hxxps://p[.]dtns[.]me/t/64ba907f319a123e12f61b4b?r=http%3A%2F%2Fwww[.]lauralu[.]fr&l=64e2fd648c40b0ebb695d1b5

Analysis

max time kernel
150s
max time network
158s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
13/10/2023, 05:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://p.dtns.me/t/64ba907f319a123e12f61b4b?r=http%3A%2F%2Fwww.lauralu.fr&l=64e2fd648c40b0ebb695d1b5

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133416474612146664"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
1392	chrome.exe
1392	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe
Token: SeShutdownPrivilege	2712	chrome.exe
Token: SeCreatePagefilePrivilege	2712	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe
2712	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2712 wrote to memory of 1072	2712	chrome.exe	82
PID 2712 wrote to memory of 1072	2712	chrome.exe	82
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 1588	2712	chrome.exe	84
PID 2712 wrote to memory of 4108	2712	chrome.exe	85
PID 2712 wrote to memory of 4108	2712	chrome.exe	85
PID 2712 wrote to memory of 1464	2712	chrome.exe	86
PID 2712 wrote to memory of 1464	2712	chrome.exe	86
PID 2712 wrote to memory of 1464	2712	chrome.exe	86
PID 2712 wrote to memory of 1464	2712	chrome.exe	86
PID 2712 wrote to memory of 1464	2712	chrome.exe	86
PID 2712 wrote to memory of 1464	2712	chrome.exe	86
PID 2712 wrote to memory of 1464	2712	chrome.exe	86
PID 2712 wrote to memory of 1464	2712	chrome.exe	86
PID 2712 wrote to memory of 1464	2712	chrome.exe	86
PID 2712 wrote to memory of 1464	2712	chrome.exe	86
PID 2712 wrote to memory of 1464	2712	chrome.exe	86
PID 2712 wrote to memory of 1464	2712	chrome.exe	86
PID 2712 wrote to memory of 1464	2712	chrome.exe	86
PID 2712 wrote to memory of 1464	2712	chrome.exe	86
PID 2712 wrote to memory of 1464	2712	chrome.exe	86
PID 2712 wrote to memory of 1464	2712	chrome.exe	86
PID 2712 wrote to memory of 1464	2712	chrome.exe	86
PID 2712 wrote to memory of 1464	2712	chrome.exe	86
PID 2712 wrote to memory of 1464	2712	chrome.exe	86
PID 2712 wrote to memory of 1464	2712	chrome.exe	86
PID 2712 wrote to memory of 1464	2712	chrome.exe	86
PID 2712 wrote to memory of 1464	2712	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://p.dtns.me/t/64ba907f319a123e12f61b4b?r=http%3A%2F%2Fwww.lauralu.fr&l=64e2fd648c40b0ebb695d1b5
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc92409758,0x7ffc92409768,0x7ffc92409778
  2⤵
  PID:1072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1672 --field-trial-handle=1908,i,5849450584804097535,13972130346631655871,131072 /prefetch:2
  2⤵
  PID:1588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=1908,i,5849450584804097535,13972130346631655871,131072 /prefetch:8
  2⤵
  PID:4108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2220 --field-trial-handle=1908,i,5849450584804097535,13972130346631655871,131072 /prefetch:8
  2⤵
  PID:1464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3004 --field-trial-handle=1908,i,5849450584804097535,13972130346631655871,131072 /prefetch:1
  2⤵
  PID:4384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3028 --field-trial-handle=1908,i,5849450584804097535,13972130346631655871,131072 /prefetch:1
  2⤵
  PID:4980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4980 --field-trial-handle=1908,i,5849450584804097535,13972130346631655871,131072 /prefetch:1
  2⤵
  PID:4456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4864 --field-trial-handle=1908,i,5849450584804097535,13972130346631655871,131072 /prefetch:8
  2⤵
  PID:1500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5332 --field-trial-handle=1908,i,5849450584804097535,13972130346631655871,131072 /prefetch:1
  2⤵
  PID:1344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5588 --field-trial-handle=1908,i,5849450584804097535,13972130346631655871,131072 /prefetch:8
  2⤵
  PID:3836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5180 --field-trial-handle=1908,i,5849450584804097535,13972130346631655871,131072 /prefetch:8
  2⤵
  PID:1768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3896 --field-trial-handle=1908,i,5849450584804097535,13972130346631655871,131072 /prefetch:8
  2⤵
  PID:2860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3892 --field-trial-handle=1908,i,5849450584804097535,13972130346631655871,131072 /prefetch:8
  2⤵
  PID:716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4412 --field-trial-handle=1908,i,5849450584804097535,13972130346631655871,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1392

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4344

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x514 0x4f0
1⤵
PID:1812

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\669c2cc4-fd34-412b-a96e-447b2dc56add.tmp

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a

Filesize
183KB

MD5
7f529c2ef4e90c2fe7b09ada4f85f4f1

SHA1
58b9e4de7b4a1e549a17cb471541ed330a61781b

SHA256
2ebaeac31ed41fbe24fc07bc3b0fb4043422a790e356a5f38c82b125e3451827

SHA512
bcf6ee7711e5dbf1943dcd133e675006d574e3959761cb1007e69b8299c5d3a8435324427b402f65b0feb3374b625e2959fcb321b67ddbaae36c5ffcb74dcd0e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
896881c8375b120edebbcb5123265b43

SHA1
5993239c35ac1ec40a3e6e84694a9e706431a92b

SHA256
13cfbba2e74766a69cdf95d024d68a5c7714dc93209a96b1bb613299bedefc0e

SHA512
c422002844044cdd883265768244ded32ea2ef4ffd06cbc686160d964429cd85d9bffb5ab968c530a4f8c92611468ebae29dcbc13068c1fe434ed50a64ee3034

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
904f1c24053badc0120db74524679236

SHA1
c840ce8956c7425bee1fb664d38fb3af119a6f9b

SHA256
5390b59d13671bf7856072ddfa00a219dbe44fa6099b21c441df6f198cc52144

SHA512
32d675ad1ecea80c3a575af81d47b51b873a4bf7926f3adc69ecd577f03352040360d17c4873ee0da35859908a061ac1a7128aafdb118cf33a2eeb4754f261cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
1d3b0ac6943943e6ad33ab46a7a7d3d7

SHA1
488597b5a59338bb243b7ae2f790133eab207c3a

SHA256
fd623bbb05222979ea8380168be7ffe16e4d9fca1ea81245cf5f4cbe11864faa

SHA512
ba0113336ea30a804c049f1aea6ccb4ef07e2062b530ac4483e51fab899f590958eab65f18da783bd1d02a7416ee40fc0111d9e627a059804976bec68effec9e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
150fae51f0abf3e4fc2c98ad540fd0d3

SHA1
c4185bd0a7dc089b9c426f461c9a4e7b15394f3a

SHA256
f065d411541fb25f0d3447628613df70e16db35024ffe520a6ebf2f0cfa158fe

SHA512
2171af6dbbdeb7cf2a0f9f0a9e2f645f55d014041724005c5904196fa660e2fb353e61203b77c829d3528735e773dc1f2c826dbd8898c0f4dcc00a98986406f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c38ac116f7ca9902e2c17835d9a28ab8

SHA1
4f499128d8d8a33b05f0943515244e3c1abce1a5

SHA256
9cfd3aba4aa66519b3c9dd137af4451f15aa7dd3fecc7b6ad16b450176bb976e

SHA512
26b2d4d0dbe6fe66a30278fe055cec4ca90af11c17d5bb5d1716abb9d0109bdde8809781b620f94eabbdd7acdd0e368c89657ba673294e7d9d21e26573083243

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
53ad052118301c55ff5a80e3ef8d9f4f

SHA1
646cebf711070553203b6e42a960b57e383576e8

SHA256
c0e309f3471b535fc696083ffda2cbad66d0bf2a3c32ef1bbe41414c1192cfd3

SHA512
136ca373e076e3311830a474200fd438524851f00bc899266147f3395f0d19de698d897cad0afab0153b860530d22bcb389e9ae4bfa903f1390e122061b19b5a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
357deb0cb389b949ec3dff0522481f20

SHA1
76fe67c47d03279c2bc5d3011a0b5ca770c1ab77

SHA256
481d69245994e301210c1b75b0736b4699ea03c041c7708d40283701754cf312

SHA512
5fa5d49aff475adaf74a3ed3838dde1033b3e2f4081005e6fc7e61ece99faf908a42bcf5c7bc29fb5de82d3fa66d3fb66779083d883dd5cacb4937e28c1aa1e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
43a1cbf16c100676a6c632c8840415e1

SHA1
68ff70c5adf81d98c9137487fa31802bb8c70fd0

SHA256
3a126f6af89bc731ba540c424709589e5dcbfc9453246057e564f9315379276e

SHA512
1643c0f0497702571d7383703d5f164e1ccf862e6bb1ae270f3b8dfc3fcdfc611889879037e5c2b22f23beaf4f426d31f5309fb2d1256c20e1fb418d7e3ae5dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
27ce712a70d92be471702c084fb7abdf

SHA1
79a28b26298a3c67c73657ea3495449718869395

SHA256
4507a22e0693ee75c1e7dccf393ccf1f507a67a34d272e4134cd0faaa37e4850

SHA512
6f8d66931a3d89c35f62a17c9e1a9e16e617ae0dc03086e6e3ce34e46fb155756dcd8178a9b753c0fa498af4ea90554f49e19c48dd9495243a11c8731c3dd503

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
104KB

MD5
1f8ade0ac55cca437b65b90104ccf05c

SHA1
61f38a73bb3b874ab8a4314e913a812693135697

SHA256
4478d07b6f71c8ba4f268728953e5b01aa9036fb8ea8a7d9f628c1ada3054bb9

SHA512
6947fe160dbe77792cc76979457fa251f7267f576c6b104fa34db44a016d72ab703ab7bf027c5f5a7ab3cd81d342cb5aa0eb448d4e696bb1618b77b7e28b934b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
103KB

MD5
2400cd00b9c7a17cb2e8001d80680185

SHA1
eef57d1d1a0ddb25ee82eec7c77b1492900d286d

SHA256
24bb405f6ec150d9fb01949130fe5dfa38dd8b9f731a65e18b584c4dc4d03270

SHA512
1a80bd6aab625c9d9474f2ea33ad735e69d99c38c6316079803fac4895305e4e926e83b5c25c16cd57b0555c3978cb871f43b93e0aff5599775cf9a6c52c7b90

Download Submit