hxxps://google[.]com

Analysis

max time kernel
139s
max time network
197s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
20/09/2023, 07:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://google.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133396698338761284"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1141987721-3945596982-3297311814-1000\{330AEBA9-1FBE-4C1C-8725-2CD6309C58F8}	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe
Token: SeShutdownPrivilege	4232	chrome.exe
Token: SeCreatePagefilePrivilege	4232	chrome.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe
4232	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4232 wrote to memory of 3060	4232	chrome.exe	29
PID 4232 wrote to memory of 3060	4232	chrome.exe	29
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 3188	4232	chrome.exe	83
PID 4232 wrote to memory of 4416	4232	chrome.exe	84
PID 4232 wrote to memory of 4416	4232	chrome.exe	84
PID 4232 wrote to memory of 1324	4232	chrome.exe	85
PID 4232 wrote to memory of 1324	4232	chrome.exe	85
PID 4232 wrote to memory of 1324	4232	chrome.exe	85
PID 4232 wrote to memory of 1324	4232	chrome.exe	85
PID 4232 wrote to memory of 1324	4232	chrome.exe	85
PID 4232 wrote to memory of 1324	4232	chrome.exe	85
PID 4232 wrote to memory of 1324	4232	chrome.exe	85
PID 4232 wrote to memory of 1324	4232	chrome.exe	85
PID 4232 wrote to memory of 1324	4232	chrome.exe	85
PID 4232 wrote to memory of 1324	4232	chrome.exe	85
PID 4232 wrote to memory of 1324	4232	chrome.exe	85
PID 4232 wrote to memory of 1324	4232	chrome.exe	85
PID 4232 wrote to memory of 1324	4232	chrome.exe	85
PID 4232 wrote to memory of 1324	4232	chrome.exe	85
PID 4232 wrote to memory of 1324	4232	chrome.exe	85
PID 4232 wrote to memory of 1324	4232	chrome.exe	85
PID 4232 wrote to memory of 1324	4232	chrome.exe	85
PID 4232 wrote to memory of 1324	4232	chrome.exe	85
PID 4232 wrote to memory of 1324	4232	chrome.exe	85
PID 4232 wrote to memory of 1324	4232	chrome.exe	85
PID 4232 wrote to memory of 1324	4232	chrome.exe	85
PID 4232 wrote to memory of 1324	4232	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://google.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff7d4e9758,0x7fff7d4e9768,0x7fff7d4e9778
  2⤵
  PID:3060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1640 --field-trial-handle=1868,i,10414839423695236412,1157410731907783870,131072 /prefetch:2
  2⤵
  PID:3188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1868,i,10414839423695236412,1157410731907783870,131072 /prefetch:8
  2⤵
  PID:4416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2264 --field-trial-handle=1868,i,10414839423695236412,1157410731907783870,131072 /prefetch:8
  2⤵
  PID:1324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3184 --field-trial-handle=1868,i,10414839423695236412,1157410731907783870,131072 /prefetch:1
  2⤵
  PID:4012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3152 --field-trial-handle=1868,i,10414839423695236412,1157410731907783870,131072 /prefetch:1
  2⤵
  PID:2084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4556 --field-trial-handle=1868,i,10414839423695236412,1157410731907783870,131072 /prefetch:1
  2⤵
  PID:4284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4416 --field-trial-handle=1868,i,10414839423695236412,1157410731907783870,131072 /prefetch:8
  2⤵
  PID:232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4836 --field-trial-handle=1868,i,10414839423695236412,1157410731907783870,131072 /prefetch:8
  2⤵
  PID:1716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4764 --field-trial-handle=1868,i,10414839423695236412,1157410731907783870,131072 /prefetch:1
  2⤵
  PID:4504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5244 --field-trial-handle=1868,i,10414839423695236412,1157410731907783870,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:3600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5528 --field-trial-handle=1868,i,10414839423695236412,1157410731907783870,131072 /prefetch:8
  2⤵
  PID:4876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4540 --field-trial-handle=1868,i,10414839423695236412,1157410731907783870,131072 /prefetch:8
  2⤵
  PID:1288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5632 --field-trial-handle=1868,i,10414839423695236412,1157410731907783870,131072 /prefetch:8
  2⤵
  PID:2624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5548 --field-trial-handle=1868,i,10414839423695236412,1157410731907783870,131072 /prefetch:1
  2⤵
  PID:3400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4952 --field-trial-handle=1868,i,10414839423695236412,1157410731907783870,131072 /prefetch:1
  2⤵
  PID:1984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=4540 --field-trial-handle=1868,i,10414839423695236412,1157410731907783870,131072 /prefetch:1
  2⤵
  PID:1056

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4752

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\39bc6134-504f-4db7-a894-3ee27d9a051e.tmp

Filesize
103KB

MD5
b30b91ea1128e737d8e3e410984fad14

SHA1
62509330b3dd782f07ab0ddf300a55b82074b89e

SHA256
3f7d6b77a65e9e101fed43ed76fe6220f538e177a400dde1aa1a1280bd9f41f2

SHA512
4a47edb2f11808fa7cae1c5ae6149ec95c40f1256f2dc6b76bda2ef92e50b82606184ebb81d31a48148d250b086dbbb6411da7f228700afd1a72fa018a8a98d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
18KB

MD5
446d1de40957fb8caef6fd4810e483d2

SHA1
b06fd17295dafa6930a2ba76b5770c44bcb3e92d

SHA256
b8e73f490d10d09100c7cd6d6e9ce44ed80a74788aaae759800c4e6dfb94af16

SHA512
9e6c78ecc37cfe4abb0086a1c45cfb33bae7e4c38ac6e834f5b53042046034ac76fee3993a8e218dea0e341fac0bb140159b58fbe7c16d7adacfc33b1f959532

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
696B

MD5
15ca3865eda343a921c6ef11397c1f35

SHA1
3008a2478185842b24e63390866f5ad3f0fc38d9

SHA256
9ad640c4aaacf3129709e8eb8a1bffe99d501e673a038646d4b74b15816f1e36

SHA512
ec1d8a33ecc9ae2414e07cecc5e34676f369b6f10106ae8324b6f84f4d4f16e4a00d03fed5f5b6601769b0ed07a81f70c49a7ae95d86aaf78818e71fe9e76c24

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
432B

MD5
44642a5082e47000bd49beb43f5b03f9

SHA1
94dab2f332b98f8c3c3b2f9f5671022dba68b96a

SHA256
742cd0d8d953f095b1dd097e40a0fc1bb056d5cbb1d5f9eee806a6e27270c250

SHA512
9184f369f95907b49957667c72f6b1943195a97cdf6307f325bbcd6f32ea360df55ccafff920b4b2c45596fffedb302c0cac417783c497ab88f9c07e36e58719

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
e48bbd82ff2938178f1c4e911a020b2f

SHA1
f525ff47a1b6ea202b460c3eb988bf417eb5dc7f

SHA256
b8af76e13929ae3347997756e71b1f3c193ef643c7d3b6b4895fb6601360b3c8

SHA512
c3dba70590a997adf526692a5bd2b422340848d1693eed787034e737a6801f2cfbaa7a9385be945e5ac91740cb54ce458427eaab4298ddb275dd145e9ee37ee2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
34f19d4044d0605c8a59555cfad946d4

SHA1
0649bfed77f9913997e668b667eb2f139de0220a

SHA256
6b0b6ab09a66aba6cac127e4ce5aefc09a4bbc8b79cc78f00a81f60bb0066926

SHA512
5b4c44d1e5671ebe28af88c80e59d4d58cdf677cdd439a3f0cbd183f8bc074347b47a16d8b90bacce2212c61d66127b7da0def429ae347f30bf58689236623d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
826075fc2010e38677793d7dce04a251

SHA1
ef244a95ea035868de8436dcff3e26fe30639310

SHA256
af12ac462a7f9fbd604afad5f22aecb3872051de10ca02ff4002607bba9acab1

SHA512
1ae6c4600914d6dc09257bdc237c1296e8fd7c3bf83948cb957957a464038331f3d9e6862efa7c8e22b58994b40e9a2cc7cbffb454baa02d55564d2f50280d5d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4cb29ef2e80b502f694972c73963a70a

SHA1
3b84e50fed4fc90d0b58627fe88c37f78703ddae

SHA256
64bc49423c01d08f62aeeaed7422097c9eaba93c1796929046ccc361248d9531

SHA512
e095ade14452fe27113ec824d4e3aac09c5ecd018bd4cd9727759cd7f33484639c180c6f6d0d7d583e6b51e045c263c27bd4a6c5ccf9e99c9b9cdd644104bebe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
8370fc405ae5e84eebccc8228bc27663

SHA1
157989c717b67d0d807b074e4f1a16f6490c8fe4

SHA256
fdee33a150130e136964405c228547dc9b4909dbd67eb57cfa07b8efd75208b4

SHA512
1834f951766695f3c2c3097784a1cf09127a8510eda4fc6e95be7bf62000c17cad1ee88ccce3e317201382a106a32131c8d12968b3aaa4f1a748b314258f256e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
734653cbfde0e29e1a709bd694394206

SHA1
ab210ff1c61c73805a33ea3356293062fea96e05

SHA256
1c371e79900b03f05977e9bac2d6884c9fa88e569d2d4d645c75e6bcaf2261de

SHA512
49c2b2394ed91aba39615a3de7bf50adf73d9f49d0a9aaed5cc9ea1cfd737ff2ad9e9b1852c7e1e8b5576790cd8a6691a20328aef6be49bc33bd1ee932a32efb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
e4d09a6386982237fd649bfd21ee226e

SHA1
5de0925f3d8eb42052f5f43380c80d269ee74ac1

SHA256
856677d3cd1e3421ba866818397df017c5172f3c163f0df0367978385a618a67

SHA512
0e7b93b20fe2496c88daa5f6ffb242ad0a1f601bc2e487ac7835bdd87ddf148270f8255c8621997a627418cab8e3641c81c5d6bded8599c92a5cd7032c3c2bc5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
230ec59f9ac57b6f7f24cdd4a1abb154

SHA1
d41a4d783b83cee70754569ff2bdd675ebe0cfc7

SHA256
1bfcdb32032ce40f8517b3986c6fade1d88f51759b01828b6d2754301a470315

SHA512
865fe26e74b75bb3097fdb3e4f09ccb7a08209eb1f7c89085c61c95d0837722c2c842f980dd54d6097d7f26f6c4239a8066a5064e6c8a364fa05f1db19d80b39

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
0092c37aa49213a0e4abd109791dfd07

SHA1
84987311177970e5cdfc2cb7c8279d26b7ec50e4

SHA256
e6221777adc44f1e49c31d71142033ccedf9851587b4cc9a76dac533d34b0b70

SHA512
c37da1bbf9578aeb2bf93533fc7243e811da9ec1b8dfb6a2bb5b6017f6312c8f664a4f93e81b1121d1513733c436bba856dea4e98b70d09f907ebe2fe4a3dbe7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
146759c1003782271172c0ad939f0134

SHA1
24f5506f9feddb7272fe8699b2804a6bf5a427e6

SHA256
60d42f2a07e1f85a7a6ebc44d4ff5775674fd41a898e8da441c6dfb5f605d37b

SHA512
d9a791ab90e8b373e4226898e9fea5f3c42417f208851c312c8a6045ccb683dccc399ad56d44758a1dae4eab98c54398c1f9fe62d3f69fb17fe45ef039dadb64

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
94030bb4013693dc5099aa3cc3f59c0c

SHA1
82ee76d5c44f12af02cc11f0c20bcb005f496c67

SHA256
a24144ea29501e28146d2d01635b48ac54343fd2b3d8b468e034fe056b004a37

SHA512
03566e2f5530a9f8e16c6f92a4affdfb39e06941d6fb354ff73c22877c44b65c878ded3bb8ca4985f42bd19f122663afc3c29d51326ac106584243fe0108960a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
d8c7a0a12202af45b16cfc9dfeae6366

SHA1
2af3c9db939cc209e65d5db576d6911020e87561

SHA256
bb748c1a6a7cd7c6eef0f59842cb01239659101890549b4eef8021d147b5c0d7

SHA512
44bcffe7c8180bbc021ff3727aaf1d727e09abd5217d4d674a65c33230d1831bb78a0cb38b6538199c3201e5bad93ef815733e8fe2c05b8f316d6476745e252c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
103KB

MD5
3c7a38c28fda59f277a084e9fa59d7fd

SHA1
d06f6dff189d3d965ae7beecdd174615382c9e0e

SHA256
a9c6fdb60a6590515dd167c77a295fd21e984c974a7cbdd10ebfee76e6a9b105

SHA512
9eec92e93fcd05e61bbf6e0c7d4b3ceb9d3566ebcafe45a5f68e8152c19100f1dcf8f45e24840930e896bd98dc50734e177a1a2fac34d3a808ed4afbfafdefc1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
104KB

MD5
927fd225e715fcab6b39c084d9b9a0b1

SHA1
892322e016f2e5cfcb2525a68813d06cdeb067ed

SHA256
561239ee72e0eb429379cf9bfff9314488cf432b9b09de1074a647ff924173cf

SHA512
22d329bb5a35cc66717daf3fc68be468b4f60c6a7751254c52b0a3f9d05edb0efb5f143a6639e30225bddb89670552e0b5445d0a9defb27ad76452a47fd0cb48

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
104KB

MD5
fb97cd6a3f6527c0ec6db602423bf3e7

SHA1
c1ce8a9258f6c7baf8426813a182c901e289f2ea

SHA256
8dfc10dfb399c8ddbe49d41a33ecb3e7f6f3b099f4363ab5073341d45afc5ab5

SHA512
ea3cf359754a6da7c7f86563f39f11f86c9b01c53955b5836370aa05b73fcb5cd74f9a7693cb4fabaa6f171d5540a563c142461e8632bbfe264c9ccfb8dad0f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
121KB

MD5
1a9c29c49999cac00d832982d3e2383d

SHA1
e48cdf24262ccdfbac6df7286faeac6434dbcc57

SHA256
fa3cf8d10f9576ea7341c9a4633cb41a7f832b1377e64da2b4f07345fb003829

SHA512
7df7b9aeecd6c63658effa79e874e1c9d9c67e82cb72bd9e3e4479b8ddfe7a89146efc3800acf5e3195c4cd0e0ecdb5ffab68c84c8d9aee807263c7087ee87b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
127KB

MD5
baae30634da317a80bb1057345be81b2

SHA1
6ed24c4ca9e7c3420607428906ba89410afb2b77

SHA256
267d75c3dedcfaa0ac98d0201b02d2b47b4ae2277bdcf1ef405234fc95c334b6

SHA512
2dd2258b7b918e1e0bd61d57ebf4485b47813779bd43082ae5196efca8e17ffd46eaad3e6c5479bf4cfe9140ecad53bbfa34e8b1b783a261f84d9e9d1986ff26

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
103KB

MD5
e18135d228bd50330713ff1f418c2b63

SHA1
8d98fb7a2837ab92a7afff16f5d9e1e67824de8e

SHA256
abc62def2a20cd1e0c1fffbbbff6cfa7a9bbf67c15d318215661a5ba2893d677

SHA512
da2275ebe2d5a720be9d29444f3053acada4dd204ef1f799c5599d55a9ce0dd9dc253e706a858dae4686c87dcac561dbe7427dc7ba628ae5f0442e476327d4a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
103KB

MD5
76356a2aceeb6733497f1c091d3b1888

SHA1
6fb689ccf904d05c7bd2959ba49006ea249c8c53

SHA256
cd2c22cad9d755d06dd6a6f160bfcc03665060268c0350f24fedce2c567b620c

SHA512
2026f372d2c5f0e2c28e60dd2b537c67230d75afc74210b8ea06b6b7e9b47ecd25cd445a8d72c81f443e6b2df32530a5c16fb37b7ef41e976b5d0d65bbc1358b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
102KB

MD5
df2f811af8dad034f0c0982be276a3e8

SHA1
56f635b5618451af261a7152cc2ef92e689a30fa

SHA256
b390feb77c0981e9c3656fdde26b41c2eefe693ffc54e36f044591e06b4ead95

SHA512
6915234743ecb02f6085fb606ad0a9afcca09ef5516ea29932e0d233748bce4f88309dfc3c81738ad5ab5273460d91568c5f49d43418b555d11924fdd9bd163c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe583709.TMP

Filesize
101KB

MD5
c4bb2f5d9e15d97106af6d78872ef2f1

SHA1
1d41eedbc82be047aa10ed959bc9b3800aed0309

SHA256
2cd6430ff2e2b33be5870b750f0392bb37106b39c03aca3ae1210f5c211a8a17

SHA512
d61eeeb1c39250b1fbcf9b567307757ac1b20c13d33ff6309491a237b331ad850ee1069d15ae8a304b456260f145a61f3c1d2f6ac3ab0ac78036c04a1a5bfeb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit