hxxps://jr7[.]trendrushr[.]info/lyfDX

Analysis

max time kernel
1800s
max time network
1690s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
21/08/2023, 16:25

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://jr7.trendrushr.info/lyfDX

Score

1^/10

Malware Config

Signatures

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133371087430723286"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
5036	chrome.exe
5036	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe
Token: SeShutdownPrivilege	4928	chrome.exe
Token: SeCreatePagefilePrivilege	4928	chrome.exe

Suspicious use of FindShellTrayWindow 31 IoCs

pid	Process
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe
4928	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4928 wrote to memory of 1304	4928	chrome.exe	51
PID 4928 wrote to memory of 1304	4928	chrome.exe	51
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 3420	4928	chrome.exe	85
PID 4928 wrote to memory of 404	4928	chrome.exe	86
PID 4928 wrote to memory of 404	4928	chrome.exe	86
PID 4928 wrote to memory of 1188	4928	chrome.exe	87
PID 4928 wrote to memory of 1188	4928	chrome.exe	87
PID 4928 wrote to memory of 1188	4928	chrome.exe	87
PID 4928 wrote to memory of 1188	4928	chrome.exe	87
PID 4928 wrote to memory of 1188	4928	chrome.exe	87
PID 4928 wrote to memory of 1188	4928	chrome.exe	87
PID 4928 wrote to memory of 1188	4928	chrome.exe	87
PID 4928 wrote to memory of 1188	4928	chrome.exe	87
PID 4928 wrote to memory of 1188	4928	chrome.exe	87
PID 4928 wrote to memory of 1188	4928	chrome.exe	87
PID 4928 wrote to memory of 1188	4928	chrome.exe	87
PID 4928 wrote to memory of 1188	4928	chrome.exe	87
PID 4928 wrote to memory of 1188	4928	chrome.exe	87
PID 4928 wrote to memory of 1188	4928	chrome.exe	87
PID 4928 wrote to memory of 1188	4928	chrome.exe	87
PID 4928 wrote to memory of 1188	4928	chrome.exe	87
PID 4928 wrote to memory of 1188	4928	chrome.exe	87
PID 4928 wrote to memory of 1188	4928	chrome.exe	87
PID 4928 wrote to memory of 1188	4928	chrome.exe	87
PID 4928 wrote to memory of 1188	4928	chrome.exe	87
PID 4928 wrote to memory of 1188	4928	chrome.exe	87
PID 4928 wrote to memory of 1188	4928	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa45869758,0x7ffa45869768,0x7ffa45869778
1⤵
PID:1304

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://jr7.trendrushr.info/lyfDX
1⤵
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1740 --field-trial-handle=1940,i,5006018455115910278,702052243469726086,131072 /prefetch:2
  2⤵
  PID:3420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1940,i,5006018455115910278,702052243469726086,131072 /prefetch:8
  2⤵
  PID:404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2236 --field-trial-handle=1940,i,5006018455115910278,702052243469726086,131072 /prefetch:8
  2⤵
  PID:1188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2812 --field-trial-handle=1940,i,5006018455115910278,702052243469726086,131072 /prefetch:1
  2⤵
  PID:3756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2828 --field-trial-handle=1940,i,5006018455115910278,702052243469726086,131072 /prefetch:1
  2⤵
  PID:2848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5020 --field-trial-handle=1940,i,5006018455115910278,702052243469726086,131072 /prefetch:8
  2⤵
  PID:1516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=5096 --field-trial-handle=1940,i,5006018455115910278,702052243469726086,131072 /prefetch:1
  2⤵
  PID:2192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5280 --field-trial-handle=1940,i,5006018455115910278,702052243469726086,131072 /prefetch:8
  2⤵
  PID:4304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5344 --field-trial-handle=1940,i,5006018455115910278,702052243469726086,131072 /prefetch:1
  2⤵
  PID:3156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4492 --field-trial-handle=1940,i,5006018455115910278,702052243469726086,131072 /prefetch:1
  2⤵
  PID:3312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3328 --field-trial-handle=1940,i,5006018455115910278,702052243469726086,131072 /prefetch:1
  2⤵
  PID:4732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3200 --field-trial-handle=1940,i,5006018455115910278,702052243469726086,131072 /prefetch:1
  2⤵
  PID:2464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2784 --field-trial-handle=1940,i,5006018455115910278,702052243469726086,131072 /prefetch:8
  2⤵
  PID:1764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3184 --field-trial-handle=1940,i,5006018455115910278,702052243469726086,131072 /prefetch:8
  2⤵
  PID:4528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5504 --field-trial-handle=1940,i,5006018455115910278,702052243469726086,131072 /prefetch:1
  2⤵
  PID:4684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3344 --field-trial-handle=1940,i,5006018455115910278,702052243469726086,131072 /prefetch:8
  2⤵
  PID:1084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5048 --field-trial-handle=1940,i,5006018455115910278,702052243469726086,131072 /prefetch:8
  2⤵
  PID:4552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3720 --field-trial-handle=1940,i,5006018455115910278,702052243469726086,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5036

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1452

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
97a607d93b797ba4d0575accceb878c5

SHA1
53752b370135ccca88bc47e41a6ef54348b9306d

SHA256
68c6f9a4dff98d5a562e1f430504153b54832edeecd499d6e05016e584f36923

SHA512
832f8f8864d4ebaeb0be1a949e9d1692ef40f6a00f4b198f64bcf18acef849928f2c6a404468d59be56660f76786ad6e00728bba6029226e0bd352f5a67ed1b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023

Filesize
27KB

MD5
123413ed6fd33aa5450516ba6224da43

SHA1
1484fe64b788158586360c3af3c3bc48642c2bde

SHA256
834e9ed0ba5ca8a35e882bf9ff04d6b220692c8cb879df3e84cda2bf387d99b8

SHA512
86b9558b9494ea210f2e8a1622e409844925b71899167cc1bcb6bf25e96898084be8065f3e1d03af90178fff191a99fa43e57391484e426aa382142e370bd499

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
480B

MD5
deccbb150b11a55f14e49b6214781158

SHA1
fc0292cdab273619ada9d1c1e0f58b4d83a8a7dc

SHA256
fd86b9a4e6c28c2723c3d5ede27e001626c9979c0377f528651c2095930e4dd6

SHA512
fe00d0878c6c05cb37ae53e555189972d6977846955e50d3eeaae02301b90a35c0222f6d3442b6cd7d042379a98723fe2656cb026512692a9430289d95db2c29

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
36297769f2f6f703f432b0fdd5a4304b

SHA1
fdea1ff221fc2b2c071e16ee7cdf2a4ed1f00fec

SHA256
7d00b73ec1fa3aa1a65e1414c9cae10207ca10eafe356c972a7bf4a53b624b01

SHA512
42ef4aa5dfd95b9878d7fe9909e79feab2c60a48a07ae7ee34d35139f2571d585d1210ce7438e7b08fb8acb03a9d53215701d5c734f1688631fbba77144ab564

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
8f77607c4ec7c1f8f390346f6f8af413

SHA1
f56878c75b0d5abc3778c0be735393c37592d761

SHA256
89fbdb93759c3f11ea38998a2e7794d9f6e17e094c71532ce4cf8668b2d7dad4

SHA512
904d78d9e5209720e4fe89352469cd597f54e2e509779972b8c1bdb25629a965129b0af18b0e1ae371530cc7bb38ab7bd2715291f5932771437eaf8cfccae747

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
9c9d290f2e59db24ea513ca0713be4be

SHA1
8619cb66463779cafe749d01c812cfd482dae8c7

SHA256
ce166f9387bfb19d8e45e084d40307c74c46ce87fb3c317b94d4410dec294989

SHA512
915cef66c6f1c5752d6e026eca13df1664015ae2d1223eeaa8a0f7c633c9116356476c47dd5ba43995c09b34df9c5464e9538a096bfe7cd2e5e4ebbbd5b015ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
9f0fa25ab2b743f2869a5fbc6ebc75c6

SHA1
f425a7e0e935cead4c7e6a84e2f0f14ca42ca285

SHA256
81ab5efddd4516689ef59f9a0a47998444521fb6556a03c3aee1f5beea8270e0

SHA512
7bff3ea07ada13680769d9eab9d6947b76652f9af9d752dc82720af1cb9e5182812e58363e9b987efec6969f61e2390b4c9914372ea42002d4e2d40efabf21c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
54d78ebb5632d4faf81d978e8502ae05

SHA1
806ace7e37111614ebcd972c50af144d51a2ee07

SHA256
6e1de57c10eb393eb0fd4f4c9017b41f487c5b9c99f85b6812714bc89e8cf044

SHA512
5bde8cb7ec51da87b079cb6b9b8b8a318012e432a90eca7a8863766296e747c2f07b4a3a52eb0a99e1ebaeac293c0ff06384e8c7cb1cca946fcb7cbbb3ac83e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
44023dbf03082c714dd6f36929242ad9

SHA1
51037803d84dbaf15a19841a61333a4f5769b977

SHA256
5ec235b505c940fb017ff68b15f499157404c746ca858fd939f594291c433c81

SHA512
fa280d13710ec790cd5941e1eda90e4598f04ef4b4b7840c1ee7139fc1a44f087840e1c9e826058fe33ce93cd3ac40391f9799aef40162b436293930c136365d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
0c932698917701d3ae293d089f618ff5

SHA1
d778301862247a2a52ac2680de98ced32dad4a34

SHA256
cee5e134ce5e8fc9d8242e638f410f0182467330861635a8aa6971941f86d806

SHA512
996339d641219aefc6bcc1b7209b926592b80148f444bfb1b27deabe671f5d1140faf0624e4b8601d45251aed6f7528c998e9ec4ba1e6d6ca12d1c449a2ba576

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
feace2c16aa7845d506bbce98f22788e

SHA1
2acb3f4a5368fee5b0a5817a49dcec9034b8eb20

SHA256
dced3d3c9f6cdbb8e76c7b8315362d593a8ca0b43a71adcaca569ec003ba0f0d

SHA512
c5535e63a0abf37e10719e2b2d5475716e175a2f5e9b9b61cc5f15515d847ea73db8cd1aaa112c76df361d4c2cdd61d835171bfc1257efb07553809ca4bb1609

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
6ec12a59eb46125ceb19a2d0dc8d1993

SHA1
f77a69cef7195ca8e95b03b1d5d1ddd2fec89a2a

SHA256
ba70bab3accb038ccd31bd8b767824d597d88032ec6b125fb32390411f4a8ff8

SHA512
4e314c95d0a344cb2c2ece026de302b11bb792a1c94159a4859c61133e9cc37dd7df3374daeeee8d0c918ca8fe56b365ecb01f6798e5d1bf156a63b0906224ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
108KB

MD5
a67ed0ce2e90bffeeee3167540d16e71

SHA1
15995be501381724077150e82390c6459ce88142

SHA256
727871b8abfc63d0ae1306eba090771930844e1468d6219b5a3e2c1c70b1afa4

SHA512
3146d092dd838cf553483e67226e5be50aea7c4c6b604be21ae6ac5245a39cbbcadaacfb759f6b1beb9bb4bc508dc1c349a5fe68711360c96e11108c5bc9c7b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
89KB

MD5
f0942b33adcc1d6dd5d7f5c3d10462b4

SHA1
75c45b67c6940a8eb800705fb4db28592236e628

SHA256
b9528d62649c47bba74156109ace7e7e3548f233216ec2c2eb8b7839cb3e2c1d

SHA512
8d1129e77bc2d3771ad1d524c950c279d0da6b809ff7f8a9aecfa24af69498275efc35f907a6c77f42e8f5fb26dae8c2e2f112ff802c8a9e2d7e29594386f05e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
89KB

MD5
9d69d57fcc338439c6176beb37bbbd25

SHA1
a3ce3c4bafba276f23d307b3ce8dc2c509323e98

SHA256
1808246677f970e5bc417d11238b777548603a49743abf78261ee0d4394cbb01

SHA512
245f0323e29f64937a329c8512c30f4e5cbcb313d2b7460a4b1d21f0cc5a740ba55cbe89d82332d3861228d8028cb4e24b18d356e2088c9256fd6ec21ac00b6d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
89KB

MD5
db8b9b1f48e94fd09ba88c1cef8bcf77

SHA1
154d1f7de84be0b6cebe4aec5dd4be0d06e935b1

SHA256
b57ad4357890069cb971ab55b96db41468b6a91d02f52030f0646e7556814988

SHA512
e1a38bfae43e18400f313e2deff82cb75ff864865948abc0293a14a1550ae79685d02e368ed240ad85a150578d2af996b60bdaf8f874fa77f6710633c9a037fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
89KB

MD5
df2053d89182b0ae3fc8238fc360a65d

SHA1
cacbf03162749aec87ab5777c00a36232839fd3a

SHA256
696b98c757e76e057a13acc8dc52a310020409affa7bd35e0d86745f36769889

SHA512
5ac6c7e3967292ad1db93df9811bb232b699d6a2b8cdbdf1de6f958c095ad3577a00c98c9aca12ccc9b89073a065d804d830ea9e51541c088ae9245f79ecae0c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
104KB

MD5
99c296446bb75e7e80604493d80f9e9b

SHA1
3729b9570458161dbe88c77c23537b8e4728e3b2

SHA256
e9f9829cc9b65ed90a80d180ebbec96f8fae481ca6d2ed1b102e64884b4d0334

SHA512
5a9e10674b10925374a0f4b86418803cb033f88cac90d41d3bf0d532830b4c59e1063d008d7d18ce1631d66a6264a99417d6744ffbccda0536a2c727f84af6a1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe583bfa.TMP

Filesize
101KB

MD5
ac88e539169c018c5fcfdab6f28c6b9a

SHA1
d841161670aa5db622b2d2818d0122307feea97a

SHA256
f615f330898c6aa1ba685985851c5489874adc6e0de2c507da9cb232bb72e47e

SHA512
d6a01751bc06dcd83164cede58a2cf41fb95e235226a1e2caf4caa1d7fc3294e535f7ecfe8b4531e75c86b4a3fb213a946cf4f5de00e88f2faaea17a9dbf7073

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit