981ce7430faa7cfb15b1b3811ad152b86ab229b81f2cdfa5e3733bf6192da079

Resubmissions

24/05/2023, 19:16

230524-xyw6aaed86 3

24/05/2023, 19:07

230524-xsph9aef9w 6

24/05/2023, 18:54

230524-xkdf1sec26 3

Analysis

max time kernel
53s
max time network
55s
platform
windows10-2004_x64
resource
win10v2004-20230220-es
resource tags

arch:x64arch:x86image:win10v2004-20230220-eslocale:es-esos:windows10-2004-x64systemwindows
submitted
24/05/2023, 19:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Infografía proceso de compra online 3d ilustrado gradiente violeta.pdf
Size

105KB
MD5

13b4d8ce4f08c322a2dbfe144e079973
SHA1

0fde11acd71e47c52ae03a40b3968a1453d38277
SHA256

981ce7430faa7cfb15b1b3811ad152b86ab229b81f2cdfa5e3733bf6192da079
SHA512

d233803de8c0ba05d8454ad76a795bb021bc9a2bc08ab41bca6c9e36c18b85f2b6c224924a011daf41aae3edfda537e0e01d008a4e4e61a91376de50e7074424
SSDEEP

1536:wf0FqYQDe0HHnujZtnKRs2qm3XZE8aHXP/T383CPmTCpmMdTjfuvbSRTj+gMKx8Q:w89ye0aDCqCpE8aHfL386PdgbkTj+g/F

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

pid	pid_target	Process	procid_target
3500	952	WerFault.exe	83

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	AcroRd32.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	AcroRd32.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133294366072848612"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2952	chrome.exe
2952	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe
Token: SeShutdownPrivilege	2952	chrome.exe
Token: SeCreatePagefilePrivilege	2952	chrome.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
4680	AcroRd32.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe
2952	chrome.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
4680	AcroRd32.exe
4680	AcroRd32.exe
4680	AcroRd32.exe
4680	AcroRd32.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2952 wrote to memory of 224	2952	chrome.exe	86
PID 2952 wrote to memory of 224	2952	chrome.exe	86
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 524	2952	chrome.exe	87
PID 2952 wrote to memory of 4000	2952	chrome.exe	88
PID 2952 wrote to memory of 4000	2952	chrome.exe	88
PID 2952 wrote to memory of 4392	2952	chrome.exe	89
PID 2952 wrote to memory of 4392	2952	chrome.exe	89
PID 2952 wrote to memory of 4392	2952	chrome.exe	89
PID 2952 wrote to memory of 4392	2952	chrome.exe	89
PID 2952 wrote to memory of 4392	2952	chrome.exe	89
PID 2952 wrote to memory of 4392	2952	chrome.exe	89
PID 2952 wrote to memory of 4392	2952	chrome.exe	89
PID 2952 wrote to memory of 4392	2952	chrome.exe	89
PID 2952 wrote to memory of 4392	2952	chrome.exe	89
PID 2952 wrote to memory of 4392	2952	chrome.exe	89
PID 2952 wrote to memory of 4392	2952	chrome.exe	89
PID 2952 wrote to memory of 4392	2952	chrome.exe	89
PID 2952 wrote to memory of 4392	2952	chrome.exe	89
PID 2952 wrote to memory of 4392	2952	chrome.exe	89
PID 2952 wrote to memory of 4392	2952	chrome.exe	89
PID 2952 wrote to memory of 4392	2952	chrome.exe	89
PID 2952 wrote to memory of 4392	2952	chrome.exe	89
PID 2952 wrote to memory of 4392	2952	chrome.exe	89
PID 2952 wrote to memory of 4392	2952	chrome.exe	89
PID 2952 wrote to memory of 4392	2952	chrome.exe	89
PID 2952 wrote to memory of 4392	2952	chrome.exe	89
PID 2952 wrote to memory of 4392	2952	chrome.exe	89

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Infografía proceso de compra online 3d ilustrado gradiente violeta.pdf"
1⤵
- Checks processor information in registry
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
PID:4680

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d2d79758,0x7ff9d2d79768,0x7ff9d2d79778
  2⤵
  PID:224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1804 --field-trial-handle=1788,i,660030825883111471,8770295803979287034,131072 /prefetch:2
  2⤵
  PID:524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1788,i,660030825883111471,8770295803979287034,131072 /prefetch:8
  2⤵
  PID:4000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2248 --field-trial-handle=1788,i,660030825883111471,8770295803979287034,131072 /prefetch:8
  2⤵
  PID:4392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3192 --field-trial-handle=1788,i,660030825883111471,8770295803979287034,131072 /prefetch:1
  2⤵
  PID:4692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3328 --field-trial-handle=1788,i,660030825883111471,8770295803979287034,131072 /prefetch:1
  2⤵
  PID:3536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4544 --field-trial-handle=1788,i,660030825883111471,8770295803979287034,131072 /prefetch:1
  2⤵
  PID:4532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4696 --field-trial-handle=1788,i,660030825883111471,8770295803979287034,131072 /prefetch:8
  2⤵
  PID:1668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4836 --field-trial-handle=1788,i,660030825883111471,8770295803979287034,131072 /prefetch:8
  2⤵
  PID:4508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4676 --field-trial-handle=1788,i,660030825883111471,8770295803979287034,131072 /prefetch:1
  2⤵
  PID:1444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5172 --field-trial-handle=1788,i,660030825883111471,8770295803979287034,131072 /prefetch:8
  2⤵
  PID:4780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5264 --field-trial-handle=1788,i,660030825883111471,8770295803979287034,131072 /prefetch:8
  2⤵
  PID:1832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5196 --field-trial-handle=1788,i,660030825883111471,8770295803979287034,131072 /prefetch:8
  2⤵
  PID:3600
- C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
  "C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --reenable-autoupdates --system-level
  2⤵
  PID:1180
- - C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
    "C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x238,0x23c,0x240,0x214,0x244,0x7ff7edf37688,0x7ff7edf37698,0x7ff7edf376a8
    3⤵
    PID:3620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5500 --field-trial-handle=1788,i,660030825883111471,8770295803979287034,131072 /prefetch:1
  2⤵
  PID:4864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3212 --field-trial-handle=1788,i,660030825883111471,8770295803979287034,131072 /prefetch:1
  2⤵
  PID:4984

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4208

C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -pss -s 480 -p 952 -ip 952
1⤵
PID:3660

C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -u -p 952 -s 848
1⤵
- Program crash
PID:3500

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
696B

MD5
9aefec9af93a30c65c222b9c6b80720f

SHA1
d0c123c45db3fa672b8f17f78e7173fad689cafe

SHA256
913b9be1e5faf7a05855fe18b0f3ba154bb2eb93d540cf6c795f2836d358e5fa

SHA512
f2a8a1349e872fc1bc87a604ebacc230058e24e329697274c888d23173a3e73624e409435a71c3c118e9b692b3f84e7f82a7aaa263f86b4b7478fc1d35cc0cee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
0921a46ca3b84872f13017979a7a932f

SHA1
e49aa204a14daa34c312938f2e97c92c74d3812e

SHA256
d016b033422a3565fa64a4a1a33dfe8f6b97f30bdd389bf69945eabc1422cc13

SHA512
800ad483ea1ed45c9964a677b2dc4aef5b3af1ecc29ec37f27bf55c0ee6715c7f1c15840b912d20b027f3df30193ebe95013482526c41c29dfa66d89f9b992bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
535B

MD5
4c3761e4c232116176aec52552637eb5

SHA1
693d311aab08402aea04ab23efb7b12ff7a63767

SHA256
cd2d16d6bc1eccebfe2a3aeab150fc5a7ca4149592a99c61c269c50aa76cf8f6

SHA512
cfe4e5fde3d1d5c698c56d611d7468b78a49135fc7cc3a81a498a3d12323fa50e4b2cd11bb8d0b2a3c39944d18fe9b79779a3a30ab52f18ae519c5ec9578398b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
07860041f41a9fe4a3676b6f98d5640b

SHA1
9f26e4229e2c2c3f8393c21cf630ebda25b57cbc

SHA256
fa14b3c536f42e8c44d69e72acf932da488d59837853746f128489853d290008

SHA512
54e9c029f091f455dc9499a2f76e52db3e21f0f9d133c03fe138586f558eb3902965440bf25277ff4de88c2f12b3b5a87793649bdfe3ec8d9bdb1accbfb16e93

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
797c5c6a8eb5cf6f2104f9bee40a3d38

SHA1
a9924ad3a0b7f52a503e0505bb40ce228961e623

SHA256
ec78a3de078997f03a0023e69c6cdae2b9b3315fb4fe56a8d8d408fd532faea2

SHA512
adfc62c3936fac1c9c3190b6a449c5507be8baa8fd1e2cc810f1afdb048603a7184e221b97f17c0e51a99d5ec07edb3a35ae0f1ef343b475ac029e597235462b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
0e58559ce89a69777d3522c648c762ac

SHA1
eeedda5d373c6c78f1e495c99ba2f4f76ba8d46f

SHA256
9717dbab8ca8a057af77009478ded4635959e0416e7227cd5b5cb5ada85d0bb5

SHA512
6c6b1b8cc25556de8dd263966abadbc1664d017b12b9e29d4b9b56b51839bab3fb2e13cb051113396cd5b899c241bb842eeec2889e56c446aedf66d884594ad5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
99530a281071c8c3b474580907d3eb91

SHA1
f2649ba3bff6b7ae75339915e2515a755095dbc1

SHA256
0ed0e491dce0a9fa9907c5bc5ff63cb233f9af5496ca743f794420a78844d31a

SHA512
754f36dcf23134d061568842d56b15aa9c3a308c3c93d6a9155dfdc769286fef0095ac6193be64397e1dc01d29f2d273768dd2d8ca31789bf02eec2c1d7002cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
442fea1337b8618e098e32935e18c2ef

SHA1
ad011955b8a5616df18bd8f68abd78e0a4133113

SHA256
607946ad97235d43fbf43087c4cd11f7375fcff6c169c3c52d7660ad56e8e200

SHA512
4957bf85d7c6c18f79b0f08ef5e73e0a431d2ea80a1cdec03649c8c42dc75e1c7369d137722e0d034a02685e42dc85519e8d1903d5c455e3d7d9d1c141d9cdfe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
152KB

MD5
5c3a2761c908de1fbd7fce16cf84156e

SHA1
0fedfadd9d7e511117e3644d37eb7b73b420f235

SHA256
b05d1140f6be01e3d6a4a76082043c2809c4d33f3edb03439e26cdd5210edbf1

SHA512
8626b48cb6b3b853f40bb86eeee4136ade8fb9bd79effc21032e9680d2544be2a7bc00859008f02330b4225ce0c492ce261e72dbbe03fcaa890c3686eb816b50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit