hxxp://sentry[.]kryptex[.]org

Analysis

max time kernel
1200s
max time network
1182s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
31-08-2023 03:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://sentry.kryptex.org

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133379273192068914"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
5092	chrome.exe
5092	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe
Token: SeShutdownPrivilege	2320	chrome.exe
Token: SeCreatePagefilePrivilege	2320	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe
2320	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2320 wrote to memory of 2204	2320	chrome.exe	80
PID 2320 wrote to memory of 2204	2320	chrome.exe	80
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 616	2320	chrome.exe	82
PID 2320 wrote to memory of 3736	2320	chrome.exe	84
PID 2320 wrote to memory of 3736	2320	chrome.exe	84
PID 2320 wrote to memory of 2064	2320	chrome.exe	83
PID 2320 wrote to memory of 2064	2320	chrome.exe	83
PID 2320 wrote to memory of 2064	2320	chrome.exe	83
PID 2320 wrote to memory of 2064	2320	chrome.exe	83
PID 2320 wrote to memory of 2064	2320	chrome.exe	83
PID 2320 wrote to memory of 2064	2320	chrome.exe	83
PID 2320 wrote to memory of 2064	2320	chrome.exe	83
PID 2320 wrote to memory of 2064	2320	chrome.exe	83
PID 2320 wrote to memory of 2064	2320	chrome.exe	83
PID 2320 wrote to memory of 2064	2320	chrome.exe	83
PID 2320 wrote to memory of 2064	2320	chrome.exe	83
PID 2320 wrote to memory of 2064	2320	chrome.exe	83
PID 2320 wrote to memory of 2064	2320	chrome.exe	83
PID 2320 wrote to memory of 2064	2320	chrome.exe	83
PID 2320 wrote to memory of 2064	2320	chrome.exe	83
PID 2320 wrote to memory of 2064	2320	chrome.exe	83
PID 2320 wrote to memory of 2064	2320	chrome.exe	83
PID 2320 wrote to memory of 2064	2320	chrome.exe	83
PID 2320 wrote to memory of 2064	2320	chrome.exe	83
PID 2320 wrote to memory of 2064	2320	chrome.exe	83
PID 2320 wrote to memory of 2064	2320	chrome.exe	83
PID 2320 wrote to memory of 2064	2320	chrome.exe	83

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://sentry.kryptex.org
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffca59f9758,0x7ffca59f9768,0x7ffca59f9778
  2⤵
  PID:2204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1664 --field-trial-handle=1852,i,10946717777718938474,15536304942282920201,131072 /prefetch:2
  2⤵
  PID:616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2240 --field-trial-handle=1852,i,10946717777718938474,15536304942282920201,131072 /prefetch:8
  2⤵
  PID:2064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1852,i,10946717777718938474,15536304942282920201,131072 /prefetch:8
  2⤵
  PID:3736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2788 --field-trial-handle=1852,i,10946717777718938474,15536304942282920201,131072 /prefetch:1
  2⤵
  PID:2028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2812 --field-trial-handle=1852,i,10946717777718938474,15536304942282920201,131072 /prefetch:1
  2⤵
  PID:960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4468 --field-trial-handle=1852,i,10946717777718938474,15536304942282920201,131072 /prefetch:1
  2⤵
  PID:3512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3260 --field-trial-handle=1852,i,10946717777718938474,15536304942282920201,131072 /prefetch:1
  2⤵
  PID:2152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4988 --field-trial-handle=1852,i,10946717777718938474,15536304942282920201,131072 /prefetch:8
  2⤵
  PID:5096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5060 --field-trial-handle=1852,i,10946717777718938474,15536304942282920201,131072 /prefetch:8
  2⤵
  PID:1144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3828 --field-trial-handle=1852,i,10946717777718938474,15536304942282920201,131072 /prefetch:1
  2⤵
  PID:416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4492 --field-trial-handle=1852,i,10946717777718938474,15536304942282920201,131072 /prefetch:1
  2⤵
  PID:4056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4556 --field-trial-handle=1852,i,10946717777718938474,15536304942282920201,131072 /prefetch:8
  2⤵
  PID:3604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5240 --field-trial-handle=1852,i,10946717777718938474,15536304942282920201,131072 /prefetch:1
  2⤵
  PID:4344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4516 --field-trial-handle=1852,i,10946717777718938474,15536304942282920201,131072 /prefetch:8
  2⤵
  PID:624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2740 --field-trial-handle=1852,i,10946717777718938474,15536304942282920201,131072 /prefetch:8
  2⤵
  PID:4296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5288 --field-trial-handle=1852,i,10946717777718938474,15536304942282920201,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5092

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2300

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
84c37cb733e61f8f823a2150048a12be

SHA1
139983138ede2fd99a2bf1ea38ac829734bd0b84

SHA256
613502fe985211e8e45a9c56cf6828a32f7f4fb3bdb9bb129dfc61329ee482a3

SHA512
7bcbbcc8ad956deb83c8211ff3370e8577521bab2bd49fb68be87108731b784bc713b86b7d42e3fcde5a48e84e2a742172e5730fdc640a853c92019473464eeb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
4cf47aecad0d6e7c6c0bd26934399fc4

SHA1
21e300aa55978e6a2825dd27b2e140234a9cf137

SHA256
4c5f9c93e4fa0e8ff91fbe09a49026ab6dd78898648cf1e693218549554f8e6d

SHA512
0bd9fe7ff32a1ce73b6888e2b645540d45b769baf7e4b02eb96e65aeec5b105a96481ee665ce0f778f34c4e0301659785235f6640727fa696abf5426af0de67a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
046ae067bfae4e8c5139896bc1a5be47

SHA1
9a81f56ee5675f057759279792ae1b24fbf53088

SHA256
8d060ec6d7b033ab10c17d8a47f4ddef219b582249bd9e75f9ff0322d42a01d5

SHA512
8b7a48bbada01c1e7b61b09e4e7ad219457409c85bbb2d2a8b3c255cb08ec1aa4a20ad38d375c105c4b61f5cf35af3e5e6896044b00acd5a9d8a51867355ed28

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
e504f14726efabb56c1495f823078ae4

SHA1
2bb6d5fa6131b4b288fcf98536f4afc2fb4cc7d1

SHA256
e85783447303d50c472bfb7fb1c00eb5805c2ceb8df757e40394a80aa89b7bd0

SHA512
7a65acb5be262116765f50abfc2d8bb139e2e784af1e315e9cb68b6830b4fbfc6f150aa4db09472be1d46c62f5f97ccd6caf1c5315bfd3fdee4f24bee6673a51

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
91cc1b7c919c028aa6027065e83a3add

SHA1
9338cf72f2e978b69fbd594cb317290e360bbb27

SHA256
ffb534e0810bd3dbe04372b136f228cb0d1b49c1494e8589a74c1363b6dd4f56

SHA512
db82014ad81f7cff77a863aff25e4c07253b51ba8ddabdadc03ecb8e7a6a415ad28cf596947d93b0aefcc34cbb970de4cbc26dea7a25b5bde39f627cfc35fa1e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
5cdefe67a33dfeecaec8763ce8d37f74

SHA1
15e8b074e84cfa358c785ac660f053155ca3b4f3

SHA256
febd6b6dec69fbdd0b0cdaab18e38859864053549e7d4774f4a8eee84e931f30

SHA512
6c6d1c25a47b30e6565f9b3efe7ce7f94a63f13d94b53b4b6456683a607c32ab999d61a9bf1f61029a3101ff9f7cdc885863800ac837d9f97f446de88d08b5ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
9e1fc328cb1b97ffcc2e7953b7885032

SHA1
d585e1bfbb433f0627a8b0d53b2b01b95b206288

SHA256
84532b46338c18121709dc254b7ee93a675f8256074db25b6d8fbba96f1b0d02

SHA512
fc921fc28410b72961314975ebf9f1867b5bd12c376f417e46bb82f621703b91de8dff8d1fc7bfac5422e20073c5f0b3480ecb924268f8d71c5efa644f750eae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
45c3f38aa8e3e95153ccffad3d0892f1

SHA1
f9a1c912c4dd1775b8abaeef0da840e92bfbf7c9

SHA256
4e95fd4bceeed814fd499ddcd3e30fc549adf720b4b1b14fe2b26b8513473d6a

SHA512
a213e8eeada96e09707569424095d10967e3f09ac658a1f3ed821412ca8bc5f0a643ab17c985f2a3bd00e14212a5dfef187f3bf8382ddc94c69f9e1d5a1e0b69

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
108KB

MD5
8422765865d834d5c58f3063188fd8a5

SHA1
ed331da37553a420af1c6ba8b2a71056a1dd7fa4

SHA256
d6b2ed656fe5c1a1408cbffc3f670b744a5dd5a5a3ec398f633a46f5cdb71637

SHA512
e82ebf436dc4ebc50749625cc8ee339c6318d6d99c36179806291bfb6ca29fd9d3fa10c5c772bfe415f002bfee6c30493b4cd30713061206be2391028233ff56

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
89KB

MD5
fa5fd29a36caf10d425eb55f3a77b221

SHA1
afdf9a5aefe539ec13ecec1e8e1412c6d975cdb0

SHA256
a51d5b1d1b02843a38debb4d9a23fd5de02f1d1b9e5dbcda2b0010330b5cd2e0

SHA512
36d900c346fe828d20fcdfbf2973de5a0d929c94715e6cc8a8babbb48ce32c9527f064c7aed7cd0bdb4740368976be58119fd2b81531672a9cdfdf388d324255

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
89KB

MD5
bd26a7f14df426d98b44ec13a44d9ecd

SHA1
39fbda7d752f9eaa6a57d5a4199d85f2e9b79cf7

SHA256
5acaa8666f67d5c8c5e3cfcb86d2e5129890aada1abd85294ca27f081bb0c561

SHA512
026b307736916a343c14210b7110a26808fd2fdfd796d3e4a5fc40c8101f60915e079a52de1347376127f16c186f51c3fb32a8fa50d963258766088dd127f0b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
89KB

MD5
22541bebb1846255bcc1cdaa6a39aea6

SHA1
d2eb9b12452a67f168b5c4fd33efb4b9cd8916ff

SHA256
c7240eadd542771a75f69d20ccccbe782ddab028eb91b0677ce2ce948815f1a8

SHA512
c886f8a073a55bb1075f2dc747f6b283de78fdfeefff134ccb0686569128f28492874bfbf2e9f8ddc4b515dc274dac2ff04523c464ce5847f1ddff37eb0dce01

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
101KB

MD5
77969dbfc304d421ef98e6deecd2766f

SHA1
80002e51319c5d07892de7bd4964a70ee3d1204b

SHA256
b0bd9cc63f0152544b4fefa6a8111fc639bbee9d10d29e6ece3f1b059a04a1b2

SHA512
7f74800b1622f72f94310fc763747f4c3871a3ff73bc659fa289c615b11545aaf0383242194028679ccea77a10021e2b88ac949ffe63001cc88976b1cc9175c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5842d0.TMP

Filesize
97KB

MD5
e804e9a4bce9b39b7aaa83ff92a3401a

SHA1
ef9d96d359607885771bf3a731dff75f7f35a744

SHA256
e9baf737596dd006eb7da18cf505f4b08a26fa44d4537b8e6a770c557fbfa1bf

SHA512
69031571dbff3b7f0c010d58a0a28d9f1a186d05587b8b4d23f3fe1e4fd7a0a26b572be12205b4f1e8d690b7f104b81378c7ee063123ea87c420753658c7ff21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit