hxxps://onedrive[.]live[.]com/redir?resid=CB1D1280A460ADB%211787&authkey=%21ALHMBt5DPF6Zl2c&page=View&wd=target%28Quick%20Notes[.]one%7C0bb2840d-474f-415c-b76b-5379b58dc5d1%2FUNIVERSITY%20OF%20PAMPLONA%7C89024fd0-0767-4f96-8f77-e5504d533019%2F%29&wdorigin=NavigationUrl

Analysis

max time kernel
44s
max time network
54s
platform
windows10-2004_x64
resource
win10v2004-20230703-es
resource tags

arch:x64arch:x86image:win10v2004-20230703-eslocale:es-esos:windows10-2004-x64systemwindows
submitted
04/08/2023, 04:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://onedrive.live.com/redir?resid=CB1D1280A460ADB%211787&authkey=%21ALHMBt5DPF6Zl2c&page=View&wd=target%28Quick%20Notes.one%7C0bb2840d-474f-415c-b76b-5379b58dc5d1%2FUNIVERSITY%20OF%20PAMPLONA%7C89024fd0-0767-4f96-8f77-e5504d533019%2F%29&wdorigin=NavigationUrl

Score

1^/10

Malware Config

Signatures

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133355974421006876"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2236	chrome.exe
2236	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2236 wrote to memory of 212	2236	chrome.exe	81
PID 2236 wrote to memory of 212	2236	chrome.exe	81
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 4388	2236	chrome.exe	83
PID 2236 wrote to memory of 3124	2236	chrome.exe	84
PID 2236 wrote to memory of 3124	2236	chrome.exe	84
PID 2236 wrote to memory of 5016	2236	chrome.exe	85
PID 2236 wrote to memory of 5016	2236	chrome.exe	85
PID 2236 wrote to memory of 5016	2236	chrome.exe	85
PID 2236 wrote to memory of 5016	2236	chrome.exe	85
PID 2236 wrote to memory of 5016	2236	chrome.exe	85
PID 2236 wrote to memory of 5016	2236	chrome.exe	85
PID 2236 wrote to memory of 5016	2236	chrome.exe	85
PID 2236 wrote to memory of 5016	2236	chrome.exe	85
PID 2236 wrote to memory of 5016	2236	chrome.exe	85
PID 2236 wrote to memory of 5016	2236	chrome.exe	85
PID 2236 wrote to memory of 5016	2236	chrome.exe	85
PID 2236 wrote to memory of 5016	2236	chrome.exe	85
PID 2236 wrote to memory of 5016	2236	chrome.exe	85
PID 2236 wrote to memory of 5016	2236	chrome.exe	85
PID 2236 wrote to memory of 5016	2236	chrome.exe	85
PID 2236 wrote to memory of 5016	2236	chrome.exe	85
PID 2236 wrote to memory of 5016	2236	chrome.exe	85
PID 2236 wrote to memory of 5016	2236	chrome.exe	85
PID 2236 wrote to memory of 5016	2236	chrome.exe	85
PID 2236 wrote to memory of 5016	2236	chrome.exe	85
PID 2236 wrote to memory of 5016	2236	chrome.exe	85
PID 2236 wrote to memory of 5016	2236	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://onedrive.live.com/redir?resid=CB1D1280A460ADB%211787&authkey=%21ALHMBt5DPF6Zl2c&page=View&wd=target%28Quick%20Notes.one%7C0bb2840d-474f-415c-b76b-5379b58dc5d1%2FUNIVERSITY%20OF%20PAMPLONA%7C89024fd0-0767-4f96-8f77-e5504d533019%2F%29&wdorigin=NavigationUrl
1⤵
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff744c9758,0x7fff744c9768,0x7fff744c9778
  2⤵
  PID:212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1652 --field-trial-handle=1944,i,17190336117223888820,1088264558775467286,131072 /prefetch:2
  2⤵
  PID:4388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1944,i,17190336117223888820,1088264558775467286,131072 /prefetch:8
  2⤵
  PID:3124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2224 --field-trial-handle=1944,i,17190336117223888820,1088264558775467286,131072 /prefetch:8
  2⤵
  PID:5016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2916 --field-trial-handle=1944,i,17190336117223888820,1088264558775467286,131072 /prefetch:1
  2⤵
  PID:3640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2908 --field-trial-handle=1944,i,17190336117223888820,1088264558775467286,131072 /prefetch:1
  2⤵
  PID:2224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4584 --field-trial-handle=1944,i,17190336117223888820,1088264558775467286,131072 /prefetch:1
  2⤵
  PID:3360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5304 --field-trial-handle=1944,i,17190336117223888820,1088264558775467286,131072 /prefetch:8
  2⤵
  PID:4216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5232 --field-trial-handle=1944,i,17190336117223888820,1088264558775467286,131072 /prefetch:8
  2⤵
  PID:3492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5248 --field-trial-handle=1944,i,17190336117223888820,1088264558775467286,131072 /prefetch:1
  2⤵
  PID:3804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5024 --field-trial-handle=1944,i,17190336117223888820,1088264558775467286,131072 /prefetch:1
  2⤵
  PID:4384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5416 --field-trial-handle=1944,i,17190336117223888820,1088264558775467286,131072 /prefetch:1
  2⤵
  PID:4428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5616 --field-trial-handle=1944,i,17190336117223888820,1088264558775467286,131072 /prefetch:1
  2⤵
  PID:4396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5652 --field-trial-handle=1944,i,17190336117223888820,1088264558775467286,131072 /prefetch:8
  2⤵
  PID:4596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5552 --field-trial-handle=1944,i,17190336117223888820,1088264558775467286,131072 /prefetch:8
  2⤵
  PID:1156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5924 --field-trial-handle=1944,i,17190336117223888820,1088264558775467286,131072 /prefetch:8
  2⤵
  PID:1172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5624 --field-trial-handle=1944,i,17190336117223888820,1088264558775467286,131072 /prefetch:8
  2⤵
  PID:3404

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1076

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
113e24c30340e48f52e8d1cc887cf1f7

SHA1
5ba4b918342336f211140ff7c57c0048b1431c10

SHA256
f1cdcd7e11bc99c45cff8763c28302f24045d46e5237c0d91485ffaedf513054

SHA512
88e07e2f0c9f9cb921c5d397cbad04c68edb1f0d01be731039c1dfa8d134c2e6c2b6f99bf7c7b02fc22faf8d04989cb28d8e8f7dffbbf0a5b8363b02640165e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
d7a928df88e533e97db429a9f5303317

SHA1
d5042501ca6b7ed867d0bc3878848a5ee6897700

SHA256
f67d8306dbdf575dc310be319603362400cc33cb1a8e9902ffda309efc6f9283

SHA512
cbd786a08887f616561124205c8ec5796f791f73e8ad744483781d65a382521416aef60273855fc635c57afc114279329bcaf23bdf7f7fc4c29e854876159e34

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
746242ef6ef0ec2dbed822cc1c7d916c

SHA1
0d5b4a0c6db7d23b9eea3c8e2943d8f8b6f99ad9

SHA256
bde49cf7fa6a748efd46f7a1e7b7e2068c5c7ef8f2933f593e291f482acc1403

SHA512
6d4c9ab133ba1c7666b39f141349b4bc52d6dbcf57e053e2fd51663ce3ccd219f7c1bd12e399dcf6b7357b4d4734a5d7a2afdc9287ca1dc092091b2b76c5300f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
437b187ac6fcf4c83fd7925a82bdc317

SHA1
346c499b00b2d80e7c700ab8076ada6ba5390a2a

SHA256
3c108a3eafaaa5cc4034915d6a6e11e0a12ea3b725bd145c6ba15f7c6de65d7b

SHA512
0597fa288d96a777bcd7d529780fbe0c30cf9fb1cccccc8e49a1d7409c9e4c12d97250e7dc419698b47d79a9784da403196abc99fa7e6f4c26b24e98e8503aa2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
b8b70ce67c0717d8383b0278d6c64ca6

SHA1
cd7e7de93177c138f6d842eb81b5fd98be9d8fea

SHA256
65375dfe02cabb1b86dbbd253ad1e40ee1939eb3ee88e457b37db6324cd75ef8

SHA512
490fa5fc6646d9685388b1bf1a021e38718fb5630251639481ab62555879a218efcefbcf1aa3dd06c7e381d65b8d0a1c7d62d77e0c26f6258285261c39a43b8d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
bf85754e94de38d4f8f3dda8b6a16e31

SHA1
36190803f0fd1f840483aff3c912bebaa34695cb

SHA256
0798d86703ace3b012f7187edfea45800f263c3d27f27a7a637383f5b6500bf0

SHA512
868a05f3dd21a3a4f2f36be3455f89bee0e01f32ff4f62f48d5e022b13249e39ac4477657eff27ca4aabab7864a3fb785104340763859665f392de2d4aeddf52

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
8195455434150344e00e51fd4ccbb9e1

SHA1
304b38950a5e6a15a488115107852d45f0b1f2d5

SHA256
65177f9c1d769a61f4dd673e8c8721424a0b74da7102be11295255502bf1c25c

SHA512
7f170829325aca5291385735fd20403c65f981e175b664b26555e88682dbeb5e14b392c89522690cae451ba4703db207fcca693513a9899e7f4ab090bf6da324

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\index.txt

Filesize
140B

MD5
20ea8f00be2098c3d27cf7f53eb09239

SHA1
435e63eaa06531cb44ccb844b1c8c95da0cdd27c

SHA256
6a6ac834fed0eb1f2fdb46b96a65ad1be0e3b45c3241e396da6004fd2674325d

SHA512
0ed3239d8ca87c6022ba741a0380dd0b462438e6ad45d746b72b65bb34b7ad24886eb0d2075d6fb811746f2c7b121891c6cdb1fd38be27f0f9646bfc52f15ade

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\index.txt~RFe57e474.TMP

Filesize
147B

MD5
8addf511ba7507f9fdaea69a01b9afbe

SHA1
1940efa49429e873cca5780d1c68f9158f86fd37

SHA256
bdbb63d3de037d026b9312bc9eecf7d5e694f2c7e1a54286a9e0dcc09ff79cb8

SHA512
be9125fb16f98268ce00b590812c6225a546a4aa49e11246295f475e33380d745a6ebb40d8eaa65337bc0548305a1cd88ca4e97edf1fc93cb3bd297298b387e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
e54b7c1307a95397ca67a3aee11222a3

SHA1
6196cfa47405edefe1f311e8c63b705218b4466b

SHA256
98cac84f560bd8d4c2f7ace6043364102ddd17cca730b8629bebd1a8c2707d15

SHA512
ec0ce7c77de2373371440ea0dde8362e360041af33050ece50bccf41288bb237ac25adf229ecab35e35085e28d757a3e56d18f063c6f59f63d2afd097ba795d0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
97f9249eda3a4a97c84562a3827940c9

SHA1
f08dcf4820367ab289dae7ba33ca62dcf4f99f9e

SHA256
e89832bbaa7943c105e047403ffed35b6d32f715100326e2ec2e62b505553101

SHA512
1032e20fd97fc96b4db38a6a333ec4030058be584b94b12b795ed34a20f58a88c8a01e2e68b4817165dba45960b0a3c50adcaa2124d0277fe0815fd4f6418079

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit