hxxp://codecrafters[.]su

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
17-08-2023 10:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://codecrafters.su

Score

1^/10

Malware Config

Signatures

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133367417518831533"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1376	chrome.exe
1376	chrome.exe
1036	chrome.exe
1036	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe
Token: SeShutdownPrivilege	1376	chrome.exe
Token: SeCreatePagefilePrivilege	1376	chrome.exe

Suspicious use of FindShellTrayWindow 29 IoCs

pid	Process
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe

Suspicious use of SendNotifyMessage 26 IoCs

pid	Process
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe
1376	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1376 wrote to memory of 5088	1376	chrome.exe	82
PID 1376 wrote to memory of 5088	1376	chrome.exe	82
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 1416	1376	chrome.exe	85
PID 1376 wrote to memory of 4268	1376	chrome.exe	86
PID 1376 wrote to memory of 4268	1376	chrome.exe	86
PID 1376 wrote to memory of 2340	1376	chrome.exe	87
PID 1376 wrote to memory of 2340	1376	chrome.exe	87
PID 1376 wrote to memory of 2340	1376	chrome.exe	87
PID 1376 wrote to memory of 2340	1376	chrome.exe	87
PID 1376 wrote to memory of 2340	1376	chrome.exe	87
PID 1376 wrote to memory of 2340	1376	chrome.exe	87
PID 1376 wrote to memory of 2340	1376	chrome.exe	87
PID 1376 wrote to memory of 2340	1376	chrome.exe	87
PID 1376 wrote to memory of 2340	1376	chrome.exe	87
PID 1376 wrote to memory of 2340	1376	chrome.exe	87
PID 1376 wrote to memory of 2340	1376	chrome.exe	87
PID 1376 wrote to memory of 2340	1376	chrome.exe	87
PID 1376 wrote to memory of 2340	1376	chrome.exe	87
PID 1376 wrote to memory of 2340	1376	chrome.exe	87
PID 1376 wrote to memory of 2340	1376	chrome.exe	87
PID 1376 wrote to memory of 2340	1376	chrome.exe	87
PID 1376 wrote to memory of 2340	1376	chrome.exe	87
PID 1376 wrote to memory of 2340	1376	chrome.exe	87
PID 1376 wrote to memory of 2340	1376	chrome.exe	87
PID 1376 wrote to memory of 2340	1376	chrome.exe	87
PID 1376 wrote to memory of 2340	1376	chrome.exe	87
PID 1376 wrote to memory of 2340	1376	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://codecrafters.su
1⤵
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0x9c,0x108,0x7ffb7f3e9758,0x7ffb7f3e9768,0x7ffb7f3e9778
  2⤵
  PID:5088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1660 --field-trial-handle=1868,i,1282310245190042809,4509991545514764121,131072 /prefetch:2
  2⤵
  PID:1416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1868,i,1282310245190042809,4509991545514764121,131072 /prefetch:8
  2⤵
  PID:4268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2216 --field-trial-handle=1868,i,1282310245190042809,4509991545514764121,131072 /prefetch:8
  2⤵
  PID:2340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2744 --field-trial-handle=1868,i,1282310245190042809,4509991545514764121,131072 /prefetch:1
  2⤵
  PID:652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2752 --field-trial-handle=1868,i,1282310245190042809,4509991545514764121,131072 /prefetch:1
  2⤵
  PID:352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3972 --field-trial-handle=1868,i,1282310245190042809,4509991545514764121,131072 /prefetch:8
  2⤵
  PID:1048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4732 --field-trial-handle=1868,i,1282310245190042809,4509991545514764121,131072 /prefetch:8
  2⤵
  PID:2816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=1772 --field-trial-handle=1868,i,1282310245190042809,4509991545514764121,131072 /prefetch:1
  2⤵
  PID:5072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3972 --field-trial-handle=1868,i,1282310245190042809,4509991545514764121,131072 /prefetch:8
  2⤵
  PID:4940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5080 --field-trial-handle=1868,i,1282310245190042809,4509991545514764121,131072 /prefetch:8
  2⤵
  PID:3336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3268 --field-trial-handle=1868,i,1282310245190042809,4509991545514764121,131072 /prefetch:1
  2⤵
  PID:1192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=916 --field-trial-handle=1868,i,1282310245190042809,4509991545514764121,131072 /prefetch:1
  2⤵
  PID:1080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3380 --field-trial-handle=1868,i,1282310245190042809,4509991545514764121,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1036

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3084

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
aad52b229a17fb3eb3e7d3031bef32ff

SHA1
ddc4c434cf56120251daadf86040ac9a404dbebb

SHA256
3e69e2e71a4fdc5c72d8006685d9d891cc88a1483b2ccd1c05d510ceb444745b

SHA512
9fce19802b274033b9ef2af99b81abefbb6792f14fd504776d67fdc6154b91fe812e4cb9159d2cd6483c041d17c722f4bfd7368c40e2383a861f430d3da98e4c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
2c2661bd94f5a27b5f6cd2f05d54a179

SHA1
c4c2e7fbb766dd5fcbc2767e1c7ed8f9272ca26a

SHA256
1d39cac29ff9a3f1ada24c5269c07115ac157f885ae011b31b5d596bbfc911a0

SHA512
3e28b7671305eab0dfd31805acc848666351e2bf57c59c6310f4688095a14690e42d7e22a42a96402bf79e86bdb82efb725b5d7da1503f1542e9a63284b7b841

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
4bb3afe6944742e5d6eba2dfd4f013ea

SHA1
3120bc48bac62375e5d6a8901435f0f8fef54402

SHA256
5317457f7d23be35668c1ac5c2007614b35832eb9b2c86db457f217e25f42e62

SHA512
b1fc0ec4f3c5490a9464c4834f0b3e632fdbbf0fca0a2a21245b70a55ac886fb361cdc87f539eb475d930b603f8a7d74c7fca3e8d04a6113cb638d6bee2e808b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
69d07218b03429faf0045f390180bf66

SHA1
5a79efb2f885e9c41e352af8f871b64b2e3321ad

SHA256
39338bb4a8f090f0618e20f039cb0531515ccd1d3f8603808602dd9d51672c49

SHA512
489aa6750d3e1a26e55a58a4bd383969ea9e66fb45e944828dd2e9c6be1186764017585b2e74efdc2f4cbd185c6ebd4ceacc7fabc028f2a0135a1f64d6b6dc55

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
e9e6f5bcc0817cde1ad210af2e7bf67b

SHA1
e4ca0449b82c5b1ba66b3f59a7ca6c7cb596c781

SHA256
1899fe7fd71dae163c607060d202ccd59be136a28584bc34fd5eff9111331db8

SHA512
93454a3aa2f41edd734681decc6f46b6995e9a8b180bad25e543cba165e663fae489e8ebcfed554dc2beb0fdc7b2b2ff6ae7451da77fecd2edcb93873d9194bd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
67aa7ab8e5ca8e91e44948d397492e06

SHA1
d140ac992c6ad8d69f3f15460540330bed92eda2

SHA256
3da8c152d40d8024d5d3bdf087e14c92e8c744aa7687e3c81b5cb58039ee4ccd

SHA512
aa7bbbd67baa087d938782fbd140335203952e662afb6cb0c58195cf3b9aba43011eb68de2c0c4371b51212463399c90998076375af2b75d433a2dcfdc9f5180

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
05a9e784a17d43800808dbad75c142ad

SHA1
e1bec91ce18725438eba48adbd3970a770481c34

SHA256
b85588e8ab955b3b93b23da51cd66e3e0cf944ef03b6724a62a3a1991665ddb8

SHA512
7a53859f169107f7e35f75bb1213d8cb450bb1b02f22d45fad015b8db7c70c94854ec45ab03e0086d265ff3ba4084cd05130ca72e968c5f61b182894a3e0cd26

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
54a03a26135bc3ee087872473735cc72

SHA1
98b1e6cf6a5536e36c1f0085e96eb82cdf516ac2

SHA256
4ebddd409db05f5e036ce196731c16c5f590297a25285ac490b7d2c20945f908

SHA512
00a411d759a123087109ca6bf10b44fa0dedac4bfc3ecce209998231dbb25894307855363a6a42823d3d9e17b5334fe0a6dc2e64bb0a4f7b85377e002d945c44

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
47fe39d8a2f323125c945c6e1ed659bd

SHA1
cb5c4158fd257b1de557cbbd2e7c847a1e96a4e9

SHA256
dd0a1e9e6d3024f76ced3947ef29226ab44b8eff4e02efe1f8004bac975759e0

SHA512
98a056a6681c768f0f936aedc5eddbfd9b12782fec9cc198dc3aef21dcbe70892a2428120384f521e0edab2fec3c623ce5e9fb31b84d3b848caaf403a7112c2f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
98bab4879e7060d458cce929c5aee8bc

SHA1
d13523e692bcb10d6ffb6b7ce34f0b15f2595abf

SHA256
a078aa25d0249cfc2bc461bc7afb85e44238e652c9aad248a6bab3bc6ab83f01

SHA512
aca7890b1483d664b8990a206d95a9d7175d77cb55fc68c2fc97cb468d072f9ac4bf1caf6efbac450d7b7e847967dd2811e368bdec9d2793a448a03a6d17e09c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
103KB

MD5
3383d129012edef7fd08421e9ef893c0

SHA1
6c17dec03d00d5e2ee8d7fee515b7fc6f9295798

SHA256
1ef99803a9edcc46ffcb08af95748f06193c4ad1878b53b9a4b2d8bd04129a82

SHA512
5079d6402167a5bc2fc93187df30ba5eb884e3b3a131a15a72f83216570ebf0c7d91140c9bb0ef0faf59235a7ca0efbbd8668a22b7cdd28ccb48863fed01dac9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
101KB

MD5
0e880fe7ba2361e197bcad6044f8d40f

SHA1
0f55b3d30cc1663cf1063d8826d260d2085f467c

SHA256
4c1c22bebe27407434443bba32b3b4dea255820ee5c71e32a9f0ff0d6be7d813

SHA512
f1853987a327fffc3e0bccdc4feed8b75f805539844e593e0b07061cdffcf1689eee9c90e4cfea82f79908c84c8a0df11e56da4f90296b2a3195f377b499205b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58312d.TMP

Filesize
97KB

MD5
74b2c213fc312122ede73b0f785c7242

SHA1
0ef131a07376c0f953cc8da4ad5540a87eef1092

SHA256
451566ab85d8bc7f1b8f61baadbbf9577caa0560ae05eaa54df82178879a7333

SHA512
4494be040cd2722098f083effa61b0b68d3636e7b7da19ed2f4f802d736d52a2f5a795062a85b59115a06603142adac9033098c7c866695e28e074ea6a2d6076

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit