hxxp://www[.]dk8[.]zone

Analysis

max time kernel
299s
max time network
289s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
03/10/2023, 03:44

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

http://www.dk8.zone

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133407782699339015"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1048	chrome.exe
1048	chrome.exe
2104	chrome.exe
2104	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe
Token: SeShutdownPrivilege	1048	chrome.exe
Token: SeCreatePagefilePrivilege	1048	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe
1048	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1048 wrote to memory of 376	1048	chrome.exe	25
PID 1048 wrote to memory of 376	1048	chrome.exe	25
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 3992	1048	chrome.exe	90
PID 1048 wrote to memory of 2980	1048	chrome.exe	89
PID 1048 wrote to memory of 2980	1048	chrome.exe	89
PID 1048 wrote to memory of 5088	1048	chrome.exe	91
PID 1048 wrote to memory of 5088	1048	chrome.exe	91
PID 1048 wrote to memory of 5088	1048	chrome.exe	91
PID 1048 wrote to memory of 5088	1048	chrome.exe	91
PID 1048 wrote to memory of 5088	1048	chrome.exe	91
PID 1048 wrote to memory of 5088	1048	chrome.exe	91
PID 1048 wrote to memory of 5088	1048	chrome.exe	91
PID 1048 wrote to memory of 5088	1048	chrome.exe	91
PID 1048 wrote to memory of 5088	1048	chrome.exe	91
PID 1048 wrote to memory of 5088	1048	chrome.exe	91
PID 1048 wrote to memory of 5088	1048	chrome.exe	91
PID 1048 wrote to memory of 5088	1048	chrome.exe	91
PID 1048 wrote to memory of 5088	1048	chrome.exe	91
PID 1048 wrote to memory of 5088	1048	chrome.exe	91
PID 1048 wrote to memory of 5088	1048	chrome.exe	91
PID 1048 wrote to memory of 5088	1048	chrome.exe	91
PID 1048 wrote to memory of 5088	1048	chrome.exe	91
PID 1048 wrote to memory of 5088	1048	chrome.exe	91
PID 1048 wrote to memory of 5088	1048	chrome.exe	91
PID 1048 wrote to memory of 5088	1048	chrome.exe	91
PID 1048 wrote to memory of 5088	1048	chrome.exe	91
PID 1048 wrote to memory of 5088	1048	chrome.exe	91

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://www.dk8.zone
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbd8c09758,0x7ffbd8c09768,0x7ffbd8c09778
  2⤵
  PID:376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2024 --field-trial-handle=1912,i,7636607568809689485,14474357241486968421,131072 /prefetch:8
  2⤵
  PID:2980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1636 --field-trial-handle=1912,i,7636607568809689485,14474357241486968421,131072 /prefetch:2
  2⤵
  PID:3992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2188 --field-trial-handle=1912,i,7636607568809689485,14474357241486968421,131072 /prefetch:8
  2⤵
  PID:5088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2920 --field-trial-handle=1912,i,7636607568809689485,14474357241486968421,131072 /prefetch:1
  2⤵
  PID:4760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2888 --field-trial-handle=1912,i,7636607568809689485,14474357241486968421,131072 /prefetch:1
  2⤵
  PID:2284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4756 --field-trial-handle=1912,i,7636607568809689485,14474357241486968421,131072 /prefetch:8
  2⤵
  PID:2244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4748 --field-trial-handle=1912,i,7636607568809689485,14474357241486968421,131072 /prefetch:8
  2⤵
  PID:2164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5016 --field-trial-handle=1912,i,7636607568809689485,14474357241486968421,131072 /prefetch:1
  2⤵
  PID:724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3832 --field-trial-handle=1912,i,7636607568809689485,14474357241486968421,131072 /prefetch:1
  2⤵
  PID:1940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4988 --field-trial-handle=1912,i,7636607568809689485,14474357241486968421,131072 /prefetch:8
  2⤵
  PID:1012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5220 --field-trial-handle=1912,i,7636607568809689485,14474357241486968421,131072 /prefetch:8
  2⤵
  PID:4900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5516 --field-trial-handle=1912,i,7636607568809689485,14474357241486968421,131072 /prefetch:8
  2⤵
  PID:4660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5648 --field-trial-handle=1912,i,7636607568809689485,14474357241486968421,131072 /prefetch:8
  2⤵
  PID:2612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5192 --field-trial-handle=1912,i,7636607568809689485,14474357241486968421,131072 /prefetch:1
  2⤵
  PID:4440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3080 --field-trial-handle=1912,i,7636607568809689485,14474357241486968421,131072 /prefetch:8
  2⤵
  PID:2292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5792 --field-trial-handle=1912,i,7636607568809689485,14474357241486968421,131072 /prefetch:1
  2⤵
  PID:2244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=3092 --field-trial-handle=1912,i,7636607568809689485,14474357241486968421,131072 /prefetch:1
  2⤵
  PID:3724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3112 --field-trial-handle=1912,i,7636607568809689485,14474357241486968421,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2104

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:5020

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
840B

MD5
cf218a4ab18c32f3ac6faecf6ec6c6d6

SHA1
ce6086eafab2c9ea1ddca85567048c6c64c727d7

SHA256
c165c7ee777bfd19afc0154dec6cdca6111dcd100055ea40cc38a8b3339f0048

SHA512
38ec8568f3fe80fe783151c541b768ec77faee3c836830411398898d818fb85b54fe8f557d75235bc44eab4028523975cb2e597544a14ed56e48ed4afbef05cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
864B

MD5
06e23103c3aa2123389eeea05314be7b

SHA1
65033f20ea3b5bca9ef97e526fea76ed0f8c2b0c

SHA256
b2577960f53e9069203e0f0b242b6a0ccdc337fe8e6ab4094b8a28a181c998fc

SHA512
5e23df8f84326a1cbc2c7e206359c9d2deb079fe93d13657b6a5aced349b202fe01096d4fa5b858d141f2237441542de99366414a1cbede35d8509ae2e374eb1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
4ef0e96920c406994f294488501e003b

SHA1
fc8a0bc4a343311d5b2cbed7416656d450ca2a1d

SHA256
2005fbdd4a7d742c84d4f3af94393148447640eec88f26562b41de6758f74fa4

SHA512
c25689481efafa2ce3f4f4f42cac710550a32c3a51a3731c12db9ea551d6fcc884f5527c353f6e2026551c7b2a090ce91d718a07ccf9ab8dc4a678039c327433

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
9833e86a2bdb3195381556987d57d156

SHA1
8329d0cdfc1437ce187e450559328a35319a36c5

SHA256
82e2d8649e405183a9337450468e1f8dc317f8b31b592aea71dabc2b4c90dce0

SHA512
f5c2cbf47715697959605c4b500d6babe6e64c9c213a0276522e51a09103464833624fef78404b456b77f55077dcc722ca61f24259e25a2fdc3a0e0977e9397a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
dff5e93e6ef3d4a4526a626ff1f1e534

SHA1
b507871209058d317cca0d3429c1925428f313be

SHA256
a1a22e6f6477fa171bd94002dfce79d16fe22f8e0d106a50eeb04336c3933271

SHA512
98f354516fd07ddb9ab44231a3ab9fda378474bcc6ffbb7071a2b24581faa561ec0d0f587604de8cd0ffebee010c5c3203c9a16d93df2562cd8ce754d702e421

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
88e8ea27d786650812a810c009adc4c9

SHA1
66e95040c8e1d482d46a394f9e1a148773260079

SHA256
0c27898bbf269a49ddaee6765b024f526515bd879be8e8f546e7f5fccc431e9b

SHA512
3a72b03e934b610484afd92c0d635a0ec52fbfe37ab750e8048e5b2c9d5a6036e9bde09acb568d22f1e22071db04354b1a5cdaa578a584b14bdf2d8a78b8e7cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
f4a213eecf1eb60889c405c80ffc1fd5

SHA1
13ed3367b3200aeb39a7a440eaab491b0c5d67ac

SHA256
351b55b01a124c9f8688e47db0d1d552d2106643c9a777ba97063a8b2411b816

SHA512
13d23657ed1bbd453ae0eb99e76141dea01b15a1b1011860eebdfc6111e1990bf659d61ad8d438a71d3b3bcddc4fce8515d062ceb39624bfcfc740df614f7fe4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
30de2d680fbadb56d3bfb5932181c38d

SHA1
c19f2a92fa45186af5db23d3ed989e406202fd25

SHA256
007c69a2e45e171184eeda6348f2dba6d3c44803ffeea9b840532cbdc56422f5

SHA512
f571860646cebc9823c0dd89a19040f3df226b35870abd08142b6298fc1739d7eff7a8b3cb1dec2b9425beef5ffab663d2ead3f7a2f6704df30868fbae1a4129

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
9bbf414a0b7ba20359a07c7d55a54fb2

SHA1
21896d2c1f64f7ece018d62950977a6396e8e467

SHA256
e2658e2b461334d8dd943dcf47d2d5062741ce8e0265eeb690c8be89c838b261

SHA512
85e655aec2c914fcc276c48e6f668abe8655814873e40789a5588af4eb84d425aba7f8fd2f1bbfb9c9d90ce7840771041bc37804f56db4affdab7afbe488dfcb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
6f28b89aadc3fbebc255c793474d1b8e

SHA1
c6d79eca072d9d5599177dab5356ab170ef295c2

SHA256
71af377efd5b1816d04116c19abe9449d268c30c7f9ed0acdd54c5cb4264ae41

SHA512
2fadf9749695055feedde9503c290f4d6f26219639e0fe1d16f1d7355b5640fd54b44ca269056a99125629088d091c5e23cb975e59bb01894023b30672349cb4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
b0e36ce2fdaf9cd7e3c13b676ad8fc41

SHA1
86969d4f30913fca75ec36ec7c06c3f76f754e0a

SHA256
a544750c3dfbe307a61a3dd295db0a05f40c3274890d042bbc69828b8b101e5b

SHA512
a427708e74767b0ecbe5e15eca59666703061ec537c74847ffbdb5cccd6ea18891271749ce799024c9955a5edacc6be5d96b6075bf2f5fc0be9a5773c84f45b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57cac2.TMP

Filesize
120B

MD5
22e1d35f79f0fa6a8ddbda4d27c9c481

SHA1
6491e41ce88422a3adb680825c231e1b6ec94c31

SHA256
c32be8f1be69d95fccadfee8033e26dd6aab2ccfbc55a97436466160ed7161e3

SHA512
cc6734b015acf372103a8b50eb83ef48b16fcb573cf2a75eac8163411c5faf7d1c6c9a976aa66c64d2afb116f6d05472787c54583c3b5d0cb1763bb6fed039c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
c1336bbf3ed5874a51ee8bb8dff894c6

SHA1
f5742c2b2e5cde8c623e8c5a9bb653bed57b5dbb

SHA256
6686cf3b647eb307eec8dde81d498dfc3b27db6129fae71522df9859197eb699

SHA512
2df97135bf1d34dd57eb2d69989d6c453eab1f8f5db33ffe7509480d934a55bd70f0c9c0663f6ca5cbabcdf7356c24ff0b039f26eb1a8cee3a53543bcf13bbbe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
dca8a9dd7c2dc0a58cba6e2140ba9105

SHA1
bf64be7e58d9484873a38b922026dcaedf5b1906

SHA256
7600814760b9815d552bb13ad516328954fc0983a4e013119e549430646e1c3e

SHA512
d793680e3e1ff87c5a607b72f4f6c24947092e54b5a492228d44026874b9be3a5f4075468b87ee8b8219315c822e780d47edfb7ec79aac899caf9062602bc3d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
101KB

MD5
c54dea7832778b06b41886f4f62d803b

SHA1
0f0df62743cae76a6405439faf9e487d31246254

SHA256
924955146e9b5c9bc4c68614b756f9314d1f9a45ef6fcbc3d3a15b86a2c37027

SHA512
eb4d6c7d7571872dd3f1041e93b97d5bd2ba37797ed6c83a17731e568b8067331228b9ace81818f30fa21d0084c0cf3211117b07b729be0639c8c9498c65b07b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57e9b4.TMP

Filesize
97KB

MD5
01981f797a8fa39432a702ce3a783f57

SHA1
2df2ccccbd302bd557be660b59a81094c4868fb1

SHA256
8fd9f2d6a5e213f158d2c6d5f1cec247f95beeeeb3def247c7e97364a389270d

SHA512
9025e6b2f0de7fe1d234efbe9a51b76fe50f65006bd7b11e1ea1d80c37361b2c2f5b15a8000a01f06a607c615d4fc81d378c583209bd4549b9651c918560ad32

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit