dd9b4726f1bebeae976dcb2f720c8dc8350b5f626a61b9a323ac4e20f8a611b5

Analysis

max time kernel
1545s
max time network
1793s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
09-06-2023 22:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

happygame.js
Size

2KB
MD5

35087f967af3fc9a9cc42df602eff110
SHA1

e100c9518d9d689ebb58849508c9da8ed8b745a4
SHA256

585ae6e48db41266166f185b8c7c9b17876b23f70b8205d14f94ee737a081eb9
SHA512

2e1473138b031ac0bfe79423009619a5a7ead16a04d4018f40aa3c0e956ae43cd3455cf488f8cc1137d76b27aa3d4278dc0b967cacd385a70b77ca595c622260

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

chrome.exe

pid process

840 chrome.exe
840 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe
Token: SeShutdownPrivilege	840	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

Processes:

chrome.exe

pid	process
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

Processes:

chrome.exe

pid	process
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe
840	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 840 wrote to memory of 1680	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1680	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1680	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1712	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 188	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 188	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 188	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1020	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1020	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1020	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1020	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1020	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1020	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1020	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1020	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1020	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1020	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1020	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1020	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1020	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1020	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1020	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1020	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1020	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1020	840	chrome.exe	chrome.exe
PID 840 wrote to memory of 1020	840	chrome.exe	chrome.exe

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\happygame.js
1⤵
PID:1292

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:840

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6409758,0x7fef6409768,0x7fef6409778
2⤵
PID:1680

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1204 --field-trial-handle=1240,i,17677756756303982116,6959997322639309961,131072 /prefetch:2
2⤵
PID:1712

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1504 --field-trial-handle=1240,i,17677756756303982116,6959997322639309961,131072 /prefetch:8
2⤵
PID:188

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1608 --field-trial-handle=1240,i,17677756756303982116,6959997322639309961,131072 /prefetch:8
2⤵
PID:1020

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2212 --field-trial-handle=1240,i,17677756756303982116,6959997322639309961,131072 /prefetch:1
2⤵
PID:1608

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2240 --field-trial-handle=1240,i,17677756756303982116,6959997322639309961,131072 /prefetch:1
2⤵
PID:1652

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1444 --field-trial-handle=1240,i,17677756756303982116,6959997322639309961,131072 /prefetch:2
2⤵
PID:1948

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1308 --field-trial-handle=1240,i,17677756756303982116,6959997322639309961,131072 /prefetch:8
2⤵
PID:1712

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3672 --field-trial-handle=1240,i,17677756756303982116,6959997322639309961,131072 /prefetch:8
2⤵
PID:2084

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3644 --field-trial-handle=1240,i,17677756756303982116,6959997322639309961,131072 /prefetch:1
2⤵
PID:2176

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3972 --field-trial-handle=1240,i,17677756756303982116,6959997322639309961,131072 /prefetch:8
2⤵
PID:2216

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3848 --field-trial-handle=1240,i,17677756756303982116,6959997322639309961,131072 /prefetch:8
2⤵
PID:2200

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3640 --field-trial-handle=1240,i,17677756756303982116,6959997322639309961,131072 /prefetch:8
2⤵
PID:2616

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3684 --field-trial-handle=1240,i,17677756756303982116,6959997322639309961,131072 /prefetch:1
2⤵
PID:2760

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=2228 --field-trial-handle=1240,i,17677756756303982116,6959997322639309961,131072 /prefetch:1
2⤵
PID:2096

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=1168 --field-trial-handle=1240,i,17677756756303982116,6959997322639309961,131072 /prefetch:8
2⤵
PID:1620

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3236 --field-trial-handle=1240,i,17677756756303982116,6959997322639309961,131072 /prefetch:8
2⤵
PID:2488

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3372 --field-trial-handle=1240,i,17677756756303982116,6959997322639309961,131072 /prefetch:8
2⤵
PID:2496

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=1172 --field-trial-handle=1240,i,17677756756303982116,6959997322639309961,131072 /prefetch:1
2⤵
PID:2632

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1532

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4e0
1⤵
PID:688

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\8cf9565e-092b-443e-bf24-650b4089267c.tmp
Filesize
4KB

MD5
b8c909ed42cceae6343b3f0d24f5f512

SHA1
62d6db9f51dd56f8bbe0ab52f6fa619ce27acab8

SHA256
0ce0a48e76c5d7bf5e012dcbf3931fdbf16a58b062649f5a5188bfa47c7eee19

SHA512
fd8d58fdbfb4977f07ebeb53d660d5a57a6f02c655b02fc72047fe6de23d9ea72b6c2542d170d3fc3d1c6b0dd9ea6de002226e8c13afe59f5a4c05f7a5b3cbf9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f
Filesize
37KB

MD5
5b0c0d429185ff30e04c93f67116d98f

SHA1
8eb3286fe16a5bee5a0164b131bc534fd131f250

SHA256
f1a0b957050b529afc0e94c436976326124ed8968183859c413986487623294d

SHA512
6295bcd662325172b15c476d26f23c8794c4f1454e0e8cfd43bca79b45aa03e1ae721ebdada1c52fe7699027fa97699156280ff259ce3cc476e322ccc0337902

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
1KB

MD5
0af6c23906941b828559de4a0e7a1d97

SHA1
f71fb4a087ca567324b4457a2ef86fb8854292f2

SHA256
e52890282a4947d47b647e6f6d836e91c6168abb656627f0ccaa0f47d406a28b

SHA512
98c81dd91e39ed50e5650bdce2edbe76ed7ade8a16ac3aa29ae8e162f004fe8469ebcc57f9fcf58d86ddf88bd4b456f4c7b479b66c5a0acfb4976bd5b7e139df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\CURRENT~RF836855.TMP
Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\000002.dbtmp
Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
5KB

MD5
defa4f0d0ffcec605192a3e546fb8cab

SHA1
acbbdfb3250523fe771f992979034fff15b396bd

SHA256
d0942f35c3c2715cbe4514120f91efb3e87a5f32866bd1ef87be7fda6018db43

SHA512
0a6fffca9a173b5ce9ac7e3ae9e8577bc85705fb4eaac8eab58c6d4497f50ff216f0ff87101cc96675cb61efc4cf1406ec9b2d36e2fbd1cac0d2c6f8ca60133f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
1015B

MD5
6ebd49ad7d87d19c94080fd12a28f031

SHA1
ac96ee7734a3d1113bb58642d85f31d11311342c

SHA256
2395813e872c5dc1736b054ea57db2c3086daab1d9c324c7f47924b92e4339d9

SHA512
336f2ae943323e9c5ada9fc9c0eaecefa6316d62faae5409ed2fa5187ca2539a53109d3ffdf87c73e5a36c8b4a5049fe938e1df61cafad72c1b75b7c6a6fa05a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
6KB

MD5
68c73ccf53c7c1cbeb9d53aecb13907e

SHA1
6f6cf97bbe62b7831bde217439ecad1b71bc2ec4

SHA256
9a63030eb095981952b6c846279edb6c6f306f4871dd1892f08d2307f2d6e06a

SHA512
33d01684e2d4648c02b184baa7975eff4ec56646624a76d6dc3279955e0f5694acc6c50406985da8c8fbd46284cc183aadc904a2406ab54c776640fd006f2215

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
363B

MD5
4a615b248a3352896882e3db617bf19b

SHA1
bf631f4dffe4affbe7336b3d222979a05c7f71d3

SHA256
b4ed9ca102941dadc5c0cf60e12a9c0bab852f0359a1e96e54495a0a0f4930c5

SHA512
6ebb67c35b97bfff39a5bc468c13e5dec11fa1db47896ac58136d5a3fce7afba044c600bcc54d191f4ff37842e355714ecc3ea09fc23d38a136cc77a7d53c380

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
691B

MD5
d66041095a34a6f4f9e1f1b1fc549237

SHA1
8cb69652d37547469a25cc568c62bf2c5bd84b67

SHA256
a09f42127e318c9d71586187be8f47fbcc0eed57f778890e3106b50f1839b91e

SHA512
9ababd46ad8d2fdca5730c95ef067b8054daad167e245177eab1de66fb2964b7410226e5746e725e1ac06e79088d0f8abe67a9800f2ad7a383f09ebd23fc9aab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
4KB

MD5
494a76629f2edb0f5ef56fbb75a24a15

SHA1
d235d13f6bacd3736d443ba11a720c179e8b0845

SHA256
cbf65b3f35c4df76ab2e0eac5b14f0d0fc10fac47b3ba58397345339f1ef8464

SHA512
f61d1ccd63b4069e1ac1741875c1f68e40899043a81d5c6428094b746b9432319fd8e3def84cef1ec38d2f981b6ce1a0c39d9a2f2feef734d3a9c03b53196ba8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
5KB

MD5
5040aa56b1478688ac8caef193c84620

SHA1
b0fb5ed8109289ed41f19670f752a0818279ac4c

SHA256
42dc71b15e5f0dda76280166abdbe6dff9cf6039dd048893d85440d7a9c86cd1

SHA512
3b1e32aa27bb23459a837ad698fdde66e2118fd717134eee0993e8e648aed1e209746cda4a59eb247771ae7bb88df78d2d411d84028d094112da39c8d15c8c4c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
4KB

MD5
64b30c8d8f9888469ebca88f8829f873

SHA1
fbb2ed5fb7be29f5d9f147b3562bc57675c5f7be

SHA256
016c430226481407081ca2b5b5d40838e6ac16d73af14ffe9ca76ba13cc49283

SHA512
df70b44aa9f88606aab4896fe7787148e83d5ec67355f78fbb0288166367df684ac83e6f1ae67e6a88cc8953cf3776de0fe310638e66b3b897ba120b0e2f2da5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize
189B

MD5
92a0c82cffce8a4ae782913843a7f38f

SHA1
10eedb27808c12d5baf4b1ef00829afee3715ec8

SHA256
f20a73fec77716fa350455103090a5c28466bee759b058de1abbc1bcdf2d0a98

SHA512
559e0a81516b391b27ea28da1055b1811d06c36f7998921781dcc6ab41aaa7bc56f451f050227b4f1b52e078f9a928dff7424c4699a6c79b1a25005286032461

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize
129B

MD5
05bf932fad08f714a876ec988ecae5e5

SHA1
d3890e7e73e09bf2a8b4aa4a6cde210b6bee921a

SHA256
cc1aed0cb616b2007a739322db6660defaf7859fab732541627e708453003e93

SHA512
db676f1b258c56bd23e7dc325abea227039ed433b27c62eac4c998683a2a521f9f888afd99204fc8c4695a501eee9da9e2713a6b9364b1ecd5f1d29f3f7ffeca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize
125B

MD5
4628bdc81831f359951cf1baeb333a75

SHA1
ff417ae2fef651c2ed456d35ca04cf4e84eed371

SHA256
18967b95329cd6dbd6114769744201ff29cefbae94494061e4b16997a175797b

SHA512
30dd8d312c14f789cc0c3b55e021c467af273e56db4a05830a4799b652adb61e3c3cd0ad3067aadcc393824e0416275e90517b65d0bcc60c0268b9886f1ab8a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000004.dbtmp
Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
\??\pipe\crashpad_840_RNJDVWZEJHTGIPQB
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit