hxxps://www[.]canva[.]com/design/DAFlIaFaEfA/hLMiEl14riSFVZfBQ9ZEOw/edit?utm_content=DAFlIaFaEfA&utm_campaign=designshare&utm_medium=link2&utm_source=sharebutton

Resubmissions

30/06/2023, 14:27

230630-rseq6add77 1

30/06/2023, 14:20

230630-rnlnxadd56 1

Analysis

max time kernel
116s
max time network
118s
platform
windows10-2004_x64
resource
win10v2004-20230621-en
resource tags

arch:x64arch:x86image:win10v2004-20230621-enlocale:en-usos:windows10-2004-x64system
submitted
30/06/2023, 14:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.canva.com/design/DAFlIaFaEfA/hLMiEl14riSFVZfBQ9ZEOw/edit?utm_content=DAFlIaFaEfA&utm_campaign=designshare&utm_medium=link2&utm_source=sharebutton

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133326084583252735"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2704	chrome.exe
2704	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe
Token: SeShutdownPrivilege	2704	chrome.exe
Token: SeCreatePagefilePrivilege	2704	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe
2704	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2704 wrote to memory of 4344	2704	chrome.exe	84
PID 2704 wrote to memory of 4344	2704	chrome.exe	84
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3184	2704	chrome.exe	85
PID 2704 wrote to memory of 3496	2704	chrome.exe	86
PID 2704 wrote to memory of 3496	2704	chrome.exe	86
PID 2704 wrote to memory of 1704	2704	chrome.exe	87
PID 2704 wrote to memory of 1704	2704	chrome.exe	87
PID 2704 wrote to memory of 1704	2704	chrome.exe	87
PID 2704 wrote to memory of 1704	2704	chrome.exe	87
PID 2704 wrote to memory of 1704	2704	chrome.exe	87
PID 2704 wrote to memory of 1704	2704	chrome.exe	87
PID 2704 wrote to memory of 1704	2704	chrome.exe	87
PID 2704 wrote to memory of 1704	2704	chrome.exe	87
PID 2704 wrote to memory of 1704	2704	chrome.exe	87
PID 2704 wrote to memory of 1704	2704	chrome.exe	87
PID 2704 wrote to memory of 1704	2704	chrome.exe	87
PID 2704 wrote to memory of 1704	2704	chrome.exe	87
PID 2704 wrote to memory of 1704	2704	chrome.exe	87
PID 2704 wrote to memory of 1704	2704	chrome.exe	87
PID 2704 wrote to memory of 1704	2704	chrome.exe	87
PID 2704 wrote to memory of 1704	2704	chrome.exe	87
PID 2704 wrote to memory of 1704	2704	chrome.exe	87
PID 2704 wrote to memory of 1704	2704	chrome.exe	87
PID 2704 wrote to memory of 1704	2704	chrome.exe	87
PID 2704 wrote to memory of 1704	2704	chrome.exe	87
PID 2704 wrote to memory of 1704	2704	chrome.exe	87
PID 2704 wrote to memory of 1704	2704	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://www.canva.com/design/DAFlIaFaEfA/hLMiEl14riSFVZfBQ9ZEOw/edit?utm_content=DAFlIaFaEfA&utm_campaign=designshare&utm_medium=link2&utm_source=sharebutton
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f6569758,0x7ff9f6569768,0x7ff9f6569778
  2⤵
  PID:4344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1796 --field-trial-handle=1788,i,13433388426025248685,12084535763284922836,131072 /prefetch:2
  2⤵
  PID:3184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1788,i,13433388426025248685,12084535763284922836,131072 /prefetch:8
  2⤵
  PID:3496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2228 --field-trial-handle=1788,i,13433388426025248685,12084535763284922836,131072 /prefetch:8
  2⤵
  PID:1704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3116 --field-trial-handle=1788,i,13433388426025248685,12084535763284922836,131072 /prefetch:1
  2⤵
  PID:4948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3132 --field-trial-handle=1788,i,13433388426025248685,12084535763284922836,131072 /prefetch:1
  2⤵
  PID:4724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5212 --field-trial-handle=1788,i,13433388426025248685,12084535763284922836,131072 /prefetch:8
  2⤵
  PID:4228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5668 --field-trial-handle=1788,i,13433388426025248685,12084535763284922836,131072 /prefetch:8
  2⤵
  PID:4540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5768 --field-trial-handle=1788,i,13433388426025248685,12084535763284922836,131072 /prefetch:1
  2⤵
  PID:4140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5708 --field-trial-handle=1788,i,13433388426025248685,12084535763284922836,131072 /prefetch:1
  2⤵
  PID:3440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4752 --field-trial-handle=1788,i,13433388426025248685,12084535763284922836,131072 /prefetch:1
  2⤵
  PID:4064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3320 --field-trial-handle=1788,i,13433388426025248685,12084535763284922836,131072 /prefetch:8
  2⤵
  PID:2116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5916 --field-trial-handle=1788,i,13433388426025248685,12084535763284922836,131072 /prefetch:1
  2⤵
  PID:2584

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4384

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

Filesize
18KB

MD5
656d8d1780f80060a9fb99534b6ec2ac

SHA1
880c5c1a121e1c102cadd1e826fa1d0240215fb2

SHA256
d1b64c59cbcf06d7efab6494b3d6a8b28da0dacac3c2a53922120fa845dfab68

SHA512
c7c852b8d764f775c73bdf668ec4d9e30ec2a8a5cae8a9190d6726af82bb914c4d5b5fba3e8fed4b09705e21b8f9dc85724be4dea4db5798d66a8ee6ca6974f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005d

Filesize
171KB

MD5
7a88e1edbba1ad7bd345eb14f1377a59

SHA1
b299cf2eacc2d17d1f2fbda9391079b6f05fb022

SHA256
3f6aa29738172f431b8e2af2e39cba0c2f91583d7bc23f988c7b7b35975bef2c

SHA512
48870540a5e7aedf4513610e23dad5d37ff48dde92909345771f7235d4526893e65d11915b46191e62dbe6e9bed4626215703fc90932bdebed356568c1557f95

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
53176fdceb50f7f0f46103032a64499d

SHA1
75c030fcccd65dca1d33d34cff21de312768ad21

SHA256
b6a7162925ee31b4762631806b16aeb1369905777e2ee47396d25aa87577e3d5

SHA512
c5c546c86360d89dea068545edfe621a096cef4b5f233d09eb0c1f6fce7c11c381d2278b03fc49e5fbd7a20a0ac0905988fe58b87fedc1ea5d381dee5197c613

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
d5c544ab68b82109a97a68e79d66710d

SHA1
b5ba9b638c1d5942ff26a12cba2fd7d9fef081ec

SHA256
a8f9b38b47e64258c14c2ce71f3a32df55da790d18c76fe60a364d2c6bfca69f

SHA512
2d56859aeef6b85861de01ffb30f14f77066ea05f799086f13cfcfb8fa43bd93f1ed7718c1b7e5505831b699b40dd2bbb3e37ef0169c4526317e367da9c93b41

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
155930de4120ac520189c946f2c3a3f1

SHA1
17649b934e2c3718696383884bed9bd5760ad3ca

SHA256
df88ebbc755b08ac5ecfe71b4007fd9cc4d1cc5d68353420e2be95037ab824f3

SHA512
4f0636eb1c4ca20b92fa571d16b1cb3c468ca0882fee3bdf90f9e52fe715e7a88d5c67dc5d198ca10a0d58355ce03a46aae08a7262fe2a1746d5a50c49ccced3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
5074c21e889f586250c517d1b67b9311

SHA1
43db98014233e5b1016331f36f6697707224d9e7

SHA256
67a858d85f6cbd05c3282639eb446486e80999be0c78fd5f80d959aadfd3b471

SHA512
fbcee024dc8871dd48a4620d296109e1bde3b0d7ce88e22cf02a4e6a84cf6ac471c3e0609327c7bb2b3a0081c01cb14b9ff34560451859fc0c20dc80f62b1ccb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
1880539e51b94fe610f19218a27350bf

SHA1
32a8357fe39575e8ac12e27139241a0dd9f905ca

SHA256
b60a7dd297d3bca62208b02cb45951c3943d675073f21db8b3f7e91467c28336

SHA512
4720877ec61af4380883af35b9e0afce06aacba38297cce6395a61c0e42a4e7c8a19baeb519d1fb14a9ab1b456e13ce18c9a0a190724193524ee315bcab8be90

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
0853c956bce598c6a159d279dffe1acf

SHA1
109289771b8f53cc6517b683bb109cc4934d6576

SHA256
164b83664058739c1c0e7a01e55d10dd72fe360433f2712db06c6daf7a3557d6

SHA512
349c7131e252818dbf53a842e428011c6731d50132b02e8f0858d2dd45390d42147b213f8ae2c946412feee1ed8cdb11829aa5c0b33a1dd20e147cd9724d2539

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
57cd00b3f79986ec0c5b0dc2aba70425

SHA1
3118cfbf5cd7c8f79001a8a381aada18c9543528

SHA256
4eeebb66833d3ab89845b97ef8c83f33156ce3a156e949620bac1ca0546a49f8

SHA512
0610dbb53cf440666701a2a23bcc652e76b9b668ac8091d72bd0f21e745dd1c3cb2a1c5841cf836a4d68725be068f13a9090d17feb93d668e5c0ef03352efdc8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
68afa64ef29a487131076eb0903c9804

SHA1
1b8c5bd4ffc8fa76ba2ac1939222f036df45d624

SHA256
cd70c89200675f8ef2dc22d967e7bf68ffa4dd6598fbbe8af61b1f61826bd83d

SHA512
c3ea3020d6ff9d84da9ec403416d46ed9c2160671954d8c8a2862e45783bb3ae54c88d016628d4882a15e47d56134072b0fcef270e757f060f249e8b93ddfcf7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
74bc83e03bfe1d3ff6395e1a1a160411

SHA1
227022009c02adbbc4ac62ae96504c230b7b6171

SHA256
6bf8171e7d6dac28c76c7616200352f3f4cf462a8e90c6f0d2a1ffe973ecc155

SHA512
a7e63d562a26402e1d8bf73b6c06efac85f521be2d3b0cfcd413af9c01273b6f1854adbde14fb213e317e4d8fab49902a4da642c4719b64917551e2c1af75c87

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
f1ca3cd1aed5efc813a1b2cfbf54e728

SHA1
e7142950b411f5b362b8d6473db0b9f4f3919b8e

SHA256
521dcfa5677249b52fcb3fdc575f7569fddde30a6c957069dfd1c2334a756a14

SHA512
be285f5daca53a8e34b57be580e5ede42b9f8195859629afa4c6df1ed70343efb4ccf43c9b474d2d37966b40161f69a89dd40a977eeb00bd81e649a9fa988dde

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
b58b4786a5bb9ef63aae230e3f7b914b

SHA1
59e6e92c73a9e0f15c5f156d5ffa665ddd668384

SHA256
74c77c0108a737dabbd6f8cf59b2095f67d7a6954ff881c0d98007df34fe6bea

SHA512
42c6b138fbe45b631285a26688bfbdd77bb9e7d7e628675fc00341f8946c5b2e51475427d0563cc1c9f31be0d7df7ca5ad48ce9c771c929052757be934df33ac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
7f40331bd55a437de65a9a63fc805dbc

SHA1
1909fa35c8520936ebdad07712e898a850ba1063

SHA256
710e600a083664482ff629723e9380d41ba77b52e8fa4e77b5837087c859150e

SHA512
87b06ad6170d3ed4327d975b7c6ace883936c1ae5d14e69c340c0be689fe67f80e415e44e76aaea51cd9bef0ef59b0df3edb0fffba14acc2ec135cfd01364f07

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
4ebe76ad3a9f097cbf32342a6cdb7837

SHA1
da54ec3e80cf585895d2e07f750d677b0f9db151

SHA256
5211189a3d518c47a9742053789d18703a218da7f7b4055f7bdb0a572019bbe1

SHA512
17a69d26f1f7590ed490229aa9919a069eb1ede55a19d94a50c83372415a5ecd079bb6ef9a548410772fc9e17f616ce92fccd6f59c7020f49f71cf71ff529e3d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
e48a688d80183ae6eff8f2c574b5b372

SHA1
103e0dfdb5c50be108db9c191c9900b01556360d

SHA256
0bdb40af873dfae57a49363de68900eb1fa58800e6c292529a6e80129f13528d

SHA512
ae9784852ed1934b64b5f84d5f33687e52beb365bb802916b432590c2627a3c2a907b07054c92ae881b6d24d17c85a53db16a8b008e69a365d5fb74ccc6532d5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d1394a4c842f7861ad7ae5e20da4b484a0c4acad\471771da-22d7-4953-9f9b-be01ca4a4edc\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d1394a4c842f7861ad7ae5e20da4b484a0c4acad\index.txt

Filesize
168B

MD5
c879f429a0229d94dda67bbca5c7dacc

SHA1
03475df92f682cd8952562ca2617edc90c06825d

SHA256
afe3794c47104cb500a27b70f6446e2df6242594a547f6660597f6e9b63c102b

SHA512
1405ba269daca507d6528f8395ce535acc8265b8e7003e491d45ebf4dd35e6bfc51170b9b048b29e22ba6d1964d5186311c826f191e6ff14ce198260c8a9438a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d1394a4c842f7861ad7ae5e20da4b484a0c4acad\index.txt

Filesize
221B

MD5
74649557ee0f335d82fb39f4f3c16cc4

SHA1
9d894adbe3f8c498cf71fc710e65d57501a16f3e

SHA256
b4dd573c225d92f8536d73e91639c3ad146e6938d9f2a4b502bf920d6ba72b57

SHA512
9df2316fdde490b24cd4ad55bcbfcc4bc22aeb599c376a8a40b61e2419e436138d96a55241e1b3ef499f8e973fa522ad22dab455148711702b93ca07e8089e31

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d1394a4c842f7861ad7ae5e20da4b484a0c4acad\index.txt

Filesize
287B

MD5
d8a0bb12f7327a0ec6d00dd80550fe39

SHA1
a699dfb590f87cf1f8b20998de4900a7fc196fb8

SHA256
af934291b0a93041c2e0e101c6557a5dfb131ecf3684054d8416d69ebf903a3a

SHA512
61463da51bc6364654c88e2f94fd0a4b3ffdfd09c7d225c783bbaf7b422339a8797db576d92b32f5b80528f9a1daf3497f3068ba11c6976d05535d02531efd5b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d1394a4c842f7861ad7ae5e20da4b484a0c4acad\index.txt

Filesize
280B

MD5
2b26b1330851112a6d6f9d8cde2efda3

SHA1
4d8127b3353320ecd796286006fb8fad29846be9

SHA256
102c491cb1cd81bb3d7823c5c8c5405872110f5b18807f7f1ea998d166ca2de1

SHA512
f111eac3b7f535f14a95a4176e302a778c38afc4dae00f0390e30a1b24c6c2e9a9b8f0bc3fb49d26ee3f5cfef7fb27e6c7da38488c14616f91c901738b07648d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d1394a4c842f7861ad7ae5e20da4b484a0c4acad\index.txt~RFe571a5e.TMP

Filesize
112B

MD5
5addef242ffe4ef7dd37a065a351406f

SHA1
2bc7f74e1e4025d0889388485b5e217d4cd8e166

SHA256
62892d431c6968970c729d9b38b969fde9382bbf8208ff48dd26a1e77902f42c

SHA512
c96e44dfe55b36fd24037543139ea034b487822d53c189863451da60c5147a4b3fec6877c039c7de4a40377360e14e63aff4674f7e721cb3bf13bc7a338aca01

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
312B

MD5
1481ee3747298bbd8b421c7fb8840b0d

SHA1
6a0ed0ede9ef6cfd0c3239e0715967b2bde4f566

SHA256
1f20c02a5180be94b2ab2efcd93eaf6576c09432f177d1b247a4bc5218ba7a6d

SHA512
7401ec113886610a775343f259d0ac24e6c81d36b53527928bb2958924ddd58ea5241197e9b87f25b6e537d38656fc5976609ab59dd3be8956e05e7c7f291373

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
336B

MD5
9bd7c33fbde763238fc9a6a3bd077746

SHA1
df321597e16cd3c5625a0fc29ab56d67c3eef619

SHA256
bd04ea2d55f047310928b06d1694141ffffcce9f6f845832f49dfeebb28f8c91

SHA512
b28d25ead13b910fbec200dd47651cb32957d07480dacaf406dc85b55ad242a5bec9c5632e17502d351b65de3e67fedec74f932bc982a9ebb12664f538c65390

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57688d.TMP

Filesize
48B

MD5
7c52659308aa09e3af08cadd3fb08c1c

SHA1
70a99d531630412d3b8d954e0f2ca93db2c49524

SHA256
1b4447aa3182ce3464ae77975f17669a56dbef148710bdf92032c4919d7f784f

SHA512
83b36e59ce8323d942cc74193abc5ec7635dfaf2c5254fae16ab705f58569a5c240bbace79c1848baf51772d4dfe3dcc7f42d85a51dbb8a12d1d54b2ce9c8771

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
172KB

MD5
a647c3ec423c3b4ae3ae9f17a6b4e790

SHA1
4bf61c7ccc4f84e69e478a58a5c7aaf48fb848bd

SHA256
b185eafa3d19d67685ffa07b06b311933bd05de59a3663d43a5faf47b4bf7809

SHA512
f3f49c19cd5e0e7e4fd1181a7a9afbf77b9c06f38b6a978010160b1355d139a935ab6740e8ee8cba8cfa55f1aa4f0456ffaef7c5b14670339ee64744e0f1d80f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
172KB

MD5
4136185a07b985574e499d5346987089

SHA1
e68dc8e19ed220122cfbc2423de08ae80b7bafef

SHA256
6a746c8fda8afec425888a86b2b143f7087b2aad261707da6f261d41271e0e2a

SHA512
fa188c849c90ca7a88e2c0a4ccf13ff5c394452de3bb749ffda856304b7ad15aab324bba7536a619ca1ebc54499c72a8e12dbf10a074d879f1c50b06b69ecc28

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
103KB

MD5
99da40b507fc7580fde96d37c483b6ec

SHA1
5e52350b094fea75e95b2814b589fb627d831d4e

SHA256
a119a6c016b04c846f2b252e845bcab9805d55461a9607705b1fa9b9d44e29a2

SHA512
cbc7236006263c5dd4a3cef01ac4ab3fa148ac5a76efa604e43ba68c678ed1e34dd0c5d9dd81ee2c2c51e57b442392349e97e9807f6c1840c3520b38780bca03

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5839e7.TMP

Filesize
103KB

MD5
cbeda0d1e70b54d57a09e59fd1155daa

SHA1
630b9d0441eb681d46056d46a9ca22e68f491d3a

SHA256
01e16e7c70f449a3959dd230144baf506d61e503fd83efcfc55e327675bbd430

SHA512
4b12860162d16e4a7e864eaf17f199b1f77d897005e061183d75252eb600b4cf3c397fcebddf64fd3ce9da8e4b03095aea5ce3178e61af91a3ec878acf65adfc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit