b99f46719303b01670e0c6985bd12a5c784f9111194828dd95d5b8b8f19e51cd

Analysis

max time kernel
88s
max time network
91s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
14/10/2023, 11:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

My Logo.txt
Size

151B
MD5

c6777784baa6944ffead8d029f4f6e26
SHA1

40892ff670293575c7f7d766f392c26890fbfaec
SHA256

b99f46719303b01670e0c6985bd12a5c784f9111194828dd95d5b8b8f19e51cd
SHA512

ed27590d817acc53412eb7e6ae4723ab65ed59ae3f18dc27da724ef59b1767b93be43874cae5125a3da28354f595ef55eb2d5dc4237f79718af5a69e8a5b0244

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133417569528198685"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe
Token: SeShutdownPrivilege	3332	chrome.exe
Token: SeCreatePagefilePrivilege	3332	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe
3332	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3332 wrote to memory of 2452	3332	chrome.exe	91
PID 3332 wrote to memory of 2452	3332	chrome.exe	91
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 3652	3332	chrome.exe	92
PID 3332 wrote to memory of 4044	3332	chrome.exe	93
PID 3332 wrote to memory of 4044	3332	chrome.exe	93
PID 3332 wrote to memory of 2812	3332	chrome.exe	94
PID 3332 wrote to memory of 2812	3332	chrome.exe	94
PID 3332 wrote to memory of 2812	3332	chrome.exe	94
PID 3332 wrote to memory of 2812	3332	chrome.exe	94
PID 3332 wrote to memory of 2812	3332	chrome.exe	94
PID 3332 wrote to memory of 2812	3332	chrome.exe	94
PID 3332 wrote to memory of 2812	3332	chrome.exe	94
PID 3332 wrote to memory of 2812	3332	chrome.exe	94
PID 3332 wrote to memory of 2812	3332	chrome.exe	94
PID 3332 wrote to memory of 2812	3332	chrome.exe	94
PID 3332 wrote to memory of 2812	3332	chrome.exe	94
PID 3332 wrote to memory of 2812	3332	chrome.exe	94
PID 3332 wrote to memory of 2812	3332	chrome.exe	94
PID 3332 wrote to memory of 2812	3332	chrome.exe	94
PID 3332 wrote to memory of 2812	3332	chrome.exe	94
PID 3332 wrote to memory of 2812	3332	chrome.exe	94
PID 3332 wrote to memory of 2812	3332	chrome.exe	94
PID 3332 wrote to memory of 2812	3332	chrome.exe	94
PID 3332 wrote to memory of 2812	3332	chrome.exe	94
PID 3332 wrote to memory of 2812	3332	chrome.exe	94
PID 3332 wrote to memory of 2812	3332	chrome.exe	94
PID 3332 wrote to memory of 2812	3332	chrome.exe	94

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE "C:\Users\Admin\AppData\Local\Temp\My Logo.txt"
1⤵
PID:3216

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x128,0x12c,0x130,0xf8,0x134,0x7ff9f5e49758,0x7ff9f5e49768,0x7ff9f5e49778
  2⤵
  PID:2452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1832 --field-trial-handle=1968,i,6659900822793272758,3323266825421348518,131072 /prefetch:2
  2⤵
  PID:3652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 --field-trial-handle=1968,i,6659900822793272758,3323266825421348518,131072 /prefetch:8
  2⤵
  PID:4044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2320 --field-trial-handle=1968,i,6659900822793272758,3323266825421348518,131072 /prefetch:8
  2⤵
  PID:2812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3156 --field-trial-handle=1968,i,6659900822793272758,3323266825421348518,131072 /prefetch:1
  2⤵
  PID:1020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3324 --field-trial-handle=1968,i,6659900822793272758,3323266825421348518,131072 /prefetch:1
  2⤵
  PID:3144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3996 --field-trial-handle=1968,i,6659900822793272758,3323266825421348518,131072 /prefetch:1
  2⤵
  PID:3728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4740 --field-trial-handle=1968,i,6659900822793272758,3323266825421348518,131072 /prefetch:8
  2⤵
  PID:1860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4756 --field-trial-handle=1968,i,6659900822793272758,3323266825421348518,131072 /prefetch:8
  2⤵
  PID:60
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4772 --field-trial-handle=1968,i,6659900822793272758,3323266825421348518,131072 /prefetch:8
  2⤵
  PID:1728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5268 --field-trial-handle=1968,i,6659900822793272758,3323266825421348518,131072 /prefetch:8
  2⤵
  PID:4836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5248 --field-trial-handle=1968,i,6659900822793272758,3323266825421348518,131072 /prefetch:1
  2⤵
  PID:3212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3520 --field-trial-handle=1968,i,6659900822793272758,3323266825421348518,131072 /prefetch:8
  2⤵
  PID:3564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3492 --field-trial-handle=1968,i,6659900822793272758,3323266825421348518,131072 /prefetch:8
  2⤵
  PID:4824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3420 --field-trial-handle=1968,i,6659900822793272758,3323266825421348518,131072 /prefetch:1
  2⤵
  PID:4644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=2492 --field-trial-handle=1968,i,6659900822793272758,3323266825421348518,131072 /prefetch:1
  2⤵
  PID:2920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3464 --field-trial-handle=1968,i,6659900822793272758,3323266825421348518,131072 /prefetch:8
  2⤵
  PID:2356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3408 --field-trial-handle=1968,i,6659900822793272758,3323266825421348518,131072 /prefetch:8
  2⤵
  PID:1840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4908 --field-trial-handle=1968,i,6659900822793272758,3323266825421348518,131072 /prefetch:1
  2⤵
  PID:4836

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:620

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
6aa1738d479df2d3344bb26e4c5ece74

SHA1
821e10fd9031c8458080ed80f967a7ebb7a38915

SHA256
2f2a905555ff1bdfeb90d743a4b00d474fc7dcadcea3d6d48c6a48d3c29a21d9

SHA512
1c9f688cc5b34c03de89776aec66b0da956cf1afc62aaa4cd43794c04c6b9fd9ee2b2ee0da2d1aa040d4d9a1fe4a5cfe4ee0b81e5ebb41ed63a2b375d9a4c09a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
4fe81b4d31dfc223db33bddb54689ed1

SHA1
c5b027c30ba0731deed0849f36f2400154f153a9

SHA256
8fe6aaa49af6c84d11fb7b258cf0887aa14b7e5efc6f28d37c65d48a9bb747fc

SHA512
3cbf0f94bb6fd97ba2ddb0461c887069676c9aca1157a95a7c20b8572d6dcdc12338c66ac123d3ba9e506ab7c6fe48ba23a40422dcf1935384e39b52b1c26309

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
2ee56a9d4a410a22c4b394ca88441e88

SHA1
b9a032665d546ce6c448f9bf17c4c33f1987a5dc

SHA256
3f364ba6ed0d62ada9323dfe7300a6dfae548424dd17c812febf119c364a4ade

SHA512
862cba895ac3c1b1fa8610ec5d846a825ff262321eb71a445b5d71ddaa783de0e9096065d6665178e8e7c8d18d13dd60bde66b936ad904a81c5081a2b652cf3c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
b5b890507c20393b63ce33e8d018a358

SHA1
fd189945762659a808554435aabeaad1f9d8fa04

SHA256
63e9099896789057a149884509861c8faa4d9a96278d662cdba638fa042b7d07

SHA512
ee5e7772c0f383ec76ab981433a050fce4de12d7dc8bd46f7a3dc9a1ed9be98765251f484293055d95e97d1ec5d4a9f3fd4a65410c39d62244b01e386fe31828

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
7489564fc680b76f2df067e94fb7d544

SHA1
ffe7b8adcdd47f7deed616bcb60bfa2793d1ab3e

SHA256
59c86fec0dff8fe0f9ea01486a8b8d9b7e72547499eb8719326ba8d5aaf14de7

SHA512
d46ab95009fc67a37b3500b1512346b6239e3ac6d4b8b63c9dfdea6477450385b533ae16c01eb7411fb014f6f1ecc558451c170d67ca6fb39455959fcd85b0df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
3a533ea173368f486b094d1618e820f7

SHA1
a453eb4b24a6724e414f4a5ada1c5ba73c38e109

SHA256
5709920a42208b5336e41016843c1197674709e809ac3752d82a3b0155302d64

SHA512
aeeb3b4dba5559c1392bb37d43f37e56b1a98fa8e386ff8676692f1c010b64a9c3e465b3597a722153e560ef7d45743e47824b36f2ea572edac2f3275826ce82

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
551bb0e69395e85c7ca88a5c1a4a3976

SHA1
d8718da3bbc55e7d82a2cfcecefd81c0251d494e

SHA256
51e045c13299d3809a61eeb9ea30137fd5cceb9051393429010c58ac9249c03b

SHA512
6fb71fa650ccf93e304738947cc31dd90cf7bcb0edb3b4f3d8bff04e64bcd657aa67ec7bf70c00981a160d92e55824315ac4cf9de2c506a7ec2a1094d51a56d5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
0e2c4a4b06749b168873deeb0c2350b9

SHA1
50e426519dd243ff0c23cf1d55321a707c70a86e

SHA256
991d452b03426ee9eadd65db8797b98917caa7c684cfd20f2f95a60d29a7d7ef

SHA512
5637a35c95d1b1915fe4a37fe8ef63a34bcc22792d87087de022820b2ceddf9df21cd4b4a9d6d65c9d891eead07905f8301861794fdd68c2e3cadba7490ef6f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
e2f0170618e3730dfa314da06eaf4187

SHA1
ab714ec8df414586995001aeec956244c66fe09e

SHA256
2921965f5e0d3d90d2b370843b51686dfe24edf87d2c799262f99b00fca08755

SHA512
4788d63461e8ec532855d782d4bd6fbd3a9aa262605510050ef2c696086d3675576c22ee952777e4b15dbccab1de968f1a0c051d72644ae9c6e21db3c5e99c0c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
103KB

MD5
7ecf3c275c8d32208e8b6db0471b1f71

SHA1
f3b45c82cc21b2ade4166812431152771ccf0cc7

SHA256
80e8e2dfef96c71aefab3ac148d6375389d709d8338c8bd971b9958fcc86af92

SHA512
e19c49a1f689627643228dd16ccef09aa8c6338df35364ac0c39f8aae93ee3baeef80a732e6fd81bc5203ffbf84693cdbbf790babbaf14d7207e9337615b254e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
206KB

MD5
61a6a4139c42fc1605d346a8e0587ede

SHA1
e5a60f5d8dbc21c98e89d35aa6577c14e525cc48

SHA256
fcb2138a618aa3e0b5057c9fad60200cd0da35d15300304f748c6bf5aaef1650

SHA512
47749640843e9e36196b28f923c77380a8608aa3f3943497820ea9fcd9e6e2919fedb33d4eab2b962d32a33dc63ff24e81bd43c774005c8899a460c91abdc391

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
252KB

MD5
a0a97b6badea8d762c6320c7134fe339

SHA1
6dee11f8d77b42aac0dce30d1da8eca65d64f0c0

SHA256
1b57e11ce41ca96f4c198a15e1e68598ad4dd2f0b155273b13176047d5cdd404

SHA512
1b5bf32306370a509df855a3b4c24bc0e213fab80364d9d2eb99a03dd53747d1746cbab29f39e98361b2f406c4d09de6035f9d93989dae667f8abcae75695ad1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
205KB

MD5
a9bd52086dddcd7dc7c834dcbf4eb382

SHA1
17ea2b099c2c3d5de5d8c77f84ebbc52c1b18bd7

SHA256
fecd8b050757102f2b42e1fd2b7cbf6e17e5eeb47482eac40e733b75f04f7769

SHA512
30598f41911e26b314b36a6819c8237e05dfc87b153a395473969510566b338f68f0b3f0d36d60867c6c57f7ea42e5a27794d6eadb4bb5d4b7732d5fb084323e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit