hxxp://d1g1tal1v-n0t1f1cation[.]info

Analysis

max time kernel
239s
max time network
235s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
06/10/2023, 09:00

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

http://d1g1tal1v-n0t1f1cation.info

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133410564712694001"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1544	chrome.exe
1544	chrome.exe
5000	chrome.exe
5000	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe
Token: SeShutdownPrivilege	1544	chrome.exe
Token: SeCreatePagefilePrivilege	1544	chrome.exe

Suspicious use of FindShellTrayWindow 30 IoCs

pid	Process
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe

Suspicious use of SendNotifyMessage 28 IoCs

pid	Process
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe
1544	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1544 wrote to memory of 3332	1544	chrome.exe	34
PID 1544 wrote to memory of 3332	1544	chrome.exe	34
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4212	1544	chrome.exe	88
PID 1544 wrote to memory of 4428	1544	chrome.exe	87
PID 1544 wrote to memory of 4428	1544	chrome.exe	87
PID 1544 wrote to memory of 1320	1544	chrome.exe	89
PID 1544 wrote to memory of 1320	1544	chrome.exe	89
PID 1544 wrote to memory of 1320	1544	chrome.exe	89
PID 1544 wrote to memory of 1320	1544	chrome.exe	89
PID 1544 wrote to memory of 1320	1544	chrome.exe	89
PID 1544 wrote to memory of 1320	1544	chrome.exe	89
PID 1544 wrote to memory of 1320	1544	chrome.exe	89
PID 1544 wrote to memory of 1320	1544	chrome.exe	89
PID 1544 wrote to memory of 1320	1544	chrome.exe	89
PID 1544 wrote to memory of 1320	1544	chrome.exe	89
PID 1544 wrote to memory of 1320	1544	chrome.exe	89
PID 1544 wrote to memory of 1320	1544	chrome.exe	89
PID 1544 wrote to memory of 1320	1544	chrome.exe	89
PID 1544 wrote to memory of 1320	1544	chrome.exe	89
PID 1544 wrote to memory of 1320	1544	chrome.exe	89
PID 1544 wrote to memory of 1320	1544	chrome.exe	89
PID 1544 wrote to memory of 1320	1544	chrome.exe	89
PID 1544 wrote to memory of 1320	1544	chrome.exe	89
PID 1544 wrote to memory of 1320	1544	chrome.exe	89
PID 1544 wrote to memory of 1320	1544	chrome.exe	89
PID 1544 wrote to memory of 1320	1544	chrome.exe	89
PID 1544 wrote to memory of 1320	1544	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://d1g1tal1v-n0t1f1cation.info
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffccb4f9758,0x7ffccb4f9768,0x7ffccb4f9778
  2⤵
  PID:3332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1260,i,10899751159084256604,8630237757252082455,131072 /prefetch:8
  2⤵
  PID:4428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1720 --field-trial-handle=1260,i,10899751159084256604,8630237757252082455,131072 /prefetch:2
  2⤵
  PID:4212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2212 --field-trial-handle=1260,i,10899751159084256604,8630237757252082455,131072 /prefetch:8
  2⤵
  PID:1320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2988 --field-trial-handle=1260,i,10899751159084256604,8630237757252082455,131072 /prefetch:1
  2⤵
  PID:1492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3004 --field-trial-handle=1260,i,10899751159084256604,8630237757252082455,131072 /prefetch:1
  2⤵
  PID:1224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3696 --field-trial-handle=1260,i,10899751159084256604,8630237757252082455,131072 /prefetch:1
  2⤵
  PID:3520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5228 --field-trial-handle=1260,i,10899751159084256604,8630237757252082455,131072 /prefetch:8
  2⤵
  PID:5016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5300 --field-trial-handle=1260,i,10899751159084256604,8630237757252082455,131072 /prefetch:8
  2⤵
  PID:916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3348 --field-trial-handle=1260,i,10899751159084256604,8630237757252082455,131072 /prefetch:8
  2⤵
  PID:4148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2740 --field-trial-handle=1260,i,10899751159084256604,8630237757252082455,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5008 --field-trial-handle=1260,i,10899751159084256604,8630237757252082455,131072 /prefetch:8
  2⤵
  PID:432

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4024

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
90945e276b688789adbc191c527f8514

SHA1
1fc4e0ed0a8aa81455f631215151261a0d63e24a

SHA256
e1c2f7587851949723bd0ab535aa96daedd74ea5f24f000a4b1cd69db65a6f78

SHA512
435b3c35824d0aee00712f983426118c963aa71ad7ad2a2958629d4911b55f131065abd92831e55f45696d92c406b75edf652deae2b0107d76157ce8c00b84ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
240B

MD5
4edfd56e6b4febb103e1c480919f1bc3

SHA1
8d8752e3f514b2c2eb8a80b64408b317ad1ba2ef

SHA256
90697b398020f3a6e451bd27d299d2aa12d3e0c038ff24829bc0cec691559a5e

SHA512
365b2a1aca730098d44587db0ef3e34e03d2b4abd66cf0db502acafe3884b584b7e7ec9982c16c934eb2cfdbc0d85d9bd3c5a2200a0303333c9b6835e443998f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
18c139f28cb467a7795fefc5a6f690f2

SHA1
26e8b4472fde625b5f30dd88b35d3b72a674e31a

SHA256
84dee1fec337895f55f1cf89ac83d4f4eb7773f4c7f61198310e3d76969f6f56

SHA512
6192bbfb9bbfca7b990a21b27b58ee8629acfcd3806271e7b6a47e09ddea0aa2174c29eeb95f457501c20b40dd95f34b45e0d20b9cb12536e3f585a132ea7269

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
90c2ae83de39594a5e251e433b10b8cf

SHA1
61db191abdc7b05b44c7efa1fa9ac54ee0fdae1e

SHA256
293e5d96ae07289c614b20661433c3415d074c9c6295e7776b4cc32aa19d6664

SHA512
baeb61358376e0ac6531864f6d8ce13342a0bea10a98ddc28d7d349b2e1fffe3e9ce9cf581c177ede3983c805cca8e1dd9b764d9b5f12c37e3f01231e026d460

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
47490bed973fbbf3b777ba94930fa761

SHA1
a01801cba10543f0a39e7f4471233b8e6280fdd8

SHA256
bccfe8d9a0672e56ab78029b7a0b862736e254eeae1886536a7ccf0c5fc11af7

SHA512
0e690eb62a66dd4e3dce48bb67605f447e0dd44b9711e4658b67c1a82cb4165fd06d7eb464887341e71d955c8bd687a5930120e8335298201606acdcc2d35b53

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
55b4585b5f238415b1323c852f712c17

SHA1
6c080267db6e03ab25142b48b5d62a093c136851

SHA256
d6861cff6d2311772f0b9f61ff19623f6cab70cd856c5b82ad7e9358361a4505

SHA512
ce0a3b901c422859818ef055f17a8a58b62cc1d69b48b04ff132571a168536a69694b6aa38194ad7b39afd7939f9cbe26611616fa65f90480d40bc584dde90f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
7f228cd0af65ab5e31fea18a27b1785d

SHA1
9adec494d8553492d69d6d224d77d51cd4b239a7

SHA256
ceabbaa344a129860654228e8dc6c8e61dda9b68d60aa436519b9ec49602b4e3

SHA512
2b453f6071ebe671ea7a21a97798df7529b5e6968e992ea7cbb49c284919a96418112770d484e8fae498d07315e3a24d3f9997b126e37eab82ddb4d14300c03c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
62e6ce8d9ba43eaa3b702e989f3d62f2

SHA1
f8de6f4ae323b802867e79a4f76a606addc56c75

SHA256
33876b2741da2b43e2bd8ac8a66cc5cc2c62ce51361d8c38cef33402caa1029e

SHA512
2e78238fa06d2ca4c157e394fc6b7bc92c7d7281b3abcab6ea7fbdcde94af96253706a9ff224e6ead23a11150272275e99afebf716d9840a51ab9dab5c05e8d5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
8cf5cae1cf546a78f9d1744e6989da4a

SHA1
1132e9d0e698dc2a730f5b73ee827a0b3f24aa20

SHA256
9dea04de08f5afe52dd74739abfcfebe1e45aa999d7d21bf6fc34ff14fd9cedb

SHA512
34cda2680a542fdf2a34f47dfedb9f8b826b1737569056a4622d54695a81b65e85733b6be87d65bcff97c1107d4cab54512801c2d01e038e6528322ca9010abe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
304fff6b59b51c8cdcc31be48d38dd53

SHA1
8c85cd50339a700bb46ea12364124922c7a0e9ec

SHA256
b834fdeab3b88ed784841f562456580d51d7f4aeffbf5ea0e351d0573abfea03

SHA512
ccdb1cff797944e246670795432204fcc93e8b83c71d468d0a78bfa8470a4275da20fc52498f4455278e8106dac7b0e2df983bfa8130dc0264ea9ee7111f4821

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
39349eb40bc349e714c14c3368f334b2

SHA1
d20671300c77aaeb5555f4d6f56a42a22e374ef1

SHA256
3a466cd5d71be82a8ef3107582fea74fc72625ee139703a1d673653850c44093

SHA512
08ae4da430db54b9e7f0cb249af2ac3b2a1b506f1fce9f718d44d70e07b159135b3f5d7af934b9ee6fd0c2637e5c1f759d242a0c6c1a3fa574c639729910f032

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
105KB

MD5
2af4b2085997f1f92514db034484517a

SHA1
9b5f561277fb7738939d0994837eb954e86c5be0

SHA256
a29aae8adcf1b02f020f14103737b753cfbccfa79d8924632ee5bb6c7e4c982e

SHA512
eb837c999fce3c3e1a2f36db92461da90e0559ab4bfa1f5d3c132099d229e9615cdb4ef4ec14eeea605ceb3de3c6fc0f32ecec86688634282c007e7d177561f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
107KB

MD5
c8a424afd8d0006821b82e32736ea121

SHA1
85ea5ed2dd65640a6bc9b7e6a15c44b11c42ba64

SHA256
068625bef1df81539fba292d48c8b3f0682b90a011c38198ccb3ebfe2779d9e4

SHA512
93852140ebf68f65c755b2d112af934111a74f554a20c8e971adbd01ef502d607790d0bf3ec01a9c3ff8ce451db6edd355da8f5880763d715f2371039520e5a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe581364.TMP

Filesize
104KB

MD5
04a6bb9558ab25eae49a2b01ef0ab440

SHA1
52a6d6b8860d63ecff2d7789589a6a3076443e63

SHA256
d6ba002d8b48d3c07c1b3b343e2accabeeed1becc8741b3f3d75b48dd6da1307

SHA512
eb8dadba1aa02d4169b3922d30aa6cdac84377d70ed2133a6f7e02586a272dda80ca1c5f352d4bb1f98e0faf6c333b117c2d359cf060140c5824514e496966a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit