5b4c360cdfa0c2d27b0f330fda9ca8fdc78530b6ef3c8963128ca3dd16831d7d

max time kernel
83s
max time network
88s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
11/07/2023, 07:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Stargate_Network_v4.0.html
Size

314KB
MD5

8a90f27d1bd65bb3c1829260560691dc
SHA1

65e4236f1db8c81b49f1201d2f2a902b0a643787
SHA256

5b4c360cdfa0c2d27b0f330fda9ca8fdc78530b6ef3c8963128ca3dd16831d7d
SHA512

e0f7af116c114cc45967d6fbe5aa4a4167bc1a7065a4b5b4b8cde5bdd0418c2e7a4f0e26f775c915844f83b55ae21d3473d257581c90899af33e79ea124f717b
SSDEEP

3072:diggAkHnjPeQ6KSPq4oNF5Te+HcI4aW+LN7DxRLlzglKhHS:TgAkHnjPeQBSPqv9Zj4CN7jBhHS

Score

6^/10

persistence

Malware Config

Signatures

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1060

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000\Software\Microsoft\Windows\CurrentVersion\Run	chrome.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133335335379481118"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4808	chrome.exe
4808	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe
Token: SeShutdownPrivilege	4808	chrome.exe
Token: SeCreatePagefilePrivilege	4808	chrome.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe
4808	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4808 wrote to memory of 3196	4808	chrome.exe	84
PID 4808 wrote to memory of 3196	4808	chrome.exe	84
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 560	4808	chrome.exe	87
PID 4808 wrote to memory of 340	4808	chrome.exe	90
PID 4808 wrote to memory of 340	4808	chrome.exe	90
PID 4808 wrote to memory of 1784	4808	chrome.exe	88
PID 4808 wrote to memory of 1784	4808	chrome.exe	88
PID 4808 wrote to memory of 1784	4808	chrome.exe	88
PID 4808 wrote to memory of 1784	4808	chrome.exe	88
PID 4808 wrote to memory of 1784	4808	chrome.exe	88
PID 4808 wrote to memory of 1784	4808	chrome.exe	88
PID 4808 wrote to memory of 1784	4808	chrome.exe	88
PID 4808 wrote to memory of 1784	4808	chrome.exe	88
PID 4808 wrote to memory of 1784	4808	chrome.exe	88
PID 4808 wrote to memory of 1784	4808	chrome.exe	88
PID 4808 wrote to memory of 1784	4808	chrome.exe	88
PID 4808 wrote to memory of 1784	4808	chrome.exe	88
PID 4808 wrote to memory of 1784	4808	chrome.exe	88
PID 4808 wrote to memory of 1784	4808	chrome.exe	88
PID 4808 wrote to memory of 1784	4808	chrome.exe	88
PID 4808 wrote to memory of 1784	4808	chrome.exe	88
PID 4808 wrote to memory of 1784	4808	chrome.exe	88
PID 4808 wrote to memory of 1784	4808	chrome.exe	88
PID 4808 wrote to memory of 1784	4808	chrome.exe	88
PID 4808 wrote to memory of 1784	4808	chrome.exe	88
PID 4808 wrote to memory of 1784	4808	chrome.exe	88
PID 4808 wrote to memory of 1784	4808	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" C:\Users\Admin\AppData\Local\Temp\Stargate_Network_v4.0.html
1⤵
- Adds Run key to start application
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xfc,0x10c,0x7ffcd65a9758,0x7ffcd65a9768,0x7ffcd65a9778
  2⤵
  PID:3196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1752 --field-trial-handle=1892,i,7105199588673507722,4196658752905884189,131072 /prefetch:2
  2⤵
  PID:560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2232 --field-trial-handle=1892,i,7105199588673507722,4196658752905884189,131072 /prefetch:8
  2⤵
  PID:1784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=1892,i,7105199588673507722,4196658752905884189,131072 /prefetch:8
  2⤵
  PID:340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2928 --field-trial-handle=1892,i,7105199588673507722,4196658752905884189,131072 /prefetch:1
  2⤵
  PID:3456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3216 --field-trial-handle=1892,i,7105199588673507722,4196658752905884189,131072 /prefetch:1
  2⤵
  PID:3744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=5084 --field-trial-handle=1892,i,7105199588673507722,4196658752905884189,131072 /prefetch:1
  2⤵
  PID:3200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=5204 --field-trial-handle=1892,i,7105199588673507722,4196658752905884189,131072 /prefetch:1
  2⤵
  PID:3660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5260 --field-trial-handle=1892,i,7105199588673507722,4196658752905884189,131072 /prefetch:8
  2⤵
  PID:3144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5540 --field-trial-handle=1892,i,7105199588673507722,4196658752905884189,131072 /prefetch:8
  2⤵
  PID:1968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5600 --field-trial-handle=1892,i,7105199588673507722,4196658752905884189,131072 /prefetch:8
  2⤵
  PID:3664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5024 --field-trial-handle=1892,i,7105199588673507722,4196658752905884189,131072 /prefetch:8
  2⤵
  PID:5080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5628 --field-trial-handle=1892,i,7105199588673507722,4196658752905884189,131072 /prefetch:1
  2⤵
  PID:5040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5220 --field-trial-handle=1892,i,7105199588673507722,4196658752905884189,131072 /prefetch:1
  2⤵
  PID:1152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4584 --field-trial-handle=1892,i,7105199588673507722,4196658752905884189,131072 /prefetch:1
  2⤵
  PID:1908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5892 --field-trial-handle=1892,i,7105199588673507722,4196658752905884189,131072 /prefetch:1
  2⤵
  PID:1528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5592 --field-trial-handle=1892,i,7105199588673507722,4196658752905884189,131072 /prefetch:8
  2⤵
  PID:4712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=1716 --field-trial-handle=1892,i,7105199588673507722,4196658752905884189,131072 /prefetch:1
  2⤵
  PID:3472

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:5080

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

Filesize
171KB

MD5
7a88e1edbba1ad7bd345eb14f1377a59

SHA1
b299cf2eacc2d17d1f2fbda9391079b6f05fb022

SHA256
3f6aa29738172f431b8e2af2e39cba0c2f91583d7bc23f988c7b7b35975bef2c

SHA512
48870540a5e7aedf4513610e23dad5d37ff48dde92909345771f7235d4526893e65d11915b46191e62dbe6e9bed4626215703fc90932bdebed356568c1557f95

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
f77c760d7197509fa7c8abdbca5551e9

SHA1
0b40db945c4088aa2ad742465fc00fc9c8e8a1a6

SHA256
b8f83011d33dbe197982dd45b57c2c1834ad89861bfb55bdd5380478af82d46b

SHA512
b650fc6a9c977ca8b4b1e59c0439b206e6450c6058daba52f0a2e0ffc7a0433cb61d143892ce37786a2862754a460f613c93b88307047a28ef60ebfdb4285816

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
309950690c444020333fd1e9a3f6c99e

SHA1
d2f3f34a45ad50f373670387d67b59e07a8ee3b1

SHA256
bfd77adb545fe429d2437eeec2864a51a7c75e96a3d410aeb13221894ed5e0db

SHA512
ef266b22e79c5aef4c0c00af4814cb9db8936dae868d322ce88b1ddd91f40fbf66b6445092bbc5f8f5417a483d9faf5f4fcdd5fa2c106fc08ae12dd9609843c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
3bb2b5f7417479c80e31e62b6c77fca0

SHA1
5318a1e40590801a1c44384ad4dd2be9edead2fe

SHA256
cadadea3f519036f612f97d3d58c98cd32f977f7373d65c346d2f80f1bee2385

SHA512
59e5226a03b728654c623f793c8086018dc237e66fda7d68ef212e5760054286aa9011778041c2804c69446f8bd938ee4a596b5e3a7e7d23623514598ac7b0d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
68b831f56c48160d65a98757b9683d1a

SHA1
2dea6293250186506037ea4714aa616c4cab6a4f

SHA256
cc61810dd3c4ade614feb2f5beb4db3c36980f78237c8fceb9806034d36b04ca

SHA512
bf77bfaba6d7643b037c25742ba04dad199965844701f6a37f8e9383c1dff32e45aa95d84a7c7c742e598a6f651d10ea281eaaa4766275553ec759ef20bf2ba7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
537B

MD5
9834ae67d3c28c9e793b88ade3e8199b

SHA1
b19fef8bd73d22d4e17dd0d2e5247852068daaca

SHA256
29f4c7fcda5b1fb70a11f16520ab7c526f6d3d05ae5411b4062f3c422400b330

SHA512
b34a722ae6daeb5121dd21dd0e17f138d2065ed0700ec6d2eb18c7782027643039fdb04aeea9e7beb4d98361c01811d2bf1960f57c618e294ed33d0ced8c2542

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
535B

MD5
902c909bcc03463636298b3c95d4dc57

SHA1
cc6f515ab96de311c92a508160b46b343bb0275f

SHA256
78fd8867d0e8cb8c9734eda7c173a15c54ff724180cc4d7760da3338dcc69bbb

SHA512
36e8c79000d8eb62dfdb88ab0b080ef804863a09be860880d4ac3512464b143ec4425956539963ad00200fa37997f8b5aad56903a55f2023d0964f83636800d6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
865B

MD5
6df654463bdecb902e7f50defda00776

SHA1
3a0a310446c0ddc651b0f27f89aad139263f1084

SHA256
094b9e792afda173cd6ce355bd1e7c2d823f4f5140b907456ce5f48adc315156

SHA512
004465f8441ec8a154997923e2c69564e104b59cf7361b4af9a889211527c7bb3d1b7cf040db21b161fc8e8bb940ef1ac557fdcbdf89ea11ef0f97763ecb23a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
0ca8dab34c9b2af9683385069df69fb5

SHA1
0063724b90232307140b2bc470c58a348a8cdd98

SHA256
8df678e9bbc33c4f84fc3a0b46933a26fb6f684f330a959e99fa9122f9c9ed6a

SHA512
26b141896f369546242e62af6a65d38a9571ce29d0be81f0ce209ecd1aeba6d090bfa7803da91063ee8e71f51d696187c7a9946e30a6b2d9b6741d35e6ff47f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
0f93177eed6709ffac173d186dc41b6e

SHA1
3de3e30684c70ac7e2a022966d6a6fbf83e50bd0

SHA256
92271f93c21bac01e758ca70ebd449c582af02a57c9e5f041acfb79278986665

SHA512
c5abacfb587e7b9c67edec0cb4e2c38574e426a14c1cd895c6048470db6f0913c8a68bd65df5eb74af59c863ae863a9746a0629bef49328d0887de5e314fee74

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
cafbf56dc848397deb28ef1fc21feb92

SHA1
732c1aa5ec53fe09c279e95999199c54a03df733

SHA256
e10e5974770ae0b0ca640a59676dbd92556502f5134f3c0b254454bf6b5e6d41

SHA512
dfa4fa0da760e5bab226135a4b19fccdcd1756c8069df268514a48507c98edf57a61efa313219f14b1e0b72350e94686a7f9f5c6d6753c904912f7edd175dc3e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
6b729cdbe4810f75cd507135f5f2d590

SHA1
1c4f425e932fa91b4003c46b3409d0c032ae41a1

SHA256
0e821545153c8ce5cf8f90688cb88cd23bc53b40097edd14b5355602d6c44c9e

SHA512
2e83f4562d83381ef81a23fc4301f955d700f1904e6592d4304830951b180648cb5a0e947988d526ca18ec65abe86859216a71c61ce3713927a87f38649ec521

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
82ba826ee2f81edaba3b43606c2e5643

SHA1
64dd80f0052f27da72b8ae7e1bcd7f9e3e349a13

SHA256
aa7483a92943973d95f79354515d7ef66ede84b8b1e0a5a44b885922e5b7cdc4

SHA512
458a0c9d66e4be1ea0fa6b422cc51a8a87533119d0de1deb01cef479cb3653216593d72a1a8ecdfa2aad69d8e4bcee2187811c73b6a94aa7edb711d40931c8a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
9dcfdc70c069acbb250727beff485e34

SHA1
561cbae5221739df1ba8d324c9019149d3050667

SHA256
980c312175220427d65f741c59ccc43c189ac3add7668f2c870d6e1521ae5e01

SHA512
3639f99e4b55e6a8b2359a245448caa0fbd3e176bbe90ff9a4fdbad5ee7a44ed1e8bfd021fb49a77c3e2bc935a2e4084434af13248e404655b4de8f83c1870a1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5858ba.TMP

Filesize
48B

MD5
edc5b2c061a2b02be6ea272c497bd796

SHA1
27bdea71cab085950d69e5ff334709b4e798420d

SHA256
a5fdf7a80997ba66569b30a557b57d713f32f9bf0a08a4cf8633d3728c1058a0

SHA512
e38a32c7507daa6f978ff18204128f6ebda3548c06d4d6e5dc874472cee84d60cd9ce1ad33c89803b493775c01a70253184853c67b9acdee61996f8cab1be42d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
172KB

MD5
619b6361f4dd4de3e279b6dcafeca121

SHA1
146e92a457633f8597f5f9cc0923ee01a0300ac4

SHA256
37cdd4725c1b754537b8f0baac0b76d9c7e47ce5ed37523d8838df2522026458

SHA512
344ebf28787bdb81227580dcc704c5bb5446b747c863672b1043b9907e63ffe3ace45f0262871316ab5050f4a81197600a9a0b3e8f6ed69825d46cd409786f72

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
172KB

MD5
1fe1952a2c133704d4578056411f2341

SHA1
5ff13f72616fb2926d392c7113f8e084a66b60aa

SHA256
25987b7f166ce6d0f6059412cadcb0e88f2f41c0c64a9b0ab683d9000e254a19

SHA512
974ca161d9c6746acf0138463794ca557889b465176db9538d637bf144dac54ee1db40111b11bfe3b7359ed32adb2e8376a70bd91dcf8dfe8ebda5e2eb6a77df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
172KB

MD5
4a91965e1a808013c3ec099e43f4143d

SHA1
35376c9c93899d05f0b5a9dd1f8400c296d12ea3

SHA256
de2a992f7ae8549397e48c76e8231746460c384be63af22de0b66842a112c8d9

SHA512
579e507caee7c3f8b108086f2b7b00eb42ae8b0e0437de2c2732e42fc8202817aedb21e672fd78e4f23465503777f834c9d3e425f73ab99cdbbcffa76cae6f94

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
102KB

MD5
b7d1a5827004cc1ba03255b373e642d6

SHA1
593c856133a35e03a3e6bae771d339b661124749

SHA256
c72bee019ee810e3b1229cfb348948cab3fcfa06880d60b1007b9c9cc07a9b9f

SHA512
9025841d2912691fbf1609c15a3913806967fdd7ec679eab65dd12e72364c517aa7312a34af6dbbcccfc32f2cbbe6b87aebd14a70f3227398c23c72979377ed4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe583832.TMP

Filesize
101KB

MD5
680b754183299ac1f36efac72e219921

SHA1
c67cdd50162c7d8fdfe1c8dffb8e1c195451aa45

SHA256
0eaa73a04329e615923c751c21c10f8662d5bc77d362196100dc7072a51175b8

SHA512
5c4f40dd5d6ffaec3c9f44c8215274d995ab1c3a6a8bb40fef048213f6d5176bdcee1059b61411c6e29f5e4e35624548e2e667a7d412d3536a7dcc0555da4ed4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit