hxxps://login[.]allmas[.]com[.]br

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
06/10/2023, 03:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://login.allmas.com.br

Score

5^/10

microsoft phishing

Malware Config

Signatures

Detected potential entity reuse from brand microsoft.
phishing microsoft

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133410375208966300"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3384	chrome.exe
3384	chrome.exe
1048	chrome.exe
1048	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe
Token: SeShutdownPrivilege	3384	chrome.exe
Token: SeCreatePagefilePrivilege	3384	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe
3384	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3384 wrote to memory of 4224	3384	chrome.exe	65
PID 3384 wrote to memory of 4224	3384	chrome.exe	65
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4156	3384	chrome.exe	87
PID 3384 wrote to memory of 4204	3384	chrome.exe	92
PID 3384 wrote to memory of 4204	3384	chrome.exe	92
PID 3384 wrote to memory of 5008	3384	chrome.exe	88
PID 3384 wrote to memory of 5008	3384	chrome.exe	88
PID 3384 wrote to memory of 5008	3384	chrome.exe	88
PID 3384 wrote to memory of 5008	3384	chrome.exe	88
PID 3384 wrote to memory of 5008	3384	chrome.exe	88
PID 3384 wrote to memory of 5008	3384	chrome.exe	88
PID 3384 wrote to memory of 5008	3384	chrome.exe	88
PID 3384 wrote to memory of 5008	3384	chrome.exe	88
PID 3384 wrote to memory of 5008	3384	chrome.exe	88
PID 3384 wrote to memory of 5008	3384	chrome.exe	88
PID 3384 wrote to memory of 5008	3384	chrome.exe	88
PID 3384 wrote to memory of 5008	3384	chrome.exe	88
PID 3384 wrote to memory of 5008	3384	chrome.exe	88
PID 3384 wrote to memory of 5008	3384	chrome.exe	88
PID 3384 wrote to memory of 5008	3384	chrome.exe	88
PID 3384 wrote to memory of 5008	3384	chrome.exe	88
PID 3384 wrote to memory of 5008	3384	chrome.exe	88
PID 3384 wrote to memory of 5008	3384	chrome.exe	88
PID 3384 wrote to memory of 5008	3384	chrome.exe	88
PID 3384 wrote to memory of 5008	3384	chrome.exe	88
PID 3384 wrote to memory of 5008	3384	chrome.exe	88
PID 3384 wrote to memory of 5008	3384	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://login.allmas.com.br
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb91bc9758,0x7ffb91bc9768,0x7ffb91bc9778
  2⤵
  PID:4224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1812 --field-trial-handle=1904,i,15291439833673895869,5696944339374094637,131072 /prefetch:2
  2⤵
  PID:4156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2212 --field-trial-handle=1904,i,15291439833673895869,5696944339374094637,131072 /prefetch:8
  2⤵
  PID:5008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3028 --field-trial-handle=1904,i,15291439833673895869,5696944339374094637,131072 /prefetch:1
  2⤵
  PID:2444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3036 --field-trial-handle=1904,i,15291439833673895869,5696944339374094637,131072 /prefetch:1
  2⤵
  PID:4972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1904,i,15291439833673895869,5696944339374094637,131072 /prefetch:8
  2⤵
  PID:4204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4996 --field-trial-handle=1904,i,15291439833673895869,5696944339374094637,131072 /prefetch:1
  2⤵
  PID:2296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=5020 --field-trial-handle=1904,i,15291439833673895869,5696944339374094637,131072 /prefetch:1
  2⤵
  PID:2420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5136 --field-trial-handle=1904,i,15291439833673895869,5696944339374094637,131072 /prefetch:1
  2⤵
  PID:1928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5584 --field-trial-handle=1904,i,15291439833673895869,5696944339374094637,131072 /prefetch:8
  2⤵
  PID:4772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5708 --field-trial-handle=1904,i,15291439833673895869,5696944339374094637,131072 /prefetch:8
  2⤵
  PID:3084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4600 --field-trial-handle=1904,i,15291439833673895869,5696944339374094637,131072 /prefetch:8
  2⤵
  PID:64
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2708 --field-trial-handle=1904,i,15291439833673895869,5696944339374094637,131072 /prefetch:1
  2⤵
  PID:4588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5884 --field-trial-handle=1904,i,15291439833673895869,5696944339374094637,131072 /prefetch:1
  2⤵
  PID:744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5008 --field-trial-handle=1904,i,15291439833673895869,5696944339374094637,131072 /prefetch:1
  2⤵
  PID:564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=6132 --field-trial-handle=1904,i,15291439833673895869,5696944339374094637,131072 /prefetch:1
  2⤵
  PID:3720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3808 --field-trial-handle=1904,i,15291439833673895869,5696944339374094637,131072 /prefetch:1
  2⤵
  PID:3904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5612 --field-trial-handle=1904,i,15291439833673895869,5696944339374094637,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=2416 --field-trial-handle=1904,i,15291439833673895869,5696944339374094637,131072 /prefetch:1
  2⤵
  PID:4688

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2880

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
185KB

MD5
a9673bd087b4e5e2cd21862f8b7d8054

SHA1
0854f56b37b3c7c3938ebdd75a79be32c94b281d

SHA256
d4226b650de255fdc92e6ba1b89181c445fa23e82e86a1de62059ffde35081b2

SHA512
3e919945421b284915da26cd49d55db1e4c5b0530cfafec936982e2b6f400e372b98df78d1f07813a473cf9f26699e9c1ffa555904d6d2b4fc819b2c202afaba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
7d83db1e0cb99814cbdbb6da77238350

SHA1
18722d6dfe27c25debaa7af5d6fb8f9252d9edae

SHA256
8ba261fc2cd2dd98e4e8a58442d3f492be16f4a71f4b17007a35328603bb8b40

SHA512
afae095fd53cd58ef0d20d93dd1e4b7323cafffc23dbebee3d84066527eeef58b243cfc7a3920d611eacddaed0c8a6efcbf7caba573b675e2b48a7ffa8179fb1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
480B

MD5
cd9e1ee9cbbcab525b69c848c55ece1e

SHA1
d9ef2820cd242b7dd09fec305130e491c07bdafc

SHA256
e125b7fd1f467156beb5e5ad85c0fbee46ca14cfaf2a9349143889383cb68a20

SHA512
111d0a05694e8edcfb6e0a9122cdcc06f418b890783b740bc69fcfc80825987f90174de7716b250ebd85f9b8f2e5304422d59ae024a41c88ef79af23d6ac350c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
76627fed2019d3f89423e501031ac774

SHA1
46848ed42e15da3504c5fb8ec1a0b8bd364de628

SHA256
99a07c9c2e509d8ab7d26c1225196c44b666549bdb5b2bed80b3de554a902749

SHA512
32a73c94497ac088d5a54a45ba9062a12834dad8f6c30ce1096db77c6417e9115696e9c3dc4a96e6d0b3f9bf808be66f2d6bd5f6d060f508b7f7b733bf3016fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
89646e36ec6a2ee54e5e033742468485

SHA1
084dd8d2441e919d5916524392517a6e14861ae0

SHA256
8e20a5c5756dd2da36974667c4647b60679aee58b04507ad040d3e9374f1122b

SHA512
824eb38cbf770725c3a9b186be21d93610bc1adabc6182c442cd2fd0d01126f35bd5790de1582d81f74f91ecba497e553993d77c421383c42ec758c95ba057a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
d0304efa805d32d7b4e758767ff1b818

SHA1
7d22da0dd0ddc3ebe9fe8e89ba16150054344f40

SHA256
41da4b901d6fb40a824b85c18d9ecd83e110a1f89db779251106d49b08383fe0

SHA512
ea0705c497e33b7402db21de0f70ad83b21a2a7e20ef388d987fe82b66b1c22ac36d931dbc14b0d78f70d38f2ef95032650a822f4e451d6cbd709fceba33bdc2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
5902c5b82750d00de8e80d4fcce16efe

SHA1
4bf008ebc01f324d1c2481d3c934c0584b505d75

SHA256
3160bebd436168136a3416861155a1abaf733fb032c3b546201d7778b7541f30

SHA512
81ed3842d151f25307b21a0200b009ed55155302a418ae5974b60d43924e2edc3b923afcbaa1976dc81ef345dedf8b297863c4cf57f669038cf70781652abc8e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
538B

MD5
689a539b9bd7b9e9efa502bb3cfd4f4b

SHA1
262ae977f22675f42b7b5c3204ec73e5e225706b

SHA256
2347e7d266060d28b4687fda04c3eee2f1c7ac92aa01977b066056bdfc71bbd0

SHA512
d27fc7906dddb1c7acf2e6ef8cdd1cc3ae2cdb258e6ae6b978b39306aed567f74af59b89ef75bf4156ed6274890dba8e0daaa5d58f204c7ba265dc863cb56262

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
df8bd43970cd046b6632a658c7447a35

SHA1
fa417ff21b23cd99460efbe97657b9bcd949e453

SHA256
e1ce64b5fdcd9aa7d191db8c66e783aeec39ff3a4214e97c0baf65e9328581fd

SHA512
3530f7271888e4e6dccc56f937a058fbcfed8d9c2913cd2c3fd41cc64faa2658543d9fbb15b69a3892d9af90f929dc7a7b9d88163772d5ec4d1b466b90f5dbe8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
74f1ce6f20dca1c4fd3c654588c572e5

SHA1
92fab785a97b0c89955acc3879603e18f19dd506

SHA256
5b41a7f833a04c162e692e485aaf21210fd8c20c8ecf0f1235723b3fca5ae705

SHA512
82d962403ee6b147bb1417be1b22f6081d332f4cca6a0219bb519128e06764409845228fd02a13782145d93ea99e6bb01833f7f51f35fc9574373d9a403a79f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
dc9ba96cf8607feb1592122f1e807642

SHA1
b4c22b34ca392401ed220927a7d7d188dcff35ed

SHA256
b924acc17e44fa152563510a98b1b5ae95cbd3e0d75c77f7c8b924a3c328ccb8

SHA512
c9ca7d13305f00c833930c0ed62017cfd37ee52dc03d300664d626ea7ce5dd5be0c78d288d6da78587772be0abb8f6c39f233736fbe35e0a0e46c07aaf6095bd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
014f69374019fc014a5d6ea5fa3c63b4

SHA1
527f7be6b9d0ea28952cbe7119ce9254e1faca03

SHA256
aa7fed1bb7986956d99dd98f4927e16308002634f23f8108301438e035b7c931

SHA512
cb0297dc0e93ee14bc155b73be98a7400f88964d5c68f3e874f2e8d6baa4dc3b223950b98886d417d8d1e5dffe0a215a9d6cccb01f68fe6bc9e6988cf3420422

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
e8fceb1ad66b7fff63e3517641596227

SHA1
9f2e46eb4cb30f26a4299972a93bdd5dae0103dd

SHA256
80f76cf06eb3e298ba4e465b148b6afd5cc5b78fe8ab6c10987cebde9229fc00

SHA512
8cca9f8772dea7fca3fcfbb86302685f0de9c5a8984e0c47969d9b0867707807272f44a939dd70273357d8a344c4c890fa92e81b3fe28949e378de926f24e4ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
0f72687bef01d252ea004a9b78834f1b

SHA1
e76f3c2ce7bd7775e621bcdd4d7f668d39fb5dc6

SHA256
d8db2b8f10dc7f4336b56ff1c20d7b2ab810cf0b6198f70d7cd0e3ed34bc462a

SHA512
2380944772786ce4e1723c1eb96925157f7f53ca59c79aad6292f15146560d86055b2efe582b64f96ceba3b57c35c6fac59b99e1a76ce60bfa52ea5d6c0d8b6b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
105KB

MD5
dbdc14606ca548601a6d1e93a749d7bd

SHA1
a17be09c3cc931c48a6af78319c7a5f32841e8cf

SHA256
f965cab0157f96c1b82951b2c6fecc54e4e0c8b09698118ff3541f6d45b3c9e1

SHA512
ee12c7777a15014fb99ff848e54db8e4c6d503c770b170e2e01432dc1b8c60d3c549f6934e8323de1b151178f1cf6db94973a875df803699c9fbbd47c18c1fc6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57ce1d.TMP

Filesize
103KB

MD5
d2442df0e7d48cb1c675fc6d4321e4ce

SHA1
b33d1f7c853d30bcae64217f3f81e1b5e23af9fb

SHA256
83dcaa8813aa54fe3619ff976e144cf22449eaab5f638c09e7f1d034378549fd

SHA512
8f32bf5a8982c530b8d94dad4785832f70be095548d7ae42bae48485986971eb9c46bc59d68f33aa105ecea761feae5214644de4bfd38b01e08ccd3d86d3c533

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit