b18fb763a12756fee8f2c777bf09243c6aa1c26900335

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Shortcuts

Filesize
20KB

MD5
efc0c825b57a8478f69ebf4d0cbfc11e

SHA1
1cd6361a5fafa2b62c694b00e4ffc6ea20968241

SHA256
2ba1cbb6085cbd913803618d9046b57d7335f55ee4d6a1b69e567a2d8342046d

SHA512
3e9baf7303311e58c348e2ae24f60367c4a97a7bf595b3bf766b2a2eb0c5066b3c0c8a7ce1ed57fb89291b45b495039a7f26b0770885876722f046ac8267759c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log

Filesize
112B

MD5
1dcd71650b4252d5390a8755893e29a2

SHA1
0624af52bd165b9e0a8288360d9429ceb4d333cd

SHA256
f8bcbbfc6a764f659738ed33bece89377f801d505626b05522f3d488b50f898c

SHA512
a46967eab01ae41cbbdfd17212a5c43f4312ee34701c7270e1723d5f7a8272cbfae1d3441ef782c64ea29fe0c57248896dcb3a5e8f5298adbc9e90dee9faf5e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
348B

MD5
c5fb3e63908aebc2cd136b26bfbca3c0

SHA1
b02d5aeb6cfdd594fe09dcb226edde50eb40fc7d

SHA256
33fe9a17b8540b4c1b70b2839c41170011ad19756915da782ee0d93d004dc356

SHA512
d6a6cd84ae2da005f22fb02aef14623966b1ce340c6599da23f30146416532c20f64e60387128703959184b8ca57f3451c890ce67f1b2c8e0b5c762a9d707e9c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log

Filesize
6KB

MD5
7470b8e02105aec32da04baa73d64b0d

SHA1
11b4e400095c81f4ad2d37cfad6d530c90649e3d

SHA256
3d519562d3af6661b3a5cbba55888068b84c758b74713572357b4f210a783ad7

SHA512
f066c395146b294bb851f7340cc4a63901c413b913d40334bb5a7baccb569c298c821f9e5bdacbd06bad2070ce5979f4a69973c560f51e127800f16273723507

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
324B

MD5
00ae0e55146727bd7e13de17438f315e

SHA1
30c91f97b629ecee7c27ee6f748e365b2e8d60c6

SHA256
6a25c2fd3d0bd39ba8a2e91ca0dc8335fdb7d6029cf6a81fc6086057e04766e3

SHA512
586200524ec206e0cec7e889691eb52d429be05e3ef0aae6b156cccc61897a90b9f8a1d86a60753437d323e6ad45ec91664cab43e13634c7f3fddb304f06bcd9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

Filesize
128KB

MD5
6ee47d6ce446b0da682c05ec66876ea7

SHA1
f48daf147ae854566eb003587faf5c503ef3b0b6

SHA256
075be2c3e1e8aa56ebfa4010e3918de4168f87927181ce7c83b21bf76200bd6a

SHA512
98831b98e368d1dd15ed8aa4ef5f65fee0dda232e38e3116ca41a58bd9830ac23de307faabfa85be05258699c712ae6a75a3c257977b89aff3502ec140cf3473

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data

Filesize
92KB

MD5
e7f4d3a7b795b2effedce5c4c6363f89

SHA1
0520dcdbbc4145e973f100f825c1bc594133d6cd

SHA256
d6d85f63f66bd3028bc572b3f87e94865a08db6b98401d95aa98e10e21109726

SHA512
c5af943ba7c95093c7035c0f9d0751ff5eaf65ef62006047034d86eacf3127735386c219ae4343dbc145603830c0d701dc3c40f029abb124d32efa6441f01bd4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log

Filesize
799B

MD5
86d672ff9bab5b7ccfe81f18e626d0be

SHA1
5b4ee4493d117cc7082b7676a68ca110e923c0e2

SHA256
c565f88e6a05ef8389ee28d3cda1e61134a64bfb849e648e97f797e521c1b74f

SHA512
d1b2414d613f434beffa3afb2445cc8969f9e0f2773c6b5362a754f619de887f4d722d4f69ce695064c211e65a1cbac36fedfa8f5960a1211a66e788e911ed66

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

Filesize
320B

MD5
af03253c963295e42b2c4ad89ceb301b

SHA1
fc09c64c1f3437ce33cf18b31a0231e01228e090

SHA256
a807af6575ea63a929fa1dd42349a825b0ce4cbf458310e45ab6910b8c3c000d

SHA512
18c9b672d69a894bdc93413c2b95ac019b7542d3b9c9f70738fa3370a86a71ea91faab670b898886fcc17b9e6e03fe98c12a9349d43ff402e7332fcaa15c85fc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log

Filesize
855B

MD5
4fa2884f5f95a3dc55e979bf0d62f151

SHA1
e8255511ef3b06bf9679d3fc51dcc10aaef7101c

SHA256
5c7aebf4c045d6994cf346df70020b5be9b3e0c8893e48ddb69cc33701d5f1ae

SHA512
3d6695ab0a13fa6f8a69db831724574ff9dcc5fc0a67d7eb2241be14d06bf7960f215631ed617dc64865b669308347dc6757dd951bddde409e74d7b73174d06f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

Filesize
338B

MD5
9129b941034384864d4b62a1105f4d8e

SHA1
559a726bcda5b91b18440233e58f7871f68e0736

SHA256
24fc21adb1514076aa6c011fd161beb754e4e8987b94b8a3260c60595cce5fae

SHA512
53dc8ee0d27984318cf463bb54d9a88748b1fd2285afb572288a4a51ccf2638a8d0023b4fc576cf5a9c51f384ca60e62ff8d660afb6214146fb62b101090d84d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
9eae63c7a967fc314dd311d9f46a45b7

SHA1
caba9c2c93acfe0b9ceb9ab19b992b0fc19c71cf

SHA256
4288925b0cf871c7458c22c46936efb0e903802feb991a0e1803be94ca6c251d

SHA512
bed924bff236bf5b6ce1df1db82e86c935e5830a20d9d24697efd82ca331e30604db8d04b0d692ec8541ec6deb2225bcc7d805b79f2db5726642198ecf6348b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
82KB

MD5
477d96c7ca295f25a62e0b0393d5c804

SHA1
129cacc74cb0aeb20522dc67582102c7a1895dd8

SHA256
69db1ab2991f2f8b56b33755a4a0599f4655b9ba32b9255a229c20f9637206dd

SHA512
4c51d8e0232356593d0748cbaafebe410b0bc6af16468fa3b3915cbda1b2a88367ebf45a47187f2f1fc458d3ed564486e5163d421b8aab200c237772e6bfc758

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
149KB

MD5
e61d12f28b7e66b31f346506e54ecbea

SHA1
d5dbd7d689ffa85e3f40818ed473ece2490d2a7b

SHA256
bb6441134eed02eb395ccb4506cafa437526197a852f3480c8f373f1e9f87b10

SHA512
c957c2c2b88bf02aa122550832b0b00912556d3f8aace7ea80e9849ce59dcff0a3de1a04fedab04326ec6cdca85bbc990ea663c347ff635f4d12e5316f33f955

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
149KB

MD5
2033feb32f32630dd20a081d0d87d71b

SHA1
cfa99d66e18aa52b4047e908c53954f17b39d60a

SHA256
09077dda74401cd36633f329ae31dbd2c860d00855cbf519d826b586fd58b64b

SHA512
24149d16bda7f661e16662830a00960865a73cafea4e5523d0b311a35a7cd4d92baf3ea8e7557dad48e5ef960960ce0f82110cb6d75760633674c1512023e772

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
149KB

MD5
e61d12f28b7e66b31f346506e54ecbea

SHA1
d5dbd7d689ffa85e3f40818ed473ece2490d2a7b

SHA256
bb6441134eed02eb395ccb4506cafa437526197a852f3480c8f373f1e9f87b10

SHA512
c957c2c2b88bf02aa122550832b0b00912556d3f8aace7ea80e9849ce59dcff0a3de1a04fedab04326ec6cdca85bbc990ea663c347ff635f4d12e5316f33f955

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt

Filesize
4B

MD5
9ee11ed0933bd4faca01d793b97aa029

SHA1
b9cd2aa5fd31b9be2b213ef221c4059223df5632

SHA256
a039bcb93afec66a8fb95feb50d5d1f06edfee4664bc32d0d09cab2e7cbb75ea

SHA512
3a6d81329a1c608bad49ca8219bb46e489458b5ce6f4eaf0d786725907ba31dd34075c7efca31e6528b9439a49b314a70cc3291119f8f603fbcc14bc4c15f490

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MSPaint_8wekyb3d8bbwe\LocalState\Projects\Projects.json

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MSPaint_8wekyb3d8bbwe\LocalState\Projects\Projects.json

Filesize
233B

MD5
3b98d98dd3d901f9e70a54c1dde6d17f

SHA1
380779a918413aeb69ad897634308df286261e1b

SHA256
e15d352462eddfbc7750290c8acd3868dacf8f095f6562efdb9fd354d10ed805

SHA512
f2c8b15c165646324fd6d9ec5ac453d800e9d1d116b4935737a38a5714aa443313a0d6e95acd0d2678b1bdb78a01af623ff31f6389bcb2b905ac72a62a42e762

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MSPaint_8wekyb3d8bbwe\LocalState\cloudCommunitySettings.json

Filesize
2KB

MD5
404a3ec24e3ebf45be65e77f75990825

SHA1
1e05647cf0a74cedfdeabfa3e8ee33b919780a61

SHA256
cc45905af3aaa62601a69c748a06a2fa48eca3b28d44d8ec18764a7e8e4c3da2

SHA512
a55382b72267375821b0a229d3529ed54cef0f295f550d1e95661bafccec606aa1cd72e059d37d78e7d2927ae72e2919941251d233152f5eeb32ffdfc96023e5

Download Submit