df894ca1aee3d14e846c7c386e518386e3fbc4526535d7ed098b117860db4294

Resubmissions

15/06/2023, 16:31

230615-t1dvyaae63 1

15/06/2023, 16:28

230615-tym1tsae36 6

15/06/2023, 16:25

230615-twy1baae27 6

Analysis

max time kernel
150s
max time network
152s
platform
windows10-1703_x64
resource
win10-20230220-en
resource tags

arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
submitted
15/06/2023, 16:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Cute_anime_boy_2.png
Size

1KB
MD5

efb7e75241be9a2219ff03355172a4d1
SHA1

c4f6427db416f72a4cfc0b12a438fa4b4e3ae97c
SHA256

df894ca1aee3d14e846c7c386e518386e3fbc4526535d7ed098b117860db4294
SHA512

3771d9592f625645d06db559b818f4cc6fb35eac249758b256ca4f1d7528182db0ab1d6a07b06cf61bb14da25d8ceb4f4840cdd35917028e65b8f449431db33e

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs

Web Service
T1102
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133313199345941717"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4220	chrome.exe
4220	chrome.exe
4148	chrome.exe
4148	chrome.exe

Suspicious behavior: LoadsDriver 4 IoCs

pid	Process
636	Process not Found
636	Process not Found
636	Process not Found
636	Process not Found

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe
Token: SeShutdownPrivilege	4220	chrome.exe
Token: SeCreatePagefilePrivilege	4220	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe
4220	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4220 wrote to memory of 2012	4220	chrome.exe	69
PID 4220 wrote to memory of 2012	4220	chrome.exe	69
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2300	4220	chrome.exe	72
PID 4220 wrote to memory of 2192	4220	chrome.exe	71
PID 4220 wrote to memory of 2192	4220	chrome.exe	71
PID 4220 wrote to memory of 2044	4220	chrome.exe	73
PID 4220 wrote to memory of 2044	4220	chrome.exe	73
PID 4220 wrote to memory of 2044	4220	chrome.exe	73
PID 4220 wrote to memory of 2044	4220	chrome.exe	73
PID 4220 wrote to memory of 2044	4220	chrome.exe	73
PID 4220 wrote to memory of 2044	4220	chrome.exe	73
PID 4220 wrote to memory of 2044	4220	chrome.exe	73
PID 4220 wrote to memory of 2044	4220	chrome.exe	73
PID 4220 wrote to memory of 2044	4220	chrome.exe	73
PID 4220 wrote to memory of 2044	4220	chrome.exe	73
PID 4220 wrote to memory of 2044	4220	chrome.exe	73
PID 4220 wrote to memory of 2044	4220	chrome.exe	73
PID 4220 wrote to memory of 2044	4220	chrome.exe	73
PID 4220 wrote to memory of 2044	4220	chrome.exe	73
PID 4220 wrote to memory of 2044	4220	chrome.exe	73
PID 4220 wrote to memory of 2044	4220	chrome.exe	73
PID 4220 wrote to memory of 2044	4220	chrome.exe	73
PID 4220 wrote to memory of 2044	4220	chrome.exe	73
PID 4220 wrote to memory of 2044	4220	chrome.exe	73
PID 4220 wrote to memory of 2044	4220	chrome.exe	73
PID 4220 wrote to memory of 2044	4220	chrome.exe	73
PID 4220 wrote to memory of 2044	4220	chrome.exe	73

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\Cute_anime_boy_2.png
1⤵
PID:3236

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xd4,0xd8,0xdc,0xb0,0xe0,0x7ffe92a49758,0x7ffe92a49768,0x7ffe92a49778
  2⤵
  PID:2012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1656 --field-trial-handle=1796,i,18372198055540498647,1365681102500708010,131072 /prefetch:8
  2⤵
  PID:2192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1604 --field-trial-handle=1796,i,18372198055540498647,1365681102500708010,131072 /prefetch:2
  2⤵
  PID:2300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1988 --field-trial-handle=1796,i,18372198055540498647,1365681102500708010,131072 /prefetch:8
  2⤵
  PID:2044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3020 --field-trial-handle=1796,i,18372198055540498647,1365681102500708010,131072 /prefetch:1
  2⤵
  PID:4560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2980 --field-trial-handle=1796,i,18372198055540498647,1365681102500708010,131072 /prefetch:1
  2⤵
  PID:3564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4332 --field-trial-handle=1796,i,18372198055540498647,1365681102500708010,131072 /prefetch:1
  2⤵
  PID:4320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4560 --field-trial-handle=1796,i,18372198055540498647,1365681102500708010,131072 /prefetch:8
  2⤵
  PID:4688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4684 --field-trial-handle=1796,i,18372198055540498647,1365681102500708010,131072 /prefetch:8
  2⤵
  PID:708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4844 --field-trial-handle=1796,i,18372198055540498647,1365681102500708010,131072 /prefetch:8
  2⤵
  PID:4884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4924 --field-trial-handle=1796,i,18372198055540498647,1365681102500708010,131072 /prefetch:8
  2⤵
  PID:660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5008 --field-trial-handle=1796,i,18372198055540498647,1365681102500708010,131072 /prefetch:8
  2⤵
  PID:652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4980 --field-trial-handle=1796,i,18372198055540498647,1365681102500708010,131072 /prefetch:1
  2⤵
  PID:5060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3044 --field-trial-handle=1796,i,18372198055540498647,1365681102500708010,131072 /prefetch:8
  2⤵
  PID:2140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3884 --field-trial-handle=1796,i,18372198055540498647,1365681102500708010,131072 /prefetch:8
  2⤵
  PID:2176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4936 --field-trial-handle=1796,i,18372198055540498647,1365681102500708010,131072 /prefetch:8
  2⤵
  PID:512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5324 --field-trial-handle=1796,i,18372198055540498647,1365681102500708010,131072 /prefetch:1
  2⤵
  PID:1300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4708 --field-trial-handle=1796,i,18372198055540498647,1365681102500708010,131072 /prefetch:1
  2⤵
  PID:228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5152 --field-trial-handle=1796,i,18372198055540498647,1365681102500708010,131072 /prefetch:1
  2⤵
  PID:1484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5548 --field-trial-handle=1796,i,18372198055540498647,1365681102500708010,131072 /prefetch:1
  2⤵
  PID:2360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5532 --field-trial-handle=1796,i,18372198055540498647,1365681102500708010,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4148

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4268

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x1e0
1⤵
PID:2812

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

T1102

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
110KB

MD5
35cad58491e0364d60510ae47cec3043

SHA1
6da09aac1e796c2185f6ff25dec7e1159c3b4df3

SHA256
8ae229a738c834aea4e83e66d1317ca148d13cf5a133857ac8961954fc7bfd07

SHA512
03b93a86e811becf7d44b7bdd95fff976a7bbec9490e2471641c310fb11d80fffea87ad0ac165a4994366e4364b41c43d458aa6ec7dec33814c3ba077a1f964a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
22KB

MD5
1842f13e9ae08a339e81dfe1c431d657

SHA1
6546858feee7016d9bb78df958767f1519a5061f

SHA256
e5c9cd567104e5143cd9414138f02bad4cd0895a90524756fa5d328546446abb

SHA512
3f4d98db679f4b6381cc5f48aa4864d47c29eb6e07b1ad23e9cca977162096db294a703315357d5a97ad23ea95addec0b732609aea211141934dfd4f73efd944

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
47KB

MD5
e3e5858a68588bf5d2dcea4f6857a074

SHA1
a5ab61f6f9e2cdeffa28c9c9d3ecbc649d896a06

SHA256
42b8896a68bdefee368268aced490d6701462bce7f0da161cac8c2d15dd87e38

SHA512
3e35fa08e460c606b0a563808981b4c05333aba3dc5e6238f41b16688afc2d7a173fc313620bcfab09f4842545b194c0b6ac03850de52f0cba2c4c4072c9ebe6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
44KB

MD5
cdcde6d8b8fbf334916fa5f08adb10c2

SHA1
d3e2d51f5b4ce2313aee5b967816831752674ba1

SHA256
1cd2e2c3e5944c6e73f386f69677a510dba088febab1e2e76e7e0b73c94dfcd9

SHA512
039087003988fe83e0d4ec9055ed093eafb55182c0b7bb928824d3df2cb6e319c5b812ae93306fb876bc11ecbe222789b55033acd0d36307ef1b61759b0961b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
95KB

MD5
cb5e7ad24b843948f08be142e62dcc24

SHA1
464fd7676890ac8408ee510ce658dcca8a139672

SHA256
698ca18bb151b2b5c606b68d98668a9cfa5e4c3ab2b4d7dcb70c702fa8f11113

SHA512
38bf3f2980df6b810489bfb05e274093f495b45b30261c65891788c5ab5c1655c7f6664557183e5883e31770a08f28ca7ea1b25ddf06f7fc67004fdaad9a6e07

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
31KB

MD5
6f84e99897e2bd42b3a2fea419385ac4

SHA1
ec893fe8fdc597f1ac0f3894dbbc5c7438a16136

SHA256
6427986177ef8058c2e00431e7049c9511e3e3a7cff1c0ee56ec51ef6cebaf75

SHA512
e3e44fec6ed000d099d9b3e7c74b87d6761455bad31c93bbfe41a125c2b66340ec95d9a7d639ff81b3a78ef3c0b6aa8af7ea3372da974c71388a73d570c5f73b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
70KB

MD5
290da880446319f357ede673218d69e0

SHA1
635c93664f99e9e35fc5b92bb4120fbb6391d308

SHA256
2912d2629316c97078c51767e4cad121cdecd2616794de1db36e3c3377c72ccf

SHA512
fa07e459d797367bc9d3e55be6e9035e190427518f54b03021ba187f1e99301c3c5ca9efcc37c31e0ec81cc6920b51507f6bdb7fca22f5a3419073e4d442e338

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
67KB

MD5
da1316a94aa2b4319d358e4590782c87

SHA1
cbb7c6a681bfefc6b69e95b642ab4777ba4c5a7f

SHA256
eb67f5a95acb96050e2ed42ab51aa3359e434dcdce1c159f877f01835dc92e45

SHA512
0bc33038eb7c60c66771c25de45613d5a4bfba336e6acd8c61ef1dedd24645f1b49f537166d428d22ac0ba7076c49e4fdde7509c90e4130fe5311180ab96eae8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
279KB

MD5
a324f6cc0768b3cadb77f9ae16cc51a8

SHA1
d4d1339000b40d046c5edd5cb0f1353cb1057f50

SHA256
a21bafd4930e1373bf7b2cefb196b126e6bcec8b753d8353da8160f9678b7dc5

SHA512
6218a56e95f7a7dbf460d68d36da613844d7682995eb24a5866899a583de00d85a26fbdf73401afffb9a4e0e82dbc7c35b21751e9c54306a07c489f4533700cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
110KB

MD5
a4ae687ccc1a2d7b88efe1ef35719bb5

SHA1
81823a51a36b7c0e28306afcc2d0d01efa632028

SHA256
44946fc27b2ca240f33c157ef4ce9b48c09ef4227404b653e5cf83c51f42a4bd

SHA512
6073464123208a5c163eb41e37c4713d4bb7ab7f3a0555056c5233f4a54e8af1c22a38f4236e0360a602789f6c88879167b0b76f35608ac359145a267509bc10

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

Filesize
20KB

MD5
f71a0e3644cbabefa6da3ebceeea2ac4

SHA1
20394efcfe5838dd7e54ab433a14792c409b37b4

SHA256
7a5e28196ee91a62fe72e989a1bd9b05306bcf135a38fa4687142d8ae6917899

SHA512
5c8adfac21e18f17306233c88dc42453ab7e091893e8b4d30e69cee993f263f26515c7f3cfe5f6f8f6d5232b699a8af0fd2162415a83bc055d6584280f4409f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

Filesize
49KB

MD5
d4497e3bfeebed8ba919ded944894840

SHA1
d798a9b3490aceb533001183f2c9b8875704c177

SHA256
0844df6fe1bc61d3da838f1e59919edf91af18d738950948e3b2252207d6d7ec

SHA512
edaa1d4bf596fe5a17458529f43b68ba8a182d2bdc6b1ce1db9aff4381edba0dd9a58e32d3fb40ca75b5e181273986219025f7965bb98314d20b6bd1655d6338

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

Filesize
17KB

MD5
55bbd35e5e9d43298f2ad6c54b651a67

SHA1
4cd9aefc3df9639b447d8d8d6704dda240d9ba5b

SHA256
144de7ede35162b88c53504650e61ce029522321d27bff6a6c8a42540a6b3d16

SHA512
414dfc6bf477fd957af29672d35a8ea7ba166ad29df98263a9c01c86fa602c2baa696d50bb4710fa8451a850cdab051a441b205b00139cfdfcd43a3be42ea88a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

Filesize
379KB

MD5
96fd437102d0341a7ac1d0801d5f3796

SHA1
f1f1da767002696622eb096a51c1a28719327c80

SHA256
061b42def4c1fabc71de8fec562ca1754a24f05441a76614975392a44e3c199f

SHA512
1cfebbd36ae6e84970092b7b01578c286763bf8d6d3d8247f7ef92bfe21f945e508097b841da03c29faec4535f98e912f557c8ab6b03337938d46d60251c91a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

Filesize
30KB

MD5
13130ca9c9b8089529abd54d1d08dae0

SHA1
8a0136e1479e7ae928fa1d4a3c243203cb3e159d

SHA256
17b6e4cd01f773cf55328d75f0f2eeddfdcdee626508b82a30e3ba49b75e7940

SHA512
334b904ed06acd0f46639cd124a555fc39f566284ba59eb4dfd1fb344d00db4464f5ecfb7ebc1f9f7646e2ee7040e3eafca8befe74a8bcd009c98105fc45d4a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

Filesize
64KB

MD5
780df75790642f84256ce92e6efa22ce

SHA1
ad6f329f718f3c7c8945337af89259130520745b

SHA256
123a87390a708fac092aa45bba07e639e71efbd07bf16fc300a5466a563dd5ff

SHA512
0b7c3d83175f5be945e33a50a8fdfb766a6b1b8b5b87559a82d2c1659fb52bc0f5684a95f788c3840ab0f9b8821a988a9f134833fbc1f79d5f51c12c4fabc1fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

Filesize
364KB

MD5
65f1ec74e8ae9e93bcb169b5dbc3d27a

SHA1
5c721cd0556ebc06ac58dc30ca9280c5925324dd

SHA256
b3cceb575695106f15c81b9798557fbc4d0d6f5c2cb083dcdc4e9b8bf9bbd892

SHA512
ea11f24bbeeaf14670185799e11390d5fbf7f68b9fba90bc3148ac0d2d80865bc296196523beff30bdfa216716e956a4303334065e871658ad0753f55446a664

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

Filesize
425KB

MD5
b8a97d0cbc926e894e64b729c155a18b

SHA1
4bb80e524de313c71b5af9c40fdd78e6766207f2

SHA256
3ab81551bb9531adb1f1ac1bde2a4abcd84d9649e445afc373cc6e815c215032

SHA512
ca4cc9f4958ebdc821dad2357b14714591405b4d46f1f55c4c03d64f6dc29c2aa8438b167cb66db1fab2cc8ed49bbe0de2ae6d8834af18703083af7cb9eb9df3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000027

Filesize
86KB

MD5
d0ba9ffbd3a9a7314362a2a9eb74cb78

SHA1
03d3f27f7b7539fe4bd377477f39ec69f37328cf

SHA256
a5478ce6b928aeb913b7883b2a684336d5c33f7e2708e835803bf960c3e8b212

SHA512
5908c0c88e7b130db65827cadd879a1fab6a3e1f1be9405c4bf9595377b3cf052a964c7dd8a017b1a034dc0b4c7f9f30df658b6c381c71007dc27d0b60d8479c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

Filesize
178KB

MD5
be7447e8a25ff57584a9141fc7beffd0

SHA1
173b705a4546f1de4e02384c12bcd4b36d7da34a

SHA256
9823632c06e76729c5f0f66a5fe3d765b692d62e158d2e91194aeadb835ceef3

SHA512
03245242ef3d4f19dc21ae912d83f46931af9b9e6880732bdfb069f0eb6de4c0b4311bcfa9de3e608b1444a8b3d7398ea0d205209f175436e0099b14429ad42a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

Filesize
132KB

MD5
3b17e049a3189da1fae7ce4932047910

SHA1
7f75194dd31185069768e4522d34f40afa99e8a5

SHA256
28d15f84a4e36666b335155aad3c8f9335260d2dd8537e39736d209cf5d6bc52

SHA512
3a2a537ce799682354c9440ca46279b7f55066ae497927cce3bb61f375edf5453d9c8bd044c8bd1169c7417cc19c24ea4170520609a6753fc655ed6f012cdb2a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a

Filesize
26KB

MD5
df6b7b748a8380f1a6ce15d95b51a15f

SHA1
e522016649c6f2276b14d617f8efead65bf264c6

SHA256
b78c22e3a79d72f764bfdf78a6b3c6a492c0dfcda08c1edbae24b0b31be3661e

SHA512
2f3dca323b084b52543741b76dcf1243e292eb11fad01cfae8b3f86cdffb8b5f69bbd53bb8e4080be1e1c24738aba72c4b3d7a710f3a96fd5d81d81fd414050a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3fa61ed6fa4f988f_0

Filesize
268B

MD5
9b86b8b819dfac3f7c25aca34d07c328

SHA1
3ebdfeb4bb2c498d3f8ea3cd7e0a4ef5e586b8b3

SHA256
df5e05808a5cf1dd3d2e73d7d1ff92e075efbdf953d7104d8087a51192e5a3b6

SHA512
20b18e49b137096e988addc646153fc42bf16b7a922545cc90e1d968cf833a4429d1788f6047107756b5378e7f0b16ae6f679f64f59b925950286e18c068233b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\739b09a1d9ba9ee5_0

Filesize
268KB

MD5
25df47ecc757fdc507671e4fd6ccb48f

SHA1
753a0c580858688371d8f92c88f724b349de90b0

SHA256
b6d9b92da8792ed127244de15c9f98408b058e2b0879e775fddd6f972029e8cc

SHA512
4785c2a162c5e866ab02c677605ef140d091ee0fd390ca479d9e8042cff12ff63aaac4f8cfdbc151417e9e62dfa656232284eacbb2d147fdbea37e9bd99a9c21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
36a0c28243e177752fda37d3de6d4ad9

SHA1
148f00f485ae87a69e2908addf53bd58a0d713a5

SHA256
a269a10f870ec729f8f86ca9d201d7dff903108425b924a28ffe695703e150ba

SHA512
3c6be37f33b7b4fc92101f50c6421d86b8c042a5de4a688ab88d3a87ce6c3597a7642ee30bd4773f9fede116526a04edf926ae4f972c61bd2347f04b8de32676

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
dbf29e3814beb6d472cb1ca23ec71236

SHA1
ff0e30134a167463653e101ec6e0d4e607d842a4

SHA256
9b0dd5b14eb9bf4b466ec21ee65d6679bd2dd9f6f96872264894e3d98aa19b2b

SHA512
173fed386c4043693abdf4395a0d8ae20f3778da44b8b1fe1ca6b88a14f977a4487cdc27f8134063826d0aed2e4209f52e6f94a378dbd81bf05e838e36500c19

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
355c7b48e6dd8592aca535d678e5c15f

SHA1
f8f53ed78ae022d391a744313ca7bf030760fb33

SHA256
0f4aa21ff3e69b2caa1e9d36b93cd05ba6076d162896cc2d5497aa66c191fa10

SHA512
e0b212fc6feef0f10ab2c084857987e698bd7d029b226e02b254c8d69dbbbea376ffa42d8a6b57701c53ced33118f59a24d56d6fa290e5df0d066bb0a1db9677

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c249e71c52b67a39e500fe3da33eb4cf

SHA1
2c914dc11f46db9b7cd26bd73c2ec1332acd7377

SHA256
ae239ad8ed880518d33e13fa8d380f57291f5f33689b2526033aa1b426847f85

SHA512
8df12c9a543eca798352e3c0c1c3d56b0e12f51ed4ddd2501aa192c9dc78d02998d45195166ad2964a85978870d3fb86d716ad42a696b3c120c287b4fc3c1ebf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
7b3defbda6b0fc95e37d2bb96b32a03c

SHA1
b6a464ce4b6e796120b6c624c7fa6482a1c05311

SHA256
22291ebe3ba878aac382f6f6494e3a6dea0ffa651913485d1b0cce8db9db677f

SHA512
a101f34953dc0bb3e905603962a1773530a13400e316d8119b7e4ac1da676cf11d0d1c85ffdd57940f5dbaa7189c8ae2ec7d36a476ca3d97ac110c5ce3564134

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
538B

MD5
5a53f8150f423cb8c815d2c032bddcdc

SHA1
1c8debb49c0963d27fbb13ae97785bdeb15feed6

SHA256
afc9572ff236f5b0a8f78e7f165e00814f1d4031b15d5f58d532180def616914

SHA512
b2e4b1c7d16eb97276d45ae87a2c78f8b044a552b7d508337f1e64b4cc8629ccc0fe81909bee219bc7915f5ec8c222667daccdaf1ee57561123f74038706080d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
705B

MD5
a6dc60e6771d0fe179d79b5c4b20a998

SHA1
9aaa4b491a468c1e1f714a7e1e803c4606cf8d01

SHA256
ffca8101bdc1d69672aa76e975681aca3eb910ee3b7ecfde203c3e8c48654f1e

SHA512
a9e2d132803270b201562c89d4e02b477f04e0bf257c8649cadc7f5d7ef03e3ffdf78a1c01e8ce713c98cd2121c208401f12971b25e6844b24154ca492fd94a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
dd00b086a7b0512825f4420b4ad45d9a

SHA1
643841d62c853a11c6b7891c25e0f705f63db504

SHA256
8782e4ab9210d9f7d8ea5671ce005b6b4bfe7bbde37039cf2a55f9e85969504a

SHA512
7092d13342a94818a5d17eac5ecf18bda21543d1a159331312eaa1ef99e764fb339b77dbaecbba6fac0bdeb5943e6cb81cd5da06c69b22f40fc6c6bc246447ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
8606622698d78433cfa8d74859856b1b

SHA1
fe0e0230e67d57061891a41cc1c9d7b697202bdf

SHA256
f6271b93e11840132f1d8c30b96912ba219e005f603aac5500e10b54bfe77c70

SHA512
ef55213daaeef58f7fe68091aa160714940dba28e3d58dbc2fe883b7cabec5dadd4cd752baaad8ac2ff1c49103fdabee577b31cfc1fe1c87abbadda6c31cc83b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
8616d07a8678bdf31d60f18e6a72ee34

SHA1
4f175a56a1409ecc2d4ca2a99e8d8a6a246ff9b3

SHA256
c9efcc9cde9e8e42d99a9afec351e2566cf9c2291070ea381ea445340b560d18

SHA512
fa245b053052aace9669b8740daabf7ae1f83f0d388f076fba542f499bf7a439fa05ba7f4362a45dbee28c9b20fd3102c559e982fe61a80b3478ab5df3e4e6eb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
e41c60ac4c14c6540300126bf3feac29

SHA1
565894b7aa1ba6aa8ce1515314f600db3939ea9e

SHA256
7b9c67d797b2379a539f166674c19b9556289143b92e5623a397b680b18eab71

SHA512
f1a76b7106f845ecd61b6a5703980b51e3b315671d0b234252523e4195edf0f4794f9461841df8395427a1ace6dc81405daa8383ea8f48c9ca2cfa3878eaf47f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
7e7ad7029ca14f4281febd03b5aa23c2

SHA1
f77f9be565360113b9e01d2fafbe4532fdcd6dd8

SHA256
b0831ddcfadd876e1b257c2eec973001efba53b2e87162ee82970bbf0f54d88e

SHA512
dad880bd91c1f68c77a0482ad4b0a7569c2ba0e1bce7937103bdef618c5c3a93cf5114fbf0b00595bdc1b21da633431ace4d047725432d5df191fc3a159a936a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
55f34a2ef357aae925da065baa2d1af7

SHA1
a14da01940342d05875ca2982f6232a0c3521055

SHA256
268a5df46274958bcc8598c7a891db6ea430c19b7f418ec7cc9ad5e45c2da1b0

SHA512
e657a55e39144a7a6ce230d413451976d2cfc85b8d005c003269ef40a838d3be3050c1b2f8a950da6c41b4c1491a7e4281c7d6ec97267f347d7f542f4603a7a0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
8d24944b37d67cd3aef03e60d4d6f600

SHA1
761e2571b50bc08aefd20689ecd28516a63150c0

SHA256
c15d5bfffc126c24c280d65d5c04751e3a0f86a629e7ba3fea566bdc47a42934

SHA512
ff0ed9abf15302a96967afc4a63f3bfdccb0ecb3f525689123ba6694d8720845d3e377bd7ad8e1e4174668d9d1c2cbf29c0ed3a3a60f73f0c5ebb4e5308648a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
5996727fcbabaf7eb3b255c91c81682f

SHA1
ad88da8bd1d999b972506657681f3030ebfc35af

SHA256
afa4ca0349172a58366a1b6f2110e0a59db2b3c59cf01cf62a314bc18bd1aa04

SHA512
2890df73f66a502f5407e10bf128409350f18ef2981de29e62ed380ce07106b47d6d332458df8fb845b3d62d859adcaf5d2ffe1921eea51e1de65953e4eb76a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
be023531977449b437d4493f27126931

SHA1
1019667a8eaccf5e9c81399a6f300c3bad5f6b17

SHA256
780f0b10371de8f67a8930ca859e1d5d3bb7536688890054fc2496d26f5848b2

SHA512
ac738004bb5f1c309cbeda259e6ed2c3ff229f15a13065c4f94fb82205a07d8e80a7908e11e5bcfa24778467938cf6b4e0c0eda8a070010c8965f59ff0980d78

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
12KB

MD5
01cb621fcbfbaf139318939146d9caea

SHA1
1d64efd24740abf2301534901ba11851840521b2

SHA256
d53e8a5d6fdadcac03768a3ef68586082d54fc0268990ba56cf3d93aafd0c56e

SHA512
18a5c00609d33597c6436354ada95d26e522a4f323eae724d33bfb5c88d32250eef08192a75a1e8ad025dcd80234808a1b2174340d3d65f73a06e32965a68537

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
161KB

MD5
2dc3c70d732e02baca5f7f84b6b9e4f1

SHA1
52e68aaeac9be4b84e52b9d632e0a53321d334d7

SHA256
4add46167310f9d40b5e01b99e60691102d4ab54a5adfa4776e2c310eade355b

SHA512
4c6a3b2ece6f276b63470125c60887a4198126f932a6de03905c78115e4c4ed364ea995e43141d494c3dcf7c9856d5afaee2e2812032d63bb0a6436bb729134e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
100KB

MD5
9f0cc4c0e22bf4779ca0d9b09b033e9c

SHA1
5ce7fb44496bec9f47d2c9391dc4fb3eccd2d6aa

SHA256
44611591ace624c6a661855276b61af96731368689cfcada08d6fc4b248f1aca

SHA512
08a3bf38a709506a554dc22393e5e5c71d109dbc2276cd673bb0878637b594ee6acbc0603e2b060a18e14505efb8a149081530fc5a57f695d1be95bf5fcb6ee7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe572904.TMP

Filesize
95KB

MD5
bfbf00b2bcd3040d3245f44dfa47994e

SHA1
a3e7681f61e30614b3bf8831e1ea73bd4aabdd2f

SHA256
2e22885349bfe900b513b8579a8862f6df45d10f034f8c368eb67d1599a91a7b

SHA512
d3e2e26c1c7ccae592945dc38baa169f5bfa77cfeec2a2c64b5454168177d150f8bfb7ebaf514a8346c1af861feae2cc34377baf7113f6b2ac3b3bf9d0d4c605

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit