hxxps://r20[.]rs6[.]net/tn[.]jsp?f=001pKaS0KN5PAe3RS2AwwBE8JL-WB1oJ-DB6T-XTMIu1S2CPidLHP311QhxUfL4oSDJZfZk3NNlEvQxcoKuGIOaxz-2zTPPgVVb5QvvQBXJwk6MTdrkmoY4kZsWAIvjlDTdJhroB6jIOCk=, hxxps://www[.]realtor[.]com/news/unique-homes/glass-house-in-illinois-indoor-outdoor-spaces/

Analysis

max time kernel
1801s
max time network
1692s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
18/05/2023, 15:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://r20.rs6.net/tn.jsp?f=001pKaS0KN5PAe3RS2AwwBE8JL-WB1oJ-DB6T-XTMIu1S2CPidLHP311QhxUfL4oSDJZfZk3NNlEvQxcoKuGIOaxz-2zTPPgVVb5QvvQBXJwk6MTdrkmoY4kZsWAIvjlDTdJhroB6jIOCk=, https://www.realtor.com/news/unique-homes/glass-house-in-illinois-indoor-outdoor-spaces/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133288969251213098"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2148	chrome.exe
2148	chrome.exe
4448	chrome.exe
4448	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe
Token: SeShutdownPrivilege	2148	chrome.exe
Token: SeCreatePagefilePrivilege	2148	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe
2148	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2148 wrote to memory of 1960	2148	chrome.exe	85
PID 2148 wrote to memory of 1960	2148	chrome.exe	85
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 224	2148	chrome.exe	86
PID 2148 wrote to memory of 3496	2148	chrome.exe	87
PID 2148 wrote to memory of 3496	2148	chrome.exe	87
PID 2148 wrote to memory of 1840	2148	chrome.exe	88
PID 2148 wrote to memory of 1840	2148	chrome.exe	88
PID 2148 wrote to memory of 1840	2148	chrome.exe	88
PID 2148 wrote to memory of 1840	2148	chrome.exe	88
PID 2148 wrote to memory of 1840	2148	chrome.exe	88
PID 2148 wrote to memory of 1840	2148	chrome.exe	88
PID 2148 wrote to memory of 1840	2148	chrome.exe	88
PID 2148 wrote to memory of 1840	2148	chrome.exe	88
PID 2148 wrote to memory of 1840	2148	chrome.exe	88
PID 2148 wrote to memory of 1840	2148	chrome.exe	88
PID 2148 wrote to memory of 1840	2148	chrome.exe	88
PID 2148 wrote to memory of 1840	2148	chrome.exe	88
PID 2148 wrote to memory of 1840	2148	chrome.exe	88
PID 2148 wrote to memory of 1840	2148	chrome.exe	88
PID 2148 wrote to memory of 1840	2148	chrome.exe	88
PID 2148 wrote to memory of 1840	2148	chrome.exe	88
PID 2148 wrote to memory of 1840	2148	chrome.exe	88
PID 2148 wrote to memory of 1840	2148	chrome.exe	88
PID 2148 wrote to memory of 1840	2148	chrome.exe	88
PID 2148 wrote to memory of 1840	2148	chrome.exe	88
PID 2148 wrote to memory of 1840	2148	chrome.exe	88
PID 2148 wrote to memory of 1840	2148	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" "https://r20.rs6.net/tn.jsp?f=001pKaS0KN5PAe3RS2AwwBE8JL-WB1oJ-DB6T-XTMIu1S2CPidLHP311QhxUfL4oSDJZfZk3NNlEvQxcoKuGIOaxz-2zTPPgVVb5QvvQBXJwk6MTdrkmoY4kZsWAIvjlDTdJhroB6jIOCk=, https://www.realtor.com/news/unique-homes/glass-house-in-illinois-indoor-outdoor-spaces/"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x104,0x108,0x10c,0xe0,0x110,0x7ffade449758,0x7ffade449768,0x7ffade449778
  2⤵
  PID:1960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1812 --field-trial-handle=1808,i,16837994663828161255,7393352558794316478,131072 /prefetch:2
  2⤵
  PID:224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=1808,i,16837994663828161255,7393352558794316478,131072 /prefetch:8
  2⤵
  PID:3496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2236 --field-trial-handle=1808,i,16837994663828161255,7393352558794316478,131072 /prefetch:8
  2⤵
  PID:1840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3196 --field-trial-handle=1808,i,16837994663828161255,7393352558794316478,131072 /prefetch:1
  2⤵
  PID:1304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3220 --field-trial-handle=1808,i,16837994663828161255,7393352558794316478,131072 /prefetch:1
  2⤵
  PID:3484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4780 --field-trial-handle=1808,i,16837994663828161255,7393352558794316478,131072 /prefetch:1
  2⤵
  PID:3220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5036 --field-trial-handle=1808,i,16837994663828161255,7393352558794316478,131072 /prefetch:8
  2⤵
  PID:5108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5116 --field-trial-handle=1808,i,16837994663828161255,7393352558794316478,131072 /prefetch:8
  2⤵
  PID:1292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2684 --field-trial-handle=1808,i,16837994663828161255,7393352558794316478,131072 /prefetch:8
  2⤵
  PID:1964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5008 --field-trial-handle=1808,i,16837994663828161255,7393352558794316478,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=1008 --field-trial-handle=1808,i,16837994663828161255,7393352558794316478,131072 /prefetch:1
  2⤵
  PID:4648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3272 --field-trial-handle=1808,i,16837994663828161255,7393352558794316478,131072 /prefetch:1
  2⤵
  PID:384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5160 --field-trial-handle=1808,i,16837994663828161255,7393352558794316478,131072 /prefetch:1
  2⤵
  PID:1796

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:400

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
9fc1f91e008a59effd0f8266e83c9bfc

SHA1
53e8fa2f5e5ea01e36959888f1de302d93514132

SHA256
a61ebd874bd01e05fd079fb25eba6da0e9e195ad2e6cbb1694bc2449804d8478

SHA512
9770d5711d8a2950d47c297a274cbca599b36c1799eba7b78b0667847e369389a5846fff78e8913f18d5aff0fc98fa790cd1f31e9a3ad9015b554117fd81ddd5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
92cab22fcd4480278b3eca9f66f5232f

SHA1
d02cbc146c5a82af6f9d50f5b06592d914534055

SHA256
4ad138b3099e894227dc504f869a06436c428180f6c6e7d529230a1d5b2d7b72

SHA512
514aee4d6f8600adce70428850c3475b075c68044b49a4155d79891b9826fa79cee86928087052a242a9b86a8993ee7a86701442d1d9753827170af7d380403c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
20f935ef0da25307e725f985bdfa3af0

SHA1
a4599a71d84bcd5ada5980f1b9d62f04afd7e6b5

SHA256
c4cd034507c83ac1752f1d2d2d3cee8cd55319b2cf85b33864faa89aa58fbdd1

SHA512
cd6f51c0a6067f5923e6cb2add481b642b8bd24cf141d4d39869e3e010592313efce130ea661634dc11cffdbf7fca349bf3a8528c34761777c34d05ab6681194

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
d4cd6f6e3b97146cb7b349a08d2f52af

SHA1
c491ee1f3036a2a59f16e8e57dec1546f1263688

SHA256
3a227cde9cd8c479af4db903cc9ddb857991f884c1eb73453dc5b4386b4542b9

SHA512
ba07e247d97380ab1d7ab6e0efec4c4fb4c10aab532df541ebb295ac1a9b638313bee446f4a0d57650304607be17d417ab2319c274300e868786b146125c7d1f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c456c9d6608999b6d4c67d8afa639201

SHA1
1a2375489dfcd35aff03e86f193f289d60e8d125

SHA256
831b88dca6dab19c67837c81c86e32456ab09d59e646ccdc9baa16c90cc69234

SHA512
2a791bdf9ec956a93299fd1eb02b4111469a1fe25787cb08df0c21c6f9151178944cbef76598a21cc02cf638eac70873f2d0f1a1444db27ecaa662d18ac496b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
3c66d41340f543761f9f07434ccb2fdb

SHA1
f7ae9cae218152e1b5bc52f9d2529f310ceaad14

SHA256
14d859a37b366d54209a622eb6f646fdf629f9caff6f6ee39418f7ce2848bd7c

SHA512
85e720aa98aaed836f880c5509f93d8feabfbafebe1a91e9cd7539013ef75ed516ac6bcdf52cbc260ab6cf39e0a497ce32daba96c26b1e9df7ea8ea3b5c34457

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
268d8c3a6f7d4ddefa61516f5d64e520

SHA1
488176be687871c78903d870204e267a1b0d7e4c

SHA256
644f23ac2fc7bd1670e874f4773565f65d6ee54984e0d4e06d8e505654f956c9

SHA512
931631161602d30b89f54704a522296e5ab9887ea109b88f156bdf065dada448f2b69fbfc2e86c96f9948abff3761300807d2c8b46ee57c1117d96499ee91cd0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
05ae9f69ef0e2e9bcab2812232653c10

SHA1
f93305131045ba50fa346006190fe8cceff6caf8

SHA256
54239c336863a62db6da339ef88519a7c0ac85f3022a77c1f73a8e7519de0857

SHA512
0c648b95a9f734f4b27a2774cefe26d6b8975876484e85f776a8722be7ed168771491881188b9cd06725b7a580031fb1610cede7c128440fa1477f7b32a972e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
0df0ff2e58d348dd16e0083ad5c06c6f

SHA1
fa041ee4ce0e9ea29bc93cce4b29b9edf812314d

SHA256
e59b28f2a37f5f1c753d978e9a51fc95344b7d80f5265a7dcfa8e2f60ffd6806

SHA512
98f359eefc6a5b400ca8281e7e7e0846930413341e01bc09250d248beb8b714576ab1af81a40eb2b7d8d92b3b837ff059d0485ae2245b661540075fc8f00df4e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
151KB

MD5
66162998de25963e8a56410a2e1f2857

SHA1
00bdbb15a55135b7d96e003f2063ad91885eed57

SHA256
28818ee71cbcd24a88f1454e56622e922b3520b8d910f5bb2712744031541cc0

SHA512
e238164a00757ce3f1731401f524a1a0e9f77477290dfd783eef59f2b68a0e5072b37464a2083feafc17d3ff32c9908db331768a2e534c178b1de4cc1ea7a2f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
151KB

MD5
1471b40c0be4903904b1615226710ecc

SHA1
e4b22cc83e604b5df1bea90d83cff0479acec42c

SHA256
0ea8858c6857bf1f10164313a10e81e49d249a3c7aa31baa87b667ff05c8941b

SHA512
e15f169e7e31e44c4de061555c74009a9acb4501a780ae4ea4861ca717e0b95200c9912c7bf252da601114b4138bd6484de8b9b9dfded6c9185c1afd4354833a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit