b384922833fc73469cbad044dd51b835158c10fcdae25958d0f25251e84e239a

Analysis

max time kernel
237s
max time network
233s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
31/08/2023, 05:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Tuckshop.html
Size

135KB
MD5

b392442700ece50e4aa36920346e93fa
SHA1

f725e64b6ce2652ccc0b34a8649fd5f0872177b5
SHA256

b384922833fc73469cbad044dd51b835158c10fcdae25958d0f25251e84e239a
SHA512

218395078d597de3332955e1f42ad3c37a88746e3c21420103f420e50b6f9201c33b3117ac40882e81f495cb607e77a1ca2a0bce56775bb5f17fa733106d36f1
SSDEEP

3072:BIc5qvQ3HOuZIxuMGXZnWoeFa5QxSWP1hv1NJu7vAK3AYNcBi:fCucc

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133379340212754650"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
3652	chrome.exe
3652	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe
Token: SeShutdownPrivilege	2316	chrome.exe
Token: SeCreatePagefilePrivilege	2316	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe
2316	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2316 wrote to memory of 4004	2316	chrome.exe	81
PID 2316 wrote to memory of 4004	2316	chrome.exe	81
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3484	2316	chrome.exe	84
PID 2316 wrote to memory of 3420	2316	chrome.exe	85
PID 2316 wrote to memory of 3420	2316	chrome.exe	85
PID 2316 wrote to memory of 464	2316	chrome.exe	87
PID 2316 wrote to memory of 464	2316	chrome.exe	87
PID 2316 wrote to memory of 464	2316	chrome.exe	87
PID 2316 wrote to memory of 464	2316	chrome.exe	87
PID 2316 wrote to memory of 464	2316	chrome.exe	87
PID 2316 wrote to memory of 464	2316	chrome.exe	87
PID 2316 wrote to memory of 464	2316	chrome.exe	87
PID 2316 wrote to memory of 464	2316	chrome.exe	87
PID 2316 wrote to memory of 464	2316	chrome.exe	87
PID 2316 wrote to memory of 464	2316	chrome.exe	87
PID 2316 wrote to memory of 464	2316	chrome.exe	87
PID 2316 wrote to memory of 464	2316	chrome.exe	87
PID 2316 wrote to memory of 464	2316	chrome.exe	87
PID 2316 wrote to memory of 464	2316	chrome.exe	87
PID 2316 wrote to memory of 464	2316	chrome.exe	87
PID 2316 wrote to memory of 464	2316	chrome.exe	87
PID 2316 wrote to memory of 464	2316	chrome.exe	87
PID 2316 wrote to memory of 464	2316	chrome.exe	87
PID 2316 wrote to memory of 464	2316	chrome.exe	87
PID 2316 wrote to memory of 464	2316	chrome.exe	87
PID 2316 wrote to memory of 464	2316	chrome.exe	87
PID 2316 wrote to memory of 464	2316	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\Tuckshop.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa45869758,0x7ffa45869768,0x7ffa45869778
  2⤵
  PID:4004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1736 --field-trial-handle=1908,i,10816645956249547245,5841745582205086404,131072 /prefetch:2
  2⤵
  PID:3484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1908,i,10816645956249547245,5841745582205086404,131072 /prefetch:8
  2⤵
  PID:3420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2928 --field-trial-handle=1908,i,10816645956249547245,5841745582205086404,131072 /prefetch:1
  2⤵
  PID:3756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2256 --field-trial-handle=1908,i,10816645956249547245,5841745582205086404,131072 /prefetch:8
  2⤵
  PID:464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2932 --field-trial-handle=1908,i,10816645956249547245,5841745582205086404,131072 /prefetch:1
  2⤵
  PID:3936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4944 --field-trial-handle=1908,i,10816645956249547245,5841745582205086404,131072 /prefetch:8
  2⤵
  PID:3664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5088 --field-trial-handle=1908,i,10816645956249547245,5841745582205086404,131072 /prefetch:8
  2⤵
  PID:3100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3892 --field-trial-handle=1908,i,10816645956249547245,5841745582205086404,131072 /prefetch:1
  2⤵
  PID:1740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5084 --field-trial-handle=1908,i,10816645956249547245,5841745582205086404,131072 /prefetch:1
  2⤵
  PID:4552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3888 --field-trial-handle=1908,i,10816645956249547245,5841745582205086404,131072 /prefetch:8
  2⤵
  PID:3664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3432 --field-trial-handle=1908,i,10816645956249547245,5841745582205086404,131072 /prefetch:8
  2⤵
  PID:1408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5260 --field-trial-handle=1908,i,10816645956249547245,5841745582205086404,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3652

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4800

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
19KB

MD5
a8eb30c5251f579718918feeb3150904

SHA1
19c73aaf042370eb7b6defd3a4bf3e6c044a61ca

SHA256
797bab48b8d55e2f41b32feac59e7e747de79a01f49dc0128faacb1c1d77513b

SHA512
f8e07a7ee2ae71837af4770c81627ef793a2d07df99e3b80a058b29979f2821c6167581b42f0b26705bd72bc1a991d8dbcbd781de1e6ccb12c0e1d9281979e12

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
16KB

MD5
dfb0b32c3e9804d924cc564ec1fe05eb

SHA1
ea0a5aae4a1bca9512db4e4e3b0df0fae14d56eb

SHA256
dc6e7deb1d155de30a75e7c390698ade301abef439bb9bddaef662f93c60938f

SHA512
0d358fb30acfebefecc2cb4ec19eb6464a74470b00be98c9826bf67dbbdf3937df04278d6dfdfc44a23b9ebd7d4b6064c22f3cd7e9ff692d788c45ccce8998de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
25KB

MD5
d487d36dbcbc8fb8ab318488e871b8c5

SHA1
be4ea2648cea438d8f0c8e3c3f83d092d2b0a08e

SHA256
8b5328e652cde3ef231c5c05dfb142184bf47b4dbfba3274c1fe56a6e5ec26e9

SHA512
22aa12929e0ceb18467fe20e8cfa39c6fccbebbe877c81751cd0a618eb7f588e08201dfc18646d8bff747f656ce65c42036dc397d9a70f9a7cabb167d5f88e9a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

Filesize
68KB

MD5
8601fc909724a3af34499e9928238f50

SHA1
0825b5fff79d4ad0ee0ca7cafb6d32e1fddc01f4

SHA256
c39132646320013cbfbbd31f571a48e6552c0dda05203896be9e4b3771f4b490

SHA512
9617c8b83f6ca7ec0c686e5c39d376aa0e3a290dc7546a54fd6a201bc413c46a7ee590d928fc854d416d5bec40458e9b850c1371971b463cd1f6f2760f9d4950

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021

Filesize
18KB

MD5
a0cc80d13c04c9951d2ace6e5062d9cb

SHA1
fe8caa58f26961a32828e57c315c7cec018f1095

SHA256
18c3afebd770b3e8d6adca82174f3e15ba653f7cf414b70bb1bdfcfe3332b485

SHA512
982109a8d1920b7f9a012608a48eb87f07d012f275e3855ffc0bb7597faaaa6a3ef4a4a45c81ef08307cb3a53a2f5aa4a2118a069591235cd4f773621f2133ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
816B

MD5
9c79188502ea998a35bacc94fc336873

SHA1
68c133ee29b788952ad7a1a00fe0ee55c71a728e

SHA256
73a47184e506142447decd51c6a48374d33c9747d5f37c301433e043dab8f9e4

SHA512
044d66251e5c9bf95ddc992bed65eec3f06b9b2b65e995f7e799c911ed6d10067955fb5e759c2273262190b80c6bf9f7cb0958a445ccd08e3648b417f3dcb0e7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
6c40984027ab961bc60bd08710bf1840

SHA1
17dc657a699d9d139d1d0e4f5ca4687077fbce2b

SHA256
c595438854a7670c0b5351e91a8b7d749d4593e34087c75b4e68ffe67c4c9091

SHA512
dbfdc3f9e864772e22ec1e35dcb46754b1d7a68464dc011832a057f27bd515282b634df3f7f667743b135b6b6df4d66b5365ffa60bbe0a80ef6b33013dae9622

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
c8328f8bca7706fb1b6d886801fb06d2

SHA1
6ebe3dd9c51537e375cc4cbfc626e837d1bc4da3

SHA256
bcadbe99299d5561a9059f9bb7c22f02d3f13e3531a545a49ef674bf7b7e350a

SHA512
10cb1d94c16b35910e414ccc168e14451e572a6a9d45cc361f81e0eaf2438a5d234222bafbb1058afd7e93d04bd533b13ab974cadeacd16343d5e388c094bf43

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
44d4f15ceab87de1d68c07b76ed8f372

SHA1
b2a674d602d91496a12f23139d987014ab4747e3

SHA256
2825a6c5f7cdcbceb2ca0977b2ecbaec61fea35ce8b5a140fbb414ba4c8efbda

SHA512
7aca85480b96b0889d7d1389eb913a4250365ad864052f3085d8162ec0234f7b34ee2e93241d1455b67d13243aa0b8694a38afd3da539889396c26c73928847f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
d44d9ff82b58fa2dff3fb3e35ddade3f

SHA1
b0c5e3466a8599da89580e4c78619796f1596720

SHA256
257c229a6f62a05d5a66675f2ebe784c1106c3f48cbfd4029f7c5a2408141594

SHA512
4c0abacb5cbbce02ec190ff33659a5dda65df88ef50b3846827cf01bb537a72e9ea56835c52b018f2d0f896b2ef915ed0c92a0b7be31416e1ede764c3593b049

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a2a77ca48edf49419b1b1ac136f2b5d8

SHA1
443508bc0a14bb804f72362158884ee51b8fc107

SHA256
310400f12e6cfa6ec2468360f5bf86ee0096a73ec25de31e239c7ce655f08a10

SHA512
a90daa2a6c2b4cc96f208cfa9b39193e2b04ea6a2e6aa11f0867c9c7a80c4d7ed614affd6ddfe3cb9bd7f4252b06334dfb4580c20de21d04b6e3d5ff2e0d5178

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
568239ca60868be6b75e61de463d0cb5

SHA1
55412052477ea2965c1bfc5a8b4b8cab01b2f7fb

SHA256
aec9377ec98108f2b4222c931a16fe7124ce35dea31c1f97a7d935f2c5363343

SHA512
ca4c88f081deb929f08a989793ff8377bca8cd57235a7131b6aa62851a375dac3d1f6ace06a78a458636ed2f8dce1104858f733cf5039a6bbf66b17583c4a59c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
fa9ec8ca1c89524fd2b28b49b6112238

SHA1
be3c542bdb54b81e6186233316c6a5b0d038b294

SHA256
0fed51229c132102dffbf2581419630891f862f10267e1facbb0b78b329e8b36

SHA512
d3aafed51cfeaa3da9979dc9004ae9954191cec7fcdb3714f37ee33f67154d8cc2b0be1952e49c2c00bcbf7ae35c6aa790fc246b03be2d20aefd38114f53c1d0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
b62c88fada2b50c2dbb01244c1d183c8

SHA1
91578ac7a3479e106652d6dd352b17d0d02657d7

SHA256
97b0dcdba2693b5e189089e6330ed39a3935af99d48adf928c807e04e11cbf02

SHA512
360da8229a81330e39d5e000d4530adaeafb8f874039700a42682cc53c74ca81cee29aaa10ea361b51d659f47beea32537e301328929439a798bddb8b6cf7ba5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
419344d6b3510d2e1a92a5ff67fab605

SHA1
cbe30b534ada6548cd3817f722f8279b1d6e04c1

SHA256
edc3f3572c38666c1d3714e6353d5c9b3cb3a07d5d5b15f8ae5b27a63233aec8

SHA512
4b71ca373e38389c69d9e600beea623315033732f7cb262ab44fb6c443610a8d19d999c5e175bee693623b82f091811d44db0d95009f6017da8390b25a60c08f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
288a1da6b7ee68194ddd2730ce75e1c2

SHA1
c194997b42ab2b1fa9404560e1b06b5074506a0f

SHA256
3ee0f85e742a30b6ab9a117023ad43e1cca31ef312c27d64141fb1906a306378

SHA512
e704d851cf9cae272980b0f878cb2469f9a8ca30f37ab42c185304b005f286bff8461bfd0b2fa336965b6944cd81a2bdb273f0ae6c9749468591e2aac188d825

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
108KB

MD5
1c1e7796fc15c3e89be0fd1b6f6e4b42

SHA1
8decade2d32456596b6aa19989de2461176b22d2

SHA256
13270b5cf81c04598f9e163fd4f8b7439679f3b081800496f0ef13d7e3da8b43

SHA512
f240ccf6e9bc163ec49195efb675d786f7db9a20dd59edee00fa289838b3e296ddf84bf8da3397661c6ce90b5a754ca00013d89e2d5e42473a439793f9b206b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
89KB

MD5
68a7247545fb900d1027aa81f2ccb66e

SHA1
05c9b56879c9a7a27a61c34b330dd4ca40da3933

SHA256
6fdaf6f306001e7a926b2e68d6dfbac682b0d4b537bf08cc735f825e8a88dde1

SHA512
81bcc19e4a4aed838351a909acdf3bc707a59c58f58759b8d349493dd5d1a76dde9c77435e8996c8dc04ba966c2d7213969b10c0b554144962558892cc06777f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
89KB

MD5
427811ae3b8fdb3e42e1bb8ba28414f1

SHA1
cfeb0691db509d850ea84f50566bf83481f35e73

SHA256
d1e036ba8fafb5062f4988012a4ab1f4b5f8f9693a23e357ff112c090269f82f

SHA512
b010ac0ce90867e7896561918cbe9a7ed81154c53fbae7b54242491548703e7267c89564e51944c90b3efbd4237024e6910f335dae621cdd52570062cfd40401

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
89KB

MD5
37df170bf3267b689a1c945408f4aa3c

SHA1
f6d18ad2138367be13e13e1b428c7e3c465a41d4

SHA256
cb9e959e10c7700b26730055b1d065bc681178a9403efee055a6649fa49fd7e4

SHA512
d86f68b06a9efcc7b3be8f33f1dc9732aca3bf54c2e86438cc7a54e00f6650e1ca7973d288ceaebf17116cad3adfdb2939859b14f13e25e8c28826da50d45558

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
89KB

MD5
23933d010c999d76a47c099ad0e97c29

SHA1
371be5bc918729ee9e4f6d7428ffceeb14e6c877

SHA256
3f312f8550f92dd9207fed76c7df00b89e8eabdd7e3d0fe952c47c4cb85460d6

SHA512
c8d2796279767b8c83027b1b7806de46cd4b7df1359fa72fa60bef5f860438b85f68da1fe235db82cc39d712d3189c360d49132aec88a9e488af3319fb695eb8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit