hxxp://www[.]rojadirectaenvivo[.]nl

Analysis

max time kernel
36s
max time network
73s
platform
windows10-1703_x64
resource
win10-20230915-en
resource tags

arch:x64arch:x86image:win10-20230915-enlocale:en-usos:windows10-1703-x64system
submitted
22/09/2023, 18:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://www.rojadirectaenvivo.nl

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133398823105463279"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4872	chrome.exe
4872	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 29 IoCs

pid	Process
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe
Token: SeShutdownPrivilege	4872	chrome.exe
Token: SeCreatePagefilePrivilege	4872	chrome.exe

Suspicious use of FindShellTrayWindow 33 IoCs

pid	Process
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe
4872	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4872 wrote to memory of 4868	4872	chrome.exe	59
PID 4872 wrote to memory of 4868	4872	chrome.exe	59
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 1656	4872	chrome.exe	71
PID 4872 wrote to memory of 4536	4872	chrome.exe	72
PID 4872 wrote to memory of 4536	4872	chrome.exe	72
PID 4872 wrote to memory of 2744	4872	chrome.exe	73
PID 4872 wrote to memory of 2744	4872	chrome.exe	73
PID 4872 wrote to memory of 2744	4872	chrome.exe	73
PID 4872 wrote to memory of 2744	4872	chrome.exe	73
PID 4872 wrote to memory of 2744	4872	chrome.exe	73
PID 4872 wrote to memory of 2744	4872	chrome.exe	73
PID 4872 wrote to memory of 2744	4872	chrome.exe	73
PID 4872 wrote to memory of 2744	4872	chrome.exe	73
PID 4872 wrote to memory of 2744	4872	chrome.exe	73
PID 4872 wrote to memory of 2744	4872	chrome.exe	73
PID 4872 wrote to memory of 2744	4872	chrome.exe	73
PID 4872 wrote to memory of 2744	4872	chrome.exe	73
PID 4872 wrote to memory of 2744	4872	chrome.exe	73
PID 4872 wrote to memory of 2744	4872	chrome.exe	73
PID 4872 wrote to memory of 2744	4872	chrome.exe	73
PID 4872 wrote to memory of 2744	4872	chrome.exe	73
PID 4872 wrote to memory of 2744	4872	chrome.exe	73
PID 4872 wrote to memory of 2744	4872	chrome.exe	73
PID 4872 wrote to memory of 2744	4872	chrome.exe	73
PID 4872 wrote to memory of 2744	4872	chrome.exe	73
PID 4872 wrote to memory of 2744	4872	chrome.exe	73
PID 4872 wrote to memory of 2744	4872	chrome.exe	73

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://www.rojadirectaenvivo.nl
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffe7c129758,0x7ffe7c129768,0x7ffe7c129778
  2⤵
  PID:4868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1512 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:2
  2⤵
  PID:1656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1996 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:8
  2⤵
  PID:4536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2076 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:8
  2⤵
  PID:2744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2600 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:3672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2588 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:4304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4592 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:2468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=2988 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:4544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3012 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:8
  2⤵
  PID:3228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4792 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:8
  2⤵
  PID:1144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4664 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:2960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5388 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:3764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5012 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:4024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4656 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:4236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4884 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:4472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5580 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:2296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3724 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:8
  2⤵
  PID:1572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5156 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:8
  2⤵
  PID:3428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=3724 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:3560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5676 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:2960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5720 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:3128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=6012 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:3732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5776 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:4228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=6316 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:1152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=6616 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:2128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=6788 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=6720 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:4576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=7160 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:4812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=6636 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:4300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=5964 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:4948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=6028 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:4548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=5484 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:4420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=7580 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:2904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=4572 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:2940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=7552 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:3120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=8052 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=7836 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:5448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=6588 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:5912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=7656 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:5188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=5056 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:5288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=5156 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:5396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=6848 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:5896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=6444 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:4340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=6408 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:2984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=7376 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:5200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=7360 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:2788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=5944 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:5596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=7032 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:5700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=6260 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=8180 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:5160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=4872 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:5540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=7340 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:4388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=8060 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:2476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=2776 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:3148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=2780 --field-trial-handle=1768,i,15673782973028319680,13794314203836083492,131072 /prefetch:1
  2⤵
  PID:4812

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3868

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x40c
1⤵
PID:2980

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
45517e94a84c1eaa8bbb90476bf29578

SHA1
7cdd9b6a73da38aa771fdab217055ad9383e0deb

SHA256
b059cc4f93bfeac97eb284d1745b2c7dbd066e8f14d3ab073a00ec297dab5533

SHA512
f4589d44cd9db2e752fb862d363ff6688078b0ce315ab5fe6b32969f60ed943014e54b897b9d229765f86586439633a1b0453394a9011f6549d530a5b69bca6b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
95KB

MD5
728b4681f2dc5d2e978c2973c2a62758

SHA1
2fbcf2b2e324bc76c986322a06ba0b869aed9223

SHA256
ac2db68fa047b1e862c50d88d1d23b0b64865f872a50ce5f9f207409ff10ff83

SHA512
aa0df071a2b4368c52e06f327d2933464e29f8a3258541fcc44b57da58edc7cf7d9ee87cd4e769c911ad0aeb6563624b012c32da0ace80b3a200e7bb5cd5fab6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
26KB

MD5
20408112d58f48555b4811195ae90957

SHA1
2ff49cb2ea4ec9f281ddd48cce87a6d03749db5b

SHA256
03e5e83faee22c9363cd77902915a9ac889ad92bc5252401990a6714f7a8b3d3

SHA512
46b6b205ed13d0d1c22a0cd4a6f2f86ba4f744be230493ddafd2cde5beae464fa20442cf6705f5b2de0cd3436cc8ced0cb1b6d6a67fd59d26d07fbdea999675f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
81ac6e222b0ce70b0f73d45b31c9c313

SHA1
bc3b123562e5573c4f83d71045f81be5cb7b8e79

SHA256
e22a76291844607e9d945b9bec3b9ae7196f6240956d09ae51bb7d312063c9cc

SHA512
cec2fdadcda65aef9f2ed656ceba7ff9f7a63508c36519b5d92632cd6b99aed1e6248312fc0e78a0992a553d9f6017bb173bdfc41ce4e3a7f0908a8923e01ea3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
e08e7ec939a171467aa347f63c8ebce2

SHA1
0021ee916e0ab26644b11dc18101f123265beb0f

SHA256
49fd22d67c5be8adf214c4f3cf54dc5aacf860f7040442fe34e19feeb5cb2a15

SHA512
50b8326992aa427ee65e1311b0e86a7f0e13e44e8a804f10e7b17972314ca65d3736e724d1e6e5487c36e07c6d5dff0fbb642515c70089ab3350453e93531305

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
4192c3ce4090bb31b2a86f6d250206f7

SHA1
4053ac44862d513fcc27e9b5ed442172e324f586

SHA256
f318376484932d122cbb64c4f088dd62cb9aba3a6465b8493f4d347535cda6f6

SHA512
ba6bd15b09d6bf649098dcdea480554a72189bcc191ea800c2dc2b69550649e82bb1c5ae7f03aa6c1969368db01994f3328598e4b1669c02cc8ff94ee967ac90

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
492d6be5a9fd49a0737dc40323302953

SHA1
535ccb614d9012cb04911cb8941ad03c6fbdb3cf

SHA256
1b4fdf30451c18d1deec27bcf2d0808d0831e6191d0ebf1785dfef6a96b7f898

SHA512
7c10e21e76c93f8e194a3ee38593523ee3cd27512222ac0e4535f9c8f408bfb1c938f49b3ab147e94a955f92327ec6c125fc9da70bdf3e23b76fa6104dbe1f14

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
17a00299074bacd482419a1aedbdc6b9

SHA1
518a46f1f4d3123d288820a28c6dff25d9c68cec

SHA256
318e80a3ce8a2f456078e26edba71faebe6b416bb8ccc4357d6e99b9cfe58e64

SHA512
8862fcd4caa4e1b99c5a28601895daaf78de7d9f0b9892cecb2c6d030143943cd2aa84d28314b2a6740261ebf9863203767e86665d9ef23e658f4779ab580547

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ee7be1dcc1a62630080be846566515cc

SHA1
f0f6976c189c1d66222a2bf5787778a0552095ef

SHA256
2ac3097b74a198b243eed96016f5c87dcacdf2b4859d6b1b20f5a088b0936930

SHA512
7395c275751ef9adc9d88347b439487760a6d9bbe38385b0167bbfd99aad7032e340f1be67e3801048ca5f24b1bc2014f79c6738f94cd0a17a4b5ea488cc4433

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
b00b4a9977ae0ae63596d2dada04ec72

SHA1
32014961185e44b3f35753c3eac131363af87220

SHA256
7cca98971a8e57953d60e7b10c3bb7961f63f2c909f19b75ad1723e09aa005e6

SHA512
6e7cf90c3804f7475bebfe63037fa1d6d3db951269d79a778a9b899b4c2d270b1cbf23755917fa1f670b76af7f8ee0e501e7631a426908502c283ac3bd78cb74

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
08c6abb693954261ef22b02526d43f2d

SHA1
75ecb6648f897689fcd9cb30ab2309dd272c5426

SHA256
55fe411611bc4cc56b7468c9d308bed325ed52284bfc5b4346e85a74ae48e038

SHA512
5984fad1f8608d4e5e2efaa212eea0e2e1d44d93b92697a1ed078f52680b6a1f316e5ccb0d875b8fca5186469ac4863ea9f849a344b975cc9afac83b9431be9a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
d25a06ba8a68bfc62b558c3586f20b7f

SHA1
b4f835b7ca7c54c79cb940b1114619d158c36adb

SHA256
97027f3769f41df821a65588bdf44f77866d8d5739a97148b2c86707ee48a7e9

SHA512
7f1775d05caab0da0ea74c18b2900bb47b5d11d03d28f20c2a41b3d66fdd8ccf3fa422527cab2f77713868c5c13fa026c724afba03a6f78c23b752e62ca1f3d5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
45f8382343634b7cc185294443f1fd6e

SHA1
a2e9726d4c4a46ffa182adac70086a732ddd31cb

SHA256
fe1dca228caeca3b92019d6034c9bb579c066578cd82ae17b1a758e49f709021

SHA512
601f43b9adc4765bb7debafb29c2c4e20668a79283f8ddf089eed823d6223af1d0c03b15635ec7f921fe47a2ac1cd07d21118e97ea4b198985ae2c052d0025e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
aecd217274455daaa7c35be40e87f723

SHA1
d0a8bf359a9be21497fb2926d0ed55b654edd17c

SHA256
42783b45b1859e1302646af41c1c8153c334be1f6b073f8bff278b2f808abdfc

SHA512
0d14d6ad29c61fac39d8a4d52d78bee63c9f1e8e34d165e091d72e09cb0d719b1efaa10c9d8bf1135423201b21046dac76c535ce3c4fe2627f64394668abd41c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
44e84af081931c4d91178fbe4a38af5d

SHA1
d8dc2c627db2d410df859fe028b9894b103ee7f1

SHA256
af753ab17bc9e0052cdf2908ffe3d2d166370b0629de89f2d8fa87c912b8a9ff

SHA512
c16933115e89d004660bfff775aa3269d3b91240b202899301739b68dd7719fb53169cbf21239c725d6a74679a558c46c12a275c0581eb5dc8e7f31bf349f79d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
946e71f826dc4192ea5df27156228747

SHA1
3b9aa3ffcdefce027016bf1abf1e0f26b68a78c6

SHA256
8f7ba7daf6bed84794332e2b399efd6e28377478a9bfe164358b257205f924a1

SHA512
1af8ee1bbc1b4320dfdc6c08b7c35f08eec6a5b097ca5de5faffe702c4d3f853f64e49ab2c82810e477f77bd5e251077269d54b2e8aa4b895a76fbb1e12e3c9f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
cea665b0fdfc80e84daa964a7286e936

SHA1
63aa9ee76c5de2d9287de7d3e5b591f2e4d09b09

SHA256
3b85bc116f8c8cd28c4f632591817aca458ca645e899e9692524961b8456f1b3

SHA512
04841cad5e8c4ce38a5265004038aeb59df28624fb0e73c0a19b695a46da723bb4d3d775e609c12848d4f4a76bdd9d2d8d3c22c5e4037d2ffcf5e2a28c169bc0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit