hxxp://1ta1[.]com

Analysis

max time kernel
308s
max time network
309s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
30/08/2023, 23:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://1ta1.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133379123563233370"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4868	chrome.exe
4868	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe
Token: SeShutdownPrivilege	4176	chrome.exe
Token: SeCreatePagefilePrivilege	4176	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe
4176	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4176 wrote to memory of 2940	4176	chrome.exe	81
PID 4176 wrote to memory of 2940	4176	chrome.exe	81
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 760	4176	chrome.exe	83
PID 4176 wrote to memory of 2536	4176	chrome.exe	84
PID 4176 wrote to memory of 2536	4176	chrome.exe	84
PID 4176 wrote to memory of 4492	4176	chrome.exe	85
PID 4176 wrote to memory of 4492	4176	chrome.exe	85
PID 4176 wrote to memory of 4492	4176	chrome.exe	85
PID 4176 wrote to memory of 4492	4176	chrome.exe	85
PID 4176 wrote to memory of 4492	4176	chrome.exe	85
PID 4176 wrote to memory of 4492	4176	chrome.exe	85
PID 4176 wrote to memory of 4492	4176	chrome.exe	85
PID 4176 wrote to memory of 4492	4176	chrome.exe	85
PID 4176 wrote to memory of 4492	4176	chrome.exe	85
PID 4176 wrote to memory of 4492	4176	chrome.exe	85
PID 4176 wrote to memory of 4492	4176	chrome.exe	85
PID 4176 wrote to memory of 4492	4176	chrome.exe	85
PID 4176 wrote to memory of 4492	4176	chrome.exe	85
PID 4176 wrote to memory of 4492	4176	chrome.exe	85
PID 4176 wrote to memory of 4492	4176	chrome.exe	85
PID 4176 wrote to memory of 4492	4176	chrome.exe	85
PID 4176 wrote to memory of 4492	4176	chrome.exe	85
PID 4176 wrote to memory of 4492	4176	chrome.exe	85
PID 4176 wrote to memory of 4492	4176	chrome.exe	85
PID 4176 wrote to memory of 4492	4176	chrome.exe	85
PID 4176 wrote to memory of 4492	4176	chrome.exe	85
PID 4176 wrote to memory of 4492	4176	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://1ta1.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff98b089758,0x7ff98b089768,0x7ff98b089778
  2⤵
  PID:2940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1668 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:2
  2⤵
  PID:760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:8
  2⤵
  PID:2536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2232 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:8
  2⤵
  PID:4492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3016 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:1
  2⤵
  PID:3848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3048 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:1
  2⤵
  PID:2360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4592 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:1
  2⤵
  PID:4324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4784 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:1
  2⤵
  PID:4060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5696 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:8
  2⤵
  PID:3008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5384 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:8
  2⤵
  PID:3024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5700 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:8
  2⤵
  PID:3044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4956 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:8
  2⤵
  PID:1264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5296 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:1
  2⤵
  PID:2688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5600 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:8
  2⤵
  PID:3964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4660 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:8
  2⤵
  PID:4580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3364 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:1
  2⤵
  PID:1872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=2596 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:1
  2⤵
  PID:5032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=1620 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:1
  2⤵
  PID:2124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5060 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:1
  2⤵
  PID:2436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5556 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=1612 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:1
  2⤵
  PID:4228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6972 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:8
  2⤵
  PID:5084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6848 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:8
  2⤵
  PID:1508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=6976 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:1
  2⤵
  PID:1876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5976 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:8
  2⤵
  PID:4188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6604 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:8
  2⤵
  PID:3424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6688 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:8
  2⤵
  PID:1796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6072 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:8
  2⤵
  PID:2632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6072 --field-trial-handle=1896,i,18333772704350769531,11572870326220397360,131072 /prefetch:8
  2⤵
  PID:1572

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2596

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x344 0x2fc
1⤵
PID:3968

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
97a607d93b797ba4d0575accceb878c5

SHA1
53752b370135ccca88bc47e41a6ef54348b9306d

SHA256
68c6f9a4dff98d5a562e1f430504153b54832edeecd499d6e05016e584f36923

SHA512
832f8f8864d4ebaeb0be1a949e9d1692ef40f6a00f4b198f64bcf18acef849928f2c6a404468d59be56660f76786ad6e00728bba6029226e0bd352f5a67ed1b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
56KB

MD5
93e9ff5f6b1afd8380170f590b7c4ef6

SHA1
82652f1d6bc6c03787e35e30e99d4474afdb8aa6

SHA256
bf6262194a807a990f4803d705c574c73694b241592fd88f64658a2e4891d7e8

SHA512
1662fd8a49ec72e31b655e4caf859fa99e71028d87ecc4980efebb65fca33c41ce6995cd5af3359c07db2917deade2f963c1060cad4d1e56b629bf719330f04d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
41KB

MD5
96711383c88cbad2389ab7f4c1abf35f

SHA1
a299192b40b4a50a6e4cec4febacdeb4adfcee14

SHA256
819248328459914cefba368a0c68aac52514ba1a9ba04001505f50bbc160ab55

SHA512
e83911c526043f8c353603f79a5fe733df683350e31bf50edf67fe72c4ec306004dfeec8e55c6c0a1bfc7d9e7f09ff676802378711fdc96ca2199e2b6393212a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
27KB

MD5
18084d60ff3f8bf0983b765434fac5b0

SHA1
64d0f449ca4e46dcadb5549df61105cc8bbc8460

SHA256
b0e5fe7eb97a73f2692ef16d711d83e5ed3f56ae7f734a038e60cde1804a1575

SHA512
8df8ef6241afbb25716c4241e874b24a7521650a8a9665ef5a1be045c7e3a99058183f8122a2d4a8bd92c2a2670d62cad1677ecc083e016d764abd57aabdfb72

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
34KB

MD5
ecfd5816e8697fe9760752c886e3908e

SHA1
3f646ae07a83adba747208bdf6ea0877bd28769d

SHA256
b313ed688ace1f7b546064871e7f091b3b724d449c3d578bec96d48824af43c3

SHA512
31e77581e266febe5896c97eec10e084871532bb2e4962e32b7384a1fa12e662393ee57ab37056e64a2c965889f642a941abab15984e1c35ea710479776e8f23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
55KB

MD5
e65976572675ecca6970fe06b553a013

SHA1
ab0167c579729e1cc615152b9a50963b364b59bf

SHA256
7cfe2e3f8667078e5203dbcb328f4ff0b5b33e89cf40befdc18dcc82f42891d4

SHA512
cd213837fe95e5e66c198b65be7bbec06f46bdfe007803123fd5a37390a14efa545c8cd343530998bb4675b432b3b9963c5e82d42b6604bc9d745db4440392b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

Filesize
16KB

MD5
1fdcadecb1a82e89e6d2547bc027976e

SHA1
d2f39675c0d34ac7d0d973f72cef8d279324ca63

SHA256
6da82b2652c9a0459453f025e284bc6143db51dad050541d102eac6a922d01d4

SHA512
b90eb384a7185e17493f664c7d9ed46dcdff34094443fd29d0e02bfead0555ca080700120157fc07829da2a4746074c00c9d38f07166ce7e9074de89993c051b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

Filesize
29KB

MD5
9d38733b8a7b9153f2bf9bfe476ef8e3

SHA1
93f8caeb96e52cd35dd24ffe8dbbc911af5b236e

SHA256
b2144257a57aa398277a4977bfab616e368f4d8c8c45c79f2f128d8db537cbc8

SHA512
ea06fbcaaf152d0d2d64fcdc79ffae5d15ca33c6994993d7e5a034d621bac30539eb65148b95754ad4ce25f1e8d69feb767436a4eaf6ed56ab84f6b0bad5495e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

Filesize
16KB

MD5
a80f71ff899a3f07228e1584b6426744

SHA1
af9f0b41c9bb9fdab4b4f6b8f3981628d123c996

SHA256
cff341d8949170000ae867aaefe3f82122790c4d9c43acb87bae7e8692be8a56

SHA512
f3b7e9dd5c58042d23faf96313b2fb5062da68b2ab9d56e9129e0e1fa3159ad57fc4d6a57210234846849cd942325627b289574691d5eee3e6c8c45982a4a33d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

Filesize
37KB

MD5
9620d0c3fd79bc27df025669bb4877b8

SHA1
43f443f1a34731569f0ed918396d923393b67dde

SHA256
34756708ef5cadad646ed3ec0e59158dc32852dccdd9920ae6dc402d4216915f

SHA512
f52b42d06c56e425e8acca0cdb3841e2450452f8ab8ea992775167e172569c32694c0d3b1845a09d5f9a25f82905ffde4326167a8edf76610710183101c88701

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

Filesize
86KB

MD5
6b2cf83a75fdbf0d7dc25f28368002ff

SHA1
54d921a42cf0ce8e4ffcdd89af9b3c601727b597

SHA256
413792b08553ac4a17f36285762ae8abc75d012ced451dda7fb66151f9ba7a36

SHA512
53d93e9870712e27d210c121589befd7c38c7322021c0111115b80da050bacf1c91a09f6d90d59aa44452ad421b7ecac3bfa223fbaedff643b4563e1f1ed263f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

Filesize
59KB

MD5
078da12ca3b1622a2ac77d3b7415e1f6

SHA1
a939c848d2a1362bdd01f6a4f6aafa9d4cf7b6be

SHA256
6c4c757aee8d5a580e6edd1c992de6578fa6824671f474df9cf80d8922006398

SHA512
bb1649608fcaab037ff8b4e514b3f4835287a90f59651d25abca98ae77a20db26edc5a75ac5fce97300cf0cba072cca7a9bffa562e89ca7b6b212a21628098a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022

Filesize
25KB

MD5
84518599d382334f09e67ade7fc530a0

SHA1
e95d644039b43545e77abfee6e2336bbb30f2326

SHA256
e23a67d18a82b7ecee1dd29de7647dfc1bf2b7b31cf39f75607536b6e688e5db

SHA512
6c6d4a2c50988d666813ceb40ebbeb7068148b1bc4df4e32bbf98f8b46870c993fdb34340643a84215b9a5497dc3d12a9d88d1368b14bc22b9af5979f999f2b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0bdbc15590d80f81_0

Filesize
222KB

MD5
9244ef91b89e8d30324b5106f1c42a0a

SHA1
dc818b3dd7d651ad8fee064e0cad01c3dc337484

SHA256
e4380b74aa23c85dbbe371609e987fa3f34abf5cc69c8c7cb66da4b996d69b16

SHA512
5dc517c730a7972a9f4310a79ae2109c151bcae4cc6fd98dde69ff054fb1439c13b4e913921e309a0e07015198ee13f13420e45feccfbb0d37ff997ab4ef2f74

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1849124d74bed790_0

Filesize
457KB

MD5
11ea2346ccef18e10e118673b4e505c0

SHA1
362ca0f5d60c4028ab66698f821d81742ddc2e21

SHA256
ce8ce590bb8e1605d98c1495d0f9f9152768720e856262641fc351bf778dcfe1

SHA512
0a27cc14e88fe84c859d76df83100eb40a80f5c9054d12590ec0d209f095daac307b8fc5054dff3c065718b4b71e53027264018180363b6cdb62bf05e3a65cbf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1f797d3d471fc81b_0

Filesize
212B

MD5
b5da3c9b2bcf32c46e986a7a0ba34f23

SHA1
f6df9f8e0c4b7e6e500f0f63ad1a7f0e57823790

SHA256
cbd6606239c1410f2fcd50f28745271c086d0f648ade49f642710f261d1429a6

SHA512
8acd90340bc56595e94aa90c5481fecaba2482bc753aab1d2ad32b62d0eefee5941cb04520d085a2654e231bd21b1e237530175810e5c6bcc34ef2fc71a696a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1f797d3d471fc81b_0

Filesize
260B

MD5
a5f210e761322ffee56ce5c3d00a2137

SHA1
6d413332d051f9411ecfcb33c3f20e8a524c1e69

SHA256
8da9e7f7e16771e6f1b4c4cdf4840db3034c526b13f497452eb6f602f627d440

SHA512
49d8872770a29bbae0b8766311e5aba5b66fdda2ef81d543521e4ee683ba611a1f02e47900fb0162ef6aef8ee26c5624ff46ecd7a9e429d076c056e194e7157a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1f797d3d471fc81b_0

Filesize
260B

MD5
92a180422c2c6d2288c4a21a9d61993d

SHA1
a0363b6214209d44a19a2a385af8d4aa526203ba

SHA256
d2a2d4c21b2b5a35fae594a01fa3ee52d585c3b90a80727c9a4f47dd8072d90d

SHA512
9159358730836bad10af0ef39a7daa7ca02f73ecd1dc9c7a9da0468d4eaa8f5962a7b642eab966a461e1705a046e834483e782f889a38b465f43ff0ff1fa2674

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\404562c5cb1b3bdd_0

Filesize
309B

MD5
d7d0f16f78c375b4c9a1abe5fb02c10b

SHA1
6bdca8b4e4dad5d921ba76c5d7e762d93614782d

SHA256
47ff2ad7a3afae57204a60c5c54a8bb814de303ff1398eedfdb99658cbcb2d79

SHA512
c8ced15c0d20ca84127bf4e4641c341935963d3193beee7e60e77f01496b3aec40375c89c27212e91f719dacb5cd2e58498b32774013fc568d9a08db565cd28f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6afd52f9a743a009_0

Filesize
6KB

MD5
165f8844554a34a577a8a62da18b331b

SHA1
fe27e37e4360afffa2e16a31e0309caf2b71cbf3

SHA256
7187e8b566b77cb4eba0648c8cd29e29bcd16cc5d9e80a64339259c1c52e79af

SHA512
0b338570acaac2f364127a77a41147326c2344c51ce3cbf36b186a83108e99f2d89057e254b7dbdb850190fe557c3dd774563c1ee4d8651961a40f7203a66a53

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6afd52f9a743a009_0

Filesize
246B

MD5
5e9a6037ca9544d07fda94b30319bf7a

SHA1
a8ea9b9989de6caac0aa3df677c0994f4f79204e

SHA256
31708f208da83845f6f2de706c9aa7305e04f3bc27ee020435bc4923d8b5fb44

SHA512
eb48997ba814d01c095f535ff7415157fab2285422a98f41727e63a73bc76b57f5659c3fa8554200d36414eac5a360c7ccd38a6b1e15982a58228207d7f23550

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6afd52f9a743a009_0

Filesize
4KB

MD5
dd1f4b9c6819d5bfe316207211e06e2c

SHA1
e8f2e20cd7a9e8f724c98019b41448097ceccfde

SHA256
0536b83d7f0f23b875e87e44cbf835eebae608d29de13e231806abf4c2d4cb0c

SHA512
c2d17f6b53881929315008759a6032928603bcecd4f721865b1fb741bc540a03a40cb093520830308744299ed1798cfb8f042e687fcb3a0cb2e071a264887c0d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6dd24b7badf24952_0

Filesize
223B

MD5
ed438d87f18e2a0ca7603197a54d760f

SHA1
9fec688894d86438d326f03142f8f4eb87a6daf4

SHA256
bf4702985e2a6f95526f99fa320e07b15f28b81a86259a35b7c138f612120e8c

SHA512
440ee0455d51442e5c70b85b0c2542fdf17013668aadb262a169ceea5da8d84faaa59e0fa219591ffc282e61601049b2ee8290d8a833abfe530771d26b081fa1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8b46b10dea4b9a8b_0

Filesize
119KB

MD5
4685403695d92ebbbef0400543c8d12a

SHA1
60a4bff0b821e952a35cab901e0f807b86f7f79c

SHA256
9136dacbcd78c82e50c7ba6171211466e05eb6bc305fe5c742d8311251ed7967

SHA512
f220a03568e5f349c689cf54ec07703cd7c37f8708b8462a59e693736dbd91c22208497b293a4747452e0574586f80f6934208a72fd55e6e927bdf957a52e102

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ac36309b37638012_0

Filesize
263B

MD5
14acf058a24ed8a0b7a9ebc146f665fc

SHA1
b68c2550041233c4ee628dc1abdbc944f757a347

SHA256
e5334ce6decda787ebae381013bee635d75c27812d4f44aa57c2d6314e8a4525

SHA512
3aadcae1bf6a11d8edf9d691595f36261c245274901c8e2ae7c2b6cee1a141d5c31eec4ea5492250eb6be80c2bd5a9c80236702286b16f4be1b9a9be135fbdcb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ac36309b37638012_0

Filesize
311B

MD5
08867c0fd45605a019c7b5486f51c3a4

SHA1
cc817dda96f854c40de8b7eb20d3eb92bc1f5a34

SHA256
eac25907e3cfcd66b77a1a5b943a343a512a39974bba6aea8337f9c5e703d221

SHA512
414917dc4b6919eb2370a475791fdcacbd6147ce6e8ebc3059feab3c7bf01f13d3577b86309f451c794bf62e5de35b239af78bb8d0aebcc2225e07b9b6106865

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\af99b4cdbd0e40af_0

Filesize
56KB

MD5
11a4eb08b35000b5829faf572dc333b8

SHA1
d015076aaf2c71f093fdd763b99f983dc149b6d0

SHA256
f4566fc1eab07f56667e427eea7ec8db0ba99571355248d79a99eef05639c982

SHA512
0e352bf6218b8ee5c110a43165bd83c56672583aa45f9915477a896f049b3337e4b7b3bcbb37239f4360446c7d51858ad6d875951b51a38e4decbd56a753b48c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ce9d3db5b12bd0ad_0

Filesize
60KB

MD5
bfb123d0b40b8cc65810066dd81d3aef

SHA1
f916d83143317499235e8da4a45b5828a5a04d8b

SHA256
bd1ca17f6d15afd5a644272a91855118a10ae171f718e2b6202d57646a95e0c7

SHA512
4ea8e988146c314955ea7be946e0cc6eba8a131d4783da8320a01f6d94bd01cd3e5f38a95fcd6a2f6c51d7735663b4fc61a3fcc315c265a99cb97e77334a4483

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\dac355286bc7a046_0

Filesize
311B

MD5
dbd21757b021a80541c6c955855e8284

SHA1
dd60a503bcb845ff0dba7531cc2718519f5d4da9

SHA256
2d2473109fef72175b0e93c78c32fc6e18187da65d4de15ce3cf6d774fc57082

SHA512
13dba13309bff85d6efe88be18be8303eae83495136ce6f1923aa72469802e2cb46507ee7188905cefea5623299216d6cd2145cbc1bef635fdb2faa3df17ad87

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ff80c70f6694d1e0_0

Filesize
231B

MD5
6b40fc9c1676ffb99a8a9a8cc6b25a85

SHA1
21d2799a8fc9503fde8501fbc4d3f27482577b2e

SHA256
e3f97a858b9c1735cc54c3b850f3fc779a610eec8a8e57251a972eda9b93b9de

SHA512
c8be6532575d20d19fbb197f6ccfc8d2880779ac3c7c10ee7441fb95b3b48614ab57ca68eae0f46cee48b4272ead387996b45ba3c92cd600a5957f7d14594f9b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ff80c70f6694d1e0_0

Filesize
231B

MD5
706e026140a3c584d7cff5f47dcdd44d

SHA1
6d762eec45189924f63b1276538d3abcab5d3619

SHA256
aace2c86daab6193a372ad0d87f8a0adf851188f13fcc56fcad96e0a8216adc3

SHA512
833ad5e4fa5f9d15a2b0ef2b2b8775a8aab4c89d7768c6f40fe8104ad177b6b3def1ac4d2e6902b6ed12c2efee91403b2b845b22545ac1cda460e0a5549efbc5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ff80c70f6694d1e0_0

Filesize
6KB

MD5
73e1f0a03c1e1fda74ea9a325a696d49

SHA1
af800cb81355f5fd73a0995a6980290a5668661c

SHA256
85ef6850cae5676d03f2e684219374a3dfee6a13cb4cd66420bdd228b835a7eb

SHA512
9d26e72a7d551e89125236a6569be57c3be45d061d61e87ecfed055ad1af244a9e2a301a05d551251a7912a09cca406f0b8500d17f24cd217966cc7834337e38

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
1KB

MD5
76c3a11f61837b880f186f16eec33ea3

SHA1
206b57a8217adfe56e0518fb62931a645eb4eda5

SHA256
453d2f01f984633efe531794b9d1bce839b5248210cab5d633c5e6e8e1f71460

SHA512
c763bc45d801a56195a0dfe99687289cbfc80cbd4fb2397b8e8494eb2d84a7bdb0eb2bb106558c440aa00f927eb9a70d3c5b08406df6d62b1eed1d7d452d3314

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
e717b74658cec25838f21e7b02f7ffb8

SHA1
2c91b5c6b3f676d24924e5e08fa6cec501efe0af

SHA256
4b1bddd44b0aa714aba0bab1de19844af228741daa312e8277222f7e088ca297

SHA512
9e9cdf98236fd0f01db280d0e87e64e18e4bdef1bd782c793236493b3f9a8354019cc11866fed67b931726b798449811cc8105ca1a45c2884075595b868f7006

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
912B

MD5
f1617b64cad02212185ef07e3037b741

SHA1
219a1ddf04f94d2d2de4fa317ea40d444322134b

SHA256
750b12423aa402d1009cfe701f038769027013d84881067eb5f2829340723fd7

SHA512
e213de8fc94a4515918ffff9807cc4dd2a393ed4545dd64b36d371151b637e1e19a0444e28967992bfd2f79807834ee4c77f24bec82cb5d97d6f903cfa7c6644

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
75d286a1d792aad887f24f75797e86bb

SHA1
e49b73606dc6ccc876aca0b5ecc434bbadf78cc6

SHA256
e5b0ca9ee41990d931a8c65a4617c16192a329e063713373a869b3b5f1ac22cb

SHA512
f92a0e504d4a4423d268d72c018134898776eb8601b5358ae74b2506d3b5fa4ad9c9197fafc0b04aaa3cb610b3a0b3b2a12a18bc0e21c09611c0da390c14db15

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
a5de353a61a5ea8a84a77ebb9cb5d215

SHA1
8fc7b20fc1727f0d8006ac146b36edb30401ca0b

SHA256
5cd1ae48be997a89c95c2dbbc83638fd04eb1fb9b06a526fe67f70b381c1d7c5

SHA512
c81afb2d228c44016fe195f165999b8e1b9e7e25b69ce08a1debfa3307451700b76245ac9d8174e5914172d9589b89dc15d7cde4f2ce3f7fdd6fb5edf8904128

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
7786d6328781e6fb1c6bf367567cdc9b

SHA1
17e393d832421c1aeb5043779b21fa82996234bb

SHA256
cceee7cd5790a9c333d60c73373c069ef2cb74a8989cf994469bd2826e3b0521

SHA512
867e226e64df6d506613b74b16e7ecc10c898633a213053bce4d6994432c38ecab3aef7f27afac66f639e0f47119bafb70f166a6e61558d66822cf161c402a83

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
3b3bd899cd1677d880aa4740c37383e4

SHA1
cfea934250070dda57841f4ef23aa01963446257

SHA256
c856d5ad8c757d445228f9185946beb5598cef62ee29651fb8c412cd9f534c25

SHA512
77493c83d9c4c8c9a7e7e7b9080e2edb0bd82cf5193526d95cc1d48a9747d11c7fecc2704efd0f39134cb7606cc0d2e383ed2169aa83d6d68d86cabfcfb7b6c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
6b3fcdb11189515281b10afbd7d3c091

SHA1
c2c3d5a86f761ec89f4b4b41991ed13debb02480

SHA256
caeb4dab6400d896375c3cfb0827618693c26f89abc016a646b8351cb91aa4ca

SHA512
98fe6025f99a1b1cd94a3f58bdaeb628309d8e1897fd83bd64404beb22dc93b4bf119e7c3da372365eaace5506b1d75de2e1d73c28c0fcb8bc9b50e3cfb46c58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
f66fafba75fbd3a0a857db6b6a12b8c9

SHA1
9c9628608e37376d94d02a6fa13024093cbd79d8

SHA256
4d60f6d83766561ab4f7568e964ce832fa1f364d43ff103c9ef87e2ee401f6b6

SHA512
136098b9cdeaab7d513f46ece8e8e4693dc36e9bcead2618f1a974f86d9e00609451a92970e9ad8f91da9c8b74137e28696f5322e75b3579b3d721cb51123513

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
b8374a19d5442f0ee4886c04688463bb

SHA1
5fe7c29f00157c717bdaf086fca4087c91378298

SHA256
3c1b02d44598b11243e06ff42c919731bce00762074b2581996c95c4c5f6c7ca

SHA512
f3b4fb480abaac5c181afecd5b3ded6eeeb02159bfbc88d0dc8ec50580bf95df8e13357a49ca9d146871ab71ee7748e00aa2aeee7975041563fee5447bb8038a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
f077a6595cba296f21485651cda1b977

SHA1
bc39962c818bd9f5e19dc4a8234eaa3617b892e5

SHA256
7c24eeb2ce3e21a15783fe18614b30d3e52091b4cec1d66a4dcaddd7b1fbbe2c

SHA512
1594a39de3ab0a5ae819fd1d099541449862ed1ef7701f3c13881e25af7606f1a6c6940524ba92bceb6e02cded11652c7118bf4cd0dc225962c00ced68114f59

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
0c1bcc6034440298e1db19739f25888b

SHA1
8ae8dae87d1764c905015f87a6f99d84cc955bed

SHA256
8731a74ac9bb15f68f5362784547b3d8b922c0f85b04e9db22266fa3b62e2de5

SHA512
6545d6bea260023527eefd246a7379301827577fcb95493fc62be17abb7e5eb34640c18b8b4fe8bcc24b4e0980bfa233fa6ad12efc82342f17f9d70333508ce3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
237da7e7772fdf3455527120dd41c4fe

SHA1
5fe95c20029ebf200a03fdb373a950ad1167e89c

SHA256
a75cfa1af2c40ef7ad3cd595d7bfae93c614e73348b992eeb3f8c8abff22cc07

SHA512
8aaf4a506145f1df676d06b1dde42831920f431aca423089900a26de17e5b39850a1c1b8007c6205e542f677a7448821ba63c75c7a59db8aebebf1acd33bfb40

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
521b3d31be0b3a2b640696bc6313a604

SHA1
d5ed0b94b4201c47b11c2b0b8af2afa5fba55683

SHA256
0e96f26ac26ea6a2fe2f5c434ec9020767cc0509884fe64067a908370f6f6df2

SHA512
caa41e8a2c2c7219b36225067fd1dbcdaeab0558949d32cff5c7aaa7864ebdcdf9600792442a2d9d2ec5ed85358c314c91d045244cdeefbc928fab4b8dba36f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
3fc78d08eaf3f33b0f00983d89f6c2b3

SHA1
cc881332f8953e5c0352b2cf74bb28acedb9a2d0

SHA256
f9373378c541a1010e621466a2e6abac78696ea4f1e279585a8ddab6917350d0

SHA512
56d075c0caebf4f7ee57f1080ec9e5ad6f9e919410fdb3e8565767236dc800a78faae3b906de6e7753dedd41f60302dca6c1962975140d74b576958cbe229f74

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ff206fb2311996f99f4eefa0619f9b00

SHA1
a208be30c825bcbab878fba6788319ba1234b00a

SHA256
377e580fc43ec47254bd4b929a5dfc52ac921b9d98b04b5bf760152a8eeb2b98

SHA512
d1333b2fe1937bb59556b14810b4e6d7eac1f3c5e63a660b6db12d436e478e3bbcdb3452b1584408f08c7474360b584bf19b08fde97b5bb8d809318d70a9034f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
108KB

MD5
8778f81b5640393011e9eb273d55a875

SHA1
8ae76d02afb19c0abe865d2b24f51a434696f08a

SHA256
3ea7a749afbceae43bb2cdc6b541b55a619494383b76417d0be69d971ac99dcd

SHA512
0a5647cc34df59d1b8fdb0bca8356f7598afb15101c2a198c8f09829fede71ce33792d62612d2018eb15b589dfad5d3e87592774f8ca49ad571755c5ef9b38c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
89KB

MD5
656453c0fc2456e2ed20792b899440f6

SHA1
a33d3914079dd8050ea2e03314d7581e7e2fe423

SHA256
ad8152698bf27bc6e8971771ccab96abfa5bacf39861561517a1c036b33973c8

SHA512
ad3a908e8c6fed90327f328365b72abe93a3da877a241844e1fc0a6f0123effef21b01374bf6e589f057c43eb370d62b22120603bcb679248914a15a4f8095bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
89KB

MD5
3c6153f8cfda71943de4033fe84e9583

SHA1
6352d9a514d170bf9483e1e607aea345d72fa238

SHA256
48ee82f8934174368e2132ac6386c30b158c4e83bf1411c6812e29e8e05246f8

SHA512
76667a7d6e38631f2075b4bf0a62f7164ef018fba7187e16f68217153db8098b649b0cce3391afbbcf6deae330d648be576b98c5a1e2f4936b46f1224bff6a95

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
89KB

MD5
220339baeed46f4eef17f055a4d4f357

SHA1
6f494750ae7e1e32073a82d79a6cea1a123ea511

SHA256
d2a17dac1a74d545cb5e2aaca7c36c91a73e08e5301434914c4a3e74c700da8d

SHA512
f36db57767e105a89944156722349de3944973d37cbb7d26ecafee208b765d33a3b011da760100bfcd3c914e0a93d53582d3e2d4eb71299cb2c77ef6b7442e5e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
89KB

MD5
e643bf5b85b752645cf36c4144190696

SHA1
3952f455f76b43559ba410e27956ffa7e71d69e9

SHA256
0af1fb0bfc08780a7d460eb60c1e6b2606451a12ad192835a3a2393bf43139a8

SHA512
1b000d23bfd4752ea3790c6d4f87f6a2430f5d782748d422800f0397a1207eb3bf12f1d9914bb560fc76eaecf7cd7ed5eba55f391e3a1c2c20e16aa9fe6d095e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
89KB

MD5
1f1cc39f6256c8d049c2c4423ef2cd65

SHA1
97d6339c2f0f9e73a4c3ad9f19b91ef82a170106

SHA256
a7e0dfeb2551cd638d9539e1007e0dc0cd3a8a7a5deb7357e63b22ac5b19de4b

SHA512
aac8efea4ade6a01f0b691f3116b863aa665ddb70755acfb55f5d27d0d1a0f51aef3efa0a9b4c83c9d4df22451fc86c49aa6df91d02e1903880f6538be9805c0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
89KB

MD5
8534e4f0a082a6ca3d80916effe2f62c

SHA1
5502ae006f8fcb7d0a6c3fb65cbbdac59a83d396

SHA256
79ac89140f5594b64035df97e58af5ac6fafc4b5a3d77ecaef361948ca8a043b

SHA512
98a95f50679f4396151a9de4890c4b7ff3433721b65be66b9202d565d30b78695f5f34a090ef0062be35763a3e91f458723ece545e62714746f9fa9a947c4957

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
108KB

MD5
484150cf1b48be18c68f60978e154081

SHA1
b0194532cdd0be51f3dfa56684a0c3fc2cae9dfb

SHA256
984cbaa1f674f1807a5512025f3d1ea132da1ef07cfa1e7cb2e90b8530b9eba8

SHA512
562fd6693795b608994db012d314d8af77da8d871ed02a61d47e0dd241451b500af734584d1161c28d473cd0da25c65ed386384cb3fe54f84a9c3824fdb49bbf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
102KB

MD5
7bbd429e775c1539fb4d64e7546748e3

SHA1
0be3e8c568b53a21fb342e13110e1bdd78248c53

SHA256
b405ba08e6e40f2042a1804812e5d5058b528dc5342a5324823ab5aefee674d9

SHA512
986f92b773fcab47e6c9fa11aad53e055b5338497817b86bd734659968b3ecfc1850e6041cba84a1ef00d4fc6891733c7c0438c9c200c536a133964d88728ebb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58ce38.TMP

Filesize
101KB

MD5
e93f697c8cf87867a40029efd3e14439

SHA1
79614126e4a106c2f49c178d68ab20dee69f9b48

SHA256
a50314e482cef5cebe3f17da2ed2a9d2444139f492277708b5024e8e2ba108a7

SHA512
6e0cc6641f3795635898062589482deb2b89421489ac1baec393a23c56085ba1aca2a2f7ea12cfeaf695420dd46185b9cc6cc874c8d7d2c4ac63cafdb1638d94

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\Downloads\download (1).htm.crdownload

Filesize
28KB

MD5
49494c55b1df3a4f8b0ceb348903960c

SHA1
4780d1be8763f65b97527cf4a1068c7fd811deac

SHA256
0f51c47f7293e88dc2442b24a5d5d41bdf9976c4e12a86fdc03ccbb13e35beea

SHA512
57d8baba9654cd0a3326c6c238e48c6e84dfb3750069a745b02a0408357ac508553783af766cf3f468b041bd68da41def1ebeb88bea4d4036ba595d4235c1090

Download Submit