ee1e980d7c55cae79f725bff6a0946c69f910f6a54d448d7b8867bcb7eea0ca4

Resubmissions

27/06/2023, 23:20

230627-3bs31agf81 6

27/06/2023, 23:16

230627-29cy1afg24 1

Analysis

max time kernel
425s
max time network
419s
platform
windows10-2004_x64
resource
win10v2004-20230621-en
resource tags

arch:x64arch:x86image:win10v2004-20230621-enlocale:en-usos:windows10-2004-x64system
submitted
27/06/2023, 23:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Catalogo.pdf.html
Size

2KB
MD5

24c3acfe035a0322b96c3157f3bdff5c
SHA1

a8942661e762ee136b9e6e27aa6300bf1123783c
SHA256

ee1e980d7c55cae79f725bff6a0946c69f910f6a54d448d7b8867bcb7eea0ca4
SHA512

a1caa8b256af3d99abe972c5dd461a3711977a495b4e0ef4fdbf35b230c8fc8c7f41dc2262b445255b4e4747bdabd1e5340df43bbd30b5cc69e227d93d8a465d

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133323816626896985"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1096	chrome.exe
1096	chrome.exe
3912	chrome.exe
3912	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe
Token: SeShutdownPrivilege	1096	chrome.exe
Token: SeCreatePagefilePrivilege	1096	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe
1096	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1096 wrote to memory of 4800	1096	chrome.exe	85
PID 1096 wrote to memory of 4800	1096	chrome.exe	85
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2328	1096	chrome.exe	87
PID 1096 wrote to memory of 2512	1096	chrome.exe	88
PID 1096 wrote to memory of 2512	1096	chrome.exe	88
PID 1096 wrote to memory of 5036	1096	chrome.exe	89
PID 1096 wrote to memory of 5036	1096	chrome.exe	89
PID 1096 wrote to memory of 5036	1096	chrome.exe	89
PID 1096 wrote to memory of 5036	1096	chrome.exe	89
PID 1096 wrote to memory of 5036	1096	chrome.exe	89
PID 1096 wrote to memory of 5036	1096	chrome.exe	89
PID 1096 wrote to memory of 5036	1096	chrome.exe	89
PID 1096 wrote to memory of 5036	1096	chrome.exe	89
PID 1096 wrote to memory of 5036	1096	chrome.exe	89
PID 1096 wrote to memory of 5036	1096	chrome.exe	89
PID 1096 wrote to memory of 5036	1096	chrome.exe	89
PID 1096 wrote to memory of 5036	1096	chrome.exe	89
PID 1096 wrote to memory of 5036	1096	chrome.exe	89
PID 1096 wrote to memory of 5036	1096	chrome.exe	89
PID 1096 wrote to memory of 5036	1096	chrome.exe	89
PID 1096 wrote to memory of 5036	1096	chrome.exe	89
PID 1096 wrote to memory of 5036	1096	chrome.exe	89
PID 1096 wrote to memory of 5036	1096	chrome.exe	89
PID 1096 wrote to memory of 5036	1096	chrome.exe	89
PID 1096 wrote to memory of 5036	1096	chrome.exe	89
PID 1096 wrote to memory of 5036	1096	chrome.exe	89
PID 1096 wrote to memory of 5036	1096	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" C:\Users\Admin\AppData\Local\Temp\Catalogo.pdf.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff5ede9758,0x7fff5ede9768,0x7fff5ede9778
  2⤵
  PID:4800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1796 --field-trial-handle=1812,i,11739583346260309637,14635928095328721518,131072 /prefetch:2
  2⤵
  PID:2328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1812,i,11739583346260309637,14635928095328721518,131072 /prefetch:8
  2⤵
  PID:2512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2220 --field-trial-handle=1812,i,11739583346260309637,14635928095328721518,131072 /prefetch:8
  2⤵
  PID:5036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3164 --field-trial-handle=1812,i,11739583346260309637,14635928095328721518,131072 /prefetch:1
  2⤵
  PID:2792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3184 --field-trial-handle=1812,i,11739583346260309637,14635928095328721518,131072 /prefetch:1
  2⤵
  PID:2528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4748 --field-trial-handle=1812,i,11739583346260309637,14635928095328721518,131072 /prefetch:8
  2⤵
  PID:2052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4668 --field-trial-handle=1812,i,11739583346260309637,14635928095328721518,131072 /prefetch:8
  2⤵
  PID:2284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4744 --field-trial-handle=1812,i,11739583346260309637,14635928095328721518,131072 /prefetch:8
  2⤵
  PID:4804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4976 --field-trial-handle=1812,i,11739583346260309637,14635928095328721518,131072 /prefetch:1
  2⤵
  PID:1752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4944 --field-trial-handle=1812,i,11739583346260309637,14635928095328721518,131072 /prefetch:1
  2⤵
  PID:3916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1760 --field-trial-handle=1812,i,11739583346260309637,14635928095328721518,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=1612 --field-trial-handle=1812,i,11739583346260309637,14635928095328721518,131072 /prefetch:1
  2⤵
  PID:2728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2800 --field-trial-handle=1812,i,11739583346260309637,14635928095328721518,131072 /prefetch:8
  2⤵
  PID:1160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5184 --field-trial-handle=1812,i,11739583346260309637,14635928095328721518,131072 /prefetch:1
  2⤵
  PID:4576

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1460

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
55b0dbb3dc7df3d80e9e091318bda0f4

SHA1
61431a729a8cf01a26a5f5b3e8bb619c7e073402

SHA256
7e383e5f270aee7f8fa855554286d2951a7787f4c7fba49d03eaca6c1023f4eb

SHA512
c829feb998686533629df722a00561a2c2433f1b4cc401155f1ca8e9980ced335c8eb07982c8994f108f2df7082e52aa0385e56c6c5c3cabf99735dbc47f2ca8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
20ea3e027470bb6f610e4ffc1ba5e89c

SHA1
9c71eb6b31240a5cdc4b6faf87fd371eb96c6ca2

SHA256
5b0eb3894db49ed300a84e24f100e235201a7890d94b55dac6316b7b71588d7f

SHA512
e0579ddef0f2f307bad7cdab6089cad53924c53366a6e678ab906bb8f25162b6e5e3518eb196607aba279db74083bddfb44864144066fd787c6efbe4bce3c05b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
0e398803c9474e1d0fa05a76ed602022

SHA1
642d7e5b9fdc911430c535caa8bb80d0030ad429

SHA256
cca7da8b58a43932243f5411492fd2755f9274ebfe52710b0b711c2a80541953

SHA512
64279179a82dd47eea0b002a02eedee98f8b018e5be0615a1eaa0ab64db82d7933e2a5e726c66d331da1db60eeb0ab8bb14a8726d519ef68327a850c47c6bc6f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
3f58498a0a296350dfc65b1aad465762

SHA1
958d9070b040b6efea197c5de7107ad31e8c4a8f

SHA256
54d9327f7183f5ae6357a9052c19b817f10f383ad63d06973f634a9bee2e7866

SHA512
ca65e54967d66727b44f4dc9336c39b68bd43211c74c5a646721a62ff126501ea2dd12c230efdb0b2f856128b5354f9c343337fe9365e0ba502835a62a74a8d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
707B

MD5
a08175a04406ea5ed13024f1f5b9bc0d

SHA1
fbdaa1f42158eea4f350edf6d4875fd5534b780a

SHA256
e8df93e06af589059b98936f7c500ecca4f77c711b32e1f38e80b2718e302c83

SHA512
1ec99430e14b61592c2a1dde5a9f5bc70bdab0f98b371d2c3a9f8436a85a688db602094c83455fdf8e875ab988a402c47f80af23904d81f1e50ef7dda4e89f7c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
8003b621710987b7d8bbfc7ef6eccc5b

SHA1
f6e02514600e04edc2a9f4fc9ba5aabc40c9a675

SHA256
95c9c4cea76af5b41859f4aed573aa0cef86a9badaba0e02a495267e596eb3af

SHA512
a8dc62ea7643abfa6bb5edbe0c871f305dc01b7f7bfefa5a412eccbfee7e3972b3bf01c21233fb98e9bad3fa3ef28751510754b47a7712cad22ea7a969e7d6d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
2e6ce8c4350ae400b8e7c6245ee69a74

SHA1
7b9de6abf8b4373e7d207b52b5765224e7a30d71

SHA256
fdb95e8076afbdc8a8d2b091a1afe4a97882b1c3342fc24102351bf6433a42ae

SHA512
f9f538966a2e0ba7bed6df652c367cee6da499a4ee6247e06687f4a582a7111e1aefb5d819119a7d8a401774e756896113c37f5629b5bc66bb65e5e0fc0ed831

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
89efea19d3a83b38e48eeb37d0b87848

SHA1
e89860be75c8ee470623e417641293969d037f1a

SHA256
86e8c5dec8eedf6cfa0275e74c8e396cfba71ab0580047e9582dce3e082493a2

SHA512
3093a3569bfefc1a522815884ddb5e4025cd007afba1124cfe243a7bdbc52d989aabd12604a5ec93db32e5e8e5aa60d01eba2a02deda634d0986fdd174d44146

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
66011649db6f648c0e3471fc03f6d2f5

SHA1
8edb15f699150a3bb8d961ef35b38e04bc09b1e4

SHA256
43a9c4e37697bd02c8843fc91fac3cb93ed415e2d1f9bb166922adb14a55b360

SHA512
6807e70fd4e9869e1e4ac236ae266f51775acd749aa35bf3e02a5d37ad28c4721d432bdddb35caa95bd13df97ad95f5382d5ae3af9f96eca2a53a0eb163454dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
d97f6de550edcc6844f60e7363e84f99

SHA1
2af8e16a2760fc3e56e8a196f9e50d97b3957f1a

SHA256
81b9a89ebf9ba6ff46c00ecfe940266596ea4eafcfb4310deec2be30356e8150

SHA512
25dacb9c77937c3940fe18e5358accf058447335f91550341e7d38336000966abde566a0e0e5d780c9ae51065e5103b61b4f142cfb7640ac689a55ec7bb5a0c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
86ca9fd1ea8c4458a9514e839b9fbf4c

SHA1
d49bb0ca059134205499c7ee401322bb3c498a53

SHA256
3deef67bb3b4b3a8bee7b1aa9e89103b69d17659ad9368bfc6bc14d00267e7bb

SHA512
c480bb2cb26d38c08e7df9b1ffe485c56ca9fe4671d05bc3093da29b4507e1846762f33b97f35849ae4253af3d918da6ce3f7fbe29dfe2e1dc2330ac1059887c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
619f7b9a2068c80253015468560e59d5

SHA1
d99798abb5ce2b442d152a0d5cf89313219d0939

SHA256
ee6c757acde893643f4e1469df84c634721d0419919b9a6c0ced4a978a95335a

SHA512
3f00b181e5a14e2ae4de244807a160b882640a7f13c39936d795362d97941ac23fb8306b5138a35340ed0425b84a88051c22f263c934505a225542b1f73f3426

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d60e7559a27dfda3a93748e3699bf340

SHA1
b5e41d7589c3f4e63798d7603015e000007edbd4

SHA256
f86a2786ebac281c8e9c646d6ff0dc95f3a47814322c58d59942b53e1ad8e26c

SHA512
54d66607722ab0cc6903ccb6b78d57d78fa201ec80712eaf85bbd0a67b5993b2636b9bd6b9e5d35539de54b01707749fd95aa4748194605fdc54490248d7f3bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
8d4e22cc308eabecf740c01f203943b2

SHA1
3d0a505fcb077a7b6c3e45b9a8124ea5124da2a2

SHA256
2d5e2e81c1e1d271de3f32733d798d6d01850aba3e58a472ae0677a854561bd1

SHA512
020a740929db833fa5b2fb5cee2f1715abfbbc7e1515f1e3545cd1b8a276c28848f8e72623476500f247a04e60cea8495764f21739a1271140fac3bb0e99fb53

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
80f5c3f8063935e31ba3aa0dba8bbbab

SHA1
c42747dad5dad066d5b9803efd83a8e29abfdc2b

SHA256
1b44dc1b4b1941316ee9a76855e73eb9ed3af82915f1faf9ce042a88fe8899df

SHA512
64fd789029fbd44a786b40fe00de7592aa21fbe4dba0ad2fdea47267f81e94b92fc2454e054554e7e641c3d3c8b77b97502871b1f8b8c291d58d8156ea0d27c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
1e2327284161b025efbf8ee7ff53de31

SHA1
e2fb18d1396be76ed9a1fb2e1fd82496f12e4cc1

SHA256
d0fa7369b80dc55ba6179d46469118dfa863103d58828c1a027f54bbe1a3581a

SHA512
768d196c1b5d06c0104010d8ebfdb11d6e0786b25a9dc0240f6b1760ea026a0b63610ec5916a7389f8440a15e86fe0c9e30130e47dfa0b9b460753bc1839f3bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
a0e18e08f06c926fa26152213d43cb4b

SHA1
cdd3d10e5330ad6f4f1f26f71143b538a5ad3e81

SHA256
a9cb026b23c4c0a5ce27cb8d1dd925f9601d15304a0af77f72578fbdd081eed4

SHA512
74e9c353c063204d7073107d9b729accc709f93f5ad6c5859e5a034036aff45a24f2fa0eda5cf1edc23fec976a65e1710d23fd51e6582d23ab6cb03fe1fdc13d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
87d3bb8a1ee3433060b42b35f2ccbea8

SHA1
d86c083f53b879fccb10692e754e1abd7a8a909b

SHA256
54fcb9fbaf8ef87f118c0a01703869187ec32cb4d3fe7deed4bd08275929e75c

SHA512
7a7bbb9f0e43d035e7114b519fa410d2c316603de16f6003288def3db1e70c9b66af526226cc3ddf1f8a815b6b43e6875924c830bf69873bdf42d2e9e8066578

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a28d8fae5dfdbf66b6d8b4bcbd29c1dd

SHA1
7f2b339f1820b78d35789f966012f4fdcc51e01b

SHA256
4da04fb3877a20df9f27ce61e8f5b93f45bb2764ba8b1b3a4927f1253444ef1a

SHA512
f9abf27e6e5a6ac7e07bbd61f963e2ddb6d74678de4c74e9879a5b26d1ab000dbed4125594c96f27e2c1c2ce456ac91a2a5a05b5d5a1233c3a7bed73dc6536fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b7b2f1c4a6e7a7f86c31cb162b5f10ec

SHA1
1989f34b3977aa24e82a5e83f2ee8e00d620755d

SHA256
21ddd3c127bf3cf53cc91e32bf40882ee9e150c87626be6b1c475f04068298e6

SHA512
1ad8e70b702174616a10a6873eab3e96fa117536f53444c273b66f124569b0aac3aa1f24a8122316ebf4711c84edc4751e068ff278f0ac6729e646078ff76163

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
5750fa37d2d59d11f446b7639804ee3f

SHA1
45f828766db1b11e8bbb80beb15325ec17359604

SHA256
9e2c1dee217e9869148926086338bc22cefd8628768192d8f12db5c90e9b7622

SHA512
5b79d8055229ef2a689fc0ec710f9fb5ff769407179303a6ae476586aa758d4655e1bfeea3e940e105f40fa69ab08f2737db455f0eef7e99a2493618b8e02c4e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
d02f437ad26263d3d8ac2cb2f780a4bb

SHA1
f154221e0fb7e77dd66db8db9b586983d4527d46

SHA256
2d3b081d7a3c77a24cfc9a1d80d9610796dfb5268ae9820ec75d68b60a0df94c

SHA512
824578d32a24f24b4abcfa8a3766b18138f20c1c4fd25ae453b60e709ec536c15be642ca2358c5a43eaae0c8f51dfd92ca1ff7179621dcb897bfedef7d83637a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
98KB

MD5
539fa369934edeed92c3116bb182d720

SHA1
ec775354c60bdd0c078b74dd40b51d8af7ef7dee

SHA256
62b85da25ee00fd2898d604fc697375d8f8e0a230ce3b8ca237029f88ddf2f6e

SHA512
af1371e4f231acca1b83aaf2423a4152d6a65eb3c0825d5a5b41c828e4abfc8e5bbe5467674d1e27c1a1fdda8bb16e27314bd4bfe5d287d2f28687a207671caa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5a8687.TMP

Filesize
96KB

MD5
a4f0af706dea7d0e4a6cea35e909fcd9

SHA1
9b98b8d455fa34d8753cef3d5214cfa51443d059

SHA256
6538cef5aec9f4466c7ba1dd7783513da28119eadbff71013458ad1199151e81

SHA512
7e39e12712a41f59e993828e0838c3c61e31dbb01695103de1b04977eec951dac07d41d35ea7f5661d00e18d3a052c658c71cd63101639e49454133ae44f0db8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit