hxxps://growth[.]bonnus[.]me/giftcards-bdev

Analysis

max time kernel
150s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
12/10/2023, 03:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://growth.bonnus.me/giftcards-bdev

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133415567234527239"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-919254492-3979293997-764407192-1000\{68B43DCA-8CE0-4838-9113-4D34330CDD49}	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2116	chrome.exe
2116	chrome.exe
4916	chrome.exe
4916	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2116 wrote to memory of 3796	2116	chrome.exe	55
PID 2116 wrote to memory of 3796	2116	chrome.exe	55
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 2384	2116	chrome.exe	87
PID 2116 wrote to memory of 4068	2116	chrome.exe	88
PID 2116 wrote to memory of 4068	2116	chrome.exe	88
PID 2116 wrote to memory of 2280	2116	chrome.exe	89
PID 2116 wrote to memory of 2280	2116	chrome.exe	89
PID 2116 wrote to memory of 2280	2116	chrome.exe	89
PID 2116 wrote to memory of 2280	2116	chrome.exe	89
PID 2116 wrote to memory of 2280	2116	chrome.exe	89
PID 2116 wrote to memory of 2280	2116	chrome.exe	89
PID 2116 wrote to memory of 2280	2116	chrome.exe	89
PID 2116 wrote to memory of 2280	2116	chrome.exe	89
PID 2116 wrote to memory of 2280	2116	chrome.exe	89
PID 2116 wrote to memory of 2280	2116	chrome.exe	89
PID 2116 wrote to memory of 2280	2116	chrome.exe	89
PID 2116 wrote to memory of 2280	2116	chrome.exe	89
PID 2116 wrote to memory of 2280	2116	chrome.exe	89
PID 2116 wrote to memory of 2280	2116	chrome.exe	89
PID 2116 wrote to memory of 2280	2116	chrome.exe	89
PID 2116 wrote to memory of 2280	2116	chrome.exe	89
PID 2116 wrote to memory of 2280	2116	chrome.exe	89
PID 2116 wrote to memory of 2280	2116	chrome.exe	89
PID 2116 wrote to memory of 2280	2116	chrome.exe	89
PID 2116 wrote to memory of 2280	2116	chrome.exe	89
PID 2116 wrote to memory of 2280	2116	chrome.exe	89
PID 2116 wrote to memory of 2280	2116	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://growth.bonnus.me/giftcards-bdev
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffe54439758,0x7ffe54439768,0x7ffe54439778
  2⤵
  PID:3796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=312 --field-trial-handle=1868,i,9818161266250897161,14481507489337667159,131072 /prefetch:2
  2⤵
  PID:2384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2012 --field-trial-handle=1868,i,9818161266250897161,14481507489337667159,131072 /prefetch:8
  2⤵
  PID:4068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2196 --field-trial-handle=1868,i,9818161266250897161,14481507489337667159,131072 /prefetch:8
  2⤵
  PID:2280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3028 --field-trial-handle=1868,i,9818161266250897161,14481507489337667159,131072 /prefetch:1
  2⤵
  PID:4724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3040 --field-trial-handle=1868,i,9818161266250897161,14481507489337667159,131072 /prefetch:1
  2⤵
  PID:3660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4904 --field-trial-handle=1868,i,9818161266250897161,14481507489337667159,131072 /prefetch:1
  2⤵
  PID:1948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=1740 --field-trial-handle=1868,i,9818161266250897161,14481507489337667159,131072 /prefetch:1
  2⤵
  PID:3756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5624 --field-trial-handle=1868,i,9818161266250897161,14481507489337667159,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:1220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5596 --field-trial-handle=1868,i,9818161266250897161,14481507489337667159,131072 /prefetch:8
  2⤵
  PID:1856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6004 --field-trial-handle=1868,i,9818161266250897161,14481507489337667159,131072 /prefetch:8
  2⤵
  PID:4588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5536 --field-trial-handle=1868,i,9818161266250897161,14481507489337667159,131072 /prefetch:8
  2⤵
  PID:3244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3876 --field-trial-handle=1868,i,9818161266250897161,14481507489337667159,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4916

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2020

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
185KB

MD5
a9673bd087b4e5e2cd21862f8b7d8054

SHA1
0854f56b37b3c7c3938ebdd75a79be32c94b281d

SHA256
d4226b650de255fdc92e6ba1b89181c445fa23e82e86a1de62059ffde35081b2

SHA512
3e919945421b284915da26cd49d55db1e4c5b0530cfafec936982e2b6f400e372b98df78d1f07813a473cf9f26699e9c1ffa555904d6d2b4fc819b2c202afaba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
4f74235faa83bbeee66e7c64a06f044d

SHA1
3524eb020a5f0562cfa52246985fc79d3f390bb4

SHA256
d4bd357c0d168215e8fa7e8d5ddf36cfb5c8458fe6aa011e1cae74ec1d52f217

SHA512
14c7f1b69883c81ccbf59cecd22294770a94e9a615bf3b358f5e419d868b88778be8a59929c5d9d07c8dacef47ec24562fc635336b47f8d0ca0be4c660555c56

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
08d615841a4a652240b969260cd0aab2

SHA1
0160591e60bde7ca451c10220be08028476ab942

SHA256
78252e877cf4cdd2ae11a093bdb49074b1be5525d5a1ecb99b074918e4df48db

SHA512
92db4c5eca6845b470778af495533007cb99acc860d7fc39a668efaa030b52a476af2b0b9180872603d67e60fb31826b84e49cff44cefdb4d191329a3111f6f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
1ab1fa0833364169e0f68fce1e5c832b

SHA1
2b36d0493759e7266279bbea3d72155d2d58528e

SHA256
5f827958a14e266767a68db0f5ff71fca5e93a9ed454dfd438052094fe70604c

SHA512
d7aee64c3b993eed0978c02efb7b28e3e519ad1250ee491fc736540fa7840608e2ce0ba320b5553f8e96e17209af69cdf6333cda826311ef53bab717bce4e037

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
345a85284669e94340c0832da98937b8

SHA1
b56ae20c3902c2bac4b3b47be45d62d4d8f41f52

SHA256
2888a578ddea04be2a4139f93da9d1a59452621719c3d4223f5710c73385d156

SHA512
f0e5e5c4ab0138eb3390765b1dcb907a2cd3ca9185d9dcc6c70fa4ac02513282d8592f426072a3451e08fa8e9f5d9473043ae28fd74f36c9c06632083e2edf1a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
20bf3a89f36609c724d0795d7fe06838

SHA1
70c26fe31dba6415d295381321be51aa37dd5bcc

SHA256
f262719f13532745773c21210115dde52091ac093acd9275dc5dee907e858c9b

SHA512
b9d10aa75248f3bd47ad0303b3f3226b05566185102c0c10e94291a286ddd36da38c43ea18ccb4fe85f276a3b1a5f9d65068c563a3dd0c0130db1ec377578819

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
8579f7d06c23cd55f434aba031e25f37

SHA1
b7a6b1a628d0da6ba00e951fa707e33929734abd

SHA256
268cf41ac4468b9e596d62bf9dc94faeacac782b0f2f223f736df3c5cfd4ed90

SHA512
ab23b1f3b6760a94fa0b8dd4d2940e4b654af8f8778707b805b96ba756e931b1c41dfb8cfcea0ee157f542c7df54012d89fc1d44ed141cbdbaf40d49f0658c52

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
034954f8802f623220dc30e97e052695

SHA1
ee32787908b2a39ff66213ca7ea77b2c45155806

SHA256
ab7abde60519d5a070de1ad4886a3f11fde95677deccdc8a2b3cf88aaee0c1db

SHA512
c45def06ee58d00ef7809054c4a33307628a55a59f7394f90131079b81500c060975586d43db3c4801ab99fcec64436469a099d25d375363b4199d908d3afe9c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
55dd66fa918472a4151adcc4deb98f82

SHA1
f574494f9d5e27c7ff517819a9c1aa3a413a100f

SHA256
8b46e44ac00cad750faea5ff9e635e98d94794c679ebf8edf7e4b2b03fb65dac

SHA512
7c0ae2b1b4028ebd9adb8799b2f6dafee86b062bfa8501995ab1e77ddd2543b6ac3513cc3c07b6dfa83c1d211ae85daf074a8c26262ac67b651840c47805b4cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
87707a92e8665b28b71bfb9b53412ecb

SHA1
11fd1a7490136528528d89e7303ab7f76387386b

SHA256
0cae161cc99c28d32ccebd64102baea1495ebc3f13e33a3951d1b71033661998

SHA512
4f849cc85afe5f31ab65cb633d5523534bdb9312eff09d5bdf16ac48940e7e67ebce1eea493c6907e03a66bbd6f8291bcfe6a1737b17581181b7a4a4bc9fbd10

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
7dc090ac3e37eda89e333471ede46511

SHA1
28f072e105d9abe4c6e50a64e16b1be030f0c1d3

SHA256
3241b2a0d039dbf564c9d300fcfe37ca4110717c0f2133f51d0a17ab9a92be69

SHA512
d8151b958e2148f0ff5bf20dce8a308512a7b7357c73f0c8d54b9388cf948a5f3c18cf629cc1eb1f5fcb6a55e342ed32f38d3160909da9aff94f5e94dcbd8a9c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
aebb2769beddc09a12ecc57b59366abe

SHA1
384492e83039db9a19cb4bc7b0f2ab875c7eb20a

SHA256
419eb01a4a06693617b5e4321aa9ac3b2c941f4c8989385e4356001e1fdb5618

SHA512
b5408409dc40dec4a38d8848071ab51837524047eb441e9f7b85d6d0f1c36a89b75443da2f639fc472cf8514b0aadfb4210c92d36b7f5ebb4c72e4ed7881d61c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit