hxxps://shop[.]awesomatix[.]com/auth

max time kernel
55s
max time network
56s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
03/08/2023, 11:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://shop.awesomatix.com/auth

Score

1^/10

Malware Config

Signatures

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133355368310050641"	chrome.exe

Opens file in notepad (likely ransom note) 1 IoCs

ransomware

pid	Process
5732	NOTEPAD.EXE

Suspicious behavior: EnumeratesProcesses 13 IoCs

pid	Process
2904	chrome.exe
2904	chrome.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: 33	2728	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	2728	AUDIODG.EXE
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe
Token: SeShutdownPrivilege	2904	chrome.exe
Token: SeCreatePagefilePrivilege	2904	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe

Suspicious use of SendNotifyMessage 47 IoCs

pid	Process
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
2904	chrome.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe
5832	taskmgr.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2904 wrote to memory of 3340	2904	chrome.exe	86
PID 2904 wrote to memory of 3340	2904	chrome.exe	86
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 2656	2904	chrome.exe	89
PID 2904 wrote to memory of 4912	2904	chrome.exe	90
PID 2904 wrote to memory of 4912	2904	chrome.exe	90
PID 2904 wrote to memory of 3236	2904	chrome.exe	91
PID 2904 wrote to memory of 3236	2904	chrome.exe	91
PID 2904 wrote to memory of 3236	2904	chrome.exe	91
PID 2904 wrote to memory of 3236	2904	chrome.exe	91
PID 2904 wrote to memory of 3236	2904	chrome.exe	91
PID 2904 wrote to memory of 3236	2904	chrome.exe	91
PID 2904 wrote to memory of 3236	2904	chrome.exe	91
PID 2904 wrote to memory of 3236	2904	chrome.exe	91
PID 2904 wrote to memory of 3236	2904	chrome.exe	91
PID 2904 wrote to memory of 3236	2904	chrome.exe	91
PID 2904 wrote to memory of 3236	2904	chrome.exe	91
PID 2904 wrote to memory of 3236	2904	chrome.exe	91
PID 2904 wrote to memory of 3236	2904	chrome.exe	91
PID 2904 wrote to memory of 3236	2904	chrome.exe	91
PID 2904 wrote to memory of 3236	2904	chrome.exe	91
PID 2904 wrote to memory of 3236	2904	chrome.exe	91
PID 2904 wrote to memory of 3236	2904	chrome.exe	91
PID 2904 wrote to memory of 3236	2904	chrome.exe	91
PID 2904 wrote to memory of 3236	2904	chrome.exe	91
PID 2904 wrote to memory of 3236	2904	chrome.exe	91
PID 2904 wrote to memory of 3236	2904	chrome.exe	91
PID 2904 wrote to memory of 3236	2904	chrome.exe	91

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://shop.awesomatix.com/auth
1⤵
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcc97b9758,0x7ffcc97b9768,0x7ffcc97b9778
  2⤵
  PID:3340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1708 --field-trial-handle=1892,i,16759926852582177748,625603364799539623,131072 /prefetch:2
  2⤵
  PID:2656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1892,i,16759926852582177748,625603364799539623,131072 /prefetch:8
  2⤵
  PID:4912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2240 --field-trial-handle=1892,i,16759926852582177748,625603364799539623,131072 /prefetch:8
  2⤵
  PID:3236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3100 --field-trial-handle=1892,i,16759926852582177748,625603364799539623,131072 /prefetch:1
  2⤵
  PID:4272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3092 --field-trial-handle=1892,i,16759926852582177748,625603364799539623,131072 /prefetch:1
  2⤵
  PID:4988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5096 --field-trial-handle=1892,i,16759926852582177748,625603364799539623,131072 /prefetch:8
  2⤵
  PID:388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5208 --field-trial-handle=1892,i,16759926852582177748,625603364799539623,131072 /prefetch:8
  2⤵
  PID:3820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5388 --field-trial-handle=1892,i,16759926852582177748,625603364799539623,131072 /prefetch:1
  2⤵
  PID:3812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5328 --field-trial-handle=1892,i,16759926852582177748,625603364799539623,131072 /prefetch:1
  2⤵
  PID:936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5588 --field-trial-handle=1892,i,16759926852582177748,625603364799539623,131072 /prefetch:8
  2⤵
  PID:4328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5732 --field-trial-handle=1892,i,16759926852582177748,625603364799539623,131072 /prefetch:8
  2⤵
  PID:3616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5712 --field-trial-handle=1892,i,16759926852582177748,625603364799539623,131072 /prefetch:1
  2⤵
  PID:1448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4816 --field-trial-handle=1892,i,16759926852582177748,625603364799539623,131072 /prefetch:1
  2⤵
  PID:2840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5300 --field-trial-handle=1892,i,16759926852582177748,625603364799539623,131072 /prefetch:8
  2⤵
  PID:3836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5896 --field-trial-handle=1892,i,16759926852582177748,625603364799539623,131072 /prefetch:8
  2⤵
  PID:4108

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2672

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4fc 0x50c
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2728

C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\WatchSuspend.txt
1⤵
- Opens file in notepad (likely ransom note)
PID:5732

C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SendNotifyMessage
PID:5832

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
c7230597ca16dd4709272c49a1d63158

SHA1
a3c5030684b7c39e894b50ebd778b5d3e69ba59b

SHA256
59ccf839e88266762a452679d678f50b1e35f81300001f681929ec54d0f8f01e

SHA512
de0c36f5edea397605fcd6dc24c8caefd3b7335ecef417b9ac5db100311218d3b896611a5ed2e68332d612cb3df8f8b443ee0eff7e0d540a052b6427dd44ff6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
1024KB

MD5
19d40b230003cdff2e07eae8ff3914cd

SHA1
21e57e2ab8d24400a977ecc5bc0cf99315a6cd85

SHA256
3e2fd611228acca2857dc9243af15f5598ad4051386b022300486ed1b0f018dc

SHA512
f1349a0458f52f3f6f27e15e59a90330028f5d7bc52447ff59fc675f88f0160e223e168f1b87beaa5bdcd96ad7277df8fb792dfd82b714541e842d04d5fcbfce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
912KB

MD5
8be6ffcbb5cdb108232091fe9a734a18

SHA1
d535a1eee42b8844d05b3f1a8c7108dfd91341bd

SHA256
910cef999a5cea9ef21c8bcebb31d234de9a6a019d557125c8eb49f5d0191b9e

SHA512
2550920ac07e79d6ee2cbea643516906c19cee0ccaa3471126b361b1c0fb8934c46129b88ea1d0f661b4357d37429548a39448c037c8b9b4794b05cd4a28313f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

Filesize
202KB

MD5
9901c48297a339c554e405b4fefe7407

SHA1
5182e80bd6d4bb6bb1b7f0752849fe09e4aa330e

SHA256
9a5974509d9692162d491cf45136f072c54ddc650b201336818c76a9f257d4d2

SHA512
b68ef68c4dcc31716ce25d486617f6ef929ddbb8f7030dd4838320e2803dd6dd1c83966b3484d2986b19f3bd866484c5a432f4f6533bb3e72f5c7457a9bb9742

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
16KB

MD5
d619769b0d3b8131a7377702d014124f

SHA1
8322e923c37939342f86fe1bbebd166383301e56

SHA256
5cc6e63dcce13f60f8afa5eee98b81d425f9df3cabc4992ee3b506cb12cf5842

SHA512
0e14a32ca5f2396d8069da3f645b4577b4333c9661eeab91b9b437b25104c592b00c8096158da6ea0e21b7ea12139eedc9d9cc6819a219c04fe425b576e44cee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
b556572bf91ad2c6edbb07c088b5fabb

SHA1
e322358a005c67399229c4bb541470b65a117a02

SHA256
e3cba397d21c91be5aa4076afdaa99aaffb455e82f28221bf3334043cde7a4d1

SHA512
67561d577e841f2f4eba210d8c3b97dbc74cff9bd67e745c3f0ae84136185f8bb350375a75b8b49335683956701d3de989cfe34f062531a3a2da51798c947046

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
ed4588ec030ba2cb995b1d487cad87c7

SHA1
28379ba6d351cd9c6cff960cebc934b51a977aaa

SHA256
276e14491091a0d01edb2b57ca4232b2874a7d96f6fec4e750e37f40169f32b8

SHA512
436ff3ed5ec024859c4450990e50b8ad757fa37471f50b64559e32c8cf1cdf336fc918b7ee2c741b42941493476041e69f2ec0b7aa9d2c66f9f0954621589422

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
00cf5f39b1735b4d572fd34868170854

SHA1
f238306ebd379af7b04101f4d67c718280f8de21

SHA256
38d48d76965085136283eaca7611f99b8bd9c169024494e1e182032fbfd2e487

SHA512
bf7cd0af4358c4197cb264445045d66a2c6fb40a92e5f04b9678f38b00c1160fd057da8792fd31a3f16c067cbefe04b36a9c3fd28fcc8b091e427e033864e802

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
98bbdc7027976ee04101d3fdd565b547

SHA1
db42cb17e90204330e1a3e8648e2df363e8ae509

SHA256
db82b503388b46b0da3bc3bd3b89b9f6bb93901af8608041ed4567d83a23828d

SHA512
f9fa6ec976a40a67d38525b9852ea0e8d9f66d5cd4253c415150d9b7d569c11fdfc27d774d50b969cddc915c348c28bb036bfb7b77a0a892d4961b812ed1781e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
cd224c3f0ecf7fde29e3dd37502f2853

SHA1
25869824d7798ae62626a690c79f4f7a097901a5

SHA256
56ab68e4b6838254f06bd15721f014bb801d924b64c84569c5a9c5e68e50590a

SHA512
76c5e1fe83f257e17d66a2934dbd65389171731bb7313ae06ed65ffd08d3787f37a7094810d8606546a8b316c26149b1534a112ce0f3327d3c8df3dfa74ae592

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
bee12f1e84626e5187e5552e9448415b

SHA1
b3e64a1928bf1fd891ed8fb8e877ce193c79b6e1

SHA256
698ea76bc750853bee9ceca90d1e39bb7e2189fd85cbb28196229091af77bd22

SHA512
ffa2a7f2264c57a9eff3309bc3fac0d680b0f7c86497c57dca45de43f6a279c032347178d58669d72f2d927198078f8194f7ead99e44261f03df047e3a7a35d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
9551b08694d06a8a5083ed9865b884a8

SHA1
e81eb33f01c1425976ec27fa46c03d1b5b236ff5

SHA256
85e7073ad734b49ae79fc5bc292ffcd69b1948a2a4fef1444fc941ae6eff3907

SHA512
9eed3448228a17b07a024a7ff8a35c3a530d7ac0213db46bc33904ebabc22321af0112c07f5a8ee117d783a235a06cb8435bb6b2034d95f7c4b6893e2fc7575b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a9de71fe84b2eab48e0b5ae899bd67c8

SHA1
cf196079953d804c5db7f4e98be65a50eb1f5a92

SHA256
48668f7fef0eddf1f435af7ca0c1b307d0ac4ce5c5a787406fedd90ef9e71870

SHA512
fcb5cbb18ea86fe365406a56db7012c03e7407a8638a7497d2b9cfc89c7b46061d3878c083ebd889b29c3cdce2c1a090b35a1db93007ab85b9f091e89b647717

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
a6d1187800d777eccd607dd3f394f28c

SHA1
4c6ee9e259f75b8b6dfd5b4427c26b19659e2d16

SHA256
37fcd9fe9ae00cb6e51f4d76f9aadd1a965976984fbd624461eb2f44ab469d29

SHA512
1b3756d4acb4bb18c1b9441713d974655a00f5109ed670019ec1bfe76fd040978a1e26c54f8a827631f9c83157f95226b6f557786f852c9cc015b2a1c95e95e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
8d7a4e763619a7fb056f3c73f4e0a7e9

SHA1
384c3f1f3af6ca126acacbe38143a22b4c785ed8

SHA256
330fa1945f3d1a356e321ccaaeb00087084c2c7b4a06f49b659d73723fb48748

SHA512
674287fd4aa8ffef3084ee4d3aee7b27d25de3ff33753aea80cc138aaa5230f568735b58e79fb0f381d03067d4e17b1d89b794488c0e0c6d8b27cd857f253c25

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
9695aa1a23bc9705f21064d2ac5602cc

SHA1
195cda2316aa10fa0a88e3890784d6806385f3b7

SHA256
b5d60ee0c1ea9a2ea0f93a991043ff81186f11ebaa51cba59240c93081a18275

SHA512
94544b40d828c8bbad0686c4dc5c0e607c407d583ac0a69988f470044a746b0460884b82b6e7c8c97e05bba9a770cf83c06e1bd3ba27fa6538810cfdf19d9ae7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
102KB

MD5
1db70c78e44b3fadaff4748a6ac08b8a

SHA1
21ec96da6b8451620938bd31fabb418dda01ac15

SHA256
f66ee82f15670a65143ddbd7ae69b8aa0ec73656e0c51fcedd7da8822b698fd1

SHA512
1a00a8c44c07e3067f7c7330ab85d242d8989d3a9d5364085c1e77b12e648f042071e9319676b188d12e31137028bc6a0c819a5303cce32162e17e6241d76b96

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe580ff9.TMP

Filesize
101KB

MD5
63ac28c417dbb808deb1eacef8de07e6

SHA1
b1fbd6a4c7099ecc1786cb6de3faff0bbc4d9eb7

SHA256
11154de1c32e41e8501102aae04de7a7dbe3ccce4f65864ca6997a4c037bcf81

SHA512
927ec23926140d5cd18752cb4bcae3a74ab27f7a5dab751c4a810ff80c511c44c5135951bdd42e754de20c98a9d5923e7471d3079745b96a2b04b20934b0a910

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
37442057d95642b8805b36c099d96a51

SHA1
4576dfb1b11090f8960106e01e310b91c8d046b1

SHA256
52d26551ee413ffb6f24219c061570a3ba5c386c234a1af73d4ca2733638cef2

SHA512
fa5e42aa5915ab7d9e443e8dda574597d702be055b853ac94123be6bef87fbffeceae69b073a6cad520f7ddd18722ffd9baee592c5b69fed71465c8328f03381

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
memory/5832-499-0x00000244E0140000-0x00000244E0141000-memory.dmp

Filesize
4KB

Download
memory/5832-498-0x00000244E0140000-0x00000244E0141000-memory.dmp

Filesize
4KB

Download
memory/5832-497-0x00000244E0140000-0x00000244E0141000-memory.dmp

Filesize
4KB

Download
memory/5832-503-0x00000244E0140000-0x00000244E0141000-memory.dmp

Filesize
4KB

Download
memory/5832-504-0x00000244E0140000-0x00000244E0141000-memory.dmp

Filesize
4KB

Download
memory/5832-505-0x00000244E0140000-0x00000244E0141000-memory.dmp

Filesize
4KB

Download
memory/5832-506-0x00000244E0140000-0x00000244E0141000-memory.dmp

Filesize
4KB

Download
memory/5832-507-0x00000244E0140000-0x00000244E0141000-memory.dmp

Filesize
4KB

Download
memory/5832-508-0x00000244E0140000-0x00000244E0141000-memory.dmp

Filesize
4KB

Download
memory/5832-509-0x00000244E0140000-0x00000244E0141000-memory.dmp

Filesize
4KB

Download