hxxp://www[.]minfin[.]gob[.]gt/

Analysis

max time kernel
150s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20230703-es
resource tags

arch:x64arch:x86image:win10v2004-20230703-eslocale:es-esos:windows10-2004-x64systemwindows
submitted
21/08/2023, 16:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://www.minfin.gob.gt/

Score

1^/10

Malware Config

Signatures

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133371094235786342"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2356	chrome.exe
2356	chrome.exe
492	chrome.exe
492	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeCreatePagefilePrivilege	2356	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2356 wrote to memory of 1488	2356	chrome.exe	83
PID 2356 wrote to memory of 1488	2356	chrome.exe	83
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 2908	2356	chrome.exe	87
PID 2356 wrote to memory of 4452	2356	chrome.exe	86
PID 2356 wrote to memory of 4452	2356	chrome.exe	86
PID 2356 wrote to memory of 3508	2356	chrome.exe	85
PID 2356 wrote to memory of 3508	2356	chrome.exe	85
PID 2356 wrote to memory of 3508	2356	chrome.exe	85
PID 2356 wrote to memory of 3508	2356	chrome.exe	85
PID 2356 wrote to memory of 3508	2356	chrome.exe	85
PID 2356 wrote to memory of 3508	2356	chrome.exe	85
PID 2356 wrote to memory of 3508	2356	chrome.exe	85
PID 2356 wrote to memory of 3508	2356	chrome.exe	85
PID 2356 wrote to memory of 3508	2356	chrome.exe	85
PID 2356 wrote to memory of 3508	2356	chrome.exe	85
PID 2356 wrote to memory of 3508	2356	chrome.exe	85
PID 2356 wrote to memory of 3508	2356	chrome.exe	85
PID 2356 wrote to memory of 3508	2356	chrome.exe	85
PID 2356 wrote to memory of 3508	2356	chrome.exe	85
PID 2356 wrote to memory of 3508	2356	chrome.exe	85
PID 2356 wrote to memory of 3508	2356	chrome.exe	85
PID 2356 wrote to memory of 3508	2356	chrome.exe	85
PID 2356 wrote to memory of 3508	2356	chrome.exe	85
PID 2356 wrote to memory of 3508	2356	chrome.exe	85
PID 2356 wrote to memory of 3508	2356	chrome.exe	85
PID 2356 wrote to memory of 3508	2356	chrome.exe	85
PID 2356 wrote to memory of 3508	2356	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://www.minfin.gob.gt/
1⤵
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb12419758,0x7ffb12419768,0x7ffb12419778
  2⤵
  PID:1488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2184 --field-trial-handle=1876,i,13797330550368301205,4930216562670315292,131072 /prefetch:8
  2⤵
  PID:3508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1876,i,13797330550368301205,4930216562670315292,131072 /prefetch:8
  2⤵
  PID:4452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1648 --field-trial-handle=1876,i,13797330550368301205,4930216562670315292,131072 /prefetch:2
  2⤵
  PID:2908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3008 --field-trial-handle=1876,i,13797330550368301205,4930216562670315292,131072 /prefetch:1
  2⤵
  PID:4480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2960 --field-trial-handle=1876,i,13797330550368301205,4930216562670315292,131072 /prefetch:1
  2⤵
  PID:3244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4772 --field-trial-handle=1876,i,13797330550368301205,4930216562670315292,131072 /prefetch:1
  2⤵
  PID:3220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=5104 --field-trial-handle=1876,i,13797330550368301205,4930216562670315292,131072 /prefetch:1
  2⤵
  PID:1284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4004 --field-trial-handle=1876,i,13797330550368301205,4930216562670315292,131072 /prefetch:1
  2⤵
  PID:4216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5628 --field-trial-handle=1876,i,13797330550368301205,4930216562670315292,131072 /prefetch:8
  2⤵
  PID:2892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5680 --field-trial-handle=1876,i,13797330550368301205,4930216562670315292,131072 /prefetch:8
  2⤵
  PID:4168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5168 --field-trial-handle=1876,i,13797330550368301205,4930216562670315292,131072 /prefetch:8
  2⤵
  PID:4520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3932 --field-trial-handle=1876,i,13797330550368301205,4930216562670315292,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:492

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4596

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x510 0x500
1⤵
PID:2620

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
384B

MD5
2662deca6d066ab18d57a9ff143526ec

SHA1
a08846b062205d3723dbc4e355b1f67fe4232901

SHA256
d9deccfa27d0c8bcdea4d289da41860af71e589ec663f661853a271777ebfbb2

SHA512
751219b053abbf0ef40f83cf2d763a1711ff12808d931edb1e7e37d122f7aaee90d970a8688c9b68632dc4734769cb9c84e1bd2f09da584dcb37719f2ca67c83

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\0d9258ff-1ec8-4773-aded-1e63d7bb7a2c.tmp

Filesize
1KB

MD5
305624030a9fa575c039191bf430ff45

SHA1
1ab390d47d061245143bcee26dea296e80b53e11

SHA256
ea3e55d1d03ec6ce8a8aa3983bae4ae7e23403d768d745b91f4c63e7f00abd1e

SHA512
f3b8fe634a095581b45132547f350db041f4deec2e3dba9160c334409f0a8d266340f7d746ecfb7ee4dacce66dd74dbbce1f07f2612c3ce608103979149c261b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
bf7a83cd80c92e9e1371e18030e140bd

SHA1
1bcf33233780467c603e767eab3049da45997ced

SHA256
1ea732c98ed458b40d6053f0bcb41622dd2d8bb3218e5314c9ae7e155e0c126c

SHA512
9f35a29a872647e1512c34a70e03c777ebfcf96f432a1bcf55a782bc9d99d652db1befaf80d14914762f5c9c01a3d0332e459030a1208ad20a932ac48fb2dbde

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
6df5b2f3a84dabc4e2e95be306ff5609

SHA1
c018291220fbeb9f97096c91706c5e17fa2e26c7

SHA256
60b9c29205b048d7e26b30408696fd361d0c27ceaac622a7e217dde7a04bb4e9

SHA512
3ad7ef0c9b948bf9bbb0b8b73196adbc7c47715e433ebddf98c4d92abda84dce3390c0ed2ea21ece78d72198901dafccda05559512542409e5c3b00f4d37b824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4830f5f2fab368e509af0eb0372a97da

SHA1
540e1c9aa5eaec9766e40815e6d3427207dfda65

SHA256
c099862210c712071fee3e20735fc56df249b0ab9a2789d04dc840ea1ce50d45

SHA512
efe638789a006c63e1520bfe70cae600e45c22dc564edfa0a0958d3e1c5f4cc66ca45cc9417f776de4b2f11dd8901b846e586c1addf95ddc65c728da69667bc9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4c5eb565b653b3d9e385d843e1e57b75

SHA1
f682b21cecd007a05af32935b0fff992251d1354

SHA256
0b6a747e399bd021844742f561728dbb66b114f35f38d8a94afa09ff30620f71

SHA512
ddd360bdf0dc6ec6d5682afea7c7cff500573894010203b972d32fe369941008fc01622aed03dc1dd361c6bd022b49602467e8576712c7417e58a498fc5d411c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
3d1ca6951f0a9b748d9d9ce29363573b

SHA1
81c97f3fa452100b1ffb839f14a210e08d7565f2

SHA256
b3c8b7212de5d7eaddd53ddf891839260f4fbdbbbbaee5a3a76d09adc1412345

SHA512
d938bde5c9479205ef205d71be8c95ee53b557ccbdc61a8a7cabcb88a42b0e8b8c42a03445e839ca3164ada90eb374495e6d63c2504ea76fc1c0363c7c095add

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
016be4424caff636a9f15c7179c5f10a

SHA1
084c7f2c5db8b024d8e23a4840f2db02b84c89ad

SHA256
9c75a87b8282bb571aa5339aa5d8d3431cbd9526ebfb7318b7626e3ea2253728

SHA512
f3ba37542a22f90d5f550c3310f9d2d4009f4625c171fc5f6ecf6532db3ede5fbdb647667287f70ee77647d62a2a5c0db3cfe5517eac0aac5fab1a5b15019d93

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
11ad951002ca9f2256b3fdd6bf3ab871

SHA1
116de6bbe7abcb3798b287cfb2f413ab488c6a73

SHA256
a085fbaabb573b4305f95b99379ca3c62e23bf0c5bf627b03c975eecfdcc33eb

SHA512
ae89447c68d14b595709dbd3b3813d7040812fbaf24b298fe06afda4905ab685705db398b771104240b41eceadd11e4667b0759b45f3c199895a0850dddce9d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c04f524ce4c39dd1ea64af0c9d3f5c73

SHA1
7bc23bbd6c2f838dce83b6faeee6b1ff199be2c4

SHA256
71affc9390f7e0498edb4897eab3b00bf58e6d0aaf9da34c5dca51f32fab7626

SHA512
a28f174156b624829c7e78df8ad60f56f6a3e362988a0b833cab8831794807631f0093336489e8141160a0facdc42686a1c440394a63f8a3da4ed7cf480f6aad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
87f93b5466168f27fab4de556e52a6d5

SHA1
d986e6d5802ad14f2e343ab78d84fee1e14fc6ad

SHA256
8dec8928e2b784823102b0e63b56f5c2eb715950e7af35c2bde5fafa99ea74cb

SHA512
c8e54e47866fee71d88d8b861824dfb3b634bd36c90c2326c3a15681555fe823a5a7b8181ce728ce6e418eed83a574c2ea6512d94e599d4197a5c90e750622a1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
2573b9df3e15a3e1f8de56a4cead8d13

SHA1
7e1d642b1d98b424e1132a8d3e1b51c3b9303c27

SHA256
a6e79c6f9699116b7db8ba1f296ced98b9cfbce9828ef3710925ac1d4dec48f3

SHA512
5258e578d2b9734250032ef79fe9a6fd7e1f51d80a97186602c3ddef36112ade32767aec004469b4c5e0a696d3d76aaf6bd0d4de194a84046745ef711d708554

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
5170756b19865051c51f55528dc50679

SHA1
744beea76acbe50aa2d9c44e217940ee55b112ad

SHA256
811240e0431929165c69b5c2ec3cd33669c4a2ae2b97af07c91a3387dc04f754

SHA512
34c2274ed642520d602af0405fe8e47f8c3086dd57226139d94a484e4546afd78c80a7cf8cfd422be416bc577b8f7acec893d2a0fc0d4e893432a878ef56e029

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
61dee82dfed26f0442bfcc1ba7902fde

SHA1
f883444b6d22662565afa8bfd150b18a54a31012

SHA256
29e4ba32a68437fd7c24a18e57b1b88090e0963f237087f4f7b3e2b57e366ee6

SHA512
99b654ffa6b2710d93c885d941be221d3996f7d3b5951211581e4cb0ab22989755916d3dc537a6c2dc0fa255ebabccd063b900db56140009c16c655f9a30e7bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\d997e8d7-1f65-4071-a4cd-1c730a8961c5.tmp

Filesize
1KB

MD5
b2557cca6f8cea9ac91dd58236bf2453

SHA1
09eeda5411e64bcbd585520c1c1e200003c461cd

SHA256
0bac5994044ad1c6956b103e9e9277156a0e85d08810667c3ca4e1047a8a8bda

SHA512
ae8e016bd3ffed9646c5c242f186452b5fee4288330c7ac274117bf49a1347b7eb7476b91099d6d147b2fa49bd2482057f32f9f457f7d63b519db2ade19a3471

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ecf44e7589c969083c01813fd21cb876

SHA1
e1bffc8e65e600062f454e3b787052dfef37e5da

SHA256
39583de549550f31dd4de8cb658d627f4e176cd22503e503b8a7ddc55e0724c2

SHA512
fa74735b495aca8e9c85a078cd1b798a98293433da5fbe33c5ee1cea69c10c6a0f4828b56727b061dca92352c3306ed25d333fc01364f7c3cac697cb49aede88

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
340f95e9f120cdd72351e3233d2c6b06

SHA1
f82603e74030e918631e856995b3a28a61b94e0f

SHA256
ede5aff7ab352f252503f147b4fe609387789d94331305f84faa0f609077cdc1

SHA512
3eafa3d7316c6ff89c1f00404e3535e7c46b180e766a082a610c4c76b290cf23af5b92b67f9d9a27c48eddd00dad39471ba9d7e2a4e2cf601d2c065354b333fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a71e906835a8b015b660218ffdc77b95

SHA1
ba1f96a9e6a0090d6303a1d70fd010a7061e460e

SHA256
2f70a9a2302b6ebdf0d90cd2b130b779d31caa8f482f9cbe26ba7c1a392ba428

SHA512
d333af5f2083bcdf7f0378ddc048c2a37601da63707d9cfee8219a7532d1bab27a9518af3986506ac8bf12f54a68385da911936acc8b152dcc7727441f2ec86a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
d1a5fcb9e25817a54858c990437f3e05

SHA1
705bb7f894e93dcee20f2390d3dbd034ed08196b

SHA256
5063d53637c591233e782b04bc68adcc93f956119f184a3a368e8a92822a1937

SHA512
6bf7e16ff763e8aa4051179a1e323c46d3fba13ff57c56d0ef3a374d0097f034bd5811d723d956c27190abbe160c53c07d761247dc35d76a8d7a26e3bc94fe0d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit