hxxps://www[.]aiwebassist[.]com/home

Analysis

max time kernel
149s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
15/08/2023, 10:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.aiwebassist.com/home

Score

1^/10

Malware Config

Signatures

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133365686076771220"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1043950675-1972537973-2972532878-1000\{D390F4C0-14E2-416C-A1D7-17F7A99B0DC5}	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1488	chrome.exe
1488	chrome.exe
872	chrome.exe
872	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe
Token: SeShutdownPrivilege	1488	chrome.exe
Token: SeCreatePagefilePrivilege	1488	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe
1488	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1488 wrote to memory of 3500	1488	chrome.exe	71
PID 1488 wrote to memory of 3500	1488	chrome.exe	71
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2540	1488	chrome.exe	83
PID 1488 wrote to memory of 2112	1488	chrome.exe	84
PID 1488 wrote to memory of 2112	1488	chrome.exe	84
PID 1488 wrote to memory of 396	1488	chrome.exe	85
PID 1488 wrote to memory of 396	1488	chrome.exe	85
PID 1488 wrote to memory of 396	1488	chrome.exe	85
PID 1488 wrote to memory of 396	1488	chrome.exe	85
PID 1488 wrote to memory of 396	1488	chrome.exe	85
PID 1488 wrote to memory of 396	1488	chrome.exe	85
PID 1488 wrote to memory of 396	1488	chrome.exe	85
PID 1488 wrote to memory of 396	1488	chrome.exe	85
PID 1488 wrote to memory of 396	1488	chrome.exe	85
PID 1488 wrote to memory of 396	1488	chrome.exe	85
PID 1488 wrote to memory of 396	1488	chrome.exe	85
PID 1488 wrote to memory of 396	1488	chrome.exe	85
PID 1488 wrote to memory of 396	1488	chrome.exe	85
PID 1488 wrote to memory of 396	1488	chrome.exe	85
PID 1488 wrote to memory of 396	1488	chrome.exe	85
PID 1488 wrote to memory of 396	1488	chrome.exe	85
PID 1488 wrote to memory of 396	1488	chrome.exe	85
PID 1488 wrote to memory of 396	1488	chrome.exe	85
PID 1488 wrote to memory of 396	1488	chrome.exe	85
PID 1488 wrote to memory of 396	1488	chrome.exe	85
PID 1488 wrote to memory of 396	1488	chrome.exe	85
PID 1488 wrote to memory of 396	1488	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.aiwebassist.com/home
1⤵
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffadd019758,0x7ffadd019768,0x7ffadd019778
  2⤵
  PID:3500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1648 --field-trial-handle=1912,i,14767223647993981234,2344924916194122196,131072 /prefetch:2
  2⤵
  PID:2540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1912,i,14767223647993981234,2344924916194122196,131072 /prefetch:8
  2⤵
  PID:2112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2188 --field-trial-handle=1912,i,14767223647993981234,2344924916194122196,131072 /prefetch:8
  2⤵
  PID:396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3080 --field-trial-handle=1912,i,14767223647993981234,2344924916194122196,131072 /prefetch:1
  2⤵
  PID:3272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2952 --field-trial-handle=1912,i,14767223647993981234,2344924916194122196,131072 /prefetch:1
  2⤵
  PID:2916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4600 --field-trial-handle=1912,i,14767223647993981234,2344924916194122196,131072 /prefetch:1
  2⤵
  PID:3624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5444 --field-trial-handle=1912,i,14767223647993981234,2344924916194122196,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:4028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5428 --field-trial-handle=1912,i,14767223647993981234,2344924916194122196,131072 /prefetch:8
  2⤵
  PID:1700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5696 --field-trial-handle=1912,i,14767223647993981234,2344924916194122196,131072 /prefetch:8
  2⤵
  PID:3040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4812 --field-trial-handle=1912,i,14767223647993981234,2344924916194122196,131072 /prefetch:8
  2⤵
  PID:4216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=380 --field-trial-handle=1912,i,14767223647993981234,2344924916194122196,131072 /prefetch:1
  2⤵
  PID:3652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5796 --field-trial-handle=1912,i,14767223647993981234,2344924916194122196,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:872

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4616

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

Filesize
32KB

MD5
82e288e2f59e44bbbec934c830a914ae

SHA1
66c4aa98fc02a09c2ab4beb4fa4c4a276f12f4ba

SHA256
5e4331435787e03ff08089650615079c88932e5cc0fc7c525ca91e43bc3ec3a5

SHA512
b62391c3a67c67e96534fc4841fe4b6e70378ca29f6ca51f5b9fdb8316d7a6346d8e5446d2da1adcf207a16d4607398978e286814d08f9d7f8449489d86c8c74

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

Filesize
32KB

MD5
e38b0232aaf071661e2f7c7412f72932

SHA1
257b41301c461abd98eab30e03520c8662bb1682

SHA256
1f753b1702340e1d66a0a476855a8caa355923037446bc0d73685488a4f7d9b1

SHA512
0fa1186ca8fec184a8e8b0f21188f098eaaf12195fd72cd48114980bc3ccbe02e0dc401c84a05f18d576047ab96c6a27d6c66edaa5ac11af8c9c6f91bf808b6a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
672B

MD5
55ac9bbb75c53f8aeb69447fef6d7383

SHA1
cda5315dd371568cc5ae201ad9a95ce3c9592909

SHA256
1583e708d3defb5dd0aba7be3a3080540c6b37e28cba58b6d2c58a53111ac968

SHA512
5ca6ab911d7539c65cfde5ad6527da89f62644d2b0106ab57f4a2e58df094179b56acba91b9f935f2f2f40ee36d1f2c9ba7293a47a46922bd83d406ac97d1fe0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
936B

MD5
53a6cd751e7dae3cc168ae8bc285ecb8

SHA1
503cc0130f1fc5b11baec9a9ccda42e71e9c2a7b

SHA256
a40c8f6ea84906eb94ca5b0fb311466d0cb9c3a2afb3ff275fbb2893209d9ddb

SHA512
ec0eb572793aa5bf97d3d371c6f014ed0b33b3463777dd27ec7ef1a1162f6fd433e4c30d82d431905f1cc423a214e3dcbea484d4fc923db250ce5e6d8cc81ef6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
0cec758cddbd7f83322c23012faa4097

SHA1
6e009c63c9de9a306a62a5cd7c1972ef112cdcf9

SHA256
d9db05e1cb1ab1f27e4b4a21ee0cfc6330eb012bec409500b3a8f8c54821533b

SHA512
dc64393d27e267dc201880e2261e4cc4e8584336cd7e47c19441b9f7be3f0a6abb3803d84cc577e811a7b3d694cff6224ea0be7d39fac881b4ca96fb395496b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
a2bc784ac44e72046007bd353bae648d

SHA1
5f8fe74a6c2b7915221b2e0b98a0a61bde5e3392

SHA256
bfd7750a547d23fc7fce29583d3eab1fa3235f177c1bd0e066142c9f4ff9cd68

SHA512
196a1a9ed3ed256635373d13d27f0b49e0c8a575a59a415a308e9bdb21287745c45eb276753295e2b140f1cb672f8460cdeeb3bf96813443f80ef69b66c8c666

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
385af9950b435194d828f615b663bd91

SHA1
f997ea08c5f39bbf6d77e3b5a1106abef8475218

SHA256
0683f49eb90390fe9c9ee0907b63ffe95d5ef7b5669e9db3b13f1d0d3deefe05

SHA512
b77918bd5bfaa98e0831617881d58e1955274f016a608c4653a6065fe15823d4c4f474f1e58fa46086272f93464838d5df1f49db201b978d7dc0c83be961caa8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ccc4bcf6a5c2faea6cdb5c6cc8889ee5

SHA1
6aba1e79d28c8352ca74b19859276d87c8723a6e

SHA256
9a6e9608c361a1f18317704f0127662a5504c0fb8947b848c414aadb6a4c86c1

SHA512
f100c210c42c81ae73bd6b36ae7ef90a0d1a710c368faeaba90dd02a08a90ec4b7a630305a6f831a80b29bbd66d498b532e8e646026a52be310eac19ff7af1b7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
2498b872761cb98475fd9fe6ee897e80

SHA1
ed485053d9e543818bfda6d1226bc1b82b2f8fe7

SHA256
b972cd80f256832044eef994cb23327b9647dbf0e5360a9000afb480c984017c

SHA512
da2c486ed7451440e57269f64ecb717e00317fff6ada213ffe1c660d4b47d30d05a76987c0832aa5f4a06f210464c292f0abe5f6c49e9b729487dc46e63942e7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
2d9ea28591900b6c2704c826badf6d15

SHA1
43f2f4edbaec8eda17462d8b841f0499b62b8b88

SHA256
44f9058566d581c0c348dd18f9bf6ac8a9313b5751683e1c4046a0bdc94273d7

SHA512
79ae85118e7a0aac99b40b5092cb3dfd684d747d5db7cc7a2d4fb00afb0b4abd3f8f9238dd09f84569baae5c5dcd5e28710997497fee06270838526e4bf18f14

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
3c954d2212640a36829f7f0d9ece10ad

SHA1
b98f6d83a1252ec12ea1fc0f78815957447019ba

SHA256
175c3151c67bad3b872466b5df08d2d4381c7455bc924a139c0c9fffde5738ec

SHA512
36ebec8bdc530900f873bd0b8e59f26e051229d332c5c2c690ec0b037a1e9a4a92f8ac8865872b21cea3b38902e8fb571ed5cf5c09d869c1d1a99ee740782522

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57a681.TMP

Filesize
120B

MD5
cb8025abf3d95e94535d2ef26e287e13

SHA1
468f28c543592e37dce5823d25931e8b559e3e1f

SHA256
e198a040b96db04fe4e99aa53421659c9ad94f9e578a3e89ec930b3cb3be55e8

SHA512
37fdcef8bfaf5a69462c9b96b5f6706f1dd02a0abbc03e64589b7ca807a1ac79ff75be44dc5da47634351b70243873051bea9b7a9a4962821dc380f8e72b4994

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
fac5f3b5edce1745c977f3eb85d024e4

SHA1
f269871dd3d1678610999312a5caa18f4129b106

SHA256
d87a7ca5710afee62c8c5e48fc2f8b786c123a7785664fbeacb4aa4b037aeb89

SHA512
c192f1a90fa451efe51d985dcbb560ecba15c615c9df9db39f6a61f148314c6d0bb4843949c156c1a981b85c7d16c883851a3caf90590b5ca0662fcb7f7b002d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
810a0219815ba7492b4e450a53999603

SHA1
7c555e6f7cbd495551f4b3c1057f1bd7cdb30c40

SHA256
7a8456efa5ba4357f761f5e52ccd4622d00dea0d3827c044a651b1d4f6b73caa

SHA512
89d6079284e122d61d8bde348233a3235c63e5d6ee4c04b960d022d7920532f4a6a06260e9dc4525ee7556199e38caa5c15c65351d521d0cb568363e4224ff9f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit