hxxps://192[.]168[.]22[.]107/acc_MOG#/login

max time kernel
82s
max time network
79s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
03/10/2023, 20:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://192.168.22.107/acc_MOG#/login

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133408399063154782"	chrome.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
2336	msedge.exe
2336	msedge.exe
3888	msedge.exe
3888	msedge.exe
3460	identity_helper.exe
3460	identity_helper.exe
5896	chrome.exe
5896	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs

pid	Process
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe
Token: SeShutdownPrivilege	5896	chrome.exe
Token: SeCreatePagefilePrivilege	5896	chrome.exe

Suspicious use of FindShellTrayWindow 52 IoCs

pid	Process
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe

Suspicious use of SendNotifyMessage 48 IoCs

pid	Process
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe
5896	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3888 wrote to memory of 2288	3888	msedge.exe	85
PID 3888 wrote to memory of 2288	3888	msedge.exe	85
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 4636	3888	msedge.exe	87
PID 3888 wrote to memory of 2336	3888	msedge.exe	88
PID 3888 wrote to memory of 2336	3888	msedge.exe	88
PID 3888 wrote to memory of 5004	3888	msedge.exe	89
PID 3888 wrote to memory of 5004	3888	msedge.exe	89
PID 3888 wrote to memory of 5004	3888	msedge.exe	89
PID 3888 wrote to memory of 5004	3888	msedge.exe	89
PID 3888 wrote to memory of 5004	3888	msedge.exe	89
PID 3888 wrote to memory of 5004	3888	msedge.exe	89
PID 3888 wrote to memory of 5004	3888	msedge.exe	89
PID 3888 wrote to memory of 5004	3888	msedge.exe	89
PID 3888 wrote to memory of 5004	3888	msedge.exe	89
PID 3888 wrote to memory of 5004	3888	msedge.exe	89
PID 3888 wrote to memory of 5004	3888	msedge.exe	89
PID 3888 wrote to memory of 5004	3888	msedge.exe	89
PID 3888 wrote to memory of 5004	3888	msedge.exe	89
PID 3888 wrote to memory of 5004	3888	msedge.exe	89
PID 3888 wrote to memory of 5004	3888	msedge.exe	89
PID 3888 wrote to memory of 5004	3888	msedge.exe	89
PID 3888 wrote to memory of 5004	3888	msedge.exe	89
PID 3888 wrote to memory of 5004	3888	msedge.exe	89
PID 3888 wrote to memory of 5004	3888	msedge.exe	89
PID 3888 wrote to memory of 5004	3888	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://192.168.22.107/acc_MOG#/login
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffaa01446f8,0x7ffaa0144708,0x7ffaa0144718
  2⤵
  PID:2288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,16528769053296797456,14890165693172139617,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2
  2⤵
  PID:4636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,16528769053296797456,14890165693172139617,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,16528769053296797456,14890165693172139617,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2788 /prefetch:8
  2⤵
  PID:5004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16528769053296797456,14890165693172139617,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
  2⤵
  PID:2576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16528769053296797456,14890165693172139617,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
  2⤵
  PID:2420
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,16528769053296797456,14890165693172139617,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5084 /prefetch:8
  2⤵
  PID:3940
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,16528769053296797456,14890165693172139617,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5084 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16528769053296797456,14890165693172139617,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5268 /prefetch:1
  2⤵
  PID:1864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16528769053296797456,14890165693172139617,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5228 /prefetch:1
  2⤵
  PID:1916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16528769053296797456,14890165693172139617,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5620 /prefetch:1
  2⤵
  PID:3904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,16528769053296797456,14890165693172139617,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5648 /prefetch:1
  2⤵
  PID:5072

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2712

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3388

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:5896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffa9fa39758,0x7ffa9fa39768,0x7ffa9fa39778
  2⤵
  PID:5968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1768 --field-trial-handle=1884,i,12761885701049622759,10711251080360955011,131072 /prefetch:2
  2⤵
  PID:6140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=1884,i,12761885701049622759,10711251080360955011,131072 /prefetch:8
  2⤵
  PID:744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2292 --field-trial-handle=1884,i,12761885701049622759,10711251080360955011,131072 /prefetch:8
  2⤵
  PID:5076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3248 --field-trial-handle=1884,i,12761885701049622759,10711251080360955011,131072 /prefetch:1
  2⤵
  PID:1984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3296 --field-trial-handle=1884,i,12761885701049622759,10711251080360955011,131072 /prefetch:1
  2⤵
  PID:1864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4652 --field-trial-handle=1884,i,12761885701049622759,10711251080360955011,131072 /prefetch:1
  2⤵
  PID:964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4800 --field-trial-handle=1884,i,12761885701049622759,10711251080360955011,131072 /prefetch:8
  2⤵
  PID:5476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3788 --field-trial-handle=1884,i,12761885701049622759,10711251080360955011,131072 /prefetch:8
  2⤵
  PID:2268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5156 --field-trial-handle=1884,i,12761885701049622759,10711251080360955011,131072 /prefetch:8
  2⤵
  PID:5132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5152 --field-trial-handle=1884,i,12761885701049622759,10711251080360955011,131072 /prefetch:8
  2⤵
  PID:3256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5380 --field-trial-handle=1884,i,12761885701049622759,10711251080360955011,131072 /prefetch:8
  2⤵
  PID:4664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5004 --field-trial-handle=1884,i,12761885701049622759,10711251080360955011,131072 /prefetch:1
  2⤵
  PID:2052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3296 --field-trial-handle=1884,i,12761885701049622759,10711251080360955011,131072 /prefetch:1
  2⤵
  PID:1664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5228 --field-trial-handle=1884,i,12761885701049622759,10711251080360955011,131072 /prefetch:1
  2⤵
  PID:224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=media.mojom.CdmServiceBroker --lang=en-US --service-sandbox-type=cdm --mojo-platform-channel-handle=5504 --field-trial-handle=1884,i,12761885701049622759,10711251080360955011,131072 /prefetch:8
  2⤵
  PID:6092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5488 --field-trial-handle=1884,i,12761885701049622759,10711251080360955011,131072 /prefetch:8
  2⤵
  PID:5296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=3344 --field-trial-handle=1884,i,12761885701049622759,10711251080360955011,131072 /prefetch:1
  2⤵
  PID:2236

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:5332

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F59A01A8B782D93EA6991BC172CEFFB1

Filesize
867B

MD5
c5dfb849ca051355ee2dba1ac33eb028

SHA1
d69b561148f01c77c54578c10926df5b856976ad

SHA256
cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b

SHA512
88289cdd2c2dd1f5f4c13ab2cf9bc601fc634b5945309bedf9fc5b96bf21697b4cd6da2f383497825e02272816befbac4f44955282ffbbd4dd0ddc52281082da

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
330B

MD5
e34575978a1db0d01a57216a41745f90

SHA1
b0785529f870cb48987b6fff0e1a18aa99229cd7

SHA256
d263f51776d2299d48ce171ff752d85b97652918aa2fc1500e85113dca7c095e

SHA512
1d85936dc9723cb726a84292fd9056c6db5908b50f7f759db2adefefc0ab2609e04ff04531532bb3764e247b022de088a274ef8cefb5948d236c1ff599c0f683

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F59A01A8B782D93EA6991BC172CEFFB1

Filesize
242B

MD5
5014795dd379f296c30a68a8244afa13

SHA1
cdfd170c5b59464aa5010217971f4f71de8ee507

SHA256
2757c83093be662f1195b6aa3d8e0de3aa9d026cabeb3ac2df36b58e48f925d3

SHA512
248db18e8da2c11b28f9935f7d6d6f2b97cceaef7956bea532a640b810a1575207924908633048534cfbc702d2dd9ca27296f8c51941946ad8e57ca62ad33a6c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
82KB

MD5
f7b12903dd7a2d536ceb2b7cd1dba2c1

SHA1
82d12ab89c971973141475ecbefa5da97ad57195

SHA256
3760e89dfff6078afcdc5404e4735e266a4799babd9fa853ff388c702e992c5f

SHA512
44d9c92af31aca7b1c60c1a0ef9ad1bbdf89bc5942b0b82b3a5e66dd8ad822b1868565121a515758c782d34b689c898ddead14a15629772d64bed4a1eeae5339

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
87KB

MD5
216b12b5a9657850b1b324e158454f8e

SHA1
b02b14e1ed70d323167efa295ceb8ba156a37fab

SHA256
81c0ae5eb7c7ea1bca274d51be67818e3f2577e63c9f2ee766b20e8964335db9

SHA512
c65a2a379f846d40bff192e2686eaf20c784a9b446a9d99813abec3811d0df96e842bae9c7d0801ab743f721e1281c9f9b77da21275c1e9765de26ce66c51b1a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
85KB

MD5
db1a27b35e26398fef4be920ea96078d

SHA1
436a76d889fe34eaf1c213447d3d94a5dc3adedd

SHA256
847a8377ef2e424408f08c04f34697edd3ceca9f8a6455678493dd69e5d0bd47

SHA512
7fd36e96c139892fbc3025b4d6deb222f29babf1546e3c731064505c0d04415b9f04fe9db55349f1aebf02212e2f5e85cf25c61b4d788f6118298aaeafff0666

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

Filesize
76KB

MD5
48f2d3d495059b2dd518675fd35a34b3

SHA1
f4e3f1dba560bdb6d0dd062ba153c0b1f78660c2

SHA256
81e5a128b155abab4f8f7312490531b73c417d7adf57c31658572b3c9f795fd0

SHA512
230e2c8df4197ef67941a34ea30cbc9bdfee82ed8a608184b6897d2abe9d61c42bc9f3409b3eb5600a0a5d860e5defa91c2716fb270f7b6424edb070d165594c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

Filesize
599KB

MD5
f02e1634f254116e6c53c82529739c50

SHA1
c082b56c4f2717ae8dbabf2df2f86cf76a9c68ed

SHA256
cca8c680fa6dac201dd2a55787e5ec4d3778fcaea060ddbcf695e2fce7eca529

SHA512
5ab242c4a31edc3156cbef9ae5711f9882abb3ed3a73d0c58316bd116b3563cea6ef281a5cf24a5f810c16ac452f932eb2d02460485d0b597c6872c3a2823563

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

Filesize
868KB

MD5
804f85c06b21373f83e1f06020233bcf

SHA1
68c10b9c79ef69c8485190d004db19a346eb59f5

SHA256
7ca63ea52ce4f5f256daa4bb23c1d660d478114dae10a012fee952400a3be9f6

SHA512
2e90ebae47c22b02256e3c96b668d4e6407f9ab8007ec6fddf23090ab510e13eac9fb3063ce35af2f3f724258ccfd07623aafff46d9e33fae651c2ea42edc506

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

Filesize
18KB

MD5
85d2dd7a48e7f81389de37c53e1d911c

SHA1
84d7c0162510f03f7f352d56aa9f665d1c4f3b4f

SHA256
2b4464161d644bf8c4ea0f8e9fac91397ac1cfdbb1a5508b73f9f68807ad32ee

SHA512
cffabf32f78123f3a36501643026b54bb5d718ef7f287c278522deeab79031e8adef274ba68936900778519d44a98c620a5d0e25dd3f6af0a790eee04a6f8fc0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

Filesize
185KB

MD5
a9673bd087b4e5e2cd21862f8b7d8054

SHA1
0854f56b37b3c7c3938ebdd75a79be32c94b281d

SHA256
d4226b650de255fdc92e6ba1b89181c445fa23e82e86a1de62059ffde35081b2

SHA512
3e919945421b284915da26cd49d55db1e4c5b0530cfafec936982e2b6f400e372b98df78d1f07813a473cf9f26699e9c1ffa555904d6d2b4fc819b2c202afaba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
840B

MD5
8604402089d82f3f7f40980a20cd3ca2

SHA1
aae6634889575edbce9403eaffc75b0be5597949

SHA256
99c0072575b82802d270a758bc309d5a0020a5548f1cd7bba687a9cec7558829

SHA512
50bf3fc7d93a27a34243a2e0f177ee1d49f42a21b937db632dd042fda4c664bedec6b364b2a33ae222139c63a32e813362dcfd9870e083ff9cb7a62076089711

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
54118524f9f147e20c5577d62a899b67

SHA1
cf6632885c805aecbe1e5155465a810654d387e3

SHA256
5693d5dfeb263d2f69a7b2088afc5b6ee71131cbf352f2e68b4d2e903d0f20c4

SHA512
c04d1203e57432a3402347a96ded8c23e8f9887ef2d1ae7ef68e7e772ac5bee46a9c67f1d038fd6a5bfbf86ed9c42eca9c22fc56652e2e6a26391e859348991c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
3f713c7f040d770e38963d37f9ebdebe

SHA1
21da74e5f45a74bbb9ec1f624d090ca5edb004ff

SHA256
c334448d48d2721cb220d944434589e6fc6a4f918e67527800fa1a5529645f6c

SHA512
5ac6f756ca36c10ce449ae7ee567f1754f44343bcf296a37a6ae3b4620d33abb9d62a6721636b51f986a08fb55c4f90a4c8f0dc2f1c5dc355bedc004b2f7aa9e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
f0987c16f87e477ac1dd361bba89eed5

SHA1
1d50aa5b21d7329b2f676b37afb4189e96960b44

SHA256
565e4785bc26738c7cc7dc5c7457a2997e1c89b7623dae6625e463209b8f9345

SHA512
399564e9f84a2b8725e2cca81fe757fd413f3e2afb63f22c1e3d4dbd1d57c6ac8e0342b876aef93292433f027f94e90856afec4e59a396f52b6c9e95af0a0da2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
4208f876e4d0555ee5d899011b28c15c

SHA1
2796e1efbaf35e31524cde14df9c2cc9f3c5dc9e

SHA256
da0dfbf58ba8476c996165f7a3059d546d6a113c198af56b4549841c1af2825b

SHA512
ce321ccc6b2b8a26c7545fec97617efca150b3db874dbda9ee89f70504fffb0a5281e24f44e666531cce1da074a1822e46e0f048ba3571cbb23c083694137732

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
59163f29380bfe727f382a4f9c4705da

SHA1
e9bdec02ad2e3c583eaf0ecfe37d27d57edd656c

SHA256
3f38fd920efca9f1bd41e4deb512dc3192895a6d9f0651eedf76134342aaf096

SHA512
022262c597416492f52cce286bbd270b72f7009b85f6d4814e8e04002675e3d9a81945b0e82580596b6b975166c6eb625467b63dcf1237b2cc1e74fb985483b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
dfaa3099b57f6450c1414cff179eacc0

SHA1
634e17d7aae72d117c3953d7c3430af25892e6d1

SHA256
aae738e0443c8a659395873ddaf99a87b807e30f79abb656de15ed7efbdebd29

SHA512
c39ac8ff2fa78118aa135546b4dbdd546ac6a92e8f292aa10ef66db97e7f0c6ca26da51326bc082108502cc4e3121a415b1dcc05e861e98963a7ae6a5e174a67

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
e44d9dfb181fe772ebd1880c61a9f498

SHA1
908cac263e7a6dea4f4e509da6d9f6675856b71d

SHA256
2f1ba12ceb7bbd4a0e09e6e75bde2a4ce50a2ecb750cd134341f2c353b83ddec

SHA512
84342915b27ec2b3d7efc2aa26d8e8a5b741a7e7feb7e5704e9bc8bf0fac8d0ddf27a3375070cc0fe28d99e1eebcb5ff45c56e820aa1ef351859a8e90769bc58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\397e5d81bdb71a423054f3b5524da80fc3c2e3bb\c22ebdad-6e60-4011-9da4-771d5c378e67\index-dir\the-real-index

Filesize
3KB

MD5
5580be217557daf028d0298d86b5aece

SHA1
975f39ebba8ff91fd9e6f38526333c5b8ba70cab

SHA256
ef1efd4a13f3a742cea9a478ef7c1463ae7055b86619a4c99aa7dea410bf6813

SHA512
f71a742a86317a342f5bcb9731eab20eb2383271b5df2704343785e8453aa82115faf4e72cd67795b0ae905795ba5853fb25c77d72f49206da639416e9448a97

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\397e5d81bdb71a423054f3b5524da80fc3c2e3bb\c22ebdad-6e60-4011-9da4-771d5c378e67\index-dir\the-real-index~RFe58991e.TMP

Filesize
48B

MD5
260dd3e5905357436ad082937adb846e

SHA1
840d3de6c611e8fc43fd4bb470a5c0e62616e8a2

SHA256
c6140052a9dc3bb6419a12284bd1cf7b8a56a0e987e4572c26a418d993b2bc38

SHA512
a4a6bfb5090796b4954827c8cfffbc1db7330e151cb691bae55df17d8541c2e37d3a24b1f1d67c6b8211fb79f661a537f1c39237849ee3a82678ba063f0ff598

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\397e5d81bdb71a423054f3b5524da80fc3c2e3bb\index.txt

Filesize
154B

MD5
7bf417ae0a6ffbc0a0dcfd618d14ea5a

SHA1
9990a53109a63aebb983b16c4ec9a91d9afe896a

SHA256
cb95881f2178c1589aef6effee2397f76e68fb39163a518ccacf52462823a273

SHA512
96bd98944bc09609e7a701a339744566a0e535deca4f2ee8e6be6ddb1c03978b564413d1e9f266d503991ba0704604d77d22859df94783e73f85c335e132bfed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\397e5d81bdb71a423054f3b5524da80fc3c2e3bb\index.txt~RFe58995d.TMP

Filesize
158B

MD5
38987f3f77ce072f5463e3e66b5c2a28

SHA1
961023b71b753b60cc46ec02163539d5c735eb23

SHA256
05db6a53542e074de4575075030b9a523eb3c51f848e1488e87de1292761ecce

SHA512
07457db3bc9a2c632adb2fd172c981df11c6c3320274a86e44fcac8ce9dc3b1664711e3c26b3764a7746f1f76d12bc4939558e277cd1fab7f51b7e109f6f75c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
0260cc588de971b805491d61d82f13a4

SHA1
df4dccde512069a69f0ce7ac9bc056c1b7e8341f

SHA256
6fc0239ffc18f366fd3c40db0ad9a38bbc9c6a9914fb43b62cdef5768ea1d78b

SHA512
44d5acf58446be772aad77425cb392adc2e278ec88d2da5bcedc3bd3c79af144e1aaa2038861c7df10d941b75b4f39c321ec70ebf2fa3b5bc6f05f66dbc61063

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe586f6e.TMP

Filesize
48B

MD5
1a42aba3e424e98308752ad694e61b21

SHA1
68bd4e7e5a06212745938966f5a046a5721f8f48

SHA256
5d96e58adbffeee499457914276dced27555e3159470c9a2ed46da6f374ce782

SHA512
3f8f2e8c68697159fdb388195c69206006f039519b5a223ffb03c9d348782de0fb447708ebd78b88f5c9cfaedd1f8a46ff60a68e268316699f1c7e791cb827c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
202KB

MD5
bd8290d61b3a34ed24a8234daa9a7a60

SHA1
2d82d92411dfa47cec0480a3c93ef26b0861edba

SHA256
5ffdcf8ae44146390966a77fc262080dcab6cc8b9cb9b9b98cfdc55be5223c5e

SHA512
9635e17f55acbb0df9f1a273fbd0edaa9b92b2371cc4bd355c7ad5f245986562a7cd2101417750ac32959554cccc303f375c5a8ea6092b25644668a3e9e404db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
202KB

MD5
c8356cc423019f3d0dcbb519c7912a74

SHA1
0f161da2c8b861bab90509dda8d278fb627ad1e1

SHA256
0f29c3c69857f760607274fd7207b01b6b747d90e511a28d9422459099aff96c

SHA512
ddd0045ff186b9aa4950b2710a364e5ef0ad00e214dce31626ff643e1933c502ade7025ac6db52695f38d5f375286dd331d08834e5658d6a12f9a71b60b6db1f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
102KB

MD5
42179629b0aa7188e71d32d9305572c3

SHA1
84fe093bf815077432d0145125db98e1221d486a

SHA256
b3823c6a1a85ee6e1f6403c5f99b23f82ef662534df625cd8231ea819910441f

SHA512
0ba178a41edc90a5fe02294d8d48e44fae2852a2fbbee7fe9ff5867c5658f0fdad3906a8b8ed45a6bb2c76980fc89d5c7b32c710e231400ac8f4471972d84741

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe582ecb.TMP

Filesize
98KB

MD5
d70abdb97b1a112aa2a5241be7047e44

SHA1
c5bf45a837e53e1033d3adfb7b13a37e46bc98a6

SHA256
380755493aff77dfa282c0be883870b41042e0ec34809d9e7aba3c956250dac7

SHA512
044cdf06f9042b2ee4a7e9fc13640fa9f9cad74760e6b747e3a87ca8d7faafd85fedffe262475b830ef92c1cfcb39d8cfb288d0db8dd289317bd4f2fcea5422a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
bf009481892dd0d1c49db97428428ede

SHA1
aee4e7e213f6332c1629a701b42335eb1a035c66

SHA256
18236c88bc4fe576f82223cca595133aa3b4e5fd24ebac9fd515b70e6f403ab4

SHA512
d05515ff319b0b82030bc9d4a27f0432b613488f945d1dae8b8dfe73c64e651eb39f4141a5d2e157e2afb43dd1dd95b6611c1003ac4e2e80511e6c5cd7cfdf11

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
b12b24caca75fb5595ad1da651ca3dbc

SHA1
f2beaf210a2a354487f7e3e8c6d85d9b1c9429bd

SHA256
174d1b90f2564eabb6198138d8a04d8ca2ef69321d0ac34fbbee47fe080c7f74

SHA512
e33cb44e84bdee971fb41d6693456771651c6084da1fc49e249ea3bdd05caa18ba13f09fb99bb323fbf3fecff433d0429b5734112289fd51f6bfc194df58da88

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a59d8c78a9399dce9d9111d6ed367197

SHA1
0d71e04f9ca38f1e11771bf5d05699e261d998a9

SHA256
1fa91339a1d11e9067f50581ea2ca8d83c7830b9748a9bb3e706624b77e77cbd

SHA512
ffe4a1bbe2249acff6c4a00b943b53c6db9cc3f3bff668b28ad5fd5479898fe1eca09f40f1b8885cc66f25bd3f812882ce1cc9497befc4f4882e0f96c5024ed9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
b390780181ebc4063d553cb8a03f34c5

SHA1
168915a65048b7318e4794e1cb21132f550a315e

SHA256
b9dcaf6aeae1b930ea329a004bcba30617d204cf6210d4e5e50e7712b130262b

SHA512
a341a571280381505de542950a7ab0ba1f757cbb74d5abb74210b2077733306877e0f2652a7750f8d7275ecb413cfa7167dfff11c0c57ae0d0d07ec7446642da

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
25ac77f8c7c7b76b93c8346e41b89a95

SHA1
5a8f769162bab0a75b1014fb8b94f9bb1fb7970a

SHA256
8ad26364375358eac8238a730ef826749677c62d709003d84e758f0e7478cc4b

SHA512
df64a3593882972f3b10c997b118087c97a7fa684cd722624d7f5fb41d645c605d59a89eccf7518570ff9e73b4310432c4bb5864ee58e78c0743c0c1606853a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
917fdc7c723d62032876c2003f5e9645

SHA1
bd854568242fb72c42bffe3fbf53eae121df6564

SHA256
4252e060d0fb9d8a9c6a597610a0804c60f69f70d450997bc1a7ff21fd7224d2

SHA512
cc928f9de6a2f441997f59223ef462a4f6295d889db167b9af040787afb84ccb5442c98af53ccbe15b455fec373f56cc8c554f97b507ab326c0700a9be761206

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\cf8ba749-5e48-45f0-a330-64ab22a02de7.tmp

Filesize
10KB

MD5
4ad6123e6f72ddd13c611ac53af227b3

SHA1
56e29c1bcffdfba9ffea71918a8b18cb465a0466

SHA256
b62109e0e12ed0317dc0f8cceecb0ef9e87f20c1d67404d4fe0d484d19526a5a

SHA512
c58bef008a54e21318ee93d0a286aa6bad7f993f81575e50d02a0b255afb367e709c405be0a1cf255c181232d7d11bc2c08fdfa29634dcc798ef27f86dc3fc11

Download Submit