879e0f90960f06d056204275b073b30a841791eba7c154ed946b77a94ddf9369

Analysis

max time kernel
1800s
max time network
1803s
platform
windows10-1703_x64
resource
win10-20230220-en
resource tags

arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
submitted
15/05/2023, 18:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

sample.html
Size

16KB
MD5

5e38f9a752968a2ac9feeca5895efb28
SHA1

80b70cb098d6117f5c1a37300333d5b086c3654f
SHA256

879e0f90960f06d056204275b073b30a841791eba7c154ed946b77a94ddf9369
SHA512

5e1b141849d6fe94171e9db77fde44acc1164d0bf23a3cce73dfc1bf4256f9cc12f717b12a23bf49340b48a8e5874a1dc7184f7cf2a148a16a2b0437e53b2f77
SSDEEP

384:r3iLRKnTACDpmRgVoOsKEElKeGMJU8HhhbmgB7v28B2rBJCBXQL:rSlCfVoOsK/I1MdBhbrxvcJQQL

Score

5^/10

microsoft phishing

Malware Config

Signatures

Detected potential entity reuse from brand microsoft.
phishing microsoft
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies Control Panel 14 IoCs

evasion

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-1311743041-1167936498-546579926-1000\Control Panel\Desktop\SCRNSAVE.EXE = "C:\\Windows\\system32\\scrnsave.scr"	rundll32.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1311743041-1167936498-546579926-1000\Control Panel\Cursors\ = "Windows Aero"	rundll32.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1311743041-1167936498-546579926-1000\Control Panel\Accessibility\HighContrast\Previous High Contrast Scheme MUI Value	rundll32.exe
Key created	\REGISTRY\USER\S-1-5-21-1311743041-1167936498-546579926-1000\Control Panel\Desktop	rundll32.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1311743041-1167936498-546579926-1000\Control Panel\Cursors\Scheme Source = "2"	rundll32.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1311743041-1167936498-546579926-1000\Control Panel\Desktop\UserPreferencesMask = 9e1e078012000000	rundll32.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1311743041-1167936498-546579926-1000\Control Panel\Accessibility\HighContrast\High Contrast Scheme	rundll32.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1311743041-1167936498-546579926-1000\Control Panel\Desktop\ScreenSaveActive = "1"	rundll32.exe
Key created	\REGISTRY\USER\S-1-5-21-1311743041-1167936498-546579926-1000\Control Panel\Cursors	rundll32.exe
Key created	\REGISTRY\USER\S-1-5-21-1311743041-1167936498-546579926-1000\Control Panel\Appearance	rundll32.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1311743041-1167936498-546579926-1000\Control Panel\Appearance\Current	rundll32.exe
Key created	\REGISTRY\USER\S-1-5-21-1311743041-1167936498-546579926-1000\Control Panel\Accessibility\HighContrast	rundll32.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1311743041-1167936498-546579926-1000\Control Panel\Accessibility\HighContrast\Flags = "126"	rundll32.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1311743041-1167936498-546579926-1000\Control Panel\Appearance\NewCurrent	rundll32.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133286480016585037"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1311743041-1167936498-546579926-1000_Classes\Local Settings	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
700	chrome.exe
700	chrome.exe
4684	chrome.exe
4684	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 36 IoCs

pid	Process
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe

Suspicious use of SendNotifyMessage 40 IoCs

pid	Process
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 700 wrote to memory of 1068	700	chrome.exe	66
PID 700 wrote to memory of 1068	700	chrome.exe	66
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4180	700	chrome.exe	68
PID 700 wrote to memory of 4204	700	chrome.exe	69
PID 700 wrote to memory of 4204	700	chrome.exe	69
PID 700 wrote to memory of 3300	700	chrome.exe	70
PID 700 wrote to memory of 3300	700	chrome.exe	70
PID 700 wrote to memory of 3300	700	chrome.exe	70
PID 700 wrote to memory of 3300	700	chrome.exe	70
PID 700 wrote to memory of 3300	700	chrome.exe	70
PID 700 wrote to memory of 3300	700	chrome.exe	70
PID 700 wrote to memory of 3300	700	chrome.exe	70
PID 700 wrote to memory of 3300	700	chrome.exe	70
PID 700 wrote to memory of 3300	700	chrome.exe	70
PID 700 wrote to memory of 3300	700	chrome.exe	70
PID 700 wrote to memory of 3300	700	chrome.exe	70
PID 700 wrote to memory of 3300	700	chrome.exe	70
PID 700 wrote to memory of 3300	700	chrome.exe	70
PID 700 wrote to memory of 3300	700	chrome.exe	70
PID 700 wrote to memory of 3300	700	chrome.exe	70
PID 700 wrote to memory of 3300	700	chrome.exe	70
PID 700 wrote to memory of 3300	700	chrome.exe	70
PID 700 wrote to memory of 3300	700	chrome.exe	70
PID 700 wrote to memory of 3300	700	chrome.exe	70
PID 700 wrote to memory of 3300	700	chrome.exe	70
PID 700 wrote to memory of 3300	700	chrome.exe	70
PID 700 wrote to memory of 3300	700	chrome.exe	70

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" C:\Users\Admin\AppData\Local\Temp\sample.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ff9b7ac9758,0x7ff9b7ac9768,0x7ff9b7ac9778
  2⤵
  PID:1068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1592 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:2
  2⤵
  PID:4180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1692 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:8
  2⤵
  PID:4204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2112 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:8
  2⤵
  PID:3300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2944 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:1408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2976 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:1916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4576 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:8
  2⤵
  PID:3580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4560 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:8
  2⤵
  PID:2060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4684 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:4792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3688 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:3172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4960 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:8
  2⤵
  PID:4768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5088 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:8
  2⤵
  PID:4328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5280 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:4940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3652 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:8
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4928 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:3500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5100 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:8
  2⤵
  PID:2168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=4740 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:1172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=3720 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:4396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=1500 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:3744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=3308 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:5064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=3048 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:4328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=3052 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:1884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=3020 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:3372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4992 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:8
  2⤵
  PID:872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=4136 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:1180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=3096 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:2760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=5456 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:3920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3048 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:8
  2⤵
  PID:2032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=5532 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:4892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2968 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=3608 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:1812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=5684 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:4528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=5680 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:1516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=4780 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:2720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5676 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:8
  2⤵
  PID:1224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=6152 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:4808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=6024 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:3236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=5280 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:2024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=6108 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:1508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6100 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:8
  2⤵
  PID:4124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5084 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:8
  2⤵
  PID:2432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=2428 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:4612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=3112 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:2156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=5200 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6500 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:8
  2⤵
  PID:3392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4860 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:8
  2⤵
  PID:3312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=4208 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:4092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=4900 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:3988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=5588 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:4892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=5676 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:5084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=3024 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:4464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=5728 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:3376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5456 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:8
  2⤵
  PID:3924
- C:\Windows\system32\rundll32.exe
  "C:\Windows\system32\rundll32.exe" C:\Windows\system32\themecpl.dll,OpenThemeAction C:\Users\Admin\Downloads\AngryBirds.themepack
  2⤵
  - Modifies Control Panel
  PID:836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2604 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:8
  2⤵
  PID:1356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=3028 --field-trial-handle=1732,i,17523162898401918485,3090738621101190176,131072 /prefetch:1
  2⤵
  PID:3568

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3700

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x208
1⤵
PID:6128

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
304KB

MD5
fc6fc94b754cd1caa82ef3d1ed57f11b

SHA1
254db85fe8716c34b0b383516e048a541aa10340

SHA256
77c65a0f19be3ee4ae61cf698cd503c74ba1fd2daf64ce22a733569937f55b85

SHA512
1c59dd2b7c58feabcbe832fc9d2d3f35c4f7e59b83a5b641862677aa39d243f137834b3066ba24bafc8e85d2f20a7421ba356e986854a99203cccdfd0037b03d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
65KB

MD5
2cfbb0e218a18c73ef28e96f8430157c

SHA1
7ab6f6653e08098daffef6b6667ab53ecc6958e2

SHA256
f980335ca1ea4ce46d552b4994e72e63335e7cfd76dee9869c1cfa31b2ae995f

SHA512
438b583fad076bef15a577a329ce305f1e63e971dfdae9bb57b70a25d50ea8a303c206184b95efca917b7ad83ace5ef29ab12ec4bb8489b8ce9c5b33c0678022

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
37KB

MD5
519005befdbc6eedc73862996b59a9f7

SHA1
e9bad4dc75c55f583747dbc4abd80a95d5796528

SHA256
603abe3532b1cc1eb1c3da44f3679804dd463d07d4430d55c630aba986b17c44

SHA512
b210b12a78c6134d66b14f46f924ebc95328c10f92bfed22a361b2554eca21ee7892f7d9718ae7415074d753026682903beba2bd40b35a4eeb60bf186dcdf589

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
74KB

MD5
7166e8c9be21822692696f2889621a1c

SHA1
b8093784bacb5edf75da7061300453d0f24b8883

SHA256
cc6f468fd7c73abd70b1d37c49eb1e5663e2a9cba725cf3bad255b5a46c9ea19

SHA512
a305656dd6ea1bb169396756376a42f77c5241df82c054547817de5d21cb10639e1a584841291a11c928c1dd17d8a89794da4f098be60fdc7a925314139dd8b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

Filesize
22KB

MD5
9a96ae298a3e69c8f7f94012825de3b3

SHA1
721375e050a9d255cf1b8ec2d13f36074e536410

SHA256
f83a0a1bae7d475b895005acc5434537d13d849775cfaef1d7ec65ae9de16e60

SHA512
addf86eaf597355d875ff31aafc56fbce86eb543f9d6496874627514951108a5855e2c9f6fec5e11b99c3aae6620d97e67440fdd62a9bf33adef784d02ef1ecf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

Filesize
35KB

MD5
e819157dd12e0b1275823d4a5b99106d

SHA1
53eb3b17c0574f4f4b1995f5a02a93898ad2019f

SHA256
eb34a6c6d83603322e0a1730e66562d70d9a905ae0ac6f5df905b81226c99c16

SHA512
ac1a02daaf31f08475331274a8d187652cfc2b3f7ad5591be9f7ce4cae8502061eed6e7f7addfce7f4cd6c9c44ad2ba7f52884b5f9f96c1bb35ba73c1c1c49c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

Filesize
33KB

MD5
c36dcde83f87931be2a03750be60141b

SHA1
3125c5fb4b9e42576ed68885f78021434a38559e

SHA256
4515dac5130e5da2712f9ef9b94fe82ae52a18d3dedfc0bed03b487d14266a76

SHA512
8e1a8b786f24aa8c74a86cb5752f40ad793789faf311ebbf60f1629fa884944a396d02a534150c43de5926c7dc2f044bec0a0f534c077a6c5d76e5b8e51c811b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

Filesize
32KB

MD5
f80b5c4eed9f09d1930e9b76b9008244

SHA1
e3136129e87daa377854fe948ddcc5b88e8baf42

SHA256
9727db239709c756bc11165d23e91c4db5c6b299d4fb684a872b95beee108600

SHA512
9fc4007523ced3cb91cf2176ac3369d8c05facfa71c153b92bd78ec658785b7b612c21d974d0eec3b82e88f16d4c5f9d3830d378aebcfd2f602114ec4c2de4c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004c

Filesize
29KB

MD5
d10158b22b553f723d99dc78eaee6390

SHA1
80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6

SHA256
939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e

SHA512
fe47b644de4bb0a8bd8a06d7641c49c9810f669b44dd683c7651ff88224b444fd1ad6a6accb525b75a438afd876bff4dec230b8b6dfe6c43856c91b9a3abc5d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005f

Filesize
25KB

MD5
234327230add9a5a5d61a48829ea4565

SHA1
7966cc0e4bd76f88ff193c8a99a067de804b7129

SHA256
bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75

SHA512
e51403d58e8711c7dce802f978aa799f0f24e6b806c1978e29c00fbfe6b398f7a423f7ee95814005e2db094cf190765c7a6b1473303743d3cce4d13931328798

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000061

Filesize
16KB

MD5
01d5892e6e243b52998310c2925b9f3a

SHA1
58180151b6a6ee4af73583a214b68efb9e8844d4

SHA256
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d

SHA512
de6ca9d539326c1d63a79e90a87d6a69676fc77a2955050b4c5299fab12b87af63c3d7f0789d10f4be214e5c58d6271106a82944d276d5ca361b6d01f7a9f319

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
feea383068cd5e4751083e13f2a9636f

SHA1
b9a0a536f56d43ca0b2c886a836a4badacea8640

SHA256
4d9a16a087bcff8d0ca8dfb84f75d6f190d4de2cd221788236f09f85f4cb767d

SHA512
904a6d511c6d5a34903de39a8100d6f0fb3c948cdc67f4cbfc0bbc6d7f450f2a5c89a95bfea8f88b4f6cfbbab60e845bba45ade06f20db61b3d58c09b48b85c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
888B

MD5
b5b78cb49b6bf771af015762ee26c74e

SHA1
e0250f14af8acce72629e0c6663a88c026a80476

SHA256
74240e2a8fb8f063e4bdcdaf6098ff56692fd10d8d31f86f61a8942253f8344b

SHA512
f78c13a05ab439b9b135babf96b8a8252172ec355b8b7ba47384cd20b8b0755c68642192bedd893dcc221d6775e39827edbb79926d7562d3631ccfe98e813e13

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
ab35a96d0a1ecc69d8b241c6a89ca79e

SHA1
df2dbecba34a9665bd71e714f05324fd64e634c3

SHA256
e148c3018b89efc6d016a0bf069d2f6b5210e5d9136bff91c7bb6dec8e7e844c

SHA512
216704b5e0bb6dddefc41727a851d9b1cec95c016beeec5264083e9442238c53e059b79a763132efac3cbfe435a04e2140708b82ac3296242a3d4d5f11648c2b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
3f9afc70e5914ba83d515d40440a1b6a

SHA1
ae09ced0bb86767283d4e88071a4a8782288e3f5

SHA256
d8523f1810ea5164096950f62b5ba0ad9ce683c3def7fe7051971f245d6f33f8

SHA512
74922fb695515004e7160278ec37f8e26552296148ced18bad276aa7ca6b32c335b54adb70cc29c3e4e124294929422769fbc044ad5e2c27942467fd2d2343a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
bf79ddd0794f6c1de32cdf2f82d7be8a

SHA1
abedc2ceac0a30dfdf7a2bef3acf83f618cbc9e6

SHA256
e856d39069a95eeb2b9674347f25c980c46f6631d4be613eb6210c75e0a543e1

SHA512
51eea3a2a235f9b48a6ed63faa64c912aa098cbba76cee7a8d90d027051b500f3003494823faa01af0d651bb3f0adb9261ef48111220b24b2518c35a651c2ed6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
fbe70cbd9d9b79df248903cc86c91c96

SHA1
223c34bdd43342e302a93e09234b7e5959138a6d

SHA256
e6fda361d801497949d4de79b21a6cdfdd9e81a508502ac922a7cafff0a43a33

SHA512
5f2767b6d7178de9cb70798d1687ec7e7acfc73caecaa3ebf5c08dbdf2e5fd5ab60b05054e2c05c746e79490066f43d05c36a6bc5e489aaf42d10f8857835abd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.microsoft.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.microsoft.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
8KB

MD5
482abb18a450bdac74d8f064c72f4077

SHA1
ca1c3b3d0ba343e79c680d5b0471bfb5208b98b2

SHA256
7de9e756d729d06e2eefc71ddfe9192642965dd6c90df46a1affbd50805d6546

SHA512
b9c011b8694d3d4adb6d78d3a9277905180604ea5c9eadb5b739a8dac71beebc2808c053d9fb63ef1047c475dd976d5d92afe575530b4ba0c2f73ebc504573d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
9KB

MD5
ef0b749510fa6a1f72adeefa4818514f

SHA1
6050c689c3a8a09f3ae91bd070d6cbd3ea4b5abc

SHA256
31438420a28149b459b302e57888e357f9c194e20d460692c0e867c50b3f8f5e

SHA512
37a87e0cba6d344afbb876fda21cb886d683b21e80285bbe848e2c36dedf63bc8d855fd90e85d80830918b5442906e2a8b7ec4d18822c6967a99a6b848db241e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
1b878d8a26a4cf66b5b1229e1a6929b0

SHA1
8172d8931c7eaade0af2f6d07d147b1c1c3f20bf

SHA256
a0dcf71351c32be023c42caf6d2f4fb4329920e9c17e25ffc34df298880f6fdb

SHA512
52e0493145509f44fd62f318069fe10d5281d77950b13cf418de45b69d1b12de7ed3e9d9757f5641f721e26e4050317e9bb4a43c27ac5dd4460d965978de4b32

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
10KB

MD5
0a2a8ff4ca55007748ef56533ac37295

SHA1
14c1ac3ac220bdd97ab1dfa8bc41096a537786ff

SHA256
fa7fb842f34a2cb3129f9d568a49b93aea1cb0079c719d4b93d4722c2e48c9fa

SHA512
674295b0eddcc686ab21639d566b5bef5968ab52ea7e2fa2567a9bb4b69d451e00dd8acef1d7747dc4c39592ec78c8c333dcdff8f81023cc4fe5b52010f61e49

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
9KB

MD5
2581f27bba90062d0fd8eb8bfd880516

SHA1
989ca33d1d376727aa9274e82e5fccccbd471d43

SHA256
af9ab6c6071fc27f30ff6433e79ab6a75406dbd771923894972f47d351ad4a4b

SHA512
5ff21b6e576489c38f06ad7e7dcaf73e0a7b71ebe309852f1ac69032b5b792ca45e71ed78ad6ccc6344f4831e9f63b13e981f208432114edccd6324fd74456cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
9c578cd06d8202ce059c81af409b75a4

SHA1
6a48beac2832de839e6410f28d3c8ac15a90abaa

SHA256
ac4c6be0037adcfd9530c762a2a4c709f5992bb6c6c20bd0dfd7561ccb08de60

SHA512
5d252027d72e1ce6c96edb97a2b319610831b6d59c1ee6142a117cda7bdd3ebbe67856dbf0f7a9dd8e193ef84f3a5c72c5aab122e2201642cf0a4cc918e9bdeb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
eb3664209c19e1c644a0497db8ead730

SHA1
0429a921e1b058942a052a0dce13166db9d2c210

SHA256
c04aa47c3e12f6928c07f2be0c98682d57a764e36a0f0e0c829eee279dbb54f8

SHA512
1e849936667de10f9b80391661fdc8be4fdd582552880ec0607e2451ef433face379bee5f960579e93ce4b7cdfeb07c2b38a4fbc6cdb2ac8e56f12218a6c7d9e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
08500a41ebebb4124b0ffee9f9253b87

SHA1
85f30194401afcf693d7247c331241f017a74f81

SHA256
e90895eb5731ef6c8a6318a33beb858f752d5b08d35eb7ba088ac0152bf37ff4

SHA512
81dc1e2d1f52e26fe61b88b16e0ef5e1e469613a87d99b59b5ddb41e3aee8ca0940225f2a4d247ad3d114b42c0adf9b660fd0c502d9cc721450a2bd03bf3c091

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
43b6d9480dc09e4aabe9f351ca5d3875

SHA1
4de4f0437d6344c56679d42f76ae7a0683104feb

SHA256
723bbf8d07742663c5c9155c0fada958974859c37ed038e5d851690db2db0e81

SHA512
7dfa595277001a2c4aeea4ecbca9cac35400d7cf8ee3b17891f40f9b2b59f08fe39a87e30584f31188b19e0004df71baec4391f1463b9cd9e5a2689e5a355828

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
9dfb9a9cde05e88cd309a9dd92b29f35

SHA1
921c8998379df68f284aa4d644fa399da261d892

SHA256
99825139e794a2d3339dbd363ac51942d741bbc94b3fd217510dcbb8d61d2b54

SHA512
14b2c2d634e933064b18d83dc25181a4b306a06d4a71839086a38c8b633d7c138340710154954a17bba2b5a86ea2d5346cdfea1ef07ed234c44a4f59a0d13e97

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
9962eb121a62269ea13ff8b1b3feecdf

SHA1
13727cfc1d0fdd24bc83c38f16c091ea8b97f2d4

SHA256
3a4fcabef6c622f4cf8268d74cf3cb8177a1b8ab981164ada2c3f5f1b7d65da4

SHA512
2ffea8a9e6b3213a6f8c9fb1531f95411a052462bb8453b1588930ed6e48cf4340d7727d1c51851ae84903faf3a0679ec31eb9f1e64b7f032c37be7f4ddce4d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
8aa8fa03cd66a1c99fcb170e40e416b7

SHA1
7b1ca2df93170bd72a0e97f75cd26cc04d202263

SHA256
4672355fb1ca6b21246a724ebe9f6ea7f11ed27b834ec63e61212b53e5bd130c

SHA512
ca09590d81933185a95d63a46c0efa46638851634e998837030ae14d35245d5f63c7a67fd7e84a65f84439a79870f14d453cc23b3f8c6a4bc9c72fe615ece98b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
0423bfc00105f0ddfa14ad5c77aa6862

SHA1
fdde3f84633c0d9b1139290c010fe921788ffdbd

SHA256
28c84cb96f8f122ce5461d3f7edf54842c31c260e890a2851ffb5587f5c1e0da

SHA512
330791ae2f81e1136905796cdcab1371e6785f8757ff2fcb8f6a4e641e2bc60c9b0577be9402345dc01ca3ac85969166f6ede50dadb153322ade5fe43df5ef6a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
d46f211ec71a62289033a14410fe75ab

SHA1
cddad393d6d0ae06d043a8928785df2100a49ce6

SHA256
a6b33d4fa5fc699e0f0fc04e6af4d0377920f57122e9381b31c90e1b0cd03618

SHA512
e897f1b9fe72453654ba98a086412dde86e868cc2bde403b227d2212f7138a2c810731b869d76e52ed9c6f2f5e9deed57630f6c4f8117785c8b55043060ca043

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
864011d4332ccdd218ec1a862dafb498

SHA1
11fa474fbb78ea5240e5d5453dadbc2fbe44351b

SHA256
ab153c3dd2d4111f1feb6faea4b7ff4b21e529d3a3f1e370f6433d016e481d4a

SHA512
5b4f59bd6c00e20c473a0754ccd6dbebb71d066ee2f9ba3ac2a84f9e05f8456b5afb9a805d26c6c9491240d09aed482d7f868333a52281858cafe9d38f0a3d05

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
cebd10184572700f055aa14bee30b26f

SHA1
675edb188370a12c475fc74e41198f7197cf811d

SHA256
adb38932350c928adeb8a0a82bd35cfd6eeaa797396e5fb7ae784f617462c767

SHA512
9779ceef7ef1df6f1dfc16a6270b0c8a321bb9b347d41b067166a8f9aa8ab1b34d4bd371a931c84a29f2b07c9bc08d9323dd378b06526e56b49e08aee48105aa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
751044ec64ebe4e11df49da5fea6082c

SHA1
06d8873d79168076683be83789ecb9cba885cc24

SHA256
30f1fd4beaefdf79ec43cae8a5f37aab06b1a339e7d07f0dc123e612207ff40f

SHA512
4e9ee6630792ff237ca60e17bcdf6ee353f36a79ab1ed954b33ba0acc60bf787ee884787e2fe4f517fea4b2e4bca959557f35fba0e861e351f3d5194330db300

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
304acfdcc6e495095b7b9a2170b52cc0

SHA1
0e4cf2e7b1e0710aead52ab1ec6705cc6c69a902

SHA256
99b9993bfbfb1a7395a02fdaed1b7d241d61683f974d6f637d006f13facb3434

SHA512
c02448cf2689da6580c0bafd96a0c43bfb01934bc444e8fbdee5b83b9e29eba3cdac4d07936f1ac914a4b584a4ef7b47216cb6e5560dfc33357598d20bd62083

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
776bc89af99874e393666211473030e0

SHA1
f954f0a8433ccb89b777c7801cf7c8029c47faad

SHA256
9b9f48e96c7c2a9fbfbf9e7b3a12cd52e698b177ea8671c86a61dcef70ce22ba

SHA512
d593a35a85c91444ba61c04dddc56275066b8c8002aeedc9a29da728641af4175a15c93681191be99571d337b1102bc5d64e66f20c60dd379bae8f2ed164cd9f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
79b84f060d9b155dfed7057ae908c295

SHA1
6867836c205b2be36bfa1efce5006bf41c60226d

SHA256
68dc8b0cf9431f7e08f1a96c48831b2e6d81705a88350fb1ba032b35439b8a60

SHA512
48e1089c580cea9738b527632a528715b0a9363c6cc91880b11e2b4dd18b550e04e76b1c91c8f0884ce4e28f5083283def2d737b872be80b912f71a4b225b210

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
1b71886b601f906333e0c1e3b9955012

SHA1
fa42519ed237c81448e95b6795759d8c7a91ce85

SHA256
9229ddcde9251ea6e9a238d769a4dec9d293eef339348d40e30c3838bb365982

SHA512
a33f9e2c6c3b19688b96d198e5374bbccade1428b0c581d4a9b6ea7d256c5e2ff2c564b11d0674bd3512d807902c07a68ac38f8e51f290e898784022dbe0e6ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
6c74e2fead4f66826c4c5bcaf68b0c57

SHA1
b7240bab53bb44d8c455b0b917119d56d52692ae

SHA256
89416f900ebb87a96d254758005b70d33aa16bd01c86f03b6a24c76614dc3c24

SHA512
b1fb3e9ff57fb614fcf730cb4a6f5339c53220f392296e9ed56b2d5da273b0cbed6727ab3589112e8d75790a1cd91c265bc7177ad5aef1935646176eefa2a55e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
92df57952ede1a9dc21faff958364e34

SHA1
8b0c38bbdd7b975a30cfef8cffc95b48acbb1ee2

SHA256
4344c02ab5f75332a573bb07bc0014742d7dfd3ad42ed13c49b4ecb7faf533a9

SHA512
10a4621c36132668a987d7b2a292e155b926d2c3ac13a785ad56eb31e301c9ef16de6b8cb276f3ecebd3f6dd08d3690dd3463a34cd2021ea4cce079d6956d1a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
4846a6afec06b681457b0d4328282f2b

SHA1
c5379892a23cbfb41f9b25c96ca7720207a7c55f

SHA256
a746f64b4ca4d8d88ee1466f97b280a6663d117d7964b980a44a5e8c904b85d4

SHA512
22d52af0ec0a57eecbc33d009ee764f2481f45ac44d76cab59c226d04efd46322ff782c994c22dbad00378119309790e295e5f8e66df26762acf3603f00c832f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
cb9cac2787b21557a6b07e1e7d10c676

SHA1
bd57168c437d072b71026be5cd825f84b006d9fb

SHA256
59af644cc68e5e88926ad03a8c8a6d4028f25bcc6f4e9acfbd249cc7b41995f5

SHA512
03bf21caa1b9e8d5a8ba602e6aba62aa14db6a9bfca513eb4a57376c7ca0ddd74eb068d31417a36430eb059e8e678b78a7bda4ce590f8bf9567c1f11e523ccc3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
7acc3cb6e3917bdeaf1090ca72844fe0

SHA1
f4e9c0b496ee456c604752cf2dc857c98cffd522

SHA256
c3f827ec22ba82bb55f2fec0b19d9560acea363b6ec70daa8d38cf74f48b4246

SHA512
91b8a6a5ad52ccdc6e2b851710c99c28a8d7b6a6ed456e1dc26caf1ec8a1ecc41f9dac48256f5951a153f0eeaecc04e1782c020c32c654712e22dbbb95721200

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
336171b78cc65afcc0642c6bdfae9d2f

SHA1
7c3b84c005f589f1764cc86dc88eb0bd5bbdeb2a

SHA256
622f0b4ff400d69a2a921163e6f36be75bcaf57552af6195e6a5ef7a933cb8a6

SHA512
f6e9a10dabf7614f1f5623372acbb9ea8d975a5d6f30086eb69d6babf57dfe9209f4c257032f5841a70ee44377ca2cda8682efd51327334ea48468cab46b76a8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
7f3faa60681a371794b4a5a694ad4659

SHA1
9a18721fea9bd722d9c2ea1d385b36917c010a5e

SHA256
f320fe3d524ff3af24b2929a300bd080df106e8bbf917b9f20d7da2e2aaa34a5

SHA512
5db8d099d844d354755cafe848a2e9c0925fd504df24b95d88a6bedc0ce17075143001ab06f91e4d98cb2d8551cbef3c99b61f907276bc546922733546f300da

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
3b0f2e3590c3f90e4f782cab5f10e9c6

SHA1
bfb3c0d04d8727c6f34f6bb259e677adca72fe49

SHA256
ce42539cb2293b57b1a2a1d650405776514c92b8a2389f882165acaddf34cec8

SHA512
4468f20487c16cd7ede04c6de55f33360e230423860488d13a652517106836c7c499bd3b152f4c9dca7afc44a6ad83f5fc7fddcf33deb274a1cb0e4e9d2c28e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
60c3d118bc71a98f3ab21a53e54808df

SHA1
feab99a6e5d8e244c8276e71804eaddbd90c4702

SHA256
d43c214e5f00f85c02b4e445df724221f98fd3b4dc5e1518be8cbeacb5afbd9e

SHA512
bb5029bc8a21864b1a7b5315c0e32ffd08d8795b5de3324e699d76bd4d23313f213d27521c235a4a8b5b777baed137d54216545042ea33e76ad1851925201702

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
b01074262f9f0e6d0371bf25678ff3f9

SHA1
3da73ff2d45ae16b1558c15ddc45d97149d9a851

SHA256
c066e50223c5f732fd28deada06adb7361800311336ea73b276f5dfcad50a065

SHA512
94706ed2c709ecf85b6083883a1ecf55efb14140e614cd01e9253b559e9eb85e1c1ebd35be6395eca7953afff31fcc68da82ba3e3461a7f0a38c95f8c4d6c8f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
118989bffe04f2b63b1b7838323e7192

SHA1
068588f3a7cdb8bc2fe10fe69705fcbf567fa8fe

SHA256
39e443caa01ff1ff674e59b8ea99b984dd6859e879db28f44ce57615f78f853c

SHA512
c2dada186dbacbed816df1a44df4fdc70c0f2f642a22b6d74170197392d824cb84bcfb00809f2ec51037b454384ef501d6d616a0f421b0f20e6230fcbadaf4b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
f0489249e7e8add2322f8c954ab78521

SHA1
56ff26bdad7d8d82c4752f4c7f717962dc1eb696

SHA256
75c553191b9c3bfe7f256f857ddd586863c40bffc0676d647e865e76c5ca4108

SHA512
9f8dfebfb9fce164616a6db17c7ba6383468464347b325fea93bfac4eb3b3b10bdd4c97ca85a787853d268a2113a762dd2513fc32640eda34d14f4193960ab93

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe58a795.TMP

Filesize
120B

MD5
e2f092e0d57d4930dc5dfa81cd4c06f8

SHA1
7a4a013fc2450f4443d8cacfb219813fddd4e0c3

SHA256
4b09bc7e9f6358f7c3fadad59584ecfa8245666750e8f9c99149b735bdc96046

SHA512
47de7d26440c0f7db96cb398dd7a1d0db94b8302630127a42db341f03216fbddf508d5623faa5d5b222ed8675c10bc38338d36c95032c59e2ea193eb81687472

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
151KB

MD5
c81b4b04dafb7347fae32897d387fb65

SHA1
09eac437a7bf3bcfaa2f26be1470be47ab9764a8

SHA256
9839053a73a88f5446757e90bad3f1844af2f791379a4b41972c744bc4fcfe8f

SHA512
7196da31e28c2c100d48339c649eec77d694a4da79ff7a48ca676d9a909ac21724659628e6f03333d957925377f447f1cdbc6d3efd02ff53f59fe80399408f55

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
151KB

MD5
35170be776ec59b1bb8a8fab4da1b774

SHA1
27c3ad68637f3ffcbeb8f0c4f486762279928b16

SHA256
80e83d82449c06799a59fb619f156d3113d66e43d659f9fd5c2ef13a1d4786f7

SHA512
736de22010848d1d3823c2640974fdf7edaf69477f933495b1b166c0a79073a59f736adfc2530aab9b686d276fae991606e9ed45008712079d30742538b519ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
151KB

MD5
29b35d98ba02f3cd1d3e9734fb67acae

SHA1
88f5b702cde58bb48833f44ee1c8fb38cda60381

SHA256
0e3ce45e35e8fc1ec263cc020e09b96c503e4537b245aba6e7ce7e3923a83f09

SHA512
42c137f53131a2ac8248e1893f1e5e4176bff21339ca2cb8a2a47e4647022bc3ab12aa813313b3e19f79eb0463b093d978c48d618ee566089459a45d590320fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
151KB

MD5
af7a54897b78ee202d5305a088f3e7dc

SHA1
aea53f8768e5e9df6451659d538b7b2deb06c234

SHA256
441f8e2c83c40796f581e3f79921332cb324bc07640c46f5bf3d42d3e8861b81

SHA512
35bae7c196c476c8912c5187071b3252001975874a285dd51c77a5071913de443751908725404261cf986d3c924761764b45d876330df338f15f3f8234b03c11

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
151KB

MD5
4c9f19c9aad1d6dbcc0ea25d438fec64

SHA1
bf80ecba141dcc44424c75e23c10e5ad8232b6e8

SHA256
b8829c9b2afd6af70e7eb91df63015d9caa1ca02824bd3176a29b59994cf543e

SHA512
dff60ea8ffff97fc6d8931b5a7605a333bd76ec7c4d0379f22874c59c34e2119e3d7a57a12fcae459341cd00107ceb6dd7d2736554224435b7e1d80bcf7e116b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
151KB

MD5
ec7bf2c26beea8783823e10efc278fec

SHA1
bbd5d5b1c7e03a53235179bf8e4d2a25c8114ae5

SHA256
f958151a71411c33b7b51988d86e026e56dd6e3d26ce08525d9bf416a4c38103

SHA512
579d83776dc12907228c0689008473bc28d00a42a3899b2be6ac1fadf587245dd704cee6157fa2e4a602877b96d28f91654543eabc801a621c0a357a2f741ee1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
151KB

MD5
943116293f11bb2e3a7ab4d53169279c

SHA1
abdb318dcf150020e05adc594b53b0acc55e8d83

SHA256
5d48f1f6bf2f7da3e4d2ca620fa5a33d0d8695f822cb12d4a7064f2e99bbcf4e

SHA512
7155f0150ac90e7f2b307b8430de9930e58a96b082dc0222367c0d6735c74d1e09db5f95302eccf00e5789deb31eac06de23d95e7ef50c425b791ec0a9eb65d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
151KB

MD5
fa0c01576721a4d373c5b6edd14275bf

SHA1
7ed745f902c1405cbfadf23a3938d51f84dadf6c

SHA256
697f2940629e260e5d8955185cfea02cd3f2eae19ad9ed7adc85f578c8e42e86

SHA512
4f8c47b9f081407138df97e040c5380443fd34914e18b81b9fcd3440881db9bedd61ede1722b205bd505c0ace44b6949df7460a9540641b455fda7f61e3724f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
151KB

MD5
633319ced95097674ef7aea4283c3858

SHA1
fbf6018ca5eba4079c4cdb7d3edc09e6d567b9c1

SHA256
a8be8d17f877f0cccc33cd987321d6942383b59076e57da840c2641b780bf81d

SHA512
2c3df8bbd1c4e6750ecf7805752f1bc815894de9810325cba0cc6cb1ec46d9da898b96b2ff3959aee2c81c44496e3494cab01a40661a8e4ffa3b7991f5c6429e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
151KB

MD5
7b12cd6c48c2fec1a07ced9be15e9ce9

SHA1
eeeb9b691b0f36ccbca40b4fd831b82f7f6e3d8a

SHA256
c4efff40ed1d96c74e070cf5ab16c8a4cefe27cd7f697c5887c02abd7390a70c

SHA512
107938e0b69ad5fa16139273a98ab3e015269196b3c7503b152d97ec690a0229089137d5ea50de8a5345f98fab3774abd3543946fab8c071476be51b43a38d29

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
107KB

MD5
0eb4bd3460b8e3db5f8d875666d8865f

SHA1
29bb78536a88e73d88661e7a2aeb6bad74428e29

SHA256
c56ceb8a59a2c67bcdb28a3ea3d52be1f3767bf806a0dce8840b9570939ade6a

SHA512
7d1dce01ae0daa9cb9410f2c7126f17a1689ac8a032620333e2e70d9efb96e38c37e14958ddbf5faff3de184c70a3d462226b3dca55b7888cc5fe52a0a261c29

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
102KB

MD5
e0e68778cf6641fe4c53160a21b6ecea

SHA1
e7271ef5c9715085042b4821f8415c5e0b8b19a6

SHA256
9abd509fbc83a091a5a978c4cd7db983473509297a66a67ddd926638767e62b7

SHA512
b5a9c93ffeb20bf33abb90a57627d0bc11b69d9598d733e4d82c2ac00882ae631f8991c64be0857a196d8ee1070dffdd26d9cfb432e20f61d49b0a74e9eab8e6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
98KB

MD5
fbb34faf59fa74dc5ee21740ea0de86e

SHA1
9075392b5202dd76c71f5b872a6789ea5ebb487f

SHA256
9bef5731aa53d51a1f6b87022c5005bc6bdcf73d092f81c5f09445383d4c5e68

SHA512
397c99e42442850bc77414cefcaf3ac6da97b01532404264da674e8e640729fae269d7360f3b98e30c454367e742195ae17152362919254520abf5b65c51d850

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
104KB

MD5
fd8ed6ebf95a29def61cb443f02a4ac0

SHA1
aa61db41e3d838f5e25592d2a633bf808607c747

SHA256
fe687bef85d1291537df374da163ee05b2f4252d2cc646465729c5178ef0414e

SHA512
91c9b66496aba151c2d80187ade74a87c1217239df92957dace6e40c73b107cf986455e356f5c40438547d01abe22416de0e0dee5e1a52bebfd89798053e462e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
112KB

MD5
9c2afe6b09cf292d4bfa6b0074d17905

SHA1
bf8336b968776b74f7937980486dda463939be1d

SHA256
1f9706d26149ca3a53f0cb3a50037bcb94ef088d6cf0140e052726d7cf852dfb

SHA512
fb95f494fdf976935fbdb89c58e1d9814dad3a5f97b68828ee842b662f5197fc4a5ad5b1844a87fc68a7c5ab04866eb14124f6b21612846588a5a8af819cbd8b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe577c44.TMP

Filesize
93KB

MD5
45c756c39bc3cc6e670c25cd9e84555a

SHA1
082f57cbf40d31f011b79aa7085b6552b2029b94

SHA256
f820b6ddd9b3ad8e96d97168da7a355df41da0305c0805bbd82a6d425f4f1363

SHA512
bd9ec55539db1ccaa634fe5b0e7ba91863e600b059aaf4fe0959a4126d58fbda7f3e03e71dbb734b832a370077fccc9008f7f37f1d988a8e6a1638307eaef6d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Themes\Angry Bir\Angry Bir.theme

Filesize
5KB

MD5
dd28a4e1d24ba33a33469d3d44597e79

SHA1
abf3a92041aa9355af91e5564389c5269c84cc49

SHA256
62670934498310008db1924628fbe05feea048782d2936d9b175c0c6477d42ce

SHA512
e0ac08ed364b3f48f261d89211aab663479c45661838a994fc20ed9d949b0048da0c57487515ff588a89699eeb657091b203ef000f8f82fb3a3dc437199fda13

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Themes\Angry Bir\Angry Bir.theme

Filesize
5KB

MD5
dd28a4e1d24ba33a33469d3d44597e79

SHA1
abf3a92041aa9355af91e5564389c5269c84cc49

SHA256
62670934498310008db1924628fbe05feea048782d2936d9b175c0c6477d42ce

SHA512
e0ac08ed364b3f48f261d89211aab663479c45661838a994fc20ed9d949b0048da0c57487515ff588a89699eeb657091b203ef000f8f82fb3a3dc437199fda13

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Themes\Angry Bir\Angry Bir.theme

Filesize
5KB

MD5
dd28a4e1d24ba33a33469d3d44597e79

SHA1
abf3a92041aa9355af91e5564389c5269c84cc49

SHA256
62670934498310008db1924628fbe05feea048782d2936d9b175c0c6477d42ce

SHA512
e0ac08ed364b3f48f261d89211aab663479c45661838a994fc20ed9d949b0048da0c57487515ff588a89699eeb657091b203ef000f8f82fb3a3dc437199fda13

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Themes\Angry Bir\DesktopBackground\3_angry_birds_yellow.jpg

Filesize
301KB

MD5
851830d421d1b649a71693e26c2df5fe

SHA1
cab06697a0e03544bda04b5da4c2e3c9cb713c9e

SHA256
da3f2f59bc1f8253cf73ad171a2c3e1647ddf65443d4b86078ecbf47b71a3f28

SHA512
5748c501c58e6613daed31765f9efafd775d5c8779e894b6d1956c3509e9eb1186015223c478a577a737491d13a67af74e7f50482e624ccd1bf8daf37cfbdf95

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Themes\Angry Bir\ab_changetheme.wav

Filesize
135KB

MD5
2a0e2f8ca0080dad549553c7ee92d7a9

SHA1
bfcba1b5e1229ae7fb52228d3b6d443ac4fe795d

SHA256
813088e80870315fae9f6bb7ea07e377bb2e5650a6cf6197940d9e41ef67a824

SHA512
fdfafdcda3cba9138055a3d3716a0be5451ba1adb312f142abb4b63a6c974768a3ecbc9c44850460c65fbcf0808c9a2bae475162b4b2ef923fb63993b2eb9f36

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Themes\Custom.theme

Filesize
1KB

MD5
484c73ae4c3d219d9de68877558ed376

SHA1
a037d397743ce819305ac00bcfc32e313ed03aae

SHA256
d3a3cd2af04d04fb2056213431842a344c6be4abdb1fa407d48c23a535af612c

SHA512
d27d7c576b39f709b7b9803046946dfba5923ec7fc8031af2cd3788b0f865eba3a77e5b0ed08af4bea5ade69d862c3d149b3c0985861cbb09f11e99b522dd7aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Themes\Custom.theme

Filesize
1KB

MD5
de6e91fc00e0278598d05b6b75cfb18b

SHA1
073a8f21b400bf1baeb426ce3b2034e1c4b7d7fd

SHA256
65aef693d4cd509800027697844f2342a40f3366f6b366fdbeef13b867570ec2

SHA512
e4e6a273c80cec3b0e316a7154ffb3f79bc16f9b9dbb47b660af08d75a7439f63c0138c8967b55584d7553bb39870ded02efc90bbb8e170458c3526bc33f5fcc

Download Submit
C:\Users\Admin\AppData\Local\Temp\TP_609C.tmp

Filesize
6KB

MD5
cfd6dd21e111f74c56d2d2029ee46a1a

SHA1
ab2930326b9f81e6b9db8a98a95bf8204b74b5dd

SHA256
67d430065087e7e0cdc57c948983c174500c5d5238f77c156e851dc6011f315d

SHA512
7c0093471a6c5bbfbd30c44b75417f9fe6e0e47dedadc1aff60b6e3556554d6b93ef949200edacefdd96fe988c312d1f2508724e5a57f38488cf51e169dcc552

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
9KB

MD5
9438356d9e733a327579d98ca6452e95

SHA1
8d9939b4ce4ea2de176bbe71ebc0dfa62455572d

SHA256
664274560dc66e3e8b4eefb48cdac7c2f16b293dea20d66665f24bd8e09597f3

SHA512
adbf0401312077f3a2c9f25485e3916b82a5f62a0ea6a7c7ce0852642cd57c77cc5d5c6b6e38a80f931e542870ebeda24cd1a5f8a171cd0741e5a9210e10a598

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
10KB

MD5
1e870b2c96f4fd489e09a7e90a07dbce

SHA1
12d825aa1f9928b1c8917fde8115f6495cabcbe0

SHA256
76c14a9a3ed9f5b2d0947376a999ffd206654051caf3e4f2e8549eedd6b724f9

SHA512
9b43a1669f1ecaa6efaee7a7930f4a288aa2dca9c1ad8bb00d66e01b9bb8f180330845515d253296e38da609cf588b9834e1dc4c056d2b6df7f7293e6a456da7

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
7KB

MD5
1543ccbbb0560215c91199053edd0831

SHA1
97b1e2069bc398d27d58a1b7de54025d01133b85

SHA256
56be35e8b3ffd3ef8d00fa65ca15301b84962644a07684778701be6891387035

SHA512
9b54da9842cb32df7649d97977bf485a83c06c2d61367c9d3f8c16055424ec51fbdfb01e01ef6dc5f0f4e12ec7b9ddb0d53655fd26d830566034c9b0ee295db6

Download Submit
C:\Users\Admin\Downloads\AngryBirds.themepack

Filesize
2.6MB

MD5
918159e275fa1a21c9e22cf1c1867dc5

SHA1
046de00ae680b045dffe1a72c1d9483bd5684d86

SHA256
6a08e60f1cf03c5402014cafbe064e198f49a5bbe6216eb5736c9e58d94523aa

SHA512
e2ad27b36514387cf0e57d7ec4dd0358b0bc1c2239d9b5a496d46b53a396a2204d2d2db948f7c0c850eedf04ebc012b1bcac8770746f4a3586dda268715dbc42

Download Submit
C:\Users\Admin\Downloads\AngryBirds.themepack

Filesize
2.6MB

MD5
918159e275fa1a21c9e22cf1c1867dc5

SHA1
046de00ae680b045dffe1a72c1d9483bd5684d86

SHA256
6a08e60f1cf03c5402014cafbe064e198f49a5bbe6216eb5736c9e58d94523aa

SHA512
e2ad27b36514387cf0e57d7ec4dd0358b0bc1c2239d9b5a496d46b53a396a2204d2d2db948f7c0c850eedf04ebc012b1bcac8770746f4a3586dda268715dbc42

Download Submit