hxxps://cutty[.]app/13KWdt9

Analysis

max time kernel
151s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
26/08/2023, 19:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://cutty.app/13KWdt9

Score

1^/10

Malware Config

Signatures

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133375522751564350"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1722984668-1829624581-3022101259-1000\{CCD8CD15-B348-4B9A-B568-6EAD74D21D4E}	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1452	chrome.exe
1452	chrome.exe
3680	chrome.exe
3680	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 29 IoCs

pid	Process
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe
Token: SeShutdownPrivilege	1452	chrome.exe
Token: SeCreatePagefilePrivilege	1452	chrome.exe

Suspicious use of FindShellTrayWindow 38 IoCs

pid	Process
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe
1452	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1452 wrote to memory of 1496	1452	chrome.exe	83
PID 1452 wrote to memory of 1496	1452	chrome.exe	83
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2428	1452	chrome.exe	86
PID 1452 wrote to memory of 2128	1452	chrome.exe	87
PID 1452 wrote to memory of 2128	1452	chrome.exe	87
PID 1452 wrote to memory of 4724	1452	chrome.exe	88
PID 1452 wrote to memory of 4724	1452	chrome.exe	88
PID 1452 wrote to memory of 4724	1452	chrome.exe	88
PID 1452 wrote to memory of 4724	1452	chrome.exe	88
PID 1452 wrote to memory of 4724	1452	chrome.exe	88
PID 1452 wrote to memory of 4724	1452	chrome.exe	88
PID 1452 wrote to memory of 4724	1452	chrome.exe	88
PID 1452 wrote to memory of 4724	1452	chrome.exe	88
PID 1452 wrote to memory of 4724	1452	chrome.exe	88
PID 1452 wrote to memory of 4724	1452	chrome.exe	88
PID 1452 wrote to memory of 4724	1452	chrome.exe	88
PID 1452 wrote to memory of 4724	1452	chrome.exe	88
PID 1452 wrote to memory of 4724	1452	chrome.exe	88
PID 1452 wrote to memory of 4724	1452	chrome.exe	88
PID 1452 wrote to memory of 4724	1452	chrome.exe	88
PID 1452 wrote to memory of 4724	1452	chrome.exe	88
PID 1452 wrote to memory of 4724	1452	chrome.exe	88
PID 1452 wrote to memory of 4724	1452	chrome.exe	88
PID 1452 wrote to memory of 4724	1452	chrome.exe	88
PID 1452 wrote to memory of 4724	1452	chrome.exe	88
PID 1452 wrote to memory of 4724	1452	chrome.exe	88
PID 1452 wrote to memory of 4724	1452	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://cutty.app/13KWdt9
1⤵
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffaaa469758,0x7ffaaa469768,0x7ffaaa469778
  2⤵
  PID:1496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1652 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:2
  2⤵
  PID:2428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:8
  2⤵
  PID:2128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2252 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:8
  2⤵
  PID:4724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3068 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:3600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3040 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:1608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4900 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:2844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=5216 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:3196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5032 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:8
  2⤵
  PID:632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5420 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:8
  2⤵
  PID:2028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5616 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:1088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=6128 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5408 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:1684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5968 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:2504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=6328 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:4260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6660 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:8
  2⤵
  PID:4368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5640 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:8
  2⤵
  PID:3760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=3320 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:5072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=6356 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:2028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=3304 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:3700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=3316 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:4980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5876 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:3780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=4736 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:2992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=3304 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:2200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5616 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:4148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=6684 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:3652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=5016 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:2504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=3252 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:1524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6256 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:8
  2⤵
  PID:1532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6244 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:8
  2⤵
  PID:1656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=3980 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:4632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5096 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:8
  2⤵
  PID:4376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6108 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:3300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5856 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:8
  2⤵
  PID:4292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=5948 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:1532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=5540 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:3684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6584 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:8
  2⤵
  PID:3236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5788 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:8
  2⤵
  PID:4296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=5036 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:1684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=2904 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:4288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=5020 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:2896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=5484 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:2000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5680 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:8
  2⤵
  PID:4224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5744 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:8
  2⤵
  PID:4824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=5972 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:1656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5664 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:8
  2⤵
  PID:2144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4944 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:8
  2⤵
  PID:1664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=1996 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:1
  2⤵
  PID:3160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5088 --field-trial-handle=1876,i,8797729775733869431,17280758069912100058,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3680

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:112

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
39KB

MD5
6a3bb9c5ba28ee73af6c1b53e281b0cf

SHA1
d96e403c99c1707f82ea29c2c1f134e792c64097

SHA256
2f5adfc38558162578ffe112229f10417fbc4b3df025d153d4e22a0c95177740

SHA512
6c4844f70969938339cb6716a834a79e1a8379459c87b983c2518b9cbb560cb2f101aff980f682989928523be6cdc99bde3bfd8137f9c54a58191b900b580fbf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

Filesize
46KB

MD5
03ec8809d142fb0421b9e84aa4fb2d75

SHA1
929dfee32b71ee7ca295d77b9eb2f40cd337cb34

SHA256
5d1a980e5dd31e09e9ffa6e31ef31a0c6ae278917d6a99bddbf455e0531947b0

SHA512
2497ce38ad9efaec380dfb1fa50e04682c8b5bc5679d306364819eeeed23d36cb0f490a6e492fff28b8ca0bba1f2de818c93b9f789035077fe7cd1f4428f0a08

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

Filesize
34KB

MD5
3a3ba2eb341d890e669a74536398ce1e

SHA1
85d0bb72b534409e5de9c6183876e5338e79a7df

SHA256
008c7b6cff28c0baaca7c1d7d61d1298c28dcfea44862367c5cd1ff739aceb20

SHA512
896b3a8da08315f68603fb3c1f78fa5adce868c65349cc37e7915c481eda1f262bd0b016776f58924337bf57f988622ac7584137d7f5d56893d2590c467edd34

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

Filesize
90KB

MD5
581f7f96f729e85f02dd311ecc77c325

SHA1
cb641bdacbe7f7ea13067468dcfe57cba9b665c1

SHA256
5d36b55f16f4196b03a8c2a1b45e12cd9c56c793667a65afb8481c07d0e8c222

SHA512
2665a0b82e92c358fd18a6ff16add79791cb1fe4463f3ea1dc21ce2ef36dec25e0f19fa1fd93bcd3008b1611cbe86c06a6cc60fcd40a1686626daf7adc1dbbd0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

Filesize
64KB

MD5
d6f9fc181f88c77c75327e090eefa4a4

SHA1
8c2cdbad715ef5af834ed977d14b3392228c73f0

SHA256
d6d50901a29e8e64e03797406af5c15b6f9e91961501e04a3a22f6687e4074d3

SHA512
2d7702cef9e6ecd6adf4a56425b4d65bf39d8cfcad7f7fb3de6e9793515e709677b1cc6930acc3d4c68b6a46af903cced7ec9cad80276ad0a6b30c03f7e0bf1f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
888B

MD5
01af85aaa81b9136b73ef22b6bb59236

SHA1
224ac0983c9c3b3a5c7ea6a9dddaa9346d2f2a7d

SHA256
24099cb7ab71e20f342c0d03f76897a60bcec781c2d41d8772aa1b6fbefddf5e

SHA512
712c619c02c4315818907f103fa33fe5f16d7dfda77e1d4f02bddb7dc72108c701423fab03a997fb64e705a148227bf7b4785b624c9538d878e863452ed6b3ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
cd23cbeeb4ca31f7dc291552461c516f

SHA1
d379fdff779b9a119caba3000878322ad61c15f1

SHA256
18bd18cf6545dcdbec6dcb77668277dc0b7fa2c5fc5d8eb51442554fda343608

SHA512
cc7d14e709c43a4c51e5ded1c184e6464d5bde39889ec9d108d1deb4c0e7fbe10fc0e85bc7bdd05a97e039250bc4918b08aa153a920b2338215fa3abbd26b5b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
857dc75995c63213eec5727b0babc1af

SHA1
6ad6e429d74e8687147559d2fb69101cca07d7ae

SHA256
45fcb208c42c508dea1d57b2c8e42361b81a3368e06da6193828e7130b9ff50c

SHA512
89e52e074a71ab17f3ace5c52d349cc37c309238b7439f947b52e4e6e47c580c35988bdc1c52705950d1f738b69e7bac5806c15e666aebb3ad64529916246b58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
7edf71050481362bf008ba13c45be813

SHA1
b87990ff2af11ef76316a6250ace794a05e57c3e

SHA256
1378a996959e0100c666a33cd497c23f6cdb33d3d21f8c4004d545ad31d7ab37

SHA512
bf624a21bec9270d01fe8cd76e76f051b3ec26126993bf639e3baeeac9b06908e07c824cc1ab3b967de0db163d7387d487481d24cc023d16dffd411e46725b0d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ff5d71b9001a3e36bcab0b489ef8ab95

SHA1
d96d3ef6a4d80ea7339b3e3e7a58049d604900bf

SHA256
9b02c622403bb8ba3da6e90202f5a2d2d96db9d3e0540d446cf0890465a320f0

SHA512
3824d2daa8c8271082a3cc07ab05ad7b8065cedbdd99aeeb5a9f2249b84d3af5b67f89fa69617c1eff65c86d379f7998e58c11920db09ec08cd70a1ca78aeda4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
37937c82bf02b291687e187d0b059ef6

SHA1
236b3a2451ec984eb1785dd2af984174dc7c4d99

SHA256
589160f6c0ae2a4a37b85ea6b75f9e1ead05483abb6d2c021a0d0e8e7d94f99b

SHA512
8a6bf239762c67ce6e7c748a5b9aa7ebdbf2d85011055971d7e7c9105ea0e621f7a0092b1d140f68e4f922fbe816aa8f71da44a1b7e859b6613c3223b26e2d6a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
71eee6eb11f658bd12c174540a7c8b3c

SHA1
185795d06fdc8f92f47913d9dcd8a7d8d33361cf

SHA256
06d62c6578d4035de8531be3e1ef951bb62dbc0fdc27cabdb0a36159a5bd73fa

SHA512
2426676f586884c7f71ebb689de3c39b8137701befa08dea40e51fa5752498a6ec842e730030003a2692e11c3c7447b2ea3989924f0ddca05495511e02784a67

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
20ccc4290b0d70620f4dc02f66a30588

SHA1
74e60fa826100a33f6d202b05543cece41772bb2

SHA256
e9177a814b2a87b5258d49efae62fcf804729fb6ab4820a7c7e460e0a1f69cc1

SHA512
67047aadde364c6256d8cc4f260032d0fb02571aeba2315be93238a279a50931d641d5eb70a91e3391c3f42b500c81d763b61cb2e4dacc41870c05caf4e74402

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
73f6fca2e3eeb373176bceea5f1984ec

SHA1
801ecc7fc88811dd5fadc7bf9b44b2bca9d7cba1

SHA256
9656b0d26dfe9a20552ac1d2753855f078ef8af18f4b0cfdfd372e5607046340

SHA512
045f21b0a4b9da4bb5d12485c183627660bc378076aa36bef0cd50ba7c32a5468da59f2cf61a30fee6c6967fd775dfc8490e420688dd79e9833de937b989dddd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
aea99c12376f5ebeaaaf7609f54b73c6

SHA1
2a075190225fca33a0008f362528a6ac966a4f5e

SHA256
7b8a279aa6edefa24450fb13cd27cc894999a1f3b6d3be69480830d351763ad9

SHA512
c8d2c1475c5b8802f1ad594b92824ab6919e28c6734cb58f51c73c520efad4003d708581b67e977b3db1eb0f1d7a18eb666f2b1d58bd7bb403f266267e03ff73

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
4f90aec5572a18da21802ad9a6783878

SHA1
b1d3929903c7f8b097b5a47a755024acf153ba03

SHA256
d1669011b73e1bc3d609016a1179c3817efe4f41c8d7a97374e68e3d0ea46563

SHA512
612880a6659190aec1dcbd0b5cf7d9251c57228c36a51793ef20c9bdba4846c6ff69d2f418f7ced34e2688c93f04fad73951cda84d19ee2eccd97613257e603a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
b9a0b401b1c30eed02c42d8333d618e2

SHA1
3f1cb7cdd394915dd4fea1521dd25d5a60d11a0c

SHA256
df587e06e0c35c3ed303aaa445c519c1159998e01ba8b37909d04ca585ef7eb3

SHA512
97274ee6f5807ad24fc43c1f7e93b0819242b65215dcb2dd92f9444ebc5eabb21a768eba7744b1b461100281c52b200212747a158588783ed1c6184909910df9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
024b0797fec2b4017bb4ab6e0f7d6ee0

SHA1
9c5ea5e39933763f7fb3ffca502a272b116e89db

SHA256
934be2656d8c2b308d048afb3e4e1d769ac61eb91ca6f42fae54e8830dd39727

SHA512
d76a5ccd639ad25e13cb4957e3dd24f78843621f4a58933c9f1c69d42746b45a0f0136c96302e1f2e359e3f4753358fbc13785ffa0df105a3cdeae509f24a8f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
4163ae8383b3a79be84da4f098094610

SHA1
f4f4be858ee25a8e773e11f37cf6751220c65101

SHA256
162a1ba2e05f6d4d8c2bf15e653c2a1cb7e8cd054ff8146cb7f5076615222e3f

SHA512
acfa75d09a0e905875a81a6a7bb79f847611812d78bfe18fda80a30362951bc3b5249322fcc949a2dbe27b51eca9eb0c8cc4bcb0068850ca9803121b90db2f27

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
109KB

MD5
4607a0a440ab059143d3e543da7ee1bb

SHA1
824fab16f9dc8878eb5d78a95593167f64639e51

SHA256
8e7dafd274a0103aed26725d8d3154f7a7b13523933e9e2232d1defe9750ecf9

SHA512
47b8daaf9b420a04b8a34757ddcb41e6dbb10134f2a76a337b9678ca3a1f199255146b552f7ceeefe8bc44ccfbbf3ed6579ae9262a9b546d23c80692f7f56d69

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57f82b.TMP

Filesize
104KB

MD5
f9512f0966a0bbe5974044c39ce33263

SHA1
e117ede0525c7f2452e32f5df3d8de97d5e2f610

SHA256
50f84610a18900d4a882302efce4a304957508227b0e92c8094022d683d9e003

SHA512
43b842a9f445e2767ef4a601b05e6a2cc93353710d4e1d6890f5a437d7c630649a970bb453792da4dc4c5f51f870a1e61a32d70729fe8aee3e3057243bb80051

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit