hxxp://trkmyclk[.]xyz/1695223154731/app[.]js?c=155&bid_id=880-98832cb7ce072be-252&pub=en[.]redshirtsalwaysdie[.]com&exchange=72a23c86e73e61x&ip=205[.]174[.]5[.]254&browser=&os=&ifa=&cc=US&time=YSpMTY5NTIyMzE1MTcxNg==P&browserv=116&site_id=en[.]redshirtsalwaysdie[.]com_8b452e659eba&sec_id=987ff27c4992f4f173b878075659a6ed&xrtb_id=def96dbf724b49308c8b57179ec64e87&ifm_ori=2||en[.]redshirtsalwaysdie[.]com||en[.]redshirtsalwaysdie[.]com&banner_id=ItiKM&a_href_id=sSgt

Analysis

max time kernel
300s
max time network
302s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
20/09/2023, 17:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://trkmyclk.xyz/1695223154731/app.js?c=155&bid_id=880-98832cb7ce072be-252&pub=en.redshirtsalwaysdie.com&exchange=72a23c86e73e61x&ip=205.174.5.254&browser=&os=&ifa=&cc=US&time=YSpMTY5NTIyMzE1MTcxNg==P&browserv=116&site_id=en.redshirtsalwaysdie.com_8b452e659eba&sec_id=987ff27c4992f4f173b878075659a6ed&xrtb_id=def96dbf724b49308c8b57179ec64e87&ifm_ori=2||en.redshirtsalwaysdie.com||en.redshirtsalwaysdie.com&banner_id=ItiKM&a_href_id=sSgt

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133397048468644863"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2092	chrome.exe
2092	chrome.exe
6748	chrome.exe
6748	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 52 IoCs

pid	Process
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe
Token: SeShutdownPrivilege	2092	chrome.exe
Token: SeCreatePagefilePrivilege	2092	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe
2092	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2092 wrote to memory of 3896	2092	chrome.exe	46
PID 2092 wrote to memory of 3896	2092	chrome.exe	46
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 504	2092	chrome.exe	88
PID 2092 wrote to memory of 4592	2092	chrome.exe	89
PID 2092 wrote to memory of 4592	2092	chrome.exe	89
PID 2092 wrote to memory of 4188	2092	chrome.exe	90
PID 2092 wrote to memory of 4188	2092	chrome.exe	90
PID 2092 wrote to memory of 4188	2092	chrome.exe	90
PID 2092 wrote to memory of 4188	2092	chrome.exe	90
PID 2092 wrote to memory of 4188	2092	chrome.exe	90
PID 2092 wrote to memory of 4188	2092	chrome.exe	90
PID 2092 wrote to memory of 4188	2092	chrome.exe	90
PID 2092 wrote to memory of 4188	2092	chrome.exe	90
PID 2092 wrote to memory of 4188	2092	chrome.exe	90
PID 2092 wrote to memory of 4188	2092	chrome.exe	90
PID 2092 wrote to memory of 4188	2092	chrome.exe	90
PID 2092 wrote to memory of 4188	2092	chrome.exe	90
PID 2092 wrote to memory of 4188	2092	chrome.exe	90
PID 2092 wrote to memory of 4188	2092	chrome.exe	90
PID 2092 wrote to memory of 4188	2092	chrome.exe	90
PID 2092 wrote to memory of 4188	2092	chrome.exe	90
PID 2092 wrote to memory of 4188	2092	chrome.exe	90
PID 2092 wrote to memory of 4188	2092	chrome.exe	90
PID 2092 wrote to memory of 4188	2092	chrome.exe	90
PID 2092 wrote to memory of 4188	2092	chrome.exe	90
PID 2092 wrote to memory of 4188	2092	chrome.exe	90
PID 2092 wrote to memory of 4188	2092	chrome.exe	90

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://trkmyclk.xyz/1695223154731/app.js?c=155&bid_id=880-98832cb7ce072be-252&pub=en.redshirtsalwaysdie.com&exchange=72a23c86e73e61x&ip=205.174.5.254&browser=&os=&ifa=&cc=US&time=YSpMTY5NTIyMzE1MTcxNg==P&browserv=116&site_id=en.redshirtsalwaysdie.com_8b452e659eba&sec_id=987ff27c4992f4f173b878075659a6ed&xrtb_id=def96dbf724b49308c8b57179ec64e87&ifm_ori=2||en.redshirtsalwaysdie.com||en.redshirtsalwaysdie.com&banner_id=ItiKM&a_href_id=sSgt
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff906a39758,0x7ff906a39768,0x7ff906a39778
  2⤵
  PID:3896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1836 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:2
  2⤵
  PID:504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:8
  2⤵
  PID:4592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2264 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:8
  2⤵
  PID:4188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2896 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2888 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:3700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4796 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:8
  2⤵
  PID:4424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4876 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:8
  2⤵
  PID:4928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=1884 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:4624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3880 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:2040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5172 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:8
  2⤵
  PID:3252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3232 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:1296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5564 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:4492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5448 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:1860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5784 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:4496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=6068 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:1892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5800 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=6284 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:4464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=6392 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:1012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=6396 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:3540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=6684 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6872 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:8
  2⤵
  PID:3576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=6988 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:5176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=7020 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:5168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=6980 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:5160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=7516 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:5320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=7728 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:5404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=7740 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:5420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=7752 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:5412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=7708 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:5396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=8316 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:5716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=7020 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:6044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=8340 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:6052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=8492 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:6036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=8572 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:6092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=7048 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:6076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=8288 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:6068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=8536 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:6060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=8268 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:6028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=7328 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:5668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=7900 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:5352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=6844 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:5544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=6620 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:5844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=7028 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:5988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=7808 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:5124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=7768 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:6140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=7452 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:5344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=8716 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:5380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=5008 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:4748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=7192 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=7856 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:5544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=6996 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:4676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=6960 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=9088 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:5348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=7908 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:3768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=9044 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:3380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=9480 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:3020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=9072 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:6324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=8892 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:6352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=8576 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:1
  2⤵
  PID:6396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5408 --field-trial-handle=1920,i,4245788151511221544,1409569212400472933,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:6748

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3840

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
60f2947a8a7cc9076aa50bfb240fa8d6

SHA1
d44a53256246d2fe307063f423f013831f8162cc

SHA256
cd6cd1528ffb3506dd02f9e45f001fd4588960dca19aa5001b7738373b349bb2

SHA512
66faef79b9f5266cd0ee42c9c616b454b1cb6fcb7bc91e5e01c0a4d73a8d02cc831daf9464c13eb6384cda19a5d1a9e1858d8c45f14c686f1af093dc7a52a4e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
b7bfd32d12fa7042c77a9fbc040cd443

SHA1
75738dfd55bc2f2a93175c4a1254492fad2e554c

SHA256
fe5ae262cecb51b3933954235fd0701c96b94e73572da7011256da84b231ed16

SHA512
6b87ce42e3b7a3509f31b6539e810cd3fd044cf00a449c912aa41a10218ac13e99f121c2e095b64fc4218b098a9afe9037682b2a82b4ec9159c045e48f50b892

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
20KB

MD5
1947f74f4dce1a9cc3a9bc993a449b89

SHA1
b9d8a5e7fe03424b7afd5090fa85d05b78554fc7

SHA256
47a1a8d4a060044f31ae526dcf299a73313713fc0fd5b22d667c9e0753006f7b

SHA512
a57c93bbf12221b589abc34795905ce6af8bbd30ea3a906bc37b1611be479e80c1ab1ff1302e9ecca9ddad8bc108259e830b3d5c2dc6d227052d7aba0e31b0dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
22KB

MD5
4ba8125a50dc4750fc36eb7c2f7d9ae3

SHA1
9494c1ad39ddf1672e828048fdfb7ad218276c4e

SHA256
5c20e0c554d9563735566799b102ba9854df928653aeb5d29d665f3fb20d9661

SHA512
1640881f44c0453961096d46b68f9842d8e24ca7a58c037b27fe58fae789ba7509bc334066be2f13bcfb279d4a62b7d2b1b0016f9738d37fe6e97e34008e2c5a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
aad5c9065080239abddbcfae188739f2

SHA1
649a34dd6eb6a9855e71bb786fd4e7f0a16bb4d8

SHA256
bc473db794097a27efc7d482127b4f27e34b4f5b3e08c679168e2c4650ccb765

SHA512
64a1108ee15c58794c30757a61ecbf31347217832e21b1760a3549d42e10d85224c29697c2c4809414609d0600ae98c9ddf91d7ba78118f911033f926b79e087

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
7KB

MD5
02ea7a7cde1e08149cf3f0bff23a40b6

SHA1
4ac0acea169b3e13795b6783b3fb28d11e591c77

SHA256
78713c1290a48a675cdfafca25aed3cbf0e1b9fbbcffbc2fe2b53ca2d93fc371

SHA512
484b2b06901d3ac19925914878f7688b8dde57ab8a11a8165170b5cd445a7a5d59bb7e94cd412324e03921ece2f23cb987c8e1c8588584dfe149b080e909a5bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
7KB

MD5
1bc7d10c4f23d2e5734e7de8edf962f9

SHA1
c2d06ad9ebfef6985de445ab4509f1729f10b27d

SHA256
f21f9cba0c6c38b40f28040128c07a17dab01847c9eaee2435eb7a5d9307aa73

SHA512
c0cd427ba103ca9a91a483ffdc452946dcffaed56a6b6e4f885c9d4d7237fbfca4785824866ce602ae7b828d8f5e83d57d2eb10cfed8bab03b2b118465267570

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
8KB

MD5
a90d3240014f75aba7bbf6aedbba80f3

SHA1
909c4fa6c15b6549cf97d3e1d2daefc5d27dff53

SHA256
e0d6a17b7bf64b3fecf1b4f36c8433e3656f82378e550d7f9b10c9e167cdfede

SHA512
13e40dc78b05575c0f8e7a9d869236e8e0d5ac773d7e838afd3be65f2f9b68ad4f8c49cf3eb68b2de97f6af87a616af853ff7152bb31fed2076021e34b7f1e90

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
843943e2a63f355d987087a05110f9f7

SHA1
d394fe0ec82824a615cd720a1c5599ed6b5106de

SHA256
b4d770687fc52b9cb328412fe64e0fb608b41982c9e9700623bf43889062215d

SHA512
c9f06689f27f02abef8f98ec17ee1ded1b8280e5c27b74f407ea6dfdfe4736d03ecb2e9648326689cec66d7bd57707eb0420e406b20535d5a6059fc6abb93d29

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
653a4c6e96ab4549618783ae53f2e997

SHA1
c899fbc056209af934e0db53e4c860287026c947

SHA256
8e65ce635556ebce85c55546a461c842d3e19be94f39be7d6bdabbc00a31c179

SHA512
224f90c5ba3d8ae7c4d1f07851b0e3960a489c73d87001bf5ce8e41ea811c3c1bcdafca7d7656b3ee287f50892650ccf10b109a07f5651c96847c74bf3729be7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
b1f0714a5a247397ce6ddba01a0e75bd

SHA1
e1008bb294a52b9c387983ae951930691b104a9d

SHA256
c6ffc15fedc9a6806707ba45aa83895d00d3c42a8ef16184159dad3b3e7700af

SHA512
1aa36a8bf4fb30a71790111dc014121bad8bfab2481e63fd367f419e4b09fa99c07e334b687a40eaf3f5f12670afb148b8dc704e460a5d2efacd5e8b68853935

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
102KB

MD5
fc2dc5e7d4bfcd41d2efe5e75a7af1a3

SHA1
a743d051532ecea95faa3e01a8931c258b50e8ed

SHA256
2ce702eff9a60170afbd662e7ad59cfe6f1589d99769f6c65d203e0acf660e85

SHA512
148b6666f55f0122eebad75f75a03d397fdf1de7685e06d8f73d3e8cb7191347df8ff746056621417bc0c6f205981e2291aaaa8281d343585ea99ed377e4c85c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
103KB

MD5
532641f16e4ab961bc42449cfc0fed1a

SHA1
3d9f3c532fb51b1345a60171c24f3b94a70b99d5

SHA256
79bb95f651b0c9db336b223c42dc87e4558168ad4f28ef91b0b7f65b56eb8837

SHA512
5b1bc0d60a052eaec511d03a51d63232302f613700065ece14c1b23250b3612b5e6b7be978f5391d926b9ddc9e80c1ee44fab0f73b5e5e5dd0f1ae4d19e1f719

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
100KB

MD5
d10d105a68d44d7d9d2acb424e961430

SHA1
58aa9b64a6e23a62d9317b6ea2644f326796381e

SHA256
ce8e6f8fbb2abda3050971d58a085940acf7686e117e094bdeca356da614e0d8

SHA512
d17d7d96962094204f9a48bfd5c1ee2b17cfac3748057b3fdcfc1db157870a937f21f957e3f31a291c414f978c61bb2a0bdee4a070a0431b0391996d3a3a211d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe583870.TMP

Filesize
96KB

MD5
46ea9c1b8ea11f1830fb92b0c8b7c031

SHA1
0df9908191a09114ac72486cf1bd4cc225a7b376

SHA256
df2ab602759c83d2072a007ac9525e26f4a8ec6554f50a4c8e8ff7914fa2a769

SHA512
76affcc69884ac7881deb84c5e2c72c5b4118b25b84830a73bb6b0dc39324d4940f08e3e48c934dd077cf820504af8952f612ed8f6cc76fa87b777bdde4030f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit