hxxps://getshared[.]com/O4zyLLUF/c0ae45421176532279aaa8641913ba0e

Resubmissions

01/11/2023, 04:39

231101-e91nqsae4v 1

01/11/2023, 03:57

231101-ejdfhsaa8y 1

01/11/2023, 03:42

231101-d9qm4abh72 1

Analysis

max time kernel
602s
max time network
607s
platform
windows10-2004_x64
resource
win10v2004-20231023-en
resource tags

arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
submitted
01/11/2023, 03:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://getshared.com/O4zyLLUF/c0ae45421176532279aaa8641913ba0e

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133432837940968056"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4728	chrome.exe
4728	chrome.exe
1904	chrome.exe
1904	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe
Token: SeShutdownPrivilege	4728	chrome.exe
Token: SeCreatePagefilePrivilege	4728	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe
4728	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4728 wrote to memory of 3932	4728	chrome.exe	15
PID 4728 wrote to memory of 3932	4728	chrome.exe	15
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 4656	4728	chrome.exe	90
PID 4728 wrote to memory of 372	4728	chrome.exe	89
PID 4728 wrote to memory of 372	4728	chrome.exe	89
PID 4728 wrote to memory of 4588	4728	chrome.exe	91
PID 4728 wrote to memory of 4588	4728	chrome.exe	91
PID 4728 wrote to memory of 4588	4728	chrome.exe	91
PID 4728 wrote to memory of 4588	4728	chrome.exe	91
PID 4728 wrote to memory of 4588	4728	chrome.exe	91
PID 4728 wrote to memory of 4588	4728	chrome.exe	91
PID 4728 wrote to memory of 4588	4728	chrome.exe	91
PID 4728 wrote to memory of 4588	4728	chrome.exe	91
PID 4728 wrote to memory of 4588	4728	chrome.exe	91
PID 4728 wrote to memory of 4588	4728	chrome.exe	91
PID 4728 wrote to memory of 4588	4728	chrome.exe	91
PID 4728 wrote to memory of 4588	4728	chrome.exe	91
PID 4728 wrote to memory of 4588	4728	chrome.exe	91
PID 4728 wrote to memory of 4588	4728	chrome.exe	91
PID 4728 wrote to memory of 4588	4728	chrome.exe	91
PID 4728 wrote to memory of 4588	4728	chrome.exe	91
PID 4728 wrote to memory of 4588	4728	chrome.exe	91
PID 4728 wrote to memory of 4588	4728	chrome.exe	91
PID 4728 wrote to memory of 4588	4728	chrome.exe	91
PID 4728 wrote to memory of 4588	4728	chrome.exe	91
PID 4728 wrote to memory of 4588	4728	chrome.exe	91
PID 4728 wrote to memory of 4588	4728	chrome.exe	91

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://getshared.com/O4zyLLUF/c0ae45421176532279aaa8641913ba0e
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbb5189758,0x7ffbb5189768,0x7ffbb5189778
  2⤵
  PID:3932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1872 --field-trial-handle=1948,i,10892205120402412304,15197275637977780518,131072 /prefetch:8
  2⤵
  PID:372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1732 --field-trial-handle=1948,i,10892205120402412304,15197275637977780518,131072 /prefetch:2
  2⤵
  PID:4656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2240 --field-trial-handle=1948,i,10892205120402412304,15197275637977780518,131072 /prefetch:8
  2⤵
  PID:4588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3152 --field-trial-handle=1948,i,10892205120402412304,15197275637977780518,131072 /prefetch:1
  2⤵
  PID:1292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3132 --field-trial-handle=1948,i,10892205120402412304,15197275637977780518,131072 /prefetch:1
  2⤵
  PID:4636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4452 --field-trial-handle=1948,i,10892205120402412304,15197275637977780518,131072 /prefetch:1
  2⤵
  PID:3708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4372 --field-trial-handle=1948,i,10892205120402412304,15197275637977780518,131072 /prefetch:1
  2⤵
  PID:4812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5664 --field-trial-handle=1948,i,10892205120402412304,15197275637977780518,131072 /prefetch:8
  2⤵
  PID:3212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5388 --field-trial-handle=1948,i,10892205120402412304,15197275637977780518,131072 /prefetch:8
  2⤵
  PID:1884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5324 --field-trial-handle=1948,i,10892205120402412304,15197275637977780518,131072 /prefetch:8
  2⤵
  PID:4804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6116 --field-trial-handle=1948,i,10892205120402412304,15197275637977780518,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1904

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4912

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

Filesize
186KB

MD5
4a2977698422c3c6e58b664643322efa

SHA1
939e0f3f916f936be7c8c49121d8f245b99cab1b

SHA256
d60610d21436821de350b6e21d3915e5ea1617d97cf20f7aaa1d5ae782cc4cd8

SHA512
ca9d91650de72ff1faed43344dbc86ea3e81d4fd615b89347d31c7676fde084ddcae30a9dbfa3b341ec32b00966004fe7d6d96e383b18363ebd8f02b982ffd57

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
fe11c2ba017c57cfbe9960399f009323

SHA1
46dc52c4f3bcc6d948239eb40696b881e4da726e

SHA256
0eb48d8b8b416be6624a5c0bfacfde499e54752559b3b2320768226cd0de8f2f

SHA512
5e2964d11900dbabe426d264930b6c0d180330dff9b703192616e09930feea96d28de64848311802fd28baff1d8c01dbb57a9928ac1eecbb99f6f585e7fd2abf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
552B

MD5
c5a28c3f697a1acc8b42241a0187bfb4

SHA1
326b49829382725d3832f14725fa54eca3e79b22

SHA256
c2b8e263b6e2c16872d4d211a8de59697838375c42a465ed6f37d064068b498d

SHA512
e9a2e91b7989a89b640b1c084e56739ec459f0fbd12e6e27cfbc2327ee0288715620e3d537e98f1460fa5a693768373789f497856d78f661f5fa9451cd8d1181

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
42977df2cc28f2f9050cf78a7640aaa7

SHA1
6323558bfc0b93892fb59d9a3dee14bb59d1a80a

SHA256
63ad919a00beb524cd10e0b41e34e7bfcb5bb5b783fc537703bdd1183f82d823

SHA512
297934e4e10280abc7a27a5b6e3eee34d97ed1470269e15d4f3aa2cfe7103ef22a442f740cdb2de73b7dd1a80154951fcd310e03870cb4fcfce5ae8061f11bd8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
3b7499baef4b5badc83a48ee0a87c5cd

SHA1
31eba126ffc0760586dcc02197ed04c5c72d0067

SHA256
e7c48bff9b030b37bc1b0db5b4aec2b740e3fc858fd2d5f3a0cc999a74ea3720

SHA512
731e441ec1976bb4272b79d0c0658d85b61afd836b0848d61c8fe620981d2c79aa35fa4584020b32835450e523b113ea7498d3beda7e1d75c45346d596972af7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
74d06f39ec935575e9f9838fcbc6def1

SHA1
a42bcbe9d92c70b8bff37609b9b9bf9fe79dc085

SHA256
1f0168cd0fd46b143ef40861fe4db79e98c460ce5f8a10d72ad4692e42be2ab2

SHA512
9fe1e666eeb5bbc972efbec615b5326391391ae872d9e580e0dae5ebe4ab4dbb68a258554dfcc82dfd7e24ba800d88e68344f222b2ccc56c09525f0d77e1c969

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ff260402a46e0f91a4461a9a31d3d7da

SHA1
e36a9d0a157add2b04bc8b8d62a6b40acf8b7d7c

SHA256
21e2ed53ed34bbeabe6f140ae3ab43c78404d21bdc6cfa78294f708cab215730

SHA512
fa53def7ffc23b01e26aa79e6c64c7b83a8cab3f8574e5c0e3bb6d26094c62bc085cba0b25cf04aea4d597cf3d73e1c7af48661fe83c46fc56ca880e9ef40e32

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
eaf66f8fbb5022ef9ad627d40803d5c2

SHA1
58917afaeb42a254b716dd5f84c13eddd975ca2e

SHA256
03220d7328bee704eb8a5d9b5f2c94fc17ce7c8d490ddcc5ca63d297b828b170

SHA512
fcf50891e07474dd89ddf061d7fe80e5a545ade898a7916223546bc1ad6271c3003dff299c22a6999832fb71465790701a74431c202ce99260892a73d5d8049c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
67969e914e06b950aa85b1821f683610

SHA1
2dd6cc535616675c2fc1aea52eaa3721d10f728d

SHA256
34d26310eaccc41edfabc2f95cb831a96336dcc702604aae3f0b4c4b768c61dc

SHA512
73faea19d2435608760c85c381da7a89429302df1a47920f47e6680f4602b244ada369de4790f4424b77d42376d3150dcfbdb70f7ae6edf89ca156fd2a6c1a60

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
c2b400330f2629a7ced1e0799a74013e

SHA1
0154bceaaff95922a50d137c0d6d6a9f769b8e36

SHA256
07045f802dfc9b3d70f10dc53e8e8fdaf5ccaf2844f685c3a722ae29122dff92

SHA512
d4f731951f6967c8733131397735fbd2d40041696886ff6a8fed5e09f1465fabed903b315130b89497b27c84f3ebbc441cc8cbd90ac3d794dbb2c2b5c587768f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
214KB

MD5
8357edfbd52b9bcf89a089cf9a2715ff

SHA1
5ac62f417f7823677d599423a9543ba638d20c8d

SHA256
0af0545ea59bb532a8f5be1dfc55941d438f8774447dd514828ac670b562c04b

SHA512
0d58f58aaf3e3a6f33c45aac2ca31d1b57b6ee3cf76ba59e61e09fa2d69f110d9458a730e7f29c6ca7365134713139e4f6eab41da34743c51411da0fcbd1f959

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
107KB

MD5
4f1d716dfe9d6970ac4472bf65f970ee

SHA1
f6d7e86296e270e5722db125f4f73435dbdca1e1

SHA256
35bb195700aec6bc12bdca8b73712b0f1a82a674ff8b56166c11fc23196213fe

SHA512
546de227e05396e6e1c2cbb3e5e983b126f1519d0463ce7210922d6d8a23aa20bd89959d2445545e03ad10a07524de875f4b211318b0511a60675c4a597ada27

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58fae5.TMP

Filesize
101KB

MD5
aa729237c37d9dd44ea71f9fc26e9b31

SHA1
04658752566e5f0537caf2f6d86e5ef2afcea22a

SHA256
e093ab7eb1b535cd9f2c670e02e95049303ac5a5bb16db0f0959fe24ead9b096

SHA512
bf679688fec557e7fe47417ad9c534c357294aae43ec6bfc96f43917418266484601ea272e585dc268ede5f262c2abe06ccab776b6cd9df0b7636224ba40cfc2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit