hxxps://www11[.]cuevana3[.]ch/peliculas

Analysis

max time kernel
150s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
08/07/2023, 17:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www11.cuevana3.ch/peliculas

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133333112230665383"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
860	chrome.exe
860	chrome.exe
3824	chrome.exe
3824	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe
Token: SeShutdownPrivilege	860	chrome.exe
Token: SeCreatePagefilePrivilege	860	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe
860	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 860 wrote to memory of 2364	860	chrome.exe	30
PID 860 wrote to memory of 2364	860	chrome.exe	30
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 4916	860	chrome.exe	84
PID 860 wrote to memory of 2636	860	chrome.exe	85
PID 860 wrote to memory of 2636	860	chrome.exe	85
PID 860 wrote to memory of 2104	860	chrome.exe	86
PID 860 wrote to memory of 2104	860	chrome.exe	86
PID 860 wrote to memory of 2104	860	chrome.exe	86
PID 860 wrote to memory of 2104	860	chrome.exe	86
PID 860 wrote to memory of 2104	860	chrome.exe	86
PID 860 wrote to memory of 2104	860	chrome.exe	86
PID 860 wrote to memory of 2104	860	chrome.exe	86
PID 860 wrote to memory of 2104	860	chrome.exe	86
PID 860 wrote to memory of 2104	860	chrome.exe	86
PID 860 wrote to memory of 2104	860	chrome.exe	86
PID 860 wrote to memory of 2104	860	chrome.exe	86
PID 860 wrote to memory of 2104	860	chrome.exe	86
PID 860 wrote to memory of 2104	860	chrome.exe	86
PID 860 wrote to memory of 2104	860	chrome.exe	86
PID 860 wrote to memory of 2104	860	chrome.exe	86
PID 860 wrote to memory of 2104	860	chrome.exe	86
PID 860 wrote to memory of 2104	860	chrome.exe	86
PID 860 wrote to memory of 2104	860	chrome.exe	86
PID 860 wrote to memory of 2104	860	chrome.exe	86
PID 860 wrote to memory of 2104	860	chrome.exe	86
PID 860 wrote to memory of 2104	860	chrome.exe	86
PID 860 wrote to memory of 2104	860	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://www11.cuevana3.ch/peliculas
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd92399758,0x7ffd92399768,0x7ffd92399778
  2⤵
  PID:2364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1740 --field-trial-handle=1908,i,7603098398325544460,9436951242377354806,131072 /prefetch:2
  2⤵
  PID:4916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=1908,i,7603098398325544460,9436951242377354806,131072 /prefetch:8
  2⤵
  PID:2636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2240 --field-trial-handle=1908,i,7603098398325544460,9436951242377354806,131072 /prefetch:8
  2⤵
  PID:2104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2840 --field-trial-handle=1908,i,7603098398325544460,9436951242377354806,131072 /prefetch:1
  2⤵
  PID:1548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2848 --field-trial-handle=1908,i,7603098398325544460,9436951242377354806,131072 /prefetch:1
  2⤵
  PID:4028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5184 --field-trial-handle=1908,i,7603098398325544460,9436951242377354806,131072 /prefetch:8
  2⤵
  PID:4388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5228 --field-trial-handle=1908,i,7603098398325544460,9436951242377354806,131072 /prefetch:8
  2⤵
  PID:1852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5592 --field-trial-handle=1908,i,7603098398325544460,9436951242377354806,131072 /prefetch:8
  2⤵
  PID:4784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5268 --field-trial-handle=1908,i,7603098398325544460,9436951242377354806,131072 /prefetch:1
  2⤵
  PID:60
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5396 --field-trial-handle=1908,i,7603098398325544460,9436951242377354806,131072 /prefetch:1
  2⤵
  PID:4308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5552 --field-trial-handle=1908,i,7603098398325544460,9436951242377354806,131072 /prefetch:1
  2⤵
  PID:4732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5808 --field-trial-handle=1908,i,7603098398325544460,9436951242377354806,131072 /prefetch:1
  2⤵
  PID:2892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4968 --field-trial-handle=1908,i,7603098398325544460,9436951242377354806,131072 /prefetch:1
  2⤵
  PID:2788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5376 --field-trial-handle=1908,i,7603098398325544460,9436951242377354806,131072 /prefetch:1
  2⤵
  PID:4044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=924 --field-trial-handle=1908,i,7603098398325544460,9436951242377354806,131072 /prefetch:8
  2⤵
  PID:3572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=932 --field-trial-handle=1908,i,7603098398325544460,9436951242377354806,131072 /prefetch:1
  2⤵
  PID:4204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5876 --field-trial-handle=1908,i,7603098398325544460,9436951242377354806,131072 /prefetch:1
  2⤵
  PID:1036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5288 --field-trial-handle=1908,i,7603098398325544460,9436951242377354806,131072 /prefetch:1
  2⤵
  PID:4000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3780 --field-trial-handle=1908,i,7603098398325544460,9436951242377354806,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3824

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:5064

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
480B

MD5
f255c22b10f74a77c629cda285692bc7

SHA1
a23ba1b3d2cfe0af1135f5dee3309db67483a8ee

SHA256
9d431057e0ca6a5d0928319eec2df3c5b8ae8e16331469650ca86507a4b2dc36

SHA512
e0a07f4cc4658c3836fe8b3fbcca4b44bdd4a9c144569f44c1e9bf8701f1ba2cecb57ce08735bc882f84065d443973b82b63ed1daa3bf4de756803f9293a71e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
293d76d49b4d8f8b23f5c0732fac6a70

SHA1
061b46f72be6f9cc7352df75c301a2e0e993f14f

SHA256
653edb2e45b38c17b928e103d082ef429c5265cf0ae189226e33c05e8e63caa0

SHA512
b541959e99de5493ad4540f43a4ca717497101475484d349a460613dfc31929f342a8db087e16e13ef1229b179daca474236fe43e3e44852a4e3a67967cdd107

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
5b7a3231648f538b0ea0097958667443

SHA1
3226f5c059302859a051370920b2078d665250fd

SHA256
063d773273fe957653fa94a3a5761eadf31ebd9c91a3d207d12544268de5812f

SHA512
92fd16e540f657a63a6afb40572fca6471a05414753d438e3f72a7f153a9b45b99c92d6fb11bfbd7e4c83d1e9381b70bc9e4bbcfb1d740a310df5d9b50510b7f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_fadszone.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
7KB

MD5
0691ff8d6c5f0e34749b6b96c31ca147

SHA1
804ab261601fabdbbeb1bbd9caa0cb2bf37d8ccc

SHA256
57bbd0311f8ce91091003418eacedb98be51f5c8b923d8848c567eb292cc554e

SHA512
097a69673203cd0ce73ba0b6b1d3e28b1e93ee61843861f17e68aa852f413dbae9632932261f4d10682d5717f27d7c1a0200ecb6202d4a6edd6caf930f312056

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
432781750e265c8c9cca3706185eb71c

SHA1
cbb143611a5745bedefc1c1ab2458a65428c65d0

SHA256
817bb612dd54d07a149ad0bf7a8fc00e60c61df44a0ab5b73fba45d91d9fa296

SHA512
ddc2d46aadbcc292bee54e7ba1f9f1ce8269a30ea3978e02dc555da8ba8b5f3d32cee25df20d2b079bd96c930a4b9e4be2f288d2963c0f31002013786af0dcde

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
9e54b671eff8b322c837be42e91caba7

SHA1
ee7671fba44e024a739b88896fde87c5da6fe416

SHA256
83cd609b6ef7a1f6f58ae0538d791912f615582bd3718c0fdf3f04f44371d306

SHA512
6add791c8ccb8c6e756506a35c67657a589b9955eaaaf4877a5927d8bf97ea80c680c65ed0896e499068ba2e5e20ec3b906369f9ba90d8183e6d10fad4a5ae5f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
705B

MD5
d63725fc68e73c55ef0fa95c7a66698a

SHA1
1a6c014a2a49c99fa5881035b7ada4fa907cc4a8

SHA256
fda0767a623a39307366359cc135bdf06729c6fa386b7bcef330c0611d53c247

SHA512
9fe984e03541238e312e568647db0dedfab3c87223272d47cf500ef5f266bb81952c4ef2ba24f17488a22a4a0b5b3da701e1315940fba962659657ee30b2d1f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
873B

MD5
169de9ac0955151c93378e1c72f0ea74

SHA1
3ada34c6bcba63f7020e5b34a7183659a549e492

SHA256
9b3514dc248ef3c16f72540deb2cbec2e7158e3d0aa4847cd01ee7b3d0582460

SHA512
ea48d084b76ecbb08b8432753e34190386dd033d8b43401ec3bb27b29ff41c466432cc55e910703ffb84b1cbf753595bf8a836fdf5a998c093f452f90573a903

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
1b29a427a12cc95dd18c4df6a341b289

SHA1
ffafe2eeac7056a2796eb3a777f56905c6d645a6

SHA256
2565e1ac0f21c0d91c6e9f768efa1ea61fcd21f7285390d9308a5810631b875e

SHA512
d4983bcf4b549899d5ceb96dd46aaccf18530546ba6d971c960bc6749ff4c069a44f45034154d32e6e69c88f349320981f204c4028d89d9f82f38181ac64f070

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a67d2950fbf5bc4bf392b971c741d531

SHA1
4383f571e0a6ee8fc64e0a010b4f5acad01284e9

SHA256
862dff8c0add0ccc8b535741b2728cfa72f3a3dae1969111080bf6556c109fdc

SHA512
10189ab826d0222ed60cde07aef18b149a5ac9d8de7d83058a374e2326ef4ff13c1b0c8c3a51b64f6fd867017c9159e0b77ecb5aa1176f75450ce6b4d5595509

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
8e771a61b0455e6d30ba97a9e1ad50ac

SHA1
602545aa8e41e9e03c69ca15973ca4896922741c

SHA256
edbc08f22fddbd625f0c4128ac97ab0d598b815189d8312ca120dfcdfc3de394

SHA512
e641af80bae8f60d3242460166b06b12acb06ad9a0ab1c8d514a3a70e897e5163a26325b020b41438e17d79197e97e73500039b0fbb084b64558b69e3e42ace9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
8f2f38f6a100bbe99c04a2c48129ed65

SHA1
efed8cec889c73377f182300b9bb4a7f48986ff0

SHA256
fedc47e29243ab9defa564b49b552d400edae8264efe2a4adb4c39e8374eae46

SHA512
8bea3771e80875a1af6e0877db1fcbb4c490be237dad33467b74a49823806c76597c604f2b2fc899e89b2f7d647077a1bd8b1b0572269dfdac6a4c066d8bf8c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
06e6f33d40eb7f610548a6b54b316bbf

SHA1
0c9ab3c9d446579684fd3b89d012c64639c47f49

SHA256
ddb372bf02ecb9cf238f0a388d8638a240a799b527d07128a51d3121a72e2781

SHA512
986953d2397259d4aae1500bbf472fa423a36a2364054173db5a289706a5b7d4f30f96b04e5c09c93a90ab6134df73b888bb53b0c474714b5ee3d3c300571903

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
ee24a3b60d02cf956353c36bd36f9153

SHA1
be013548d0320f4199e1cb5dc8ce76dd757574d9

SHA256
1fd25691c0462d8fbe8fa9086c98fc9a450e094568d61112be71f1ba5e7c001f

SHA512
ea1122a10b283c48731f257a26e59c07824294488224dfe6d2faa27f794d0a15e0fbbc180a04b2e14ad548cda966e5305c8d84445d728d40ec77662ead77889d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
120B

MD5
1d1c0a86f5f08fe5918eb0d5dafde4d2

SHA1
77b54a8e982e9a0bc65fe918af6ab0a6b059672f

SHA256
4daf7b63e30f70d92641099d70c90a3ad9b8ebf2fea87e0ce44cb329ae80b628

SHA512
3d5acf7d51c3bb8c002eb7e8e67793851c9ebbd703f4121cb10842e87aa41950cf9e7535d5fa46ef4e9077c8b9ced806c9faa9a8d49ce11fec84f2880f239967

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe580b84.TMP

Filesize
72B

MD5
d627c891f78bdabd5ee0efd637cac366

SHA1
41964a918411d929d32cdec602e6ab4d4de712be

SHA256
f81ac475e3af7f78eaea7ce131092c9c848f6a9ab3efae66009a5d34beee62b4

SHA512
4145646aa00c2ca13e82de9035a3144759e3e39867341ef57605d50475fa0da6732498ab597e5d30faf207b8ef4a9f54adb6db4f10f126a82681ef1d2cb8d36e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
172KB

MD5
74c0177c6ed62d9e0e93740adf15b0d7

SHA1
aec8ad9c675496bbcbdb69d3b9497919ca199037

SHA256
f0fc3cae3701ba81dce4c7decfb1b28d9e50ca014514ce9cd9480df5d4d892af

SHA512
0a26c92e8e8280698a14ba58c202192020fd5fc8e15737cd207eb236777aef242e4f9241c2ad44e5b0dc9667d68a6cac98e53ac746ccffca1279336e59897369

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
172KB

MD5
f76211a4740d06d42ab915e2cfc62859

SHA1
45a596d2d03b59c4d0f9356f4b57ba357aa790cd

SHA256
bfd0400554b7577a204ca12bd445fae3d69a1966f08c96346ba4f8f63ed324a0

SHA512
8557443de32aa0596acd6f3be7dab7e0bdc7f3839f736009ac48e8b6356df056ea4053979751947b3fc8d6ccb56dc6cf6010ad8cf8c9e17033adf25ce4e455e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
172KB

MD5
0d825ec4db9bd055d75950cee630be1b

SHA1
2bf29a9a80a49960c9d7c6b598e3cc5a4e3b0e23

SHA256
47ee3019528936e80d26f68a7ea22b17fcb5dbb74b467dbece23f10a6604e2e1

SHA512
2238b58a25b548b44c1630fdeecab7e79fd3a866d0173633e72a05d1558af8ca590deec0799c29fddc98aeff65f2608d31f66503b0f70cdc7d831ec13f75910d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
172KB

MD5
cca4cd69ad991100bbb67c0886cf276a

SHA1
f064fb1d9bae60eca3229f364e14c8ed62a727dc

SHA256
16fee5f981a3cf840fece13f47741ab87b0fc08ca228d3594ad1dd566867c1e6

SHA512
bd63d348391c1a18a44dab747f68eac25f47de14bde93c6f0eb004a0dabdfb8813759a91172d2dcf737294e55f304ef709026014ad4817c7486a37c41dec06fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
107KB

MD5
4451668caf703bd319e5a94f1bed6670

SHA1
f296a537bf00fbc4a2fda358d4e30e4adcc57bf2

SHA256
a4efee827108001dff63fbdc1902f3ec124b625c599d2e9a8b3a2e5cc24ebe3f

SHA512
260d3d036a24742e8fe7876ee66c507eb70ebc410be12772ce1de73caf00b9cf8d369f04761deb9981778c7dc1e0cc67b770b581b99a4a005154f6f212d49456

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe587308.TMP

Filesize
101KB

MD5
5fc7f1fd2c8d73fd245ba01b1288f21e

SHA1
7b6cb674c8c714e3497ad75d364ee6a663d41d1c

SHA256
4e812c74e7a9b4bcd215b5dba9409c4485c6d313c405bc3364939ef09058d83b

SHA512
e3dd22e520e0c889a5fff81085152dcce8114ab9c5a06f69daf308f20199f256f2eb32ee74cd70f8b3d15a6c0d267f4662aedad1ba333d459b06a27d19ed017e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit