hxxps://ice-eng[.]app[.]box[.]com/embed/s/o52qgbtskj3uqf467ko1svuyvf90xwtm

Analysis

max time kernel
150s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
05-06-2023 20:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://ice-eng.app.box.com/embed/s/o52qgbtskj3uqf467ko1svuyvf90xwtm

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133304705172264981"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1548	chrome.exe
1548	chrome.exe
4912	chrome.exe
4912	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe
Token: SeShutdownPrivilege	1548	chrome.exe
Token: SeCreatePagefilePrivilege	1548	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe
1548	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1548 wrote to memory of 1512	1548	chrome.exe	85
PID 1548 wrote to memory of 1512	1548	chrome.exe	85
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 3620	1548	chrome.exe	86
PID 1548 wrote to memory of 4604	1548	chrome.exe	87
PID 1548 wrote to memory of 4604	1548	chrome.exe	87
PID 1548 wrote to memory of 4564	1548	chrome.exe	88
PID 1548 wrote to memory of 4564	1548	chrome.exe	88
PID 1548 wrote to memory of 4564	1548	chrome.exe	88
PID 1548 wrote to memory of 4564	1548	chrome.exe	88
PID 1548 wrote to memory of 4564	1548	chrome.exe	88
PID 1548 wrote to memory of 4564	1548	chrome.exe	88
PID 1548 wrote to memory of 4564	1548	chrome.exe	88
PID 1548 wrote to memory of 4564	1548	chrome.exe	88
PID 1548 wrote to memory of 4564	1548	chrome.exe	88
PID 1548 wrote to memory of 4564	1548	chrome.exe	88
PID 1548 wrote to memory of 4564	1548	chrome.exe	88
PID 1548 wrote to memory of 4564	1548	chrome.exe	88
PID 1548 wrote to memory of 4564	1548	chrome.exe	88
PID 1548 wrote to memory of 4564	1548	chrome.exe	88
PID 1548 wrote to memory of 4564	1548	chrome.exe	88
PID 1548 wrote to memory of 4564	1548	chrome.exe	88
PID 1548 wrote to memory of 4564	1548	chrome.exe	88
PID 1548 wrote to memory of 4564	1548	chrome.exe	88
PID 1548 wrote to memory of 4564	1548	chrome.exe	88
PID 1548 wrote to memory of 4564	1548	chrome.exe	88
PID 1548 wrote to memory of 4564	1548	chrome.exe	88
PID 1548 wrote to memory of 4564	1548	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://ice-eng.app.box.com/embed/s/o52qgbtskj3uqf467ko1svuyvf90xwtm
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa60969758,0x7ffa60969768,0x7ffa60969778
  2⤵
  PID:1512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1720 --field-trial-handle=1772,i,12154094204715837566,2212634846401030320,131072 /prefetch:2
  2⤵
  PID:3620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1772,i,12154094204715837566,2212634846401030320,131072 /prefetch:8
  2⤵
  PID:4604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2148 --field-trial-handle=1772,i,12154094204715837566,2212634846401030320,131072 /prefetch:8
  2⤵
  PID:4564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3132 --field-trial-handle=1772,i,12154094204715837566,2212634846401030320,131072 /prefetch:1
  2⤵
  PID:4616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3152 --field-trial-handle=1772,i,12154094204715837566,2212634846401030320,131072 /prefetch:1
  2⤵
  PID:452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=5304 --field-trial-handle=1772,i,12154094204715837566,2212634846401030320,131072 /prefetch:1
  2⤵
  PID:492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=5352 --field-trial-handle=1772,i,12154094204715837566,2212634846401030320,131072 /prefetch:1
  2⤵
  PID:3700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5764 --field-trial-handle=1772,i,12154094204715837566,2212634846401030320,131072 /prefetch:8
  2⤵
  PID:4036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4468 --field-trial-handle=1772,i,12154094204715837566,2212634846401030320,131072 /prefetch:1
  2⤵
  PID:1852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4796 --field-trial-handle=1772,i,12154094204715837566,2212634846401030320,131072 /prefetch:8
  2⤵
  PID:3696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5480 --field-trial-handle=1772,i,12154094204715837566,2212634846401030320,131072 /prefetch:1
  2⤵
  PID:2264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4632 --field-trial-handle=1772,i,12154094204715837566,2212634846401030320,131072 /prefetch:1
  2⤵
  PID:4844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4744 --field-trial-handle=1772,i,12154094204715837566,2212634846401030320,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4912

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4904

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
eca95af4a2c5c0ff4245464af2b4d585

SHA1
ef4968aeda9c31e68d59cda9649e418ae90eaf2e

SHA256
50081fc36d83203e6e38bd117befb8c42ca1d9dcd3ed36fde11da6812f437deb

SHA512
3d8f34bbc77c60fd4368f1923ee680833efacde40986a8445d583a7be010bcf9900ea005671dad2337d2b1c838ddbe6991c8c30985214faa7cb5a9d14b9d4bbb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
f8193e5ac76a599c6d790efc8d5dc4e4

SHA1
daf2bbd2db567e3c3517e6c1358fa1c071eee6b5

SHA256
b13af9f388b00f036399022b66fa1bf509a170652da02dde2a4bb8ffb5b29095

SHA512
5cc9a726f2151f48fc944494f864f6dda1bd2fe24ce27a33fae27db90854e8869222c5db1604a74ae6dbbab253f2ec94919921cc6543498a3a8d3fb2df5a6f14

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
07256771863a1a15eb9dc89fa0ecd6a3

SHA1
955245e5f77ba266c4a2f22f70c25737238c24ce

SHA256
474ab3fc8d73cf36a212a98f46ce2ad9b95f9382f9a5ff41f18b497dc443c3e7

SHA512
298f73373ac1723cbbe3d45e8c15a59f2eb8b326a94b26e60ce6c268ea310a5e8cb56182b7b3b87de30fcf7fca3e82a5a61734b344709edafea2ae0618cf7f3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
f024724db1ad762e88312fcf946082cb

SHA1
fb63c7e97c2b96787f1c09d38fecc7e473b2fe36

SHA256
43751233356a00a8ebc42859c94fc6e664469431774fda944ccba7225a974160

SHA512
4476473e1a64c9085df77f9e53f2b6c7bb1717c1d0b74951534a65f91a1001427e54550064173477ddc9cb13110ee7535d6eacde9d27a87466b88331745b5a30

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
b848f0cd78775f6853a437c3d329f7b9

SHA1
60db342cdfb364504679537c9032b750ee20283e

SHA256
6f3a807c027b59807bcc670bd4d88f9aff42c5d80bd95bdce0da0f672ae778d9

SHA512
3a29c1afdce6344b8d31c2e5e7354dc674eae53f6fcd17fe71891d6a858647cedb16c906bc5d4b9555529aba89d6fd955c66543429eaab4b38c3ab28d4b5abba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ed5f4fd7af98b229b46f5cdb687dc7ba

SHA1
1de51acc0987c217b5272a13155f0a88983b9e0b

SHA256
53c7912bb0a4f14094b06be39f539410dcb131021181bb4c5e1811733c5ce720

SHA512
b4123ff2ab16b2051982223b885f33bc1664d9bfdfd1b29d759c77ccfd92dc2437b65d0f20dd9600b99770a75a89afe83dd8a4d1e5875fc3222403ce0964b9bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
602cc245392dca8826746034df6edb0d

SHA1
2dbc51a6b521609388cc82f8dad72b9478344d83

SHA256
2fa5ba6ef654702bd3d76ac602f07bd0067ea6a3bebe624c981b26b343447172

SHA512
e4814abce998087581e4c61541d3fbd8d0f2c69b6f861d878ca1cc2981dd96523b3afa478bc00422961cbe379e6500ef31c94a8138d2311693f341d880ba87dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
ccdaef61392d9f50ff023f8a419cd876

SHA1
871eafa2d843340c43940daa609980fd0cf71b52

SHA256
851735d6ab09bb934d3797dea27aa27372146d250beb7484cf7a8f695d816665

SHA512
831f34ac440984b1c04b1e681040089cbadc66cac4ded8539e17a450917b080f2d74043d6717672f5668b60680570c7fab7d5926da486f40b8924f971899893a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
8b0783cf69a7ed6a375912290cd35bad

SHA1
52c2b927d8bb7fe6e0e1475a37d8a0e3f9113c67

SHA256
923946c77ed6fcd08f59fecd0fc890b0d0f1adc5a15cce97aa43a1b90457bb84

SHA512
35ccbf768cbf141cc29af5ecf3e39cc8e5b2015ceb90d7a838a34253301d595b4abd02e828c0c8b6dc8ba43cf02df6348596172d5b1181940317386d15ef4f26

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
024951fc11ceeca72605561e25726dc7

SHA1
20108a0d831ce51d4317a08d0ba65a07cb0247ac

SHA256
e8471f7a7c087e38fb3eff7a6dc7cfd65f1f17e27fd18da2e1284bf38c545653

SHA512
be1a20fc2e4ff1d523f8ba0b6255236579ea42f220d4a213ed18ebdfb7eccc4d3dcfc6829f25c89607ba4513f997cf0e6fa0f76b986bbf453032322c3cb630c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
156KB

MD5
c5b76141e868f5ca44fbb67b42ad03d1

SHA1
6f689b225fa3df224d313e4314e233aadb9ee34e

SHA256
acd0235d6145750caece4ea36e9b741fb7facc9a57111b5e3b9854d34784a879

SHA512
f65654851ac0e25ff1c08942780bd514d5bcb718cda982ddf523f5e2e09e28ae42a91ae9d3fab06f411174a7cd8885871194c17c8b2a1605cfcb8ef0074150a1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
156KB

MD5
6068811735e7fd312616ecf53d5b3959

SHA1
2abccb7b0a1eb3cda3b7b4ec89b6c99f855470de

SHA256
57af119456ad0c494e20e13c83bbe99b703c0f9b2494b35443411df822d9f423

SHA512
a136c7e784217c9ee471e3a271a2f95bad22b10aa3c4140185758f22d5266cec4ef380db5b31e1dd5ca5c10198f0b929ccc446e5c6cba96710d7c7afc1330a87

Download Submit