hxxps://go[.]activatrade[.]ca/openr?email=redacted_email&fvid=darsept22open&r=darsept22&optinpage=6CheapEnergy&subtype=stocks&subinterest=general&dlcode=&dlname=&trtype=

Resubmissions

26/08/2023, 05:27

230826-f5f9zaad2w 1

26/08/2023, 05:24

230826-f3y21aad2s 1

26/08/2023, 05:18

230826-fzmjssge76 1

Analysis

max time kernel
352s
max time network
356s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
26/08/2023, 05:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://go.activatrade.ca/openr?email=redacted_email&fvid=darsept22open&r=darsept22&optinpage=6CheapEnergy&subtype=stocks&subinterest=general&dlcode=&dlname=&trtype=

Score

1^/10

Malware Config

Signatures

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133375012498630950"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2256	chrome.exe
2256	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
2256	chrome.exe
2256	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2256 wrote to memory of 4628	2256	chrome.exe	82
PID 2256 wrote to memory of 4628	2256	chrome.exe	82
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 2168	2256	chrome.exe	84
PID 2256 wrote to memory of 3304	2256	chrome.exe	85
PID 2256 wrote to memory of 3304	2256	chrome.exe	85
PID 2256 wrote to memory of 3528	2256	chrome.exe	86
PID 2256 wrote to memory of 3528	2256	chrome.exe	86
PID 2256 wrote to memory of 3528	2256	chrome.exe	86
PID 2256 wrote to memory of 3528	2256	chrome.exe	86
PID 2256 wrote to memory of 3528	2256	chrome.exe	86
PID 2256 wrote to memory of 3528	2256	chrome.exe	86
PID 2256 wrote to memory of 3528	2256	chrome.exe	86
PID 2256 wrote to memory of 3528	2256	chrome.exe	86
PID 2256 wrote to memory of 3528	2256	chrome.exe	86
PID 2256 wrote to memory of 3528	2256	chrome.exe	86
PID 2256 wrote to memory of 3528	2256	chrome.exe	86
PID 2256 wrote to memory of 3528	2256	chrome.exe	86
PID 2256 wrote to memory of 3528	2256	chrome.exe	86
PID 2256 wrote to memory of 3528	2256	chrome.exe	86
PID 2256 wrote to memory of 3528	2256	chrome.exe	86
PID 2256 wrote to memory of 3528	2256	chrome.exe	86
PID 2256 wrote to memory of 3528	2256	chrome.exe	86
PID 2256 wrote to memory of 3528	2256	chrome.exe	86
PID 2256 wrote to memory of 3528	2256	chrome.exe	86
PID 2256 wrote to memory of 3528	2256	chrome.exe	86
PID 2256 wrote to memory of 3528	2256	chrome.exe	86
PID 2256 wrote to memory of 3528	2256	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://go.activatrade.ca/openr?email=redacted_email&fvid=darsept22open&r=darsept22&optinpage=6CheapEnergy&subtype=stocks&subinterest=general&dlcode=&dlname=&trtype=
1⤵
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff905869758,0x7ff905869768,0x7ff905869778
  2⤵
  PID:4628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1716 --field-trial-handle=1860,i,11611707430754643979,8506078941069306942,131072 /prefetch:2
  2⤵
  PID:2168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=1860,i,11611707430754643979,8506078941069306942,131072 /prefetch:8
  2⤵
  PID:3304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2192 --field-trial-handle=1860,i,11611707430754643979,8506078941069306942,131072 /prefetch:8
  2⤵
  PID:3528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3004 --field-trial-handle=1860,i,11611707430754643979,8506078941069306942,131072 /prefetch:1
  2⤵
  PID:4236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3020 --field-trial-handle=1860,i,11611707430754643979,8506078941069306942,131072 /prefetch:1
  2⤵
  PID:1924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4776 --field-trial-handle=1860,i,11611707430754643979,8506078941069306942,131072 /prefetch:8
  2⤵
  PID:2040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4888 --field-trial-handle=1860,i,11611707430754643979,8506078941069306942,131072 /prefetch:8
  2⤵
  PID:4840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1572 --field-trial-handle=1860,i,11611707430754643979,8506078941069306942,131072 /prefetch:8
  2⤵
  PID:3196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1660 --field-trial-handle=1860,i,11611707430754643979,8506078941069306942,131072 /prefetch:2
  2⤵
  PID:5052

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1932

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
91KB

MD5
e7401a564a607ff0be57ede10af53dca

SHA1
bb84099e5d1a1c9dc5a99bd642c94c01146f3db1

SHA256
b9df546921b2758f87cdb11afb90db021a4b34bcf06166633dad919af331a048

SHA512
cfaa8ee7733098d54a2847c8dc8b624f9b71e6e34da0b5f927b53a5a0518cf3941907e2d407bd1e9b133633d45e840541d403b73cd58ccc9a32e428861968d48

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

Filesize
180KB

MD5
497835d373e12af4cd257487dd5d3612

SHA1
425950e9427926ac0aa7940c4a18a44ab59df47a

SHA256
e11ff08dff0a884b311133e2469146b2a54319cf60094511e098df0c3677c4e0

SHA512
aa05611f56185e02289345f9c286ca98f96d5e1d24c8d152605e866e60013dc2945fc60f826e81459003ca9c2b7d439c0f6fdd173cbee57cd751ee51b18d2bf7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
752a96d56721b3dcaf7ac71a8c23f112

SHA1
95557c5158512e30838c2e8ff6e67db89860fb97

SHA256
6f555f5d8ad523005a1807cb4b1a6da415f890d78fee059fd9d4465a0234d2a6

SHA512
3c318561e6f6b06cebbea453b3185c2675fbe853a0c94f0c05bbdd9bf8fc737f8f45a31e87e99749a454335fe4b4afdda63d0d0214b6f1ee1a49e5139945f7f1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
6ca18b3bfcddbe9935679e3dfe3ecad2

SHA1
9329fc80abacb1265ab9818d42d95d80ae1befbf

SHA256
38f4107a3405156c06f47ca0152392faa1156c383efc042a31e4d89fb72f80ed

SHA512
9bcda2ea3369a0cefd08411642bd9a6f282ec3548d800ae62e930b3648411769ea9af2b3dd907fe7167191ce3858b0b81fbf4f354990c85a52dd1a52d321b5ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
8ffb2caa94caf3197928b474637779f2

SHA1
b8a09a6217cee47424bbfff21e7c94fee42f8bd0

SHA256
bd608a6ceb2baa71eeb5340b11dc8f0e2d3def4c537bafd9359dfea53ee4310f

SHA512
92510cf9f628d681ab8a5237d1a60b7692a0543f124275a438536091ad853bea1c3650289227429de084f4f99d26a7d64b40f4e74c37afec86b1cdec8a2b22ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
9b1f7eb5feff04a9a5b096d840e2ea44

SHA1
4a506f420d48ec6829532cde6d90d29fb8ab53f9

SHA256
017a6367c7f648e1d9a6c89616f180387cf2d89471cf4588ad76f431aeafdd4b

SHA512
6eb631e620bb01df5291f3c5b5f8b1e8f4f0dc61846d2d039147f3cbe8153e0e6130bdebbfd6eb19a1b622dbe0e29879f48ad41d3ba152b6351071af4953ce3d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
d215d6205d330f13cb11b388c228f6e9

SHA1
84bf4ef7e862c363d0b54cfa53a46b5953bdb7f4

SHA256
2fd3ecda605a6b58866a884ead94d22d89b18da7bed43514282cd5abea71c088

SHA512
83a58010f759ee356389139928e11721d80dbdf4ddf563ab8620fb1e0744678e52a822b4817d0414dc6be47deb7ec7c63e92db67c53175778eec9a0add9e447c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
749346c1f4902c46dfc1f7963836a832

SHA1
16217bc415f31204340744db84828ffdaf094747

SHA256
b11fd43f5a39addfcf0523f4771062773114643eb8248a8170e875f332ad997c

SHA512
b2bfd2fffd067cddaa7c6c6008ae5e15a5d667feb789c012113fb6c1103e19057ed63236089fff83967ae3f0d38d1acc443c7302d69dae0d6f8ee518dda0ec6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
2fe6855ca3c51cf44ef3f1e067881b25

SHA1
babb1d2e0bc98ac31637659994b9f91341ab60db

SHA256
d2fc7508ea3f6900b7ca37233a8d936085f256f4f65a9c476d538e82bce47199

SHA512
5caad06cdd8836b7fa5f1115aaea637668b0ae1b0e31e5de4e48a76f4ebc1f3f84597e09a97379ce4c5be95a6d873dd1098c50a90f93a3d7bda03470bfc07958

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
62b0174390adf8219045d9d72b2d6f0a

SHA1
0390c2572d61d3c7042d5c7863ce483c84e21ea3

SHA256
7cffc376b3dea82671e3ce65663db888a14f9ce9e84b073edf6886ae5b37fe71

SHA512
7f0ef0308aa5405bf13247e485abcca06054df127ad0ddafbadae9da681270c6e399db5516793cfab890cb5461c14a40d261cc6d57f5d0ff0791b39fd0037456

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
8ca72b78c263b92fae7890bad624f0e2

SHA1
f65683e58e33abcb1c3a06bc4852829e6fdc4ae3

SHA256
0080c7f856890e4de7af3b605aa32896eac4aa7ec36772ae3a63431b81b4e754

SHA512
c88ba55adbd1158368db8c72ce737745899364ec413babc21f4a56d81d7ff8661142f38df5d33650672200e78ca7457173cc3f1302404339a0c7f712920ce5c0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
57094c2728b31e9ad16c087057505499

SHA1
4c889ea27b550b1c1c04dc945bdb83b80a0f8df5

SHA256
4344a363ae8d72024f393afffd07e0df1ab98adf4600faed9600e2ac620adc85

SHA512
2339cd992c5dda6b7bd0d7a7d9ce071e4ca09d9c12f476a70cd418ac3c3ef89ccc72df15667b444e54288e0002a4fd3a48db4637264c29d5eab9e15db0df2264

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
103KB

MD5
e4433d840bd1360a76b784f8f34eade2

SHA1
70fbf37ca3b392ddca729c96cb48870c03c952da

SHA256
e3b4e92ffc482f97c9caad2a305f46a9f12342356aee526e2142940ac3a5c97b

SHA512
e3a7c8dd33870f6607043078204ae6f12325a195294cc93f8c36f9b1447383c10570400fe9793586565da7b8845d2bcadd4fff9c9a0b5f8ed2e7083e6c2fbc12

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe59818a.TMP

Filesize
101KB

MD5
dc2e32393f43f23d959879d17e2672ae

SHA1
0684ac5e91e6b25fdde6d58531d0780cd85efbd0

SHA256
ba789e9ac8519839d466e18ec0bfe2f65031406ce25e395b71820afc80208aae

SHA512
30a708f473c6a160cd7e8c13ceca56fd8227c1da26d1512f7cc933c4774ea85dd7a332d8d7e944b6a4e6caad8e3f452a28aa46ce2de9bfc73247e90aaa62151c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit