hxxps://rpgarchive[.]net/switch-nsp-xci/mario-kart-8-deluxe-switch-nsp-xci-actualizacion-v2/

Analysis

max time kernel
600s
max time network
600s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
13/06/2023, 04:12

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://rpgarchive.net/switch-nsp-xci/mario-kart-8-deluxe-switch-nsp-xci-actualizacion-v2/

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

pid	pid_target	Process	procid_target
548	460	WerFault.exe	84

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133311032213516895"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4238149048-355649189-894321705-1000\{79752327-1F76-4A05-9ADF-BD41B516A084}	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4452	chrome.exe
4452	chrome.exe
3356	chrome.exe
3356	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4452 wrote to memory of 4748	4452	chrome.exe	83
PID 4452 wrote to memory of 4748	4452	chrome.exe	83
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4076	4452	chrome.exe	85
PID 4452 wrote to memory of 4632	4452	chrome.exe	86
PID 4452 wrote to memory of 4632	4452	chrome.exe	86
PID 4452 wrote to memory of 3140	4452	chrome.exe	87
PID 4452 wrote to memory of 3140	4452	chrome.exe	87
PID 4452 wrote to memory of 3140	4452	chrome.exe	87
PID 4452 wrote to memory of 3140	4452	chrome.exe	87
PID 4452 wrote to memory of 3140	4452	chrome.exe	87
PID 4452 wrote to memory of 3140	4452	chrome.exe	87
PID 4452 wrote to memory of 3140	4452	chrome.exe	87
PID 4452 wrote to memory of 3140	4452	chrome.exe	87
PID 4452 wrote to memory of 3140	4452	chrome.exe	87
PID 4452 wrote to memory of 3140	4452	chrome.exe	87
PID 4452 wrote to memory of 3140	4452	chrome.exe	87
PID 4452 wrote to memory of 3140	4452	chrome.exe	87
PID 4452 wrote to memory of 3140	4452	chrome.exe	87
PID 4452 wrote to memory of 3140	4452	chrome.exe	87
PID 4452 wrote to memory of 3140	4452	chrome.exe	87
PID 4452 wrote to memory of 3140	4452	chrome.exe	87
PID 4452 wrote to memory of 3140	4452	chrome.exe	87
PID 4452 wrote to memory of 3140	4452	chrome.exe	87
PID 4452 wrote to memory of 3140	4452	chrome.exe	87
PID 4452 wrote to memory of 3140	4452	chrome.exe	87
PID 4452 wrote to memory of 3140	4452	chrome.exe	87
PID 4452 wrote to memory of 3140	4452	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://rpgarchive.net/switch-nsp-xci/mario-kart-8-deluxe-switch-nsp-xci-actualizacion-v2/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb01689758,0x7ffb01689768,0x7ffb01689778
  2⤵
  PID:4748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1804 --field-trial-handle=1820,i,4517747462801492552,3768194090559785513,131072 /prefetch:2
  2⤵
  PID:4076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1820,i,4517747462801492552,3768194090559785513,131072 /prefetch:8
  2⤵
  PID:4632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2240 --field-trial-handle=1820,i,4517747462801492552,3768194090559785513,131072 /prefetch:8
  2⤵
  PID:3140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3172 --field-trial-handle=1820,i,4517747462801492552,3768194090559785513,131072 /prefetch:1
  2⤵
  PID:3064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3188 --field-trial-handle=1820,i,4517747462801492552,3768194090559785513,131072 /prefetch:1
  2⤵
  PID:3188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4716 --field-trial-handle=1820,i,4517747462801492552,3768194090559785513,131072 /prefetch:1
  2⤵
  PID:1324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5044 --field-trial-handle=1820,i,4517747462801492552,3768194090559785513,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:2716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4868 --field-trial-handle=1820,i,4517747462801492552,3768194090559785513,131072 /prefetch:8
  2⤵
  PID:2688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5556 --field-trial-handle=1820,i,4517747462801492552,3768194090559785513,131072 /prefetch:8
  2⤵
  PID:3104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5172 --field-trial-handle=1820,i,4517747462801492552,3768194090559785513,131072 /prefetch:8
  2⤵
  PID:1276
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5464 --field-trial-handle=1820,i,4517747462801492552,3768194090559785513,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3356

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4708

C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -pss -s 396 -p 460 -ip 460
1⤵
PID:3660

C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -u -p 460 -s 864
1⤵
- Program crash
PID:548

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
744B

MD5
c580ef823a9360479d5a37653e89c637

SHA1
8d5ea2338283477035b0b17da6f5793a69f993f1

SHA256
86137d41b27bffdd1f2247e91d5c97b3a364ebc986a6c38ee9528eda1e4df4bd

SHA512
17b4f72cd073873c43f6b2808303728c6f0012ba5d2294a21d6bf30d5d010e3279de6999586f026cfb389b31e0a34b3c51fad2f15ba72585cd3d0933d2c9c7a8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
0e019a25cdf1e473a62ec6843efae15f

SHA1
22d8a6d7f88ec2ec13c0df6c078596d4172de5e4

SHA256
4d5e3663286cb5a03bc0abfe31f673ec0eefd50987166d07743e5dc23abcf8cd

SHA512
193ff3f38dd9c32393505b7add62c67554a037aca8b4acd57077f659e073e37f3e9753cd50a0a9e7e34ccc3d16fdf671ee0642347a65f84a56b1ac3bfc681869

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
cd743176009cb0082d8d839096f5d568

SHA1
d772b7594da6bb721879a044ddf3ccd50e7a14e8

SHA256
de671528fa41316a784b192c73427c0efef1c2863bdb039b83cca2a7222dbdb1

SHA512
c27e7674afdd9190c0eb262a8e377fdef4a2f50118b8df597309925e6a749e95ae564700c4a157fdc70afb742415145ef1cb9af6c2380eabf25c40083bcb926b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
ab4658588b3eb00c59be0582b4b5d7d9

SHA1
48d670a5d49f55b457fe130ab40581e7c2081674

SHA256
0b7ca4211fc0d85ccf1d658245eb8e01afecb6597e25f10da2cbdf62932fa3b1

SHA512
a7ffc616d47506c3330aa80a758793d16f276cb2981eeae1481ff7d56fa15f3d792dca379a176133f7e4d330a037c08b26ad8f1ff423ed916705eac035cdbf50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
28743504ee88deefae0ee48500129a26

SHA1
673f813d2713b695a61ba086e6689f18eb3ab873

SHA256
fb2f139df5f90f56cb10790a542f25145daa6ac835b6ae4ddb581b6b933abe62

SHA512
ca24b539951d465188abc167762caa8b22ccb23c1f63b13ef2cc7c5cd925195abc9bf765600c30f80c45c6bef875e0eb5883626c7a74bb6466794a83b93cdb28

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
095a65251e9c80e50a9eeb977828dfd6

SHA1
934b1cfa633ee243d6f279a0f2571c787fb17218

SHA256
86a0295d0e57d742394a04eceaa76d62e94859e11aa0b30a7a86281bf9d9f483

SHA512
af4757b600e99a6be043717f17e813d4c318cc8b472df32209d82a1e88ab2704a25b2e3702b93781b3e53def0933f301e65ccc0718174de36ebfc8e7d4b15cf4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
dc72d489d4296f6e9dbc28ce4d32199c

SHA1
4abbcb0a0e65f92cfbfbc78ccdf3ee660c5201be

SHA256
10f88825e45d4bd9643972733d26597bb2125044fb9d9c26ef1fc832ca5b557f

SHA512
8161e644d2794894c385d3f42d35854e8565de55a96d4dac6ac90759f9d0729a69a1ec37ce9b25971c785dacaa41613debfce38aafcae4632664915b4451e433

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
2e4e53fb184068d359015b4389816ed1

SHA1
bd2844652c9389b17eef93ad7e0e2cac91ce9dcf

SHA256
1374f9a7510c42efef357694921672c0a26ccc092b968a7600268b7cc28fee20

SHA512
234b4a34bc1ace4892eb3c9001bb434621bfc278e89272b0fa6cd73bc85623544f1e0f3a4aacc8657352bdd989aaad26ba57eb40131cf253d12c217061c10929

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
5cb264a7827569bbf40228288e522cfb

SHA1
75ea123348ee94cb0131397cd6caa56b8bdaba0e

SHA256
fca146ba62e5252c1f4476bad4514f24e896b781cf76f706e835e52130a09e30

SHA512
0e00e3a775d83d7b518746f533fd0917931d26fb50579e80c7e3b1b2b344f06e9659b6b15865418cc39114d4fe32073feb3a98b99eee99ac4fd9068b88fe3d67

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
ec3921bf48745e9322968f366f039f03

SHA1
075fc4b6ac3b5b2978be21dea88f5839fb7c560f

SHA256
17317f70f99987da062384aa14c7975e974cf667033b437fab5b6d272118e097

SHA512
1ac13153255940efba50bebe0f488663475f7fcd3f16e95e1690534cc13d1cff5b8802e4b94375467dcee4018a946929f35deb5c2b0b82fbc1f6a9a66560d05f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
fa3e5b02a5adaaf1bcd607a303474d4a

SHA1
e372e42258a6d2603b741fa8d2d61448e8ca085d

SHA256
316e191f76eb231d115f4134fca167cd060e3ff84052a9be2d1f09d59f0662b3

SHA512
34668169e1fd2b201a6b65cb1e666355624d556d26ad0409bf3bf04dd1f61b57ddab77a6bd2bfec1f6a0f5b19b02905d2fc4062a7e8dcb95ef13f173a40ea608

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe571e65.TMP

Filesize
120B

MD5
632bdac91b46ec2edea5ee246084e837

SHA1
92e2c30293fc01046a5afda6958f8d7c18c56296

SHA256
c9cde0b7822c6ea9ad494d459e06bd1aef7b021a6f2ba7be00a9fe3d3a323b8f

SHA512
bda81e3b3d8a99633a0532fdea2df280e5084f41c386ae2ba37ae3839cfd035af1670189fb667bb0fbbc377b76235b2e23152c16314111e99f822e54d5b9cfb8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
159KB

MD5
145a8db547ac7be3544ab8843c5edcad

SHA1
d9acf82049bb2e951a81fab57f262af8a5b87647

SHA256
6dcc6694fb9ec6ca7889183a876526b543d9b9f2805940ad97f7acf114c913c9

SHA512
12a55a0743ef9b387830db1767b58db60f08eb8db42d4f815892bfb159cd3b2b4dfe56a293d5d2e47734f8f1fdf64c190789b3ae812c2e4628b9e60332fe9abe

Download Submit