hxxps://www[.]youtube[.]com/watch?v=byq9wwBL_EA

Analysis

max time kernel
1800s
max time network
1690s
platform
windows10-2004_x64
resource
win10v2004-20230824-en
resource tags

arch:x64arch:x86image:win10v2004-20230824-enlocale:en-usos:windows10-2004-x64system
submitted
28-08-2023 17:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.youtube.com/watch?v=byq9wwBL_EA

Score

1^/10

Malware Config

Signatures

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133377190057980933"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-642304425-1816607141-2958861556-1000\{7279EDF1-AC92-4EEB-8763-78EDF22BF36B}	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1964	chrome.exe
1964	chrome.exe
5096	chrome.exe
5096	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: 33	4676	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	4676	AUDIODG.EXE
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1964 wrote to memory of 5100	1964	chrome.exe	84
PID 1964 wrote to memory of 5100	1964	chrome.exe	84
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2756	1964	chrome.exe	89
PID 1964 wrote to memory of 2892	1964	chrome.exe	87
PID 1964 wrote to memory of 2892	1964	chrome.exe	87
PID 1964 wrote to memory of 3480	1964	chrome.exe	88
PID 1964 wrote to memory of 3480	1964	chrome.exe	88
PID 1964 wrote to memory of 3480	1964	chrome.exe	88
PID 1964 wrote to memory of 3480	1964	chrome.exe	88
PID 1964 wrote to memory of 3480	1964	chrome.exe	88
PID 1964 wrote to memory of 3480	1964	chrome.exe	88
PID 1964 wrote to memory of 3480	1964	chrome.exe	88
PID 1964 wrote to memory of 3480	1964	chrome.exe	88
PID 1964 wrote to memory of 3480	1964	chrome.exe	88
PID 1964 wrote to memory of 3480	1964	chrome.exe	88
PID 1964 wrote to memory of 3480	1964	chrome.exe	88
PID 1964 wrote to memory of 3480	1964	chrome.exe	88
PID 1964 wrote to memory of 3480	1964	chrome.exe	88
PID 1964 wrote to memory of 3480	1964	chrome.exe	88
PID 1964 wrote to memory of 3480	1964	chrome.exe	88
PID 1964 wrote to memory of 3480	1964	chrome.exe	88
PID 1964 wrote to memory of 3480	1964	chrome.exe	88
PID 1964 wrote to memory of 3480	1964	chrome.exe	88
PID 1964 wrote to memory of 3480	1964	chrome.exe	88
PID 1964 wrote to memory of 3480	1964	chrome.exe	88
PID 1964 wrote to memory of 3480	1964	chrome.exe	88
PID 1964 wrote to memory of 3480	1964	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.youtube.com/watch?v=byq9wwBL_EA
1⤵
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa80759758,0x7ffa80759768,0x7ffa80759778
  2⤵
  PID:5100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1884,i,13796740921024940755,13686683581056898729,131072 /prefetch:8
  2⤵
  PID:2892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2204 --field-trial-handle=1884,i,13796740921024940755,13686683581056898729,131072 /prefetch:8
  2⤵
  PID:3480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1728 --field-trial-handle=1884,i,13796740921024940755,13686683581056898729,131072 /prefetch:2
  2⤵
  PID:2756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3184 --field-trial-handle=1884,i,13796740921024940755,13686683581056898729,131072 /prefetch:1
  2⤵
  PID:1768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3208 --field-trial-handle=1884,i,13796740921024940755,13686683581056898729,131072 /prefetch:1
  2⤵
  PID:5024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4592 --field-trial-handle=1884,i,13796740921024940755,13686683581056898729,131072 /prefetch:1
  2⤵
  PID:2148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4948 --field-trial-handle=1884,i,13796740921024940755,13686683581056898729,131072 /prefetch:8
  2⤵
  PID:4000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1716 --field-trial-handle=1884,i,13796740921024940755,13686683581056898729,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:4708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4964 --field-trial-handle=1884,i,13796740921024940755,13686683581056898729,131072 /prefetch:8
  2⤵
  PID:1556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5340 --field-trial-handle=1884,i,13796740921024940755,13686683581056898729,131072 /prefetch:8
  2⤵
  PID:4428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4916 --field-trial-handle=1884,i,13796740921024940755,13686683581056898729,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5096

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4964

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x33c 0x24c
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4676

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
c9f07443abcabe76ab5948cf15b30e41

SHA1
ed46e56d02b93e16105cb1dd308aab4437c42052

SHA256
d52c3ae7a74985ed9aa6ed4f74ac067dc4854533c77251e16aa1e57e7daba447

SHA512
191bac6a8d46bec9fb366628f94b1899a8ce5694afa25a5abb9fe65c1b7ada82d2a419071248e0678a5c271de9791979649e8dbc7eb8f04f127a73996a64a30e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
db3efd9140ee4d2d65f2f9ac77279925

SHA1
9ebf2891a7c94fd0ffb8cd4f6ba0dc6621fe7f5d

SHA256
4298c6611aebf36074ed60606f642e677f672bec0008dce42a1c51a96c194494

SHA512
0a4faf184ded2a9de1adb91cddcc06288e9ea0c2511be50b747de76573a0b6d84571ed8bb79a0458e754b9612c291525237e8e8ce8299493120cad111aa6c556

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
d6761a1f95b7c392a3e8e1edcfd34839

SHA1
aa4273eb20241f7fc0ddecc564ac95212866fea3

SHA256
c643c3df76fdd1fa8b96140ccb40505fc5d18f1f1e3659e1b255bfcc3e6923e6

SHA512
10df4d41bf916d97ce18a088559699db45277518cead442a0b5c8a9d804b45ba90bbd73b36531f05275d5bff220db3c06d8a1c08a2313c583891492a997f4e8a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
80cf24cc3f7b30abe6be0cc783fcf76b

SHA1
9e6d260171febf6daef0bcca52ad46cf878c43a8

SHA256
b01457465218a2f2c99392cb8fc89f7dc7abe6093b27f0ef3d60acd27e491f1c

SHA512
dfe947383617946ddfae5fc52d904ba66cd945f7552477d5f1e351f3b2835d4f207ae091180eca0ccd32e2c2d54bb36d88204674c6a80fa74d95969cabebe099

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
d30cc943bb94d9178023385a833af2a5

SHA1
11c01d17a1c1228282608658da7abf0550e16276

SHA256
290510cc96dac6b089e6348c6ce1b8b8f25dbbf99b4e3d9b5b0c0a7eb1860561

SHA512
7275121993aa9b7de057ac11fbf4cfd0bb0e986dc0e1689964a469b6246ef6dd121e46a22b03a2624b1d20f8d6ec99c706f9c0e5567af25b1cd5f31083a64a47

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
533f87b80fc3d360f592616bcd378cd2

SHA1
a33e07f269d7615b618291366ffceb8b1673c084

SHA256
125edad89212a20455584f9697fe5957a4c998289b368edbeae3b0544bd57223

SHA512
1af90b2d2b01ebf0cd1c8ad19e13e16af73f1250911fe7d5bb98951136855de1bc3f0fb92d9de0ff9b0f3b8ba3661ab61eded13bdd523ccbc7ae4936225a05cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
475b7a4e8c6cd814941de5c8d4243027

SHA1
7e86c6bf0e0303040390fea70a5c966d916862e6

SHA256
259144d460da4f1b17cff7194663ec61eeef29913c084ac59b47a65a682fc59b

SHA512
f99039865b6435bbfe022e2d66c141e631e8d7699a7eeed9b87d1b8e269961ba25e8417b0ddda93995c3e49cac0a4146f70f76b4204ef61dc5c148913d0976f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
27c23f4280495603329e68d44ef8f7b2

SHA1
fffac2bd6a9c3152b1466419fff141f969d20b9d

SHA256
83986497cddc466c0aa11aa38cb8bd850a29b4a405dcb75ad27ecc9aebb0ff2b

SHA512
43487df9d13735dca8b14e6744a0362fd7677bb3d693ae6a7b22515a9a39946810f6a68a5c43561df401667bc243086dec912a06b4cd7ba5e94af8a81dbd4c56

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
2d4d766557afbdd5cafe3d58cf56094a

SHA1
71d504e73377a721de54f3e9d86b7a20cd649f91

SHA256
dd0d44ab114da52852271876c523582313dba736dd5d2f0740c48e1c11e0ab54

SHA512
2e96abb87929d5451129107a46c562b71249214aec96987d67a0d0bacf32b0c4ae40f86615b07b759c7b74a82f42769321c243dbc081aa438ede4a6c63fbc741

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\48647f58-146c-4d9d-9066-0f5595914581\index-dir\the-real-index

Filesize
2KB

MD5
6b6184c3c8a1e74e3846f2bc51aaeb74

SHA1
72d9c8a664792827de13008d334fcf58258e24b3

SHA256
19f009e7cf9e962a946c200e2f6c46de221292526a952f528cbd15ccca69e680

SHA512
cefa55de94c253b5845c788c50dde2839944879ce7d872e3ab3c49834aa894eda35c7415c86f8b888aa138533685bc5c85e4270877bf7a51c6aad20ab1147b97

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\48647f58-146c-4d9d-9066-0f5595914581\index-dir\the-real-index~RFe5884fa.TMP

Filesize
48B

MD5
7c0b068d41e645b9ac59b57661814965

SHA1
b933e5af263d1774f62410051a722ec865647a8e

SHA256
0b9b67175d35e7ab1dc118dc083d6ffae1166774dcd24af2566dd8ffb1b52e14

SHA512
8ff02d3bb9dbb7c8ad80774e15e5d1abe67ec7dba11a7f0391425a4214c5aaf12daa5ee09f796ab426a26719e509aa19cec66c61ead944b5cfd2a54b41a47f59

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\677316ee-3bbd-4fc8-8f0f-ee4d5dc45c91\index-dir\the-real-index

Filesize
624B

MD5
d6d161b4a95c3aee3667db6f036fb45b

SHA1
b28198480c6e410cba5b4e1ed875349aaf011f7c

SHA256
3fb53edbae876e2a636e50a2c431c038bab465788bfdd2f2f4518bc5a7cf48d1

SHA512
d327c854c0a114f1c5528fde923472dac2b11ed907e38bdd20dc710b905000d2639062dc57af4ff2c17b75a72f8328e39031854a4b7efa4cfc4bb20044e9f75e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\677316ee-3bbd-4fc8-8f0f-ee4d5dc45c91\index-dir\the-real-index~RFe587e34.TMP

Filesize
48B

MD5
5a9419e3e33bdaa45431922831068bfd

SHA1
379b923fe0ed24e5dddb9d00d0ceac2ee58f30e6

SHA256
ebbbb5303d1c8a667b5b697571e5e299d3f3e332d42b6de8f9b530fea8e3cad2

SHA512
6b76f9b17a070aa674413bbf3a2c8d449c8a019d597cf89890907357f979d7bba67bd7f15f8cc8a9f424af139fc7d2e473b33d8a1d59bb7db382a128dcf459e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
b93396c35c66d00054572641082c811a

SHA1
aebf36d3141b2e3dd8636ca8cfa9ab1ebe028182

SHA256
19a7a46e8e214f1eed9884cd78d74e1dff536f08f462d9643f337506ca9c4430

SHA512
3d1c53acf301e57f04d8388d898aaea12451fa48b0ea1aa997f13f30afca264836b86e88b8ff6c97e064db914d8354c48f133588773a5673d65de850d455f2ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
183B

MD5
42aaac2de508eaf32e05c1ed4a06a6e6

SHA1
094300204439b26476f9b33d68ba0886f1d09e10

SHA256
cf237fc2f9a26a1472386089bce56dba2621361fe7782c65fbef4386fd4e89e3

SHA512
2e4cf0e99c728ec1fddac3c23913a8dbef36bc00b4de9ffabed1d3ae63fe81e3decf49513dffedae51fe9ec8b7c0f0198d8ed01fdfbd4c46a7c4ac7f9bb12f21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
185B

MD5
7af2ba8eeab7a0cd85994e427270ad50

SHA1
92f354e604bf641afd24188ecc9ef0f1f3015518

SHA256
e89faeee099dce910b95dff215b637f6110a796b87a5e63967b03c9bd92ddbde

SHA512
25053414367f5b27717b5af1ec76c145b55f9f15b8bb982328a9c76ff9ffa4e903e894c0571b1a2abe155050e70ab8befe31c8e24464ffdca087a835cf921054

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
c0a7699b36dcf75ee643e864571d11fe

SHA1
4440b439ff07a9b6d3a7096e2ea1845caa291693

SHA256
123e3035d0a5f5ee665df0313b8e9cc00bb8e465fa1d57fef8942b6dd8a6b6b6

SHA512
91d9060c09e4e62b4e92327f1429148b7c0fe86b7756eaf91aed187220a1a7aa854948bb2dd3d14c8e8932ae355345c9ea693f0dbb635bce2de1b556fb52d298

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe580f5d.TMP

Filesize
119B

MD5
9688e7e154a58a1ec379fcb53a7874a2

SHA1
f3afec0c338b97d9749bc6205bffe17594bca11e

SHA256
3a7bd5270b44fba4eaba3a243aa674c475315e49b899f52a898cbbea868b2864

SHA512
8a30bc5be4ce246f2690253f2c29b4ba04287711f543566714ef22f3eb455948f6f94fd3b0eb1f1ab90f8d82fd76e09c4afbb6858838d7f0a175b303c90a4562

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

Filesize
15KB

MD5
7645d384a706d4f334eb064a6a048e98

SHA1
8f1835be45bec94ad38f64280602b0d6331f90d2

SHA256
353b1b24c83e8013ae2e9c66d5a36d6a064906f6541cb85319cf277f7d4b06d6

SHA512
e247d088e57c3e4617a869bda5af94e23ac13d23ddbf589431250a0f1499ffcc6e4fe0cb509d7404e25c61cb88ed7124ae290659c332e5d368184579979932e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0

Filesize
154KB

MD5
2cb8032c773a877d9a685a71827a0318

SHA1
29063bff7fcf635d71edd64cd82810b0df736cb5

SHA256
5f3a42a553ec8642f17ca1efc535e27c15d1695e467b724961605aa4926a476b

SHA512
3e69b24a468e93dcc9a2f2130b7bd8448effdc099c439fd73a046507b020a8b25e18e9c4ff2ce2cbabe78bf03764ae49685302a04b3664f2756002a0b1cba4df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
c9c70c43535aadcfa19c3e984707c159

SHA1
0de9a3c5f8127ccb0ff9929ea15637c732a989d9

SHA256
5c05148ce4549c63937b282633ede2e9c48744235b7e6d90d497d127370e21d3

SHA512
b9abf35f84f059842e638fecb6dc280551ec5b91e7c377cd786b710b95c5df9306ef6288fa501241cb3ab43ce98f4e72972d0cb1a2260207f543e08baa27b6a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58603c.TMP

Filesize
48B

MD5
83a4e2a5a16b51147431f0186ab732ca

SHA1
36d6d20e63acab1558207b1697932ebe4a3dd751

SHA256
4cde59cc24d5351b21b0637a479188e1331767e08fd75ecc29b01690bfcfc6d8

SHA512
a52686cc6442416c6170164065baa907c0ffee6b6dddd01e2eb24b326540b79ace52dedb720200eb6d1eba77a465dd84ebde13bc53dcc23b61ea1c3e49638f20

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
94KB

MD5
a14d32c8554d13f3c59ce938d8c65888

SHA1
b0ee732c324be322230bc976918ccb941d5d8fc3

SHA256
50cc5f15bb3d8dc642aad514a34183476c078e5099ba96869c1309f9ec2974d7

SHA512
3f9b0daedec57fc1c24c0108288bd1ab19bbf83deb58c3267043fbdeee45d3ca823a3cbdb4cd757bca4413de0898ddd6ba52987858dd4e9c1ffce1b364c68e19

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit