hxxps://cutty[.]app/13KWdt9

Analysis

max time kernel
149s
max time network
160s
platform
windows10-1703_x64
resource
win10-20230703-en
resource tags

arch:x64arch:x86image:win10-20230703-enlocale:en-usos:windows10-1703-x64system
submitted
26/08/2023, 19:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://cutty.app/13KWdt9

Score

1^/10

Malware Config

Signatures

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133375522815568586"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3808	chrome.exe
3808	chrome.exe
228	chrome.exe
228	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 21 IoCs

pid	Process
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe
Token: SeShutdownPrivilege	3808	chrome.exe
Token: SeCreatePagefilePrivilege	3808	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe

Suspicious use of SendNotifyMessage 26 IoCs

pid	Process
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe
3808	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3808 wrote to memory of 4824	3808	chrome.exe	70
PID 3808 wrote to memory of 4824	3808	chrome.exe	70
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 1952	3808	chrome.exe	74
PID 3808 wrote to memory of 4828	3808	chrome.exe	72
PID 3808 wrote to memory of 4828	3808	chrome.exe	72
PID 3808 wrote to memory of 4832	3808	chrome.exe	73
PID 3808 wrote to memory of 4832	3808	chrome.exe	73
PID 3808 wrote to memory of 4832	3808	chrome.exe	73
PID 3808 wrote to memory of 4832	3808	chrome.exe	73
PID 3808 wrote to memory of 4832	3808	chrome.exe	73
PID 3808 wrote to memory of 4832	3808	chrome.exe	73
PID 3808 wrote to memory of 4832	3808	chrome.exe	73
PID 3808 wrote to memory of 4832	3808	chrome.exe	73
PID 3808 wrote to memory of 4832	3808	chrome.exe	73
PID 3808 wrote to memory of 4832	3808	chrome.exe	73
PID 3808 wrote to memory of 4832	3808	chrome.exe	73
PID 3808 wrote to memory of 4832	3808	chrome.exe	73
PID 3808 wrote to memory of 4832	3808	chrome.exe	73
PID 3808 wrote to memory of 4832	3808	chrome.exe	73
PID 3808 wrote to memory of 4832	3808	chrome.exe	73
PID 3808 wrote to memory of 4832	3808	chrome.exe	73
PID 3808 wrote to memory of 4832	3808	chrome.exe	73
PID 3808 wrote to memory of 4832	3808	chrome.exe	73
PID 3808 wrote to memory of 4832	3808	chrome.exe	73
PID 3808 wrote to memory of 4832	3808	chrome.exe	73
PID 3808 wrote to memory of 4832	3808	chrome.exe	73
PID 3808 wrote to memory of 4832	3808	chrome.exe	73

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://cutty.app/13KWdt9
1⤵
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffdc6189758,0x7ffdc6189768,0x7ffdc6189778
  2⤵
  PID:4824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1624 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:8
  2⤵
  PID:4828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2096 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:8
  2⤵
  PID:4832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1520 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:2
  2⤵
  PID:1952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3084 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:1
  2⤵
  PID:3672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2940 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:1
  2⤵
  PID:4428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3528 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:1
  2⤵
  PID:312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4884 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:1
  2⤵
  PID:2800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4892 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:1
  2⤵
  PID:4708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5324 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:1
  2⤵
  PID:4908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4880 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:1
  2⤵
  PID:4976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5868 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:8
  2⤵
  PID:4928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=6252 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:1
  2⤵
  PID:316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6776 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:8
  2⤵
  PID:1192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5640 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:8
  2⤵
  PID:2400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5516 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:1
  2⤵
  PID:1904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=776 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:1
  2⤵
  PID:2252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1844 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:8
  2⤵
  PID:1192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6236 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:8
  2⤵
  PID:4732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=1844 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:1
  2⤵
  PID:1056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=6516 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:1
  2⤵
  PID:2204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=6576 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:1
  2⤵
  PID:2172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4620 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:8
  2⤵
  PID:2064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7076 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:8
  2⤵
  PID:1056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7108 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:8
  2⤵
  PID:3124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=5784 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:1
  2⤵
  PID:4520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=6288 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:1
  2⤵
  PID:1904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6568 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:8
  2⤵
  PID:2204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6868 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:8
  2⤵
  PID:3244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=5648 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:1
  2⤵
  PID:4472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=6456 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:1
  2⤵
  PID:4220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=6864 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:1
  2⤵
  PID:3948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6064 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:8
  2⤵
  PID:960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=6052 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:1
  2⤵
  PID:3028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7196 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1448 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:8
  2⤵
  PID:4684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=5344 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:1
  2⤵
  PID:2100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=4984 --field-trial-handle=1920,i,670876586273407302,4300271368437855982,131072 /prefetch:1
  2⤵
  PID:1828

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4732

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x200
1⤵
PID:620

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
61KB

MD5
f3441b8572aae8801c04f3060b550443

SHA1
4ef0a35436125d6821831ef36c28ffaf196cda15

SHA256
6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

SHA512
5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A

Filesize
893B

MD5
d4ae187b4574036c2d76b6df8a8c1a30

SHA1
b06f409fa14bab33cbaf4a37811b8740b624d9e5

SHA256
a2ce3a0fa7d2a833d1801e01ec48e35b70d84f3467cc9f8fab370386e13879c7

SHA512
1f44a360e8bb8ada22bc5bfe001f1babb4e72005a46bc2a94c33c4bd149ff256cce6f35d65ca4f7fc2a5b9e15494155449830d2809c8cf218d0b9196ec646b0c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A

Filesize
252B

MD5
a9354e9d6097e9cff6c99d3dad71bd79

SHA1
8a4ee9507efa317d5d9bcb69dbe829c706ca0e44

SHA256
56247504c081f2ca324caa5408e5e57cb2ca5f1b6dc30c6bafdaeccedbf8772f

SHA512
948974421279cef3b04bd5731ce7d2f2fd3973394721c3ffbe32b40ac24c5ed8844073975f360e6931f05a389ad1a016f045ce6fefe29eee6d18f17c52eed02e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003a

Filesize
20KB

MD5
923a543cc619ea568f91b723d9fb1ef0

SHA1
6f4ade25559645c741d7327c6e16521e43d7e1f9

SHA256
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

SHA512
a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003b

Filesize
21KB

MD5
7d75a9eb3b38b5dd04b8a7ce4f1b87cc

SHA1
68f598c84936c9720c5ffd6685294f5c94000dff

SHA256
6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7

SHA512
cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004e

Filesize
27KB

MD5
123413ed6fd33aa5450516ba6224da43

SHA1
1484fe64b788158586360c3af3c3bc48642c2bde

SHA256
834e9ed0ba5ca8a35e882bf9ff04d6b220692c8cb879df3e84cda2bf387d99b8

SHA512
86b9558b9494ea210f2e8a1622e409844925b71899167cc1bcb6bf25e96898084be8065f3e1d03af90178fff191a99fa43e57391484e426aa382142e370bd499

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000054

Filesize
301KB

MD5
301f3b596cf43a38a02f8c8fbc197867

SHA1
2efa99e5a354017ddcf75f59a6e4cd6a47246c2d

SHA256
7d7b31d867e20fc0b1d90de1f53937ab074ec00254293d9ed035551fbf8af40d

SHA512
db7bb52d1b6169af9eed3fe0867da46eff88c2c55034f4ef3c4e7c604e9b1a745b9195b8d3b0e0ca3670e8056ff4b77c37b7cf515d18fe77c6e16294a4473e56

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000055

Filesize
108KB

MD5
ceab1a75072d660a434f1cd62a85fabd

SHA1
a1d45b74c95b030e5795b1ac70c0de6a76f40af8

SHA256
0adef5945640e637e1273f298e26013aed784d39f480238e5ef13e17511de5c7

SHA512
28cc2e65ca09c6a2e79fcf4313e34934fd127cefb49d0ee8bb7865a24994982925e28f60e242bd801abd5f4c961533156abfa6a625a06d98b7652f359c401b7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000056

Filesize
70KB

MD5
1aa6150f7bd36648316bbb3d7229f838

SHA1
f03c45d1bfea4357e2407a937d61e6a1573e5291

SHA256
350ddd1b07c20d3aa9cb1a68d5524725c00fd56597aa02894552d085da75fb32

SHA512
5eb1ca5211bda94ba28217a98d76bd1e08817222a49f16c3872d34afb41de23f9c6b959d3ab94219ad844b2bd03ff45d28589d5e568903b64bd6835b69d1ebd9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000080

Filesize
158KB

MD5
838f22e707163670f95f7ed0329dfece

SHA1
c7187fffceed3b6946bd3e9183ddc9d935b9b161

SHA256
eda5cb8fbdda278f496c3385b169fdd3cfac6c46b190182408526e837647fce0

SHA512
2798502a85edcfd84bea3b97765746db68f64088b737cd997f7d8dfb4c07a0a701a65167997c004badcf10704d1fe7f0e7c964faa43d39533a9f435945875ba1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00009d

Filesize
180KB

MD5
497835d373e12af4cd257487dd5d3612

SHA1
425950e9427926ac0aa7940c4a18a44ab59df47a

SHA256
e11ff08dff0a884b311133e2469146b2a54319cf60094511e098df0c3677c4e0

SHA512
aa05611f56185e02289345f9c286ca98f96d5e1d24c8d152605e866e60013dc2945fc60f826e81459003ca9c2b7d439c0f6fdd173cbee57cd751ee51b18d2bf7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
4502ba6845d21222d20948f9d30c4b84

SHA1
1eb277f96f9bac0d8f24f84c44968ac667c2220b

SHA256
abd00896c8c5f8e086ee61088e49226199e3f69277ff8dc3269722f2914f50db

SHA512
a3107901e00618a3f02cfe94181de0814ecd4685820ad10b6b98f800215c4ace2ad9f6476926d1268f51ca56e37c32f119265b0d0b5b9b84f727f9bd1e383b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
13KB

MD5
3cbe0bf5f46e0fdbad525b2511250e93

SHA1
8ea0c1a53cc3d92135f5c9e7d08d8253fd3707d5

SHA256
8e6fe4a634de4a24ed0c090a5c20e37945170fc7f460ea442b9da08384a497d8

SHA512
c41e1d9097dab66096e703d9b23118407ec12bbf838714bde07ac599babacc0dbfd29cf41ddd8544d0aa952ad492ddf13711bda1c2780fc03780336ece9dd4ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
8KB

MD5
60f70aefb1554e370f60b420600ade3f

SHA1
b4307928b3b13803530371fd8c71889bd97774d8

SHA256
d04af774cd35d564365ff798deb0828de8b05b030cbb60700a3ba69106b52efa

SHA512
bbfc1115fb760aace6fd08e7221ff0117dd5046a3020e26775a7456fd285c7b81837487ecab116a48e8f8917e32f9c9ced01838a3959db7979840a660c72adb3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
6e26283622b8ac2fdb9b0426c3dda810

SHA1
b7c8b0132ca836792df94233f6424f5defbe6307

SHA256
a4fad40fc3420d197f22de0d5de3f2cc7d04d73bcdd28e51b857ec4370a845df

SHA512
beade4e01799784ef64eab3bfb9db03ad965397457e46683b4f06533d5b9f85528f6779eb3df7472490be96877e2140cbcc51ecb4b330673b1319e087f68f329

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
f995b71fa3735a5c2bf72cb7f6447cae

SHA1
0c48fd8ccb01d64581ac270a0999b78a250d4da6

SHA256
1fe9ff3ea39970315b0202a0db05071a0f8bfc0f33320e9208d660faf3b62da6

SHA512
a21173141feaaf81c494e6034bbc2570cf5926c5d31c1aba1686134518389d98b485a5d07b61603ee13f7b98738eb3a21a80c93cf64b71d982f5273157193660

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
e5329529186acab14eff2e3b0106b3aa

SHA1
229c786f7662929842ef099337153417ca7626ef

SHA256
391d4dcbb8f064d7c2385899421d98a2c770f76fa67e822718938904a14e075f

SHA512
1828718220f693e07250204122ee08b176b7ab991446e503ec77a64155c902ced96995a2fd4efd26a3a5b871a5f5512d0ea7c41928f885bfc381cac744ac5ca7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
1c3365412ed95f1cc4f9e8dd735428e7

SHA1
552fb4dbc9646a365b19dcf8521558c7cdf32c31

SHA256
2145aed3dd14d1a8d243c1433655668b6cb7300337a8b7743b0400cc0e3e4dc1

SHA512
93710a8482fc8261e17699c0b6f95a276b1a664651617c7c7061f51b9219ec43d62fe6fac8dd5af296448ec9eb9ba7338162872c263e740c2cf97174ddd5828c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
914f72182a193c215626a166b3bf921f

SHA1
d6a11dcbac962b328fb0fdd90985300c99df75ef

SHA256
50f06d848e568745d656e35c3901338a117a27627e07703c0086d651e26ab795

SHA512
06dfe8ea51eb3f962b8d1c253c69fb343f3e52714b9c0e3bd6d8c61a8a77e39efc7b69bc00f4a9269520ddce676ca78ce8e9faba2692e87f08f93005db87076f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
eac04e09e5214bfbd86a6125d037147d

SHA1
f8e0831916b8724c6d44d0b6a9d224fd20acd0ff

SHA256
9abe06199c447ea1e579c7b4f51b86453310b02d4b286c887ae7e779ef3bd86b

SHA512
6064caaad6861a78c855bbfb2d8f03df20b521eb409a63de352c3121cacdb980df4e90255da7048334763dd1e724560305d03031e5681e9efa361d23becaca15

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
3bc81cde1de6910bc58f612b231da5d0

SHA1
46cf1f35a8c568cc4793732417c3378b2588300a

SHA256
4ce821fb3b2e0fc05ad76beada9756710e7e1ef036f4866bfa6b0c9bf62bc139

SHA512
0732fe62fb438ce37a78bfd409b14a8b1748abd006dbe98ed280a38d5ca1dd8bd37f1928cd950fd3c077511878b95098087df77311586aa4253f22afd2d7d5ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a43dd72947c81b01dc8d74e714752534

SHA1
86b00c6196f65d046d1fc4aa5488bf6e4e2e0b92

SHA256
c44784c5a1d7d4d25838c21b6a748674494a74dcde6934881e2c54784fd6f467

SHA512
4de94b006cdcdba01193ac2b114a4cada3fef093b6e394ce79f394dbe2e6fdac1f4ccf903c9f528875cd4b3063a39b576fc9c4792d0f6d0291b7b3e8ed6da243

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
015cbf17f8a56ddc397a5a5656d28439

SHA1
f8f1f0db263c919cdeec32d8d96649168a271997

SHA256
31c8ffe89384d17fee5001fd187dab0466b0c068eb93410853d75b3d589860c7

SHA512
31aa6925718a4ac71f0482a755136904ff6b790a4e9b9b7cb43aa58d85b8c91683798e4fcf1ebbc61be29edbd7a201477ead727f449d717c961a20e5499c4ef7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
b00e84f7f387958e6b5d5a786e45d0cc

SHA1
537f550cc0b806f98408b87bc1ab6909fb5db0f6

SHA256
b4e44ed198d0d25d807d60defb8316ef1e1b5cb3a578cb62212d484e2cd8aa05

SHA512
036d85429b11e73485d72188c703169216e98bf837608502f686ba46c9a59802c94f6c91100ca3ba726fb8411bcf3c8c547816300b77f25bac99d4ac30d062cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
45298553ecbf7db82fcf6badf48ece74

SHA1
df8996cf2c4b9fc5c68ff928064b35d1cc35d50f

SHA256
b9942f832d8e7240fd2d7843de940915e93410e3e560c8aaf5930f3911e10a31

SHA512
18e1d77ecf162419dd6886428b643cf0fd2c9440ffa2c7ddb92be0a828503dfc72048fffe633d5e9d994df79b7814140b2c24efa71a6cfec4aadd35d1c7e6ed4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ac871f091a9ead53d04920fe9d450266

SHA1
9959f0f2b8f1e48ffd9a59e5ca1343f62bea5e75

SHA256
f36406a2bcc652f02e85560d47e6f351e88537616cb6e21b261cf38aedb8cc60

SHA512
75717c3914e1789050f3c29490fb7e2857b7ea9bb8ee73479009bfdfda7d8c187f0034cb348aa5326dcee46c3a6302272c21c089e2a46b1d6fcacdc0e5e6899b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
a7af1795538b1a80ef892b9c811b33b4

SHA1
c2007f0858deff85f795fbf4c63d490f87ec289b

SHA256
a4dd17ff2c264342c0f002b49367ec078fa29c56427555940f87bb29a0a9cc58

SHA512
565ab51d1bab64875d563c3e97f192de23238706c08b0434568a2768c9a4a40bf841ac3e3c60e21e582d4ca57dffc0fb36a9b6996b1c3d6ee6931d6176845732

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
a68c8de5944133d6d816e97a3b07cd72

SHA1
fbda813b735421f30899590fd94606e8c1ec2b3c

SHA256
702fa151da2e6a63d92f708131cd18378f70401e8faf7e7ea7b911279dac3497

SHA512
70f83ab8def5dbf4eac2c633ba43f8f6ef3421f48f504020b1c93ef1dbe7829bfe3ac7156e96c33e08de44c6cdaecaf42625357e21dea0ff920ce1dd2b5db4db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
72ada8cb7a7dce04b34a93fed2cd5e53

SHA1
4d111bbe67f8014b40fbd1545f1646b2121be05e

SHA256
76924200080eafce9a4132a92094bfd525518e5c4dce174e685442675bcfbde2

SHA512
1aa4c880a0ac243d39f856233fd289fce8e97684f985edd16bd5c776ebd5618944b9415f792465633d261baf60aa81ead07536ca47e40f62b9f8cccc0c5e3b3f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
68b77ba9e4e4c5a7f969ba40c527a1b8

SHA1
23c81c1e3efd74b10ba21536f1ebff48ac327cc6

SHA256
7b3a468e66b9b49a21d9aeb6d1cc22a9409b09db5e949ff817c9350aa536e908

SHA512
6eedbac21ef8e2009cd482bad08018300a5eef4ab496db78157bec2e64ecabc7f4bb2f1a789391917be83f6f9607c0aaa3410be7444977c9ab165318827a56e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe591c19.TMP

Filesize
120B

MD5
312e41b439d52e5df83e18acde08ceee

SHA1
5b5cf3df76fd5dec60b09836a71fce95e7bbd688

SHA256
d68a4059b28c2c7ba10be25217baf9edec5362d6331e0f43c09149318c89d26e

SHA512
9b0045515aaf34e1c4eaf99a102f184f740063dea01701ec312fb62ac0a9b7d1273a08c81cfc0a6409602f1fccf1507344e760fcc264eb2c6f75cb06f0fbf8bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
907690d538e322febae0c89dbc9899a1

SHA1
d5c685f0834047d29453fbc8ce82a14646a80fe8

SHA256
22e9573bac8c9720ae535809937113d3b749d6718d9d1ec3fc0472c798f33820

SHA512
8bc53c1ae325d4da4a92d3019a6689d83ca7abd0f43f236213b2356c507553df7a8a4339736307b738360ff67a5fcc4147ed73ef6e16195918ba1fa0b40f56d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
dd639845093b380ac74a932a4cc59607

SHA1
ffc0da7a021325b7e1a5544119534f97f9061421

SHA256
1d585a222d1d958d4028ebf3c55ce1e1f9ecda1bf3e5ea316f5742c3a5eeeac6

SHA512
3d494fee536928ab1ec339516d5efb77642c3bfa4ba81542355bc6cf6e371890253db7a0e43c2a9bd7eb3fc144924c6e7858d72868180223d67d9002a6b7a4de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
103KB

MD5
95082747864f26ff09a739193edb9c07

SHA1
9c01448f44ca297dda9b20ae6569d3a238c0e5b3

SHA256
b5e31cc1e9c28bb6a0b20f87cd5039a5ec34fee47a153da116b5654dd7ccd08a

SHA512
d8a365efd959a745467ed80a497fa61ee009a795fc7ab39aa3571dfa97a4d5f7f5581845117fd87dc53bc7eec421de046b0d2e18b601c4112480ea9bcb173e2d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
103KB

MD5
8ad228016c502edf2e79fab555a5a3ee

SHA1
89a4f7287ea1ad6f283e1efb066d3de64ef2cc0c

SHA256
64d803af2a824f8ff1041fa94e1ecbda08c82c63c56be48d61895c4a94ab9200

SHA512
f7518dbb112440c73cad1a7de05d32a1e02166e22d9aef8500cacc324ad9a316ebe63ce1f6e56dbd1b8506d225638b5ae39eeaed3bdbd156c3b06e0878a5a4d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
104KB

MD5
8fc0612c6b2cc92ee44924666489d71e

SHA1
1d4101d55d3cec6b6a97739347d05942127f8d07

SHA256
96490f569a77bf17491898aa3d514147cd2a386647778144fcf0d2cae1f7d502

SHA512
097b7482feb55853bed7c468f4e6d35bc0311581ef99a23bb7a1e5f436559fcbbb6ba1dcf842c18695d0d08dccf69aa88706af6ce668cb74323c416b0ddd2405

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58eec0.TMP

Filesize
100KB

MD5
4bc5afdfc7d893e7aef2ffa69f13600c

SHA1
836b5fbeb16b23bba55be854ed60a7d1afe9c580

SHA256
1b3c69dded9344dcea0f7efa7785720517300856c4743d1de8f5de7c2d652f23

SHA512
a1861cc60b253c4ccf6114fc836c2cc2e6d13c04f033a002a7de4e0dcedaf2ee1cd561520ea5761688fc0a57bd7bc3822293fb3023a707fa399632efb994c8c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit