fee4e840b33cdd9603d779b87317293329f404e287e251e047f31cb6b7f87686

max time kernel
1050s
max time network
952s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
22/09/2023, 12:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Screenshot 2023-09-20 1.23.24 PM.png
Size

83KB
MD5

c573be523efe7fa6841917a134efa791
SHA1

48e0eca79d2643680c0c360794c5b3aa23d663c7
SHA256

fee4e840b33cdd9603d779b87317293329f404e287e251e047f31cb6b7f87686
SHA512

09ffd2a2ac504e70dc9694d4149dd4dc0b34cfc4f4c7196246545705676f99a848adc28fc6db6f44056700efc1abfd4eb9b1466d679cde2b9d130f198d220801
SSDEEP

1536:kavkTHuFTMYCMLkqSPzzF7FwhXuAEOQV6W5bw+zmu3bs28OaTKmWG:oTqoSLrU8ZEnVfm+zR3I28QmH

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133398590524340741"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1220	chrome.exe
1220	chrome.exe
404	chrome.exe
404	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1220 wrote to memory of 4068	1220	chrome.exe	103
PID 1220 wrote to memory of 4068	1220	chrome.exe	103
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3328	1220	chrome.exe	105
PID 1220 wrote to memory of 3300	1220	chrome.exe	109
PID 1220 wrote to memory of 3300	1220	chrome.exe	109
PID 1220 wrote to memory of 2332	1220	chrome.exe	106
PID 1220 wrote to memory of 2332	1220	chrome.exe	106
PID 1220 wrote to memory of 2332	1220	chrome.exe	106
PID 1220 wrote to memory of 2332	1220	chrome.exe	106
PID 1220 wrote to memory of 2332	1220	chrome.exe	106
PID 1220 wrote to memory of 2332	1220	chrome.exe	106
PID 1220 wrote to memory of 2332	1220	chrome.exe	106
PID 1220 wrote to memory of 2332	1220	chrome.exe	106
PID 1220 wrote to memory of 2332	1220	chrome.exe	106
PID 1220 wrote to memory of 2332	1220	chrome.exe	106
PID 1220 wrote to memory of 2332	1220	chrome.exe	106
PID 1220 wrote to memory of 2332	1220	chrome.exe	106
PID 1220 wrote to memory of 2332	1220	chrome.exe	106
PID 1220 wrote to memory of 2332	1220	chrome.exe	106
PID 1220 wrote to memory of 2332	1220	chrome.exe	106
PID 1220 wrote to memory of 2332	1220	chrome.exe	106
PID 1220 wrote to memory of 2332	1220	chrome.exe	106
PID 1220 wrote to memory of 2332	1220	chrome.exe	106
PID 1220 wrote to memory of 2332	1220	chrome.exe	106
PID 1220 wrote to memory of 2332	1220	chrome.exe	106
PID 1220 wrote to memory of 2332	1220	chrome.exe	106
PID 1220 wrote to memory of 2332	1220	chrome.exe	106

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\Screenshot 2023-09-20 1.23.24 PM.png"
1⤵
PID:3852

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff96b889758,0x7ff96b889768,0x7ff96b889778
  2⤵
  PID:4068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1748 --field-trial-handle=1740,i,7626163737801192381,1635756484288777530,131072 /prefetch:2
  2⤵
  PID:3328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2236 --field-trial-handle=1740,i,7626163737801192381,1635756484288777530,131072 /prefetch:8
  2⤵
  PID:2332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3048 --field-trial-handle=1740,i,7626163737801192381,1635756484288777530,131072 /prefetch:1
  2⤵
  PID:3916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3040 --field-trial-handle=1740,i,7626163737801192381,1635756484288777530,131072 /prefetch:1
  2⤵
  PID:4444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1740,i,7626163737801192381,1635756484288777530,131072 /prefetch:8
  2⤵
  PID:3300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4656 --field-trial-handle=1740,i,7626163737801192381,1635756484288777530,131072 /prefetch:1
  2⤵
  PID:4436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4748 --field-trial-handle=1740,i,7626163737801192381,1635756484288777530,131072 /prefetch:8
  2⤵
  PID:4596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4884 --field-trial-handle=1740,i,7626163737801192381,1635756484288777530,131072 /prefetch:8
  2⤵
  PID:3716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5076 --field-trial-handle=1740,i,7626163737801192381,1635756484288777530,131072 /prefetch:8
  2⤵
  PID:2024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5204 --field-trial-handle=1740,i,7626163737801192381,1635756484288777530,131072 /prefetch:8
  2⤵
  PID:1880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5200 --field-trial-handle=1740,i,7626163737801192381,1635756484288777530,131072 /prefetch:8
  2⤵
  PID:4120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5320 --field-trial-handle=1740,i,7626163737801192381,1635756484288777530,131072 /prefetch:1
  2⤵
  PID:2188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4032 --field-trial-handle=1740,i,7626163737801192381,1635756484288777530,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4884 --field-trial-handle=1740,i,7626163737801192381,1635756484288777530,131072 /prefetch:1
  2⤵
  PID:3372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5592 --field-trial-handle=1740,i,7626163737801192381,1635756484288777530,131072 /prefetch:8
  2⤵
  PID:5092

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1884

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
aa407601774e27e117c5f89bba9248fb

SHA1
5c6682856e656b545ceb8548432a066a25712db6

SHA256
b450cbc3c43ff2f50f876d4cbe2750f6c81c3e85c94beaca01214e9d618f7140

SHA512
074993b74fd13354cd863aaf9f00646eb3ff5c473d21172c749c26c79e2cccb561195c146723ecf4880bfbe1599297d125bad577c2839bc1c5649661cdac285a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
0e11dcc378df8e62bd2692ba6d052666

SHA1
3a2b95a3d827944b050e62a8f09c351c9623d535

SHA256
e6e32a802dad2f4048147a07136cc88d22ff4d171f6a809e3eba16e8ccbd948f

SHA512
31e9e131f07b34a82ee4927e6abadb6e0ce0161e1918b706d85d228332e67eae48c1f467852d904d068f72160dd2ac65ebcc366d24a2278234966e280479607d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
fcf7eb88b117aa2938cb85b510b66460

SHA1
6be16bd94715aad5bbc16a2c07c0bcad38cb598e

SHA256
42d1b3c84a9d66ba17f519490abf29a48c03fd3af53bab8f3bc9ad8d52800057

SHA512
52fb63119b714ce02322841189e1ca9fc9446d81b27753649b92ce42ca871fa4ff83e9ead6b3c742c13e99e069cf42a5ac7efb95b369cf5b8194f5df949ac5fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
379b729d32315722388413e079b03190

SHA1
db6844e6357e4354ef95095ac0a8f5b4796b2747

SHA256
c6d672ed950e45d29346a66fc10ab3efb37c0e3ce12caea70ef4983a074940fd

SHA512
343958a06be9afc0f9ffb13ca700ad9c9fd996ddd144a14591f755d66a765ecd0ba30885324cbe23fe2d74850b9d745eb15003d4989a8e826cb0bde08d25c558

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
5c41bd7b6cfa6c38b205045fc6a9a4a5

SHA1
14f83a3c80ffcc8d6d2b3c22ff442ce940fcbc3f

SHA256
dd904a4720687af8539dd954cd592f3e9d8319a1b81196dcdb30401209a997f8

SHA512
e707121dd28046008cdff33982c2bdc68b3f3cf099dbfcb3e506b63a5dd95395bb85c9f1ae8ff35aa0f44ea54a9b41b4e1bb25bfe9fa9f5c939134be4f78fc2e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
04c9a922a479b19f7f37a742c3904500

SHA1
4877f924f93401b2c09461a092d9b27946c7f1c9

SHA256
b961d3e596544c93897dd915ca4646845985781b1de299bc395f77e24dce6e7e

SHA512
f4359efda1d789ba994d6d53b14c033e1456af6245b655adb4d8ca0513ec492a9539eadc76121de5154ca9879711a3076c10526212fbdc0017c32ca6f61273a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
8be7ebebb53936758813a622486b6bb7

SHA1
7c1ea3b0cf8781039718b5dfea23364d0aa11df4

SHA256
b9f2e51ddc05478f80ea8413373849921a8a2517a9a886fddc41f561d54d9f93

SHA512
87663745d2328006ee629b08b0afd140cdbcc3d93cc761d3129cdcf4cc44e445a742d30ecb6702c7c7bebe0a5d12d1d2e0e10b8b04930a69c186e989717f3ef6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
ae956b300aff26f3b585fea43e31e121

SHA1
4453c379a1b907cea64c0b9d36a1c4f0be9e30d3

SHA256
b9641258b909fb9a113adddec20f9ae23924da00781d2e0941f60b1964dccb9f

SHA512
77c6e541094d8d7f0b4009303313d72c647cc2e97509841e3a3a26cbb90578bde27ad947c027ccf1e718dfada7a3d3b40471d8d4cf8d0a2702b8f46fb372360f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
8e382e77401e1ce91ddd70421cc22872

SHA1
53cfbcefed7e6bbd9f772c5d7d3e7452379b2b21

SHA256
a2e902911fe995486037bbe959cc02824779b27109181595f5ff3980bc21dbda

SHA512
2b63ebbb84787c6754381344bef9ccc95f665b6cd327d31f40f9ee30fdd4f769992253091186834bc8d7f427ba3b1b4d7e2857c0a68ab4dd71205bb42849a513

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
0591aa8da1570d22fbbc76381de10a3b

SHA1
6e69c514d047a4851f64ad00ee73bb423aad2649

SHA256
d4e9768dc34d6c5283d5c7a5eaa5b46092303e27b07422bf8caef8448299a7e3

SHA512
6a9922fef8b8d5620f035c55b8e734aadbaf64f38233ea1b1dea756852a397ffd3b431dfd837007b6acacb3ec5f08bb93e402158a13b58d453fab06d53692db4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
369B

MD5
1c73a788983b4f7dff18212569df2300

SHA1
bc7c208ee969a6f4cfc88758e3cc9d94514677da

SHA256
875699a872061505eace0f7948380e5e95738a7eedf8476c88255a6036c7dd48

SHA512
a2dfe1c774f86978d4d2e9261f257842214b7d2fa0e6aa422d21552868e0a346582c1bbe865ddc7bb7fc7eaeab025122b52335c7f8d4623bea3c05579273f21a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
538B

MD5
98d9afc03742a6b518d52f13d7f676cd

SHA1
c70521aacc41b85f114e87d6ac106245d0ee4c07

SHA256
ba6192406487ff331aacafe4fbcd1f21228eab592aabb912a436c9db7d5d8517

SHA512
e794cb6616b9317557a4d6a7db6bd089f4e8ce83d3a18524c526e1e90a47211b665db3d6b71f3807696843bbe815eb29bb369ef6c2db8d8f40b1a5ca2d890ead

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
369B

MD5
13dbafb3731d160b3c1eb96e978fcf81

SHA1
d72ff038d76b9b29dc3917e7eb7528b5d1a8f9ef

SHA256
47070e588d4da5f892a9a13ddca7a466e1993dc329db6b097e70b920cb5a1204

SHA512
47a9ac6368476ffa089364a54dfc9d6bcaf89f41c96966c9cba2940141d43d88d8955b2cbf203aeb4a7fa7647a3efaf775b27a7d8f139fd898941095dca7ccff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
476d8e5d05fd819576d141c7a079654d

SHA1
0a4ce986ea286595756e17a0371cc4b749dce222

SHA256
c3ccbff652a567999f44fc4bca9b9d1bae68f319ac71b633fdd2f31b3a0df905

SHA512
d20cafab7ad70c13fefd3446c8057afb629de7b89bdd1bb3d95c4890939ac1d8ad269a78988bc43fe01301c154b788ce3bac3c388e7c303d94d9a9b4f1f0e77e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
1ade8c04fcd12cd6ade1b5643819015c

SHA1
d023ee7c411ae1ca06a38e456357b0c3217e3bca

SHA256
5995df8b94287fda40290137a5f9c6b281b57121d7215afdfe3e1286d8928b23

SHA512
54a3236091b90b2e03e9cdf08daa2ffb71c1d95dbd9ad1bf51353b1d00c9524780eaf73624f4fb2bff78203f52a84c4ae59bd61be4b4cdef49875ef3c492eb1c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
28dc85e1ab522d552a97f3e6643d97d6

SHA1
e52105f40f26f1abd835b38a7fdb5644041b29d7

SHA256
4d1f3e2f1c998996934dead55b76c7d977962876bdbc642177bf3fcb7dc5d03a

SHA512
bc1dd2c344c6f968bf7f93dff25beefafb3a814d5a58075a4b784b53f953f63cbd067279699c0c98f3bc49db979a22ef76a0935b3e56877b7291b45a3188cd94

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\b2339fae-be45-411f-9e88-b916131efb8e.tmp

Filesize
15KB

MD5
2af0dc4ee233bcd80dbc0a003fd5f07c

SHA1
eaceb9857a5856b51a6e67caef017e2e0c121408

SHA256
2e9dfa4730efdeca8495492b074a8cb540e88a5fe47898d65d7d4262510ad95d

SHA512
6355d9f1d74d7ef292827b4743bf399702b186bd72bbb42d24a1a5128ca7b1ee303bb4fcc290f1ce8825ca2332ce676ca5954256536029a6f907fd5ab379c7be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
201KB

MD5
de5fcf8e15b95f8b9d5474086937ba83

SHA1
04365c75d7bd093dcdfe999a438d6de331f06056

SHA256
9e5e2992c6cb2b489d2029e54e9647dfebb0eab3e43f5061560e860c6bb3cab2

SHA512
4d4bdfd0993d8681880d475b17fabb90f4e6490bc730f829181de66ef6b4dca780911c0dd6d98dee002100718cfd38603df48025881e25b4195f84db0cb86895

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
101KB

MD5
4637a383422b1f7db351f8d726ad035e

SHA1
03c28efb302ecef4f85545bcf63ad6cf450b94bf

SHA256
790c7aef77773ba67db1c6413a3aca3ff1650ca4b18fe4085f7591a6f29015dc

SHA512
a68f193f522441ddef462d034982d630f8715ee9433576df56b1a32adb1a6cb72668e16907106040ebfd548dc5039602c904c8153e54c912f44fda0b6a671e01

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5bfe42.TMP

Filesize
98KB

MD5
d67a8890c7409bd93cd2e371d6e4b005

SHA1
aa9be0eb6da7ead7ab6b621f405392aa383d2400

SHA256
03d28af206987a5460debf8223ba4620f6551da123c85955cbe1bafe041efb2e

SHA512
3c71227806b4a9169c67576ee5a06896ef53dfa468c957a445ff07bd85f25ea83af74242fb6037f20f6fbb3c9024b6071bfafb04f5c2708762d921e091832115

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit