hxxps://www[.]diskanalyzer[.]com/files/wiztree_4_11_portable[.]zip

Analysis

max time kernel
600s
max time network
491s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
01-08-2023 05:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.diskanalyzer.com/files/wiztree_4_11_portable.zip

Score

1^/10

Malware Config

Signatures

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133353427564105537"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-4176143399-3250363947-192774652-1000_Classes\Local Settings	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2536	chrome.exe
2536	chrome.exe
3848	chrome.exe
3848	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe
Token: SeShutdownPrivilege	2536	chrome.exe
Token: SeCreatePagefilePrivilege	2536	chrome.exe

Suspicious use of FindShellTrayWindow 38 IoCs

pid	Process
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe

Suspicious use of SendNotifyMessage 28 IoCs

pid	Process
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe
2536	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2536 wrote to memory of 1184	2536	chrome.exe	83
PID 2536 wrote to memory of 1184	2536	chrome.exe	83
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 4424	2536	chrome.exe	85
PID 2536 wrote to memory of 1828	2536	chrome.exe	86
PID 2536 wrote to memory of 1828	2536	chrome.exe	86
PID 2536 wrote to memory of 1056	2536	chrome.exe	87
PID 2536 wrote to memory of 1056	2536	chrome.exe	87
PID 2536 wrote to memory of 1056	2536	chrome.exe	87
PID 2536 wrote to memory of 1056	2536	chrome.exe	87
PID 2536 wrote to memory of 1056	2536	chrome.exe	87
PID 2536 wrote to memory of 1056	2536	chrome.exe	87
PID 2536 wrote to memory of 1056	2536	chrome.exe	87
PID 2536 wrote to memory of 1056	2536	chrome.exe	87
PID 2536 wrote to memory of 1056	2536	chrome.exe	87
PID 2536 wrote to memory of 1056	2536	chrome.exe	87
PID 2536 wrote to memory of 1056	2536	chrome.exe	87
PID 2536 wrote to memory of 1056	2536	chrome.exe	87
PID 2536 wrote to memory of 1056	2536	chrome.exe	87
PID 2536 wrote to memory of 1056	2536	chrome.exe	87
PID 2536 wrote to memory of 1056	2536	chrome.exe	87
PID 2536 wrote to memory of 1056	2536	chrome.exe	87
PID 2536 wrote to memory of 1056	2536	chrome.exe	87
PID 2536 wrote to memory of 1056	2536	chrome.exe	87
PID 2536 wrote to memory of 1056	2536	chrome.exe	87
PID 2536 wrote to memory of 1056	2536	chrome.exe	87
PID 2536 wrote to memory of 1056	2536	chrome.exe	87
PID 2536 wrote to memory of 1056	2536	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.diskanalyzer.com/files/wiztree_4_11_portable.zip
1⤵
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb06b09758,0x7ffb06b09768,0x7ffb06b09778
  2⤵
  PID:1184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1624 --field-trial-handle=1876,i,3355671130118696507,11432945311663686571,131072 /prefetch:2
  2⤵
  PID:4424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1876,i,3355671130118696507,11432945311663686571,131072 /prefetch:8
  2⤵
  PID:1828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2192 --field-trial-handle=1876,i,3355671130118696507,11432945311663686571,131072 /prefetch:8
  2⤵
  PID:1056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3228 --field-trial-handle=1876,i,3355671130118696507,11432945311663686571,131072 /prefetch:1
  2⤵
  PID:4640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3176 --field-trial-handle=1876,i,3355671130118696507,11432945311663686571,131072 /prefetch:1
  2⤵
  PID:4404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5276 --field-trial-handle=1876,i,3355671130118696507,11432945311663686571,131072 /prefetch:8
  2⤵
  PID:3336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5244 --field-trial-handle=1876,i,3355671130118696507,11432945311663686571,131072 /prefetch:8
  2⤵
  PID:3660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5580 --field-trial-handle=1876,i,3355671130118696507,11432945311663686571,131072 /prefetch:8
  2⤵
  PID:4416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4732 --field-trial-handle=1876,i,3355671130118696507,11432945311663686571,131072 /prefetch:1
  2⤵
  PID:2412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4872 --field-trial-handle=1876,i,3355671130118696507,11432945311663686571,131072 /prefetch:8
  2⤵
  PID:3860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3332 --field-trial-handle=1876,i,3355671130118696507,11432945311663686571,131072 /prefetch:1
  2⤵
  PID:3664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5716 --field-trial-handle=1876,i,3355671130118696507,11432945311663686571,131072 /prefetch:8
  2⤵
  PID:3696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5712 --field-trial-handle=1876,i,3355671130118696507,11432945311663686571,131072 /prefetch:8
  2⤵
  PID:3988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6032 --field-trial-handle=1876,i,3355671130118696507,11432945311663686571,131072 /prefetch:8
  2⤵
  PID:2320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=6084 --field-trial-handle=1876,i,3355671130118696507,11432945311663686571,131072 /prefetch:1
  2⤵
  PID:1988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=1604 --field-trial-handle=1876,i,3355671130118696507,11432945311663686571,131072 /prefetch:1
  2⤵
  PID:4192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6240 --field-trial-handle=1876,i,3355671130118696507,11432945311663686571,131072 /prefetch:8
  2⤵
  PID:1400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1012 --field-trial-handle=1876,i,3355671130118696507,11432945311663686571,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1096 --field-trial-handle=1876,i,3355671130118696507,11432945311663686571,131072 /prefetch:8
  2⤵
  PID:3696

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3008

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:3740

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\105b9a90-13e1-4b1e-af48-ffe51dba6e1c.tmp

Filesize
6KB

MD5
556fd120200832fe1adaddf514c5b689

SHA1
dba1f0efddc684be3cff98e524b1c3a4c7b9b80e

SHA256
d50e7a57092ba972337f7b1107ef067867efbb259607fd2b0d1ac89a8e20f406

SHA512
7d71f9fa5c84685cbecef74ce8dbb76daa566aa7307bdc4d055ee87a5c2502491f06982775a707f71a1499a868d2e8ea31c2061852ce4092279e6d3683b00cc8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
173KB

MD5
d3d1aff7a71e5f6f4537a0b3cbbd5c23

SHA1
82bbaa35980290986094ec5b2f33da17fe0e1ca8

SHA256
d3ac13e9bebf6119830ea38adf6715f42a193e7cc5834087abcd77bec3c07291

SHA512
9f5a8f657438a49e2b60db1372ced7edca4ca714efc63ff8791ff232d4252178b5a148a02b049f279007f095e7ac5b649367a2fb3dbffa14b39b637f1d30d42b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
384B

MD5
c4de19ee89755248664c8948c9752a34

SHA1
48a79f18cd25c85f54b442b4dda7c06262e236ed

SHA256
102274a147fd6f3dd74fcd5c89557d683ca986804739458b07f4082dac780411

SHA512
e874d59d0f712a9635ff1e1d946e0a3bc574fb2a8822da8e8579376db49894b313008e3483380d5becbc6b64e3484b1874436095e03aaaca66cd4bdf2a20d475

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
e2f66fbea2758afd3b2ed999b7109584

SHA1
c2c52ac5c7443a1ab1d40e8b61dffc69360af188

SHA256
728d21ba9eefebea15f5288ad1b9a7c4fcb8c888875123ed069c49e56ecacc38

SHA512
22bc46d9576f27aaf20ac2564d52d5a0854743e35bc76a0ee633cf7785200b2dbc4cfa791b5f509e42de6890417bf3cb455bb9c11f92d73f20d6d3dcf8b84cd1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
d5d8e6152ffd009d0423eb26b0bf9db6

SHA1
88ef4bf67c10f95ccf2512842423fd96f2054166

SHA256
d465335188457b467ac14cc8c15788ce4936295cf0a9ee303c17df79290b4b56

SHA512
334e98669b4ac3e640e5b44cfa060b92878b85e76cb903f19efce011a247df0216823d3fc0258f318d0803efa4485654ae664ae2a5bed394dc515e06fee4354b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
1f9c5ecba097a0d2f281ca632d8b33e1

SHA1
ab587ccfaf85f757831b52fb4d740325ea35b02c

SHA256
041afb4c5d4ba442a7f741db7cecb8dcdaf6bcd1c57a2aaa6671a6a7ad745b1c

SHA512
cb9fd109a4e6bc381442b3fa05d940d64d78d728b33f38c1dfbc41de11b81efc021e80f3de2f4d461354026963349f90cdefa92521ce83ff648afa0f0a07ed6f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
b74a2634f7c95cb84fb4d3d26ff6ba35

SHA1
d45376d5df0dae03302d167fb31aa19a5b5f9294

SHA256
803a7eccbfb8578962f3f63806d5d61529766aca35de7c795e87b4a3b5b0747b

SHA512
bcd42cab935ceefe788b96264353df10fce98f7b4fbcf5cde1a9c49cef135dc697d30be80f00772b58cb6a60f779d0955b80d3a8ebcee8e116eb23afbd954d27

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
e8b0cc42be8d3227bac6d1b33683bcca

SHA1
63d38654b11bbc4ae862e3992560bfdb37a0878d

SHA256
17349072dda1d8d0be884b780e8cdc120c07e59480ddd807523aef5bfdab8ab4

SHA512
900958e0655bad6291f98a8f68482728518dc406e4e0b97c7e092310ad6348c5ad420e4ee3efe08f5d97f0bc5425bfda27784794ee5042d7a38b09e949d455b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
705B

MD5
ba84bd115f0d8be9147d7a23a1db30f4

SHA1
44712b9e4bf18e6876c9f1e418446cac6cb8fe7f

SHA256
0c5b0bb766efa56e3f73d62b543c0472ca848d918d257934fd97ca75142ff3e3

SHA512
3e62074598cb95013b2e8c0566d80eb7c4405bfd6a23337f5dae1256971f8f8efeb8b9e9f1c0c3d2ccbbfef9470f4ba150b10db6b825de25b802f1f1fe995705

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
b73e0c078f9f93552f70b01d53d51260

SHA1
175cca142aa6e22a8af8b2bfd41f53fc4ec756e5

SHA256
d8ba537bf3415a50081d228e32ccfad7c0b4c09b4aa867bfce088ad8c69c9984

SHA512
f366a202f80f474c390277f5abdb7c1b2dd56b2070883b2b7c0f6b5804d1c3cd01a9bd49d5178b090edb9662724ddfec7a2ec3f59934b574b4e34184a933a03a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
0ea466b69ce93bf6b255b562eb25dcad

SHA1
d7d4fb46a7025ad4de8d25fdaf08b291f7c1d975

SHA256
795962baaabc0bbe9298b8223ef9bf95fce15805dcb0580ba0b182518563241d

SHA512
3788ffa955c0a79674a880f6c3e247586e826f758ab7b6be55310793db3ef4434e6ed3552ef5893275f6565718084a73bf67e63096db224d018f5d76623d9312

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
e30d4feca9190da7410e5f957831ce9d

SHA1
21b9f930e261222bef44b34921c6d4715321b0df

SHA256
346ed8f46076517d81008d97cb17ef88508314fa0f1cd7e87bd4abba8e60c72b

SHA512
e29a5e1b5d437a4d30ac5f15e34a1b56a4e92078eb67a774cc5c85e22c0d78660b4925293d1f2c749fbedbb14398d38b48123a968c11f3bf744f83f739af4d8e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
3dc08321c48c2cd1ae9dfc3b431f5712

SHA1
4fab739f1664bebed89b2431a4a5ef32e6e695e9

SHA256
08e3d8d2ce5c6e91fc5871ec135d101da2bb594fd657b49fb17c210837666435

SHA512
62ea6413582a60ff9c802991619f339da41400d6f2fe48aba3902ca205825bd238b17ea7cb4924df92a145102cacd5a3fcb406b14d8415a7ab9a80e731547abd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
ef5a154cf5275cedd83f01bbb1f7b2ff

SHA1
590eeb8ee4408d6ca8f8f093caf0371e08c4e185

SHA256
403b86bb9243c07e77e748865ef7e99b70fbbba68653c068065c278a11b135ac

SHA512
85078114643bc1ede3dba38966384dbbd034b69f1a405c64301a5d5996472effa633bca68c720e4a1d0793afde7464f061c79d64d74c918def3ec9ec1f9e9204

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
0e383a4dbe4ec74507eedc85884525ab

SHA1
82c707dd0071c867f9088e412f55327fd37a8d47

SHA256
185b8e47bcecae78a16f83c1fe051f3f60f9ae4002bc406dca93c26c60f1eaa5

SHA512
ab6ab6e9f09ece668df7952be2f000a9998f4d3a47e9177468a07e62bf47b41a2bc70016c49266a8a5bd8228a7fd7885d67f4bba49ee53fe6c17737978dfc75f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
2b08ef94ddb577e759498a6e907fe9be

SHA1
6c4885f906e07858a48163b3dab3937286ee6e79

SHA256
35ed02ef1f568dc14890bf3fd0e3ebcfedf2daff2f3a4e680d450b5857f919dc

SHA512
fac7355bb7f0b917e7b3568b2b789d9b85638573ff58e56b99e0523ac42a89b83476349e458aa70e5c5569933b8c19b7140668a0e525759bf9b6eb9b1eb5adeb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe59a917.TMP

Filesize
48B

MD5
f01ac78e390fe1a09cad8200571f979b

SHA1
414be9bb504f8933a75044380ce6b3533a667c30

SHA256
0367342e309cbbd7261936ffccdbb77b8006c8ab830ddeded9ed44d2876c1ca1

SHA512
a487d7874c1f5052491a233bd3c2dac51ed849537a6c5c66cae41102f21ace52e4b6e90674c2efbb22ddb3c95e1fe3ea1ab47c5a19425e9808ee6dfa5c871a20

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
9709de255c377aa6959732bbd4bd059e

SHA1
cb90c45f318a0c0dd83ed611f3be7fdf09e95296

SHA256
dce69755131b00568a7784fcf53df709a0b3366a9faf77897c2512e0349b9705

SHA512
5430fea835e928b2438d939808dac9309c0ec5249315397af9e07edc83fc14ba12d1e11d6efaf4671cb21a6f4cd0ebf6de6d2caa901e814e452f9173e1848446

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
f76b9ef6647355410bd7ec34ae2d5fd4

SHA1
2927737dea71960546af88e92c0544632be79d64

SHA256
3b0ee2c474ef8fe505727f38c2470e14bdcde9b07af1e9b2bde3506db4d53364

SHA512
f1b1484824c6cefdbb5be6c19d15be62771d3eb74efb106d64951d27b12473cd942a35917e8c1221d6deed8b77be8cd6a52b7c8e8383915c6c3e0a8d050d34d6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
112KB

MD5
10c6056f5ff9285247822ceaf55c8dd8

SHA1
f81ae7e0736572e18578d499845118e4301b9ed4

SHA256
e55b0638eb9b4274236deb5e5d633c4529a0b73babc107eef57dd7339d7927d3

SHA512
ffd5ba4b84641426e34c24c9d5117aec2a1aa2a3b4e5e69c5f3d2ed39f72f1d7f6ccb231cd1026f7c07df308983bab41053a7a9860289dc19d1ed43e03d10d91

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe59fc48.TMP

Filesize
111KB

MD5
3364cc362e169f5ab4ac5177d75f5baa

SHA1
359afef5316b6d9525148ed91c85ac5da4998b7e

SHA256
3a27abefe047746d267254016773509fbfef4ba93d12943edd63ba8cbbb21c44

SHA512
d8a67e132447ec775c06ddad50838847ca566d9c4cb0415d556bdfc03bf08ee9afc529ef87e5ddf60ad2a086145cd7d6a2eb7adcd123cd863034cfb0bd080e43

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\Downloads\wiztree_4_14_portable.zip.crdownload

Filesize
6.3MB

MD5
5753e1009c3243ee03be95b5315f9165

SHA1
e25ae8501d3892b0c6c1713c1a430783e3cf8fe2

SHA256
7c5cbdd4a1b009884463d579fc2ebb28145958b6450fd07227c590f4f5aec45e

SHA512
0d60b9ce1d24edde0f81aa1a29769434b6b021a9f1a8998e0cb8b9e803d6d269553d83e20f6b5d0ff90c68ee4b826fd6565c8839532b2a20a6043ec3e0871aef

Download Submit