77c4952c431e6392116929be4ba17176a1612d36413b8b50e4e28545ebffd9e7

Analysis

max time kernel
13s
max time network
54s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
15/08/2023, 15:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

steam (1).exe
Size

689KB
MD5

e3efd8829159fe62b160aea5e812e27b
SHA1

76c1b1e1fcc683d98c547848ce4ddff971a2e515
SHA256

77c4952c431e6392116929be4ba17176a1612d36413b8b50e4e28545ebffd9e7
SHA512

d8ba123135424640376c34bb357e750246a011f28eddec64da4a314a300bde8d045f5f24e1b632a71e7596aa65dceb53dc3692a393d8411a749df8db5de704ab
SSDEEP

12288:eU4+tUBks/Ol/GdUsvAvLdxloVaZZe9onBELzsunph0lhSMXlCEl3mObTW:34+CkeOljsvAvLdjoVwZRW/h0lhSMXlc

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 49 IoCs

pid	Process
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
2192	chrome.exe
2192	chrome.exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe
1688	steam (1).exe

Suspicious use of AdjustPrivilegeToken 14 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1688 wrote to memory of 2132	1688	steam (1).exe	29
PID 1688 wrote to memory of 2132	1688	steam (1).exe	29
PID 1688 wrote to memory of 2132	1688	steam (1).exe	29
PID 1688 wrote to memory of 2132	1688	steam (1).exe	29
PID 2192 wrote to memory of 2292	2192	chrome.exe	31
PID 2192 wrote to memory of 2292	2192	chrome.exe	31
PID 2192 wrote to memory of 2292	2192	chrome.exe	31
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 3028	2192	chrome.exe	33
PID 2192 wrote to memory of 2964	2192	chrome.exe	34
PID 2192 wrote to memory of 2964	2192	chrome.exe	34
PID 2192 wrote to memory of 2964	2192	chrome.exe	34
PID 2192 wrote to memory of 2740	2192	chrome.exe	35
PID 2192 wrote to memory of 2740	2192	chrome.exe	35
PID 2192 wrote to memory of 2740	2192	chrome.exe	35
PID 2192 wrote to memory of 2740	2192	chrome.exe	35
PID 2192 wrote to memory of 2740	2192	chrome.exe	35
PID 2192 wrote to memory of 2740	2192	chrome.exe	35
PID 2192 wrote to memory of 2740	2192	chrome.exe	35
PID 2192 wrote to memory of 2740	2192	chrome.exe	35
PID 2192 wrote to memory of 2740	2192	chrome.exe	35
PID 2192 wrote to memory of 2740	2192	chrome.exe	35
PID 2192 wrote to memory of 2740	2192	chrome.exe	35
PID 2192 wrote to memory of 2740	2192	chrome.exe	35
PID 2192 wrote to memory of 2740	2192	chrome.exe	35
PID 2192 wrote to memory of 2740	2192	chrome.exe	35
PID 2192 wrote to memory of 2740	2192	chrome.exe	35

C:\Users\Admin\AppData\Local\Temp\steam (1).exe
"C:\Users\Admin\AppData\Local\Temp\steam (1).exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1688
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c title Steam
  2⤵
  PID:2132

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6799758,0x7fef6799768,0x7fef6799778
  2⤵
  PID:2292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1100 --field-trial-handle=1308,i,3770449471389766753,6463487503310563525,131072 /prefetch:2
  2⤵
  PID:3028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1448 --field-trial-handle=1308,i,3770449471389766753,6463487503310563525,131072 /prefetch:8
  2⤵
  PID:2964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1604 --field-trial-handle=1308,i,3770449471389766753,6463487503310563525,131072 /prefetch:8
  2⤵
  PID:2740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2340 --field-trial-handle=1308,i,3770449471389766753,6463487503310563525,131072 /prefetch:1
  2⤵
  PID:1192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2356 --field-trial-handle=1308,i,3770449471389766753,6463487503310563525,131072 /prefetch:1
  2⤵
  PID:1488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1088 --field-trial-handle=1308,i,3770449471389766753,6463487503310563525,131072 /prefetch:2
  2⤵
  PID:3064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1320 --field-trial-handle=1308,i,3770449471389766753,6463487503310563525,131072 /prefetch:1
  2⤵
  PID:1632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3456 --field-trial-handle=1308,i,3770449471389766753,6463487503310563525,131072 /prefetch:8
  2⤵
  PID:848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3612 --field-trial-handle=1308,i,3770449471389766753,6463487503310563525,131072 /prefetch:8
  2⤵
  PID:1104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3556 --field-trial-handle=1308,i,3770449471389766753,6463487503310563525,131072 /prefetch:8
  2⤵
  PID:1548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3772 --field-trial-handle=1308,i,3770449471389766753,6463487503310563525,131072 /prefetch:1
  2⤵
  PID:1764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2676 --field-trial-handle=1308,i,3770449471389766753,6463487503310563525,131072 /prefetch:1
  2⤵
  PID:2156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3796 --field-trial-handle=1308,i,3770449471389766753,6463487503310563525,131072 /prefetch:1
  2⤵
  PID:1552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3568 --field-trial-handle=1308,i,3770449471389766753,6463487503310563525,131072 /prefetch:1
  2⤵
  PID:1868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3456 --field-trial-handle=1308,i,3770449471389766753,6463487503310563525,131072 /prefetch:1
  2⤵
  PID:1644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=2832 --field-trial-handle=1308,i,3770449471389766753,6463487503310563525,131072 /prefetch:1
  2⤵
  PID:1860

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2196

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Desktop\WatchHide.mpg"
1⤵
PID:1732

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c6209e5b192ffbeba0de87be8009948c

SHA1
75b699027d41b2013f3b19f14c7d746e9da49690

SHA256
4c31939c05e2dff7b0d30ff937cb2e245e4c31416fbf0cd0de4519680b943e55

SHA512
2dcb07eda109bc9a91479787cdc0e04280d1389c8174168a92e4cb4088eb1d3ac908cc2b0a3e4298ca2a4da6ada161a5af492bcbf7ddb753169456f22f6aef1a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fbfafe94d82e5f6c2cb59ab22885f6ab

SHA1
3eca3741f27598c3237b6ffe58b9d5bd3950e61c

SHA256
c1163bba2ce71270e778a83a24dfcb6eadcd98306ea97892f2da8fd456fa8f5f

SHA512
7c14e9a59cb1f4ca0ba11be55f047b568f6c7120ff508ba53ab5956aa506eea6e9c29a94e5da0eca0819510e4ee6195ff40bd20ae56a5c80d5f4b60ae882729b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
af78304caab196e61b7371994cc5db97

SHA1
730bd4f8767ef82d2dfe926ba4d26b3a121932de

SHA256
a8c7f9f1cd8f946d925b1db55d8f00110a63681656b498dd8d3ea2b6e65981ed

SHA512
1c1f445234e8474390e615b40f85221c51938852192b4a86d2812499ae891810b498a2bba5f1bbb5d47e560a7b7d1cf8c577743373f76212f8bee68cbe49b953

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
322KB

MD5
832cd877fcd376c57516bb9f55de1abb

SHA1
d52500577d0080be3aacb103a8b361769438b80f

SHA256
162e3a4073b27f83e89661c56862d3119e7edc19f6b75021d58ff976cd6264b3

SHA512
5ee6a7bcf3fadc3ce52edb7f880b9ebf4c3e584bf762b7dee4cde426c28777bfe5bf4fd3f0480bf37a3d3147f6386e2b608dda6824b757d67950db26fc9a857b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
83KB

MD5
cc1c434dbfe216fb8c29d9fce989a911

SHA1
15671989e12b7dad7e77b301daa2a6dba6f6c69f

SHA256
3db6c4d81eac2a0401477dea9b538dbc90b2678c2225fe9e47051be9ff895610

SHA512
e5986390e0a0fb9393d339264e1cee1ea68b4e6be76cc362fa30513c9d53443c7767c5c66859f4b980b84fae141b8eaead71e82c9a9b1588efb35c369f17331f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
70KB

MD5
9985c020154ee9a945660caa9c202423

SHA1
25f53251f2bf58ed4225418a1261b278893a8d6b

SHA256
b4f04434a6e8804d138cc95f74c839f0e61bf8b2f61670d5ec9a84eb038d6028

SHA512
4dbf9517b3aa80186dbda15ac71b31708a6ac0e106d66168cf1e54e4b11dfbdbf77490af93fd21c5073f1abe8fb644cf1e8a8ba9bb297bcf63db8c38f6b2ab90

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
39KB

MD5
6a3bb9c5ba28ee73af6c1b53e281b0cf

SHA1
d96e403c99c1707f82ea29c2c1f134e792c64097

SHA256
2f5adfc38558162578ffe112229f10417fbc4b3df025d153d4e22a0c95177740

SHA512
6c4844f70969938339cb6716a834a79e1a8379459c87b983c2518b9cbb560cb2f101aff980f682989928523be6cdc99bde3bfd8137f9c54a58191b900b580fbf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

Filesize
64KB

MD5
882640f2ca22c6293c1991ca58dc8a33

SHA1
cd45253950ffe2a9f2539f2a8d4dbfbb9bb752e4

SHA256
50b4062c34e2cbd023aa4f8746198bf42e4d9607e2c4da9ded5a6b3043b6de64

SHA512
7471adfbabd55963bf6867de2707d981772acb802327a938b4d3d3cf365ccb57011e3fbf292aabf218bd5c5850b2cc8f78a618987371747034e74c74f2e0c022

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

Filesize
47KB

MD5
3eff107111d8dfc91e048573b1f227d8

SHA1
dde20da014e819d11e138b346121cc97791e9dcd

SHA256
0e8fc4bbc6a3e0c34adf9ee888b297d516d0db0a9cdc5b3632a01484d418374d

SHA512
223386fb5bd3709b1929a52ead00e81494fe81f822301acbf3920a4292432ffce5dda21c503622f9f373807cd447b7209a8dfd193d4ce8cc44e0b100db8a74fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

Filesize
94KB

MD5
9f07bc93223236b072bfa34c11739ad0

SHA1
cab252bfa1cb6b3111d597d2852c7e171db0abac

SHA256
ec2a90ba8f1db7e51acbc6016918fdfe938d448d0aef67cf4ddb3a10c23761ab

SHA512
c2f007b891def2a868768e9a02b846558e1dc7b9d7f1b195a3dee019a3cb87f99407bb350ba6a35a2e86d91a7a5cd12923ba6471715a0bda67023d807dae1b5f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

Filesize
753KB

MD5
767ffe2da148ab1b56e1cf31badb0dbf

SHA1
167aad2ec09c24ed963dc9984a1a205e3e2e8afb

SHA256
81b047bf6c7780a0f934eaa977ad932d96c4e3672ae6280769695bdfc834094a

SHA512
baa0ed9eaee8057e9ecac62de3d6fef6c8d19f67581b43a174e08b174ff52182b29f96a51a0aa742f5a5ae9af878501b5d08a93f87c5362f3ce8e00594491f5d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

Filesize
32KB

MD5
82e288e2f59e44bbbec934c830a914ae

SHA1
66c4aa98fc02a09c2ab4beb4fa4c4a276f12f4ba

SHA256
5e4331435787e03ff08089650615079c88932e5cc0fc7c525ca91e43bc3ec3a5

SHA512
b62391c3a67c67e96534fc4841fe4b6e70378ca29f6ca51f5b9fdb8316d7a6346d8e5446d2da1adcf207a16d4607398978e286814d08f9d7f8449489d86c8c74

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\000004.dbtmp

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf76c2e2.TMP

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
691B

MD5
2e8ef72a46567dddff22d5b5b15c0b2f

SHA1
25a88132a1b2856a4964290d543e94f07a4aaf9a

SHA256
27f30995451e43f6ce05b3c76e397172bf0e6f7119bfabc15092f84e468c015e

SHA512
34ee23fd50b87569bdcd04b916522cff16b5621644af6a7317dfb44703a92b8053c8aba26139eab0547f05bc993723a729b8dbb63f6ec209d9f11e7f227b88b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
95f789d3914a013af550d8975c729b66

SHA1
f54572358d6f7deb5b2d49f63a261b5c520517f1

SHA256
65fac05206bc94ea38294acc2890fd1ac0f03684481cd9dd726cb5e5e001bcbe

SHA512
807b0b38898dea0dd3a7f36c5436c86b1128edfc82666c4cd348575ceae2c0f998100faa8477c5da0d5d622a383f327168798a54ea0b222fd906a071e7bbc57b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
55bdb8092715db4fad5cb57759a9c996

SHA1
19e93890847eac7af62cd3165bf22eb95ab83e08

SHA256
25d0f3e85250577f3919e43470700fdf61c0bb08f43fe79de2dd77b65fa84599

SHA512
ebda4e01998e6544a74e1c4a62c4e27b426614cc04f2ca155b27e2e6e002cbb53362c7f1191ca41347755b616cf2355fdce9638a6a020f230b6712ef60d6cc38

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
2fa4eef80142bdff5aa70a689bc03d2f

SHA1
f14df8382ccbbca600532e2c6c7b1dd4828346c0

SHA256
15b562a02822c3e5d59a42384da1499d938be3f92e1fd583782f65fb6e2d7bff

SHA512
9f5bccf7dc29b127fe22779aa5364629f645cace70555b6bbb762ced5a515d6860dc9ddb17e602883ed51180dbcb80783fcc645603381944458539232626cc77

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
38cb373ca5e8fe5c85e04c4ee939b008

SHA1
e6375e4ee80281a88790617b6b418a00819ec464

SHA256
284c430af7b6ba6f25f215bd2f64103720c54332e9d78a306fca5140aeb04a56

SHA512
0a9489b6a6b329e7b0c4aae96e7fcb088f9692a765e9d05084e154789ba0d11acb8d1a3f075d3896a02914089c185f2292be6e4e205745d49d9327138cc117ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
48ef7779b1c5d93c9104b9bfbd26d5e2

SHA1
af4bb37dd58d8352f3be02ee66ea68ca0da39445

SHA256
77a4ea3528fefcab67db42024a64a35f081a5c1896c402387f95a3d44fcad347

SHA512
28a718455ab820c998003954440b0db57328fd83087e1c27cada96c26795c17a09c22ee7adbe6fc0714193ec0aad5dea90714c24a30bfe6d1426807718155329

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
8f6c9ae9f8ef74f1c197fc88a22adfc1

SHA1
84af7131a9610ffbf558af4184576b8ddca0f703

SHA256
9e760c89191014a0292168c45f38e93dcf2bed977c2544dbbd02c3f445b89532

SHA512
8349cd25f95a320dd4665eb91d0f98c814fb44ad9c8cbe46b488cf25327b532161708b7e34b276a46c237438356327137bfd991b7af93ac25ddebf191f147ede

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
182KB

MD5
188547ccb163f5ee78d56cf14eaa5fce

SHA1
8b72ea505d51445dd42a07a3d740e84c834bc5a3

SHA256
8b1635dad7ed4f00aacdf369c87e71b14fb1a2251b1781acfd470129bd10cec9

SHA512
babc2b4230c9de6b528306c6b5052d5ac8b7e594a61b85c865f77c3af0e7964a28bb6bd79e2f11ebc3682bfc570380674e704e94826a4420595a99280fd0701c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\d3fe52e4-2a0d-488f-8497-74d49d8cf90d.tmp

Filesize
182KB

MD5
959f977c2d1a8f1926dcd9516202fa9a

SHA1
f9de5b1f5fdcbf599368476b2d0317280f61c5eb

SHA256
2c6ef0a5259ebe0a2689f94983fce021d92feb279ad672458191ca63da22c16e

SHA512
5d0d559533b93d3039a7e9b60313aeda322b118b845e0300632356ed4498e16c7652c8f6fcb8178d4c261a9b98e2f821d53832ee42f87ad8459de667360b16a3

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabDCD9.tmp

Filesize
62KB

MD5
3ac860860707baaf32469fa7cc7c0192

SHA1
c33c2acdaba0e6fa41fd2f00f186804722477639

SHA256
d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

SHA512
d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarDF4D.tmp

Filesize
164KB

MD5
4ff65ad929cd9a367680e0e5b1c08166

SHA1
c0af0d4396bd1f15c45f39d3b849ba444233b3a2

SHA256
c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

SHA512
f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

Download Submit
memory/1732-824-0x000000013F230000-0x000000013F328000-memory.dmp

Filesize
992KB

Download
memory/1732-825-0x000007FEF7380000-0x000007FEF73B4000-memory.dmp

Filesize
208KB

Download
memory/1732-826-0x000007FEF5910000-0x000007FEF5BC4000-memory.dmp

Filesize
2.7MB

Download