hxxps://xss[.]is/threads/81916/page-18#86

Analysis

max time kernel
150s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
15/08/2023, 15:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://xss.is/threads/81916/page-18#86

Score

1^/10

Malware Config

Signatures

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133365868676223890"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4140	chrome.exe
4140	chrome.exe
4700	chrome.exe
4700	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
4140	chrome.exe
4140	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe
Token: SeShutdownPrivilege	4140	chrome.exe
Token: SeCreatePagefilePrivilege	4140	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe
4140	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4140 wrote to memory of 4076	4140	chrome.exe	81
PID 4140 wrote to memory of 4076	4140	chrome.exe	81
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4976	4140	chrome.exe	83
PID 4140 wrote to memory of 4932	4140	chrome.exe	84
PID 4140 wrote to memory of 4932	4140	chrome.exe	84
PID 4140 wrote to memory of 408	4140	chrome.exe	85
PID 4140 wrote to memory of 408	4140	chrome.exe	85
PID 4140 wrote to memory of 408	4140	chrome.exe	85
PID 4140 wrote to memory of 408	4140	chrome.exe	85
PID 4140 wrote to memory of 408	4140	chrome.exe	85
PID 4140 wrote to memory of 408	4140	chrome.exe	85
PID 4140 wrote to memory of 408	4140	chrome.exe	85
PID 4140 wrote to memory of 408	4140	chrome.exe	85
PID 4140 wrote to memory of 408	4140	chrome.exe	85
PID 4140 wrote to memory of 408	4140	chrome.exe	85
PID 4140 wrote to memory of 408	4140	chrome.exe	85
PID 4140 wrote to memory of 408	4140	chrome.exe	85
PID 4140 wrote to memory of 408	4140	chrome.exe	85
PID 4140 wrote to memory of 408	4140	chrome.exe	85
PID 4140 wrote to memory of 408	4140	chrome.exe	85
PID 4140 wrote to memory of 408	4140	chrome.exe	85
PID 4140 wrote to memory of 408	4140	chrome.exe	85
PID 4140 wrote to memory of 408	4140	chrome.exe	85
PID 4140 wrote to memory of 408	4140	chrome.exe	85
PID 4140 wrote to memory of 408	4140	chrome.exe	85
PID 4140 wrote to memory of 408	4140	chrome.exe	85
PID 4140 wrote to memory of 408	4140	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://xss.is/threads/81916/page-18#86
1⤵
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdd4f09758,0x7ffdd4f09768,0x7ffdd4f09778
  2⤵
  PID:4076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1652 --field-trial-handle=1876,i,1313763282099800771,10884726115964016697,131072 /prefetch:2
  2⤵
  PID:4976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=1876,i,1313763282099800771,10884726115964016697,131072 /prefetch:8
  2⤵
  PID:4932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2208 --field-trial-handle=1876,i,1313763282099800771,10884726115964016697,131072 /prefetch:8
  2⤵
  PID:408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2884 --field-trial-handle=1876,i,1313763282099800771,10884726115964016697,131072 /prefetch:1
  2⤵
  PID:3728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2868 --field-trial-handle=1876,i,1313763282099800771,10884726115964016697,131072 /prefetch:1
  2⤵
  PID:3864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5080 --field-trial-handle=1876,i,1313763282099800771,10884726115964016697,131072 /prefetch:8
  2⤵
  PID:4252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5184 --field-trial-handle=1876,i,1313763282099800771,10884726115964016697,131072 /prefetch:8
  2⤵
  PID:4592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2076 --field-trial-handle=1876,i,1313763282099800771,10884726115964016697,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4700

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1288

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
1bb8ef7b8ee9fe803adfcfb72f0336d8

SHA1
c1ceb029ad515104a5d35c22fe39ad2369a26498

SHA256
f26006acbe7f251ad7dfc509c25d5f404c8e96b59aae7e1501eee131028d1bea

SHA512
ddd080b56ae737889ecf6bc2caabebd81f23717ba81f979a1a5f1dae39bf20b85b7765124192abcaa3580bc345dfc946fd8887744cb7399b6a1f4f59a7cd0871

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
705B

MD5
8ec7fb6f25d4f0f3712f2413c6a6ef00

SHA1
fb22647e1c9f776767f51693e0460b436e24c0f3

SHA256
1886de8fcc06346873626cb6eba1e416753d3f6de8a6996bc75d52ed8b8a866c

SHA512
5c626bb024b6949aef94f7e5e06b5327fb95646d9efcf617e80aefb8abb8830e83e78eab372515d5ca49d1315ba2e3101de80a94aac577cec42d18f40c5f6d6b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\e57f9161-4e3d-4fae-b9b9-18550e1fdef4.tmp

Filesize
1KB

MD5
cfdd147b6408f56bdaa64f3377ae3b8d

SHA1
b4b525ad68f6f55f6b6c9641634b283532251360

SHA256
77b3b26b973a971479157d10a234dfe26c5201b4b96dc0891a1052fb122f1719

SHA512
fa4c47c0edb517317829a19b330534e312386205a68cd53d268fefd2fbaeba5023720d99b9b9f1dfa75032a882ad2322a2c2bc29232e32cd936eef47965dd437

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
5d2652ab0b1778c3f0e9f0e735bc0770

SHA1
a4ca28823eaf14584733b2cc5a82a0f0ccf35845

SHA256
f81c3b679466f13d11d8768ff1d318984c9699a276944effbf5f0649685618a0

SHA512
9199d583582965ade44a65d3163c2cd1bff27be8f9f826dcc0aa11685629af4452120164836e15815d5c171d630e6d48b13f12f85aa504f39b72eacf53571319

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
3969427a7e74040814bdb49518fdba59

SHA1
b671ec5fb7ee175106b151e58f52ae6e3dec4a8f

SHA256
17e61b755967e35b0347645eccaccbecd624d5de15178b529cb9f41e6029b2e9

SHA512
b117d5882b1bb896bbab0a94ff1881750a56412b3a9b2b4272c0c2fc4df69bbb5d7ae6651b809657ca8002fb8fa529cdd4b6f8ff4c441ee19856d5eb902d3ccc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
eca953c715724db2b7641e6318e27892

SHA1
f0a79b1cca4b5136fa13774d6d007698a5bb95ff

SHA256
a87c32cac7e44dc0e948ed0ba6039f810685ae19a7b23daf483ec1593c5fe239

SHA512
afbf76e1aaf912a56487435e9f98e7963cb9b99c5c9beead7991116d9afbb106147efaa616acd3237a115248c31d988c7280d200f651af9f0bff661ee5bab0e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\8ffc26d1038fff50347e706aa3a26435edd0a1bf\e52d5590-757a-477c-901f-55dd269529c5\index-dir\the-real-index

Filesize
72B

MD5
e4f5edacd3ab2a6a323ed6c5ed5eddd6

SHA1
3f7f898dbf521e840f33379c4c798a8f67e92e34

SHA256
4e2f1a9ed2ada91dde9ac3d0dfeeef49e6ee41981af70e5a343400ca2009e380

SHA512
71822db7582b40db54122508bfa294c3483a2621aa8eb91aa43746a4de3de805cba4dbba939835ddfea0498163536985f6d68a92ca9baf2d241bc636bf2bd981

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\8ffc26d1038fff50347e706aa3a26435edd0a1bf\e52d5590-757a-477c-901f-55dd269529c5\index-dir\the-real-index~RFe57c97a.TMP

Filesize
48B

MD5
94acd999556655b0b1aa8f34bcd647ef

SHA1
dffa9d7a505951bdb79f941f59a7f5d7c5d97926

SHA256
69c22f0e50f03093f1b3de8a6279624189aa55b713b087196daf5dfc63c023dc

SHA512
1ebf2cdaf464bf5739fb3e4b65e9333ec4d0309e303110d1c3c87440d95d9f9ab88ef439cd4811bfb7dd03bc3364411465c1c638861573ebbc1b4a21cad767dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\8ffc26d1038fff50347e706aa3a26435edd0a1bf\index.txt

Filesize
97B

MD5
9a9dd9920f35e580fa611ba1acc719af

SHA1
05887dbd220d11cdf72c4e894cb87f028979e16a

SHA256
f936d812aec4d4337d5288ce9d033e4ba49a0575ff05edf68605e76b30515875

SHA512
8f80b39c276aeb8a34672846273d7e2506561bac01c617af842ddb2e9b33a253a5b3c979c75f5562332fcda2ccb3021b74244e3865dcd4997eaf0ae4722d16cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\8ffc26d1038fff50347e706aa3a26435edd0a1bf\index.txt~RFe57c9d8.TMP

Filesize
103B

MD5
47b1f7c64dd9040008246c13dd40fffe

SHA1
3b74f651cf38d07466d2f3ff7b1f2c5b6302be97

SHA256
92af2ee5c102553bbad4ecced6aa9dcd5ba82d5fe9b9f513075bb6510ac93472

SHA512
5cbaee68ed49dff23f4248247ebc51a2a632b0b4b3339b60b318a1c10931d3b3588799278cffff6a575181728a4ca26c037b864597c2ed644463a61d8032b879

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
3fd1212a64479af89ba9a9886baf6f73

SHA1
5cff67536de775c0e6b34570578d6e5e3359afd4

SHA256
5c30c6d2b67ae11d2852426fdf2bf56e421a69ee7df00c7fbf87382c655024f7

SHA512
671673bc6a1d21a3b80eda8cc37a029d83d8b74b9e1737906c33b5ca60a04e5a40235c427d648cc2d0bf38318e03e6ff650c89e47a12c77534365cc7da0471ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57c786.TMP

Filesize
48B

MD5
74bc461d1ca8372b9cf69bb2454b4741

SHA1
95b345897d262e29ee376e472fb07d0541d9641d

SHA256
783f611446871483382936603567f8b4ff118badc2ffa10d9d22f1176164e1bf

SHA512
3c1370659d98b6f3db76fdfcb7827c08e995fca7928dd2af51e477cd2f54802df3558762d18b9617f5d87e8ac716f954d9aab1c511567bfa491a87401222e273

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
6e3cae1241ef7d8e3abff4594f311bae

SHA1
7b3adf7ea48fa58db05b2cfeb5be9ac293c22210

SHA256
ef21beb60065619de2f2b7067401c07304b14afe9566f086893660c81af5b6d6

SHA512
ba6b53dff4fe244dff6e37083f3369dd744e3cc33e5b06535b6995fca06f6db532f3a474347f031943b8079be3d42969fcfd81e555fbc08ef9e760276ce458ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit