hxxps://cutt[.]us/bU2xqIHC/wlgiwj2sabftekcjqf4y6

Analysis

max time kernel
150s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
16/06/2023, 21:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://cutt.us/bU2xqIHC/wlgiwj2sabftekcjqf4y6

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133314258798713930"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1920	chrome.exe
1920	chrome.exe
2120	chrome.exe
2120	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeCreatePagefilePrivilege	1920	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1920 wrote to memory of 1524	1920	chrome.exe	83
PID 1920 wrote to memory of 1524	1920	chrome.exe	83
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 1004	1920	chrome.exe	84
PID 1920 wrote to memory of 4344	1920	chrome.exe	85
PID 1920 wrote to memory of 4344	1920	chrome.exe	85
PID 1920 wrote to memory of 960	1920	chrome.exe	86
PID 1920 wrote to memory of 960	1920	chrome.exe	86
PID 1920 wrote to memory of 960	1920	chrome.exe	86
PID 1920 wrote to memory of 960	1920	chrome.exe	86
PID 1920 wrote to memory of 960	1920	chrome.exe	86
PID 1920 wrote to memory of 960	1920	chrome.exe	86
PID 1920 wrote to memory of 960	1920	chrome.exe	86
PID 1920 wrote to memory of 960	1920	chrome.exe	86
PID 1920 wrote to memory of 960	1920	chrome.exe	86
PID 1920 wrote to memory of 960	1920	chrome.exe	86
PID 1920 wrote to memory of 960	1920	chrome.exe	86
PID 1920 wrote to memory of 960	1920	chrome.exe	86
PID 1920 wrote to memory of 960	1920	chrome.exe	86
PID 1920 wrote to memory of 960	1920	chrome.exe	86
PID 1920 wrote to memory of 960	1920	chrome.exe	86
PID 1920 wrote to memory of 960	1920	chrome.exe	86
PID 1920 wrote to memory of 960	1920	chrome.exe	86
PID 1920 wrote to memory of 960	1920	chrome.exe	86
PID 1920 wrote to memory of 960	1920	chrome.exe	86
PID 1920 wrote to memory of 960	1920	chrome.exe	86
PID 1920 wrote to memory of 960	1920	chrome.exe	86
PID 1920 wrote to memory of 960	1920	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://cutt.us/bU2xqIHC/wlgiwj2sabftekcjqf4y6
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa66269758,0x7ffa66269768,0x7ffa66269778
  2⤵
  PID:1524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1796 --field-trial-handle=1816,i,1800340844267980978,6774519251766267805,131072 /prefetch:2
  2⤵
  PID:1004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1816,i,1800340844267980978,6774519251766267805,131072 /prefetch:8
  2⤵
  PID:4344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2236 --field-trial-handle=1816,i,1800340844267980978,6774519251766267805,131072 /prefetch:8
  2⤵
  PID:960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3168 --field-trial-handle=1816,i,1800340844267980978,6774519251766267805,131072 /prefetch:1
  2⤵
  PID:3220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3200 --field-trial-handle=1816,i,1800340844267980978,6774519251766267805,131072 /prefetch:1
  2⤵
  PID:1220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=5188 --field-trial-handle=1816,i,1800340844267980978,6774519251766267805,131072 /prefetch:1
  2⤵
  PID:760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=5320 --field-trial-handle=1816,i,1800340844267980978,6774519251766267805,131072 /prefetch:1
  2⤵
  PID:4188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5696 --field-trial-handle=1816,i,1800340844267980978,6774519251766267805,131072 /prefetch:8
  2⤵
  PID:2144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5812 --field-trial-handle=1816,i,1800340844267980978,6774519251766267805,131072 /prefetch:8
  2⤵
  PID:3392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5812 --field-trial-handle=1816,i,1800340844267980978,6774519251766267805,131072 /prefetch:8
  2⤵
  PID:4664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5784 --field-trial-handle=1816,i,1800340844267980978,6774519251766267805,131072 /prefetch:8
  2⤵
  PID:4080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5172 --field-trial-handle=1816,i,1800340844267980978,6774519251766267805,131072 /prefetch:8
  2⤵
  PID:4656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5788 --field-trial-handle=1816,i,1800340844267980978,6774519251766267805,131072 /prefetch:8
  2⤵
  PID:996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5116 --field-trial-handle=1816,i,1800340844267980978,6774519251766267805,131072 /prefetch:8
  2⤵
  PID:2644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5900 --field-trial-handle=1816,i,1800340844267980978,6774519251766267805,131072 /prefetch:1
  2⤵
  PID:2384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3328 --field-trial-handle=1816,i,1800340844267980978,6774519251766267805,131072 /prefetch:1
  2⤵
  PID:3408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=6088 --field-trial-handle=1816,i,1800340844267980978,6774519251766267805,131072 /prefetch:1
  2⤵
  PID:2848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=6152 --field-trial-handle=1816,i,1800340844267980978,6774519251766267805,131072 /prefetch:1
  2⤵
  PID:3256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4568 --field-trial-handle=1816,i,1800340844267980978,6774519251766267805,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2120

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1364

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
b6cde21a5e4fbdb8834306f3b8011756

SHA1
acecb9b0a816fcd8c8dcf786ea2c9e0dd1912876

SHA256
5a2ff2d7d6ba3a0fc16c0ff80fbed5991c358ca709f7ace4090a309b1110afcc

SHA512
a8912cc252a97515593c99b33cb42e918c9a8188f690618b25072f0d6aabe30880884c5f6351768e9b02f4f7d8b7bd8149164f7a4a2954ceecb40777ab1b7c43

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.62.0_0\_locales\en_CA\messages.json

Filesize
851B

MD5
07ffbe5f24ca348723ff8c6c488abfb8

SHA1
6dc2851e39b2ee38f88cf5c35a90171dbea5b690

SHA256
6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

SHA512
7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.62.0_0\dasherSettingSchema.json

Filesize
854B

MD5
4ec1df2da46182103d2ffc3b92d20ca5

SHA1
fb9d1ba3710cf31a87165317c6edc110e98994ce

SHA256
6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

SHA512
939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
632e0af9eeb796d847a08775275fdc3a

SHA1
744f0e59aed26c8d9ec2b788ed799d1d799ed933

SHA256
1b9cb40cf997803270f19fa06ff8988eeb60a1157fe0dfc7a561916fc8a08dc4

SHA512
3fbf5fa21b842ad5783f97b0a4a70e46b957871904f6539f255126a633d6dfff52ee42150a3e29d012a4d5c455df2cef4dc8207bf01c89c4b9c8e0aaaaa24e84

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
776bb295f4bf14adcb6c44ba6468ef4a

SHA1
d1bbfa4ade462f9031cd149f3d1e7b64c2beaa45

SHA256
11c0e50092b9b9cc30425789477f59a27fb18c18fe332c9075f10ff4f2dcf640

SHA512
4db52de8b472ac1983029d4850f2cb3dd8f7522f5d5a6baf0777b3e4f58f7dc2c3f5f7959aa8086e091077b48bc71ce551e17ea939e48cad0292a585924de7b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
e60a8a826673b3381aa588eacbffc59a

SHA1
af6d8883aeae33382e22634da00e3c3e8c1ac358

SHA256
86aeec98fc72f71e25e46f5ee2f604eaed05a9af0f5221123241e64e84ce7d05

SHA512
57d40f73238b9880f7d2eab85b9245a340c2891564a693003534fba63abee2c0250716dbe7fe1da37c7f04980bcf54b0513f363aa9104728f5191ff796a2df94

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
60d25e6b9b72fdd6de921e64e9ce6b54

SHA1
fc9827499ed136b4cdfba2bf6ac6ebc65f326ebf

SHA256
6fe9739e4bed5080e3531e0d23db2859d2b2722f2b585cabc94915017d39343d

SHA512
5637c9e84d022f2f81094893f0cc214a88e3889f1b374e93e6d839938f1a7d335e59c1efca147637655c856a67b82fdf6819f1d5f75dccf47246fb997d0e0cd9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
f4ad0ac7af866b2cb3d090ef878b5bab

SHA1
b67cf8208b86e2c1dd1007e84dc311c0071f6870

SHA256
b4abe4e4600478eaf9baad0f916bcd77ec9af579611c70c3a5d67bb7bbef494d

SHA512
22bbbb054f60e72d8265dac822fcb3be538d5779ed9c4598cfca469a068294637a162ab17fe7157444589e7b3990416e3cf2f010e1258ea621f7fe6da81dbee1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
bd09073124357ec7553c792de107948d

SHA1
f6c521b2a9fa2bac4295a21d78494f369e8b9b5c

SHA256
1f994b299e4efdd7d9975c1dda818e0c7164882bf88bda282454beaa46c6f3bb

SHA512
87f871660af69b4c4977aeb04b59764886f220c6bd68ff2c3f6de7c1c674454351f070fc087e4aa47d43f5e62d45d73a13c2adc1aa6d01ef0995948473e16996

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c3a105bc5462b93e197dc7bb12a08a52

SHA1
3651866af0b59510b704b8064fefb9ea32fa70c4

SHA256
8461b6e826f6bdd776383f509a9a1a7dafbff84cf026d254dff5f6d76e1997b7

SHA512
0f17bcf75c3d2407bc993aa21538f4868948f5f0ac47ab345ea602449715a3e83f27b5e7e5551971f8c2fdebe16304a261d455f4d8515e3d6edb723bb7e45667

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
c531be9489b76dc90a3e0a62c9c5e6ac

SHA1
b29ecdd05c55237591fcf1a9e680077ef07bc03d

SHA256
7cc4c244866c66447cfc33340ab1b3546d582b378fb1be03c22a35ba8d56f3e2

SHA512
3ccaf9dc546246af4a7190c6f659bd294931e9180a9b0b8b98cd740cf12f61f5e70ba775b1350381b006935aa2f7e12188496c9c03bac7311b63a6ab4a696cfb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
17f6d6bfb4cb127d65923018d65c0dd0

SHA1
6c4abf12ad7133ae4006884c2d04f8f96c61a596

SHA256
55533c31530c0b5dc62636ed8413e2e8eaa2ea854813b61e5199823fd73f34f9

SHA512
97eb20e24aa1742dc8de452c27170091b191221ada07dde3cb565c786e407e613fbe84dea0504a1a25e5024405d02817eac13b9292105086eee0e800ce304943

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
4d4742ea86848c9a22da57bfda4e5b57

SHA1
1f88b509f4c996d248471ea6e676e3e0a44fc420

SHA256
a28c98d044287d6c8cd63d987f40356373737b3d70039dd65883ac04a4f2575a

SHA512
3acfed88992b72c603acaefcfdc0fe6d2c192fb52d9634e8a61d43148d205faab69d39c77309f03ddfd404df9c57c446136d6324eaed22ab6005479a79f9d90d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
c3d429215b726cb0d670b98e20a4715a

SHA1
109f4e623cdbc5a5031962bf6e45c9a53bc88fb9

SHA256
8e1eedc187708c03778fc3aebea14dc037357a20c947e16f850e087d9ad6c1f0

SHA512
bed95fc3e75f92afd3f63b1b6468c9437310d6655c0472193039986833384c76503cce3f2787eae2c100dd72215647574d3c29442fa04f1770adc124b2e0fa92

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
6cb776ee2770106b9e767e1fc058c6ef

SHA1
3d2274a9f9d7c447dcb176c88fdbaf74b904eb8b

SHA256
d99f44c564d53d5f865c7e615ef744a581e6d29cef2617d331d7c356529559c9

SHA512
623f21850872c0541254c5176d99ccb0a8e41f87325db9603340f3c6877158a8b9a58a8b50624dc290ced2f239997a6b8ea69d71e5ce2b5c94d7ec745ab53452

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
6543b569789399685728af805c18c941

SHA1
2d5eeb2057ec5736d1e856aad50c649cb291b082

SHA256
333f065295d916f0cc3c8f31d8c7a8c4c06f3f263c987c44f334b9862c238f71

SHA512
d014e967eb54127682984499b5dbeb119bbebbbe8fa63287c7079f8aff6fa02fce36dee26f652b2a2f7c89b56de5809d590abeffe1b64b694906b6d59f2c12a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
7446f09d285dc1bc024c13cbe394e2db

SHA1
b3a8a36cd9205c4dfcf18da1397d637ba9649dfc

SHA256
68b78a6edad684406ac6b8864e18a7852ca5e0e673478d004f41debae19eb154

SHA512
137706a125b00037f3e25ff3590551b7277be7f7676b1607c1119fd0066649e9a3e2b0b7d81a874809df7bbfe2b46ca73cf565b973d756dad2dd0406e67b67c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
397370a6aa46be4ed84b9c0837961fcb

SHA1
5a8b624e0dd4d4ddb8c39ad723435c35bfb71c40

SHA256
e4f8b3332f6715b96e3a57d8a8eeeaed232ec94c91371ab7b31f15731332f279

SHA512
e08dc4c1d6b9ba6755b5760db85d22db2405632db504918c3f3b1b71a49376c58a7c8b139ddcfceab87519109f07059bb670926700e6df271bebaf321a38d45f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe570705.TMP

Filesize
72B

MD5
e05260a4ee25df5f4c9717c3edc02281

SHA1
4353407519124255f2026525a358e0f2daa7e755

SHA256
930b11d2ed5a26ccc0dde7aa2913198d729491ff8ad479d4cb8327f91692ac8e

SHA512
192c9cbb6d0e6a7c6bba27c585bb544923cacea6122dcd3d18f3c7dc3d1d9b4bf54c588bdae02be1697b8b9ffdb6394ce3c68b1ebd02a504be128f7cd2b21da0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
157KB

MD5
9d1a8bc6412304554b042f136bd5f2e3

SHA1
6704b42a7d6074a84c04872a68803675f2ebfe27

SHA256
a2378f338cf0675af67931c6b8a42e798242a107c922f4b1f4b03e346939b235

SHA512
1ba91e2bc295d13522c33e057e095ee61a755e2dc49d363ede32b54c39388416dadbee1f625c83dfd7bce694d56a38167bda36376587879552c9577b87a422e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
157KB

MD5
1f82851109ec36f9a8d8a6e7350fc3db

SHA1
8d6caa3c75d72f42152043cebdc2541c392f034c

SHA256
c2cb470cfe30b7eb40b4d308aa752bdbadda6a49ef25b2e59ce418601acdcc25

SHA512
f3114dd1a2df459002900fd51d37c01d4e9546742d7add15abccdf8480f312ed63aecbf52d5430828851e580fd56bb7f95848c47dbed91847a09272434c0433a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
157KB

MD5
cf6785b398a76af3e66caa26277e2bbd

SHA1
5e8b94d909d12db53ee0fb6ebb371aff1066cc0a

SHA256
2845979cc5257f3a1274bfb4948186e30828fa2af0a196c62a5ea7ef4306b39c

SHA512
9c354fa23e9d0b2a4012f263936350f893013586c8a68c6f7668b123667a6f4d456e2507c684f1b0b4dbfcd0553a81b9e6d1d0656cc45b82e94e829987625a51

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir1920_1970400535\CRX_INSTALL\_locales\en_CA\messages.json

Filesize
711B

MD5
558659936250e03cc14b60ebf648aa09

SHA1
32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

SHA256
2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

SHA512
1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir1920_1970400535\a8ac99fe-4b6a-4b35-a2ef-1c76b2f21bca.tmp

Filesize
88KB

MD5
2cc86b681f2cd1d9f095584fd3153a61

SHA1
2a0ac7262fb88908a453bc125c5c3fc72b8d490e

SHA256
d412fbbeb84e2a6882b2f0267b058f2ceb97f501e440fe3f9f70fac5c2277b9c

SHA512
14ba32c3cd5b1faf100d06f78981deebbbb673299a355b6eaec88e6cb5543725242c850235a541afa8abba4a609bb2ec26e4a0526c6b198016b08d8af868b986

Download Submit