hxxps://revlink[.]revistacobertura[.]com[.]br/vw/PQref/Neu/4e17/CMmo20zw4bE/BMPm

Analysis

max time kernel
181s
max time network
186s
platform
windows10-2004_x64
resource
win10v2004-20231020-en
resource tags

arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
submitted
01/11/2023, 12:46

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://revlink.revistacobertura.com.br/vw/PQref/Neu/4e17/CMmo20zw4bE/BMPm

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs

Web Service
T1102

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133433164121004533"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1873812795-1433807462-1429862679-1000\{42152235-0C44-4551-823A-8F107B551AAE}	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1664	chrome.exe
1664	chrome.exe
1412	chrome.exe
1412	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe
Token: SeShutdownPrivilege	1664	chrome.exe
Token: SeCreatePagefilePrivilege	1664	chrome.exe

Suspicious use of FindShellTrayWindow 28 IoCs

pid	Process
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe

Suspicious use of SendNotifyMessage 26 IoCs

pid	Process
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe
1664	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1664 wrote to memory of 4896	1664	chrome.exe	46
PID 1664 wrote to memory of 4896	1664	chrome.exe	46
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 4048	1664	chrome.exe	88
PID 1664 wrote to memory of 5096	1664	chrome.exe	89
PID 1664 wrote to memory of 5096	1664	chrome.exe	89
PID 1664 wrote to memory of 4256	1664	chrome.exe	90
PID 1664 wrote to memory of 4256	1664	chrome.exe	90
PID 1664 wrote to memory of 4256	1664	chrome.exe	90
PID 1664 wrote to memory of 4256	1664	chrome.exe	90
PID 1664 wrote to memory of 4256	1664	chrome.exe	90
PID 1664 wrote to memory of 4256	1664	chrome.exe	90
PID 1664 wrote to memory of 4256	1664	chrome.exe	90
PID 1664 wrote to memory of 4256	1664	chrome.exe	90
PID 1664 wrote to memory of 4256	1664	chrome.exe	90
PID 1664 wrote to memory of 4256	1664	chrome.exe	90
PID 1664 wrote to memory of 4256	1664	chrome.exe	90
PID 1664 wrote to memory of 4256	1664	chrome.exe	90
PID 1664 wrote to memory of 4256	1664	chrome.exe	90
PID 1664 wrote to memory of 4256	1664	chrome.exe	90
PID 1664 wrote to memory of 4256	1664	chrome.exe	90
PID 1664 wrote to memory of 4256	1664	chrome.exe	90
PID 1664 wrote to memory of 4256	1664	chrome.exe	90
PID 1664 wrote to memory of 4256	1664	chrome.exe	90
PID 1664 wrote to memory of 4256	1664	chrome.exe	90
PID 1664 wrote to memory of 4256	1664	chrome.exe	90
PID 1664 wrote to memory of 4256	1664	chrome.exe	90
PID 1664 wrote to memory of 4256	1664	chrome.exe	90

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://revlink.revistacobertura.com.br/vw/PQref/Neu/4e17/CMmo20zw4bE/BMPm
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbc70a9758,0x7ffbc70a9768,0x7ffbc70a9778
  2⤵
  PID:4896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1792 --field-trial-handle=1848,i,6558246451692060503,15329713465141003429,131072 /prefetch:2
  2⤵
  PID:4048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2116 --field-trial-handle=1848,i,6558246451692060503,15329713465141003429,131072 /prefetch:8
  2⤵
  PID:5096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2192 --field-trial-handle=1848,i,6558246451692060503,15329713465141003429,131072 /prefetch:8
  2⤵
  PID:4256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2968 --field-trial-handle=1848,i,6558246451692060503,15329713465141003429,131072 /prefetch:1
  2⤵
  PID:4676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2976 --field-trial-handle=1848,i,6558246451692060503,15329713465141003429,131072 /prefetch:1
  2⤵
  PID:4004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5092 --field-trial-handle=1848,i,6558246451692060503,15329713465141003429,131072 /prefetch:8
  2⤵
  PID:4908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5148 --field-trial-handle=1848,i,6558246451692060503,15329713465141003429,131072 /prefetch:8
  2⤵
  PID:1408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5340 --field-trial-handle=1848,i,6558246451692060503,15329713465141003429,131072 /prefetch:1
  2⤵
  PID:2972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=6064 --field-trial-handle=1848,i,6558246451692060503,15329713465141003429,131072 /prefetch:1
  2⤵
  PID:4576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5704 --field-trial-handle=1848,i,6558246451692060503,15329713465141003429,131072 /prefetch:1
  2⤵
  PID:920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5960 --field-trial-handle=1848,i,6558246451692060503,15329713465141003429,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:2088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5636 --field-trial-handle=1848,i,6558246451692060503,15329713465141003429,131072 /prefetch:8
  2⤵
  PID:3556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5600 --field-trial-handle=1848,i,6558246451692060503,15329713465141003429,131072 /prefetch:1
  2⤵
  PID:2656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5340 --field-trial-handle=1848,i,6558246451692060503,15329713465141003429,131072 /prefetch:1
  2⤵
  PID:3048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5576 --field-trial-handle=1848,i,6558246451692060503,15329713465141003429,131072 /prefetch:1
  2⤵
  PID:1920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5264 --field-trial-handle=1848,i,6558246451692060503,15329713465141003429,131072 /prefetch:8
  2⤵
  PID:1600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4528 --field-trial-handle=1848,i,6558246451692060503,15329713465141003429,131072 /prefetch:1
  2⤵
  PID:4520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5556 --field-trial-handle=1848,i,6558246451692060503,15329713465141003429,131072 /prefetch:1
  2⤵
  PID:6124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5956 --field-trial-handle=1848,i,6558246451692060503,15329713465141003429,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5200 --field-trial-handle=1848,i,6558246451692060503,15329713465141003429,131072 /prefetch:1
  2⤵
  PID:5496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3252 --field-trial-handle=1848,i,6558246451692060503,15329713465141003429,131072 /prefetch:8
  2⤵
  PID:5872

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2184

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x518 0x4cc
1⤵
PID:3628

C:\Windows\system32\rundll32.exe
"C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
1⤵
PID:5140

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k UnistackSvcGroup
1⤵
PID:3872

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
74KB

MD5
58209f59dd9d101cde311e37b8a89cc7

SHA1
00226c65dc57b05f83f3dd32a22181d1e05c9a64

SHA256
ff85cbd073f26fb107ee3ff40fd6ae91250858f4978936a640d96f421a58f846

SHA512
a3ff5ffb99221d39137b082b2c7322582e81c23980c0f5a597b799e91c8460254155ee02f74ed3a5e59661d8ea79512f269dffcafcfe1f013b54717f0d029186

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
22KB

MD5
ace97b498c04ae02ee39b255012acd7c

SHA1
168583afad02d959cb114b3f47b84f8fe9a034f4

SHA256
f0670603074beae698b84e5650b00ce6c358a27641bf79e88eb1e132d71d7ae6

SHA512
85535dd15df7eb926dcc089c251e59901314b7947c2dccf57c3e236d3184d799a6a7ceb8bf7486020014bba52b75384433519966b082ba557b6d2b1eefa7c013

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
25KB

MD5
5cb1f1fa48d413b8c1cc46bcc48e6ed1

SHA1
64566ee137bf660261c63bdf556d53d1c2c5f9ed

SHA256
8cbd9db74a2a58a130087f706f88a69a702133345c51fbb39239c7e081b1aeb3

SHA512
2e6e747da77328f471c259c9bf8d61fac31e92e717fcd00359efc6eae57fddadf927c3175426ad2dea1ace7797055bc82eaeebbc4858ecdfb9bc4e23cc9180e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
33KB

MD5
2860e5aab6fc21f4d67aacb8ee7ee2ef

SHA1
bd917ae4486847f59f26483a3d831b9a4716989f

SHA256
889b87ea0aa26178f4e60d7ee54e64cf70cb9f2f0a6008121ae4094e0dff2d03

SHA512
afba82770ad9af9c34e7404ad65f4b4d75c5a6b2f7a886de8cb68dd3144d2e7e05b344c405021982f586bc5c8a141664484b85ee10ca0369c7b5a042a321850a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
50KB

MD5
89ba850e4cacc60a821d643aa02edab1

SHA1
73a43765f67de2a648e6220d75ce521f3170ca03

SHA256
80ff0d1a4296b933e4ef4dacbca0edecd5cbd98eb7c1f9f6a3f968f6b7ea853a

SHA512
d657d75e149605255bf5eefd4d9eeec2336a724707014db19032f6ba67e13745758617d8f5f777e7b4cbcdc5975760ae91e53124e51d96eee101eff9bb801e1f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
58KB

MD5
8adc93df73e19e3a4d5574dfbe41e6b8

SHA1
6aee3a8e9595ca7b3f04f6019a5f917da444be58

SHA256
f5c9ca1b5953c71aad0d343fbb33a6b2f2fdb9a39381d53b769f64d9f2e56773

SHA512
9ace4c93d202f9f2bb7362085fdadcb8e798ee1b17436534a32c2246c76c26a24f1cb9a8592dc57a29e4476c5c19b5d56dd1ea581d48f415ae344be1fae2cbcd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
34KB

MD5
00492d322e5572c7abc3e8701b6c52c1

SHA1
0802ac2c8280ce7c98af881b1d49ec682acbf314

SHA256
8bc01632cbc3ab834e04141d444ff82b05a4691444d70a9860477710e330b824

SHA512
77d905b5f71e843fbd7f2e53cb2d5575a1773fc58c92e584577356c1a21e1008b82ce26d74773d799adfe35edc24175390366f526f03817f8da1cd4594f29ae4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
67KB

MD5
6df1cdacb93844943a47489d78c3b4ad

SHA1
9ff581b3e26e6d63b6074a0727af4ae72df2edf0

SHA256
3b4b8812437a33d7fb6f40355d83198314349082640afb772409d872741005ec

SHA512
0df82f444af7a069911534974566c74b1060ae892ad8a6b6d2e669aad93c3b8071981210df4caa02fa5e03934ef72e96ec8b6c0d66c3e7f49d3bdfba98fc86b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

Filesize
87KB

MD5
b9fda1d197f12554f702db364edbc9db

SHA1
e225ce3db48b4fca40b2975cf9b96454de78c546

SHA256
f284ad08ea6a18966c2c2463de704d36c935091407d96dd221d819a17484dcef

SHA512
a1e354de8f21c171e2bdad3e8c8e2257d961403064e96dfe63fecce1f524d6b0f8138595fd51e0624589f05bdd931f295ad6d5a31d2b48d1f5b41d434c79cf34

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

Filesize
78KB

MD5
cd9ab97c41088b1dce81c6b6d60e32c4

SHA1
c1d1f74a52c016c16a85fdaa0286f55e3436c2ab

SHA256
db1e89e3f0475e45c1b6968e8f3600b0e16cd9afe76385b4600400771c3a985b

SHA512
183e4ab964122334a50624a61d15699e995c741fb6dbde9dd56aed9069b769f5a6197755e6f2c75b449ee8069b115b374190d2828af57e017448f0f19deea745

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

Filesize
29KB

MD5
c3a75ee91cc0a01bb54eee189f97dfad

SHA1
fcc00baf1ca0049daacc21a98da792d7a2675148

SHA256
14413ab3b3d47df543e08b88089aa328c0ef5c081eb630c7fd88847bb9979109

SHA512
8c778cd8dfe4ff99dc65e0a789f329e321f59d75a1985238197cb3caaee2c49dd43c46de4cb7f537ef9f227aa7610a63961c7e0e0e2f1c227cf8f2835cf9f2fc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

Filesize
74KB

MD5
4f5ec865a8274ab291b6a42b5f70639e

SHA1
6f00f8c75208b96e585646824c4011093446acd2

SHA256
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

SHA512
b0b51feedc480eefdc72418fe08ab97e61ac4cbfbe73a7e3851e543e88314053845f46fae04fd7aa16f04eb910625c7e5dbdd9c7d5a6247616ccca6d31e739d5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

Filesize
121KB

MD5
376b3e969a86fd4e703a6a318444a605

SHA1
660fe125c4fa058d387d1e4aa1f77daca8796288

SHA256
3053bcf292d56b3b271209dce5ea3792e8a730e2a0665c9c290e60e73f90b8a9

SHA512
71d38cda2f800a303d40868631c27078030f203f836cb589bcdb9fe89329f211e879ffd78e5d67211ccc437e0038dc3676b2957512eefa23d3fc4e997d984eca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

Filesize
284KB

MD5
25f0824568ba842bc88a56d5aaf3b349

SHA1
c6fad9746a2d456c0479681fe41a48d1467f4e9d

SHA256
dedcba49f730d6fa5a75ee27242a804148615f53bb3fb26e6382f6102debd9dc

SHA512
8965baa08f3a9f3f5a5bb6d976f203f84dd10daf39df5adced688b5651be6f54f0b0650cc4716cad3b306c6695262a67647fc547801c3406e95cc4bbfda4c8b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021

Filesize
49KB

MD5
e13a6c20340fd36b815812bdf5ad2001

SHA1
1b7c2ae0f10115704dea1389751bb898745d12f2

SHA256
3e866a777c923363abddbeeee2fb77869f86c025ca111adcb4d645cf14e1cc03

SHA512
83e3ea8a831d51d984b7206fb6d8fbeecc3cb5cd36cec7705ae430cc0686c91796028a00b1f9e01dd93493dd3fc64375545bcb7c59e56c4ef24df57323ba51a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022

Filesize
57KB

MD5
42a5826be129c0b85ea835d539eb7d16

SHA1
841b892a844045bbdceca0679d3e8477c36f6cef

SHA256
9aca6bc15092c2f09e422a5ce335efcc1150c3e0b02531c6c5acd7da4ee798c8

SHA512
1c21833fe415b0f35ed7a5eabd2962f8b48589e6548ed44bff34718c3ef9b82436d138178a61124b8f8a4af194a662e5d6c1f1db39052a8900fc801901c075b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023

Filesize
202KB

MD5
87ff8b2805a01278f67df8ed5d3d1678

SHA1
d14baa01b7c26186c7a7ef8401cafa94c6a51f22

SHA256
809ef926fc1744ed63fce06f9acc152e076408bd7842d59c19e95a67e7c5d1e2

SHA512
bdbcec21e22394e0fe8b0a16f5b2a66e03087d0400795220e364e38f546966b92537bde80a5218caba26ecdb2e177f399ca2a52b3d3f0130c8614cd136ef6b80

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024

Filesize
76KB

MD5
a9fd1225fb2cd32320e2b931dca01089

SHA1
44ec5c6a868b4ce62350d9f040ed8e18f7a1d128

SHA256
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

SHA512
58f45066d5738b1ef1f431eb9fc911fc9e6f61f60538f1577cd2ebe651bd8e7b87124dae36c4e66fb303fd249eba333bf41d316774201948cad056bb0e4b4f2e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025

Filesize
56KB

MD5
ede8c4c3d3895b62a9d894d1cbbf5cf9

SHA1
a0bd49e4aad361f7a5363e54a5cce86b15aa4491

SHA256
18774fa8313fa7abf60ebee1a296e700dd4153ece11925dd1b5c0f639a9a502f

SHA512
be2e2fd5de6c77c611365b9d759726b74e753d6f397db84335ea0e778203f4dc862828ed43aeef2fe2754b2eae8882d162862678d95fc84bc364931d4bfff8ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000026

Filesize
48KB

MD5
bce132b2885012f0c70d90019b85a861

SHA1
627e00d289b78211e60f114f331eb238a13f91c8

SHA256
e50ac9fe607fbc48c1d7ecd3f8c8119f567d3afad8ba35ef8f2e9f6e03d009c1

SHA512
9d418eb6792edab168947134cdd3e6d49058876960d8cfdc21b4c17e7f01859830d03d7414f07a862760e9159a8be31bc63970f0ece4adbde6a6544c1b1f15eb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000027

Filesize
35KB

MD5
a401b24b4b7edb5183d9cbb418b2b604

SHA1
11dbd7ec9c6bb08c99cfd7ac250f52c108b2b6cc

SHA256
778d464b5a2af20106697a97327c6c0e8e9f93a26b3e4749094929c6ba56a441

SHA512
1450a219dcdc08a7da7ffd9f7442b7b6a09cf3e1746ccae4dea5a0280345059d0be8e56142c22ecd3ed534bc5c65b27ee93a07df3a1f8b04814b40ccb346a51e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

Filesize
187KB

MD5
a3d71d0d49fb8b82dc6c5b5f039d1c91

SHA1
ad31cff71c15ee1caa4f11cba0b9aed8f6c3badb

SHA256
93bb11aaf27acc7dd9f0ec3f6c2f58bbecd91185767e96e369e759ab25070111

SHA512
8db99e9c8b54b13a90476a35e42a2d22cd8a71480eb17f14a039451116c895652a20e890f92efce763222e3ab5f8a7efabf6f6c57aad5ac007ffb2c61fa0132a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

Filesize
47KB

MD5
c6eb0776e3dee5c90a935cd06ed5fa3e

SHA1
9e0ead76982e44ea2eb331f51f58033907fd115d

SHA256
c394e0e9d8808f65c50f4f3f1bbc908366186d5531d540b59cd18a825ef767bc

SHA512
789d69077f09b5d0237af34e7242fd1e053c716327a9b4d9117c1c94765308d7a8d03ede481e63aedda0d0ff2485d9b401100d7235b2eec396434f48b52fac90

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a

Filesize
110KB

MD5
e6ca58e4bd66d226347ce870fef61a4c

SHA1
d1f7288733ee026b2a61399e766888fd646e9680

SHA256
b220b6aafccb33718a1af1c834f40da65d9239e7c381324f2e9c7e23bbeb1121

SHA512
bb5e84f8e0aa246df65e46b7036f6d43e8ab8aebb62961dfd4a2f5dafcb316a646ff43a8cc495824a87b1bbea2a887ac1c67a93b4ac7eb6d84a15351c663dfe5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b

Filesize
163KB

MD5
f33ebad814592a0e8d610741852a22fe

SHA1
c4e661a1ed94863f135c7f99c3742ea334c02b38

SHA256
0dec35b046c94f625bf6f41998f7f37dc8d3f585bd41790516eb753916e07290

SHA512
6d27218a71f44a3c13fe47c1a258991338a108d080209ad6ce50cae3f10c7afadfec9e8ae93fa98cce19a39e15135f3a994eb56474f5ff058ac66629161beb58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002c

Filesize
161KB

MD5
c9f178caf69157ef62de5ba460f5351c

SHA1
1655e67dfcb6be4043e27ddf150da4c4ba8a7d37

SHA256
b2298b097ea2719f29e126ad0d47520bd3486b6db912c19026427e8f96c30083

SHA512
94af8ba1281b90237f62e04ed53f2dd5dc1e5f44cf1edc87c520dabdf563f6c559b581e11a02b0d84068e7ac28f35ad23f866908bc8fefdc1f30169b4a26e9f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d

Filesize
66KB

MD5
133912e7b105a96eab6f196d0fda559f

SHA1
755a33a009ce6b02bc62e54c6a9d21663a39a423

SHA256
3fb7481b979d37d9fa7c5e6f9cff3b237f94ca7097acaed14b6dfb9dd3021630

SHA512
310628491696e1a51245f99bcfa5b5af40da2368351d0400093ccddc08cd567e4ae076f9bcfaee89f3eeaae173d283875991278feb0d112a72702317b983f180

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002e

Filesize
80KB

MD5
46991aedb31c8f52fce3ac3f7a1847a4

SHA1
17069d983150d7e8d687a1be64c32905c758e6d2

SHA256
ba3f7d017ef8d867c9520c9a2644ea8d7b3af1ee908b531f7fba988ee0a6b172

SHA512
c7ffbceb0190ea0e2f3dc1b2f3098b56dcc663b238f7c965fe68c6f837ed4fa335190dfbfa50f28bf8563c85ebffd745c536852491b7826a50cde1b974a38cc0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002f

Filesize
47KB

MD5
483e8d5656b0cce0fa4ce21eaf96d4d4

SHA1
59eb9f8c7585d178f1b075c253f56f5def516208

SHA256
cfde5f4f4d5475ac94d51262e1d07886a1f033bed6587f62f1593994ace4d215

SHA512
a514dda4a8789cec8a1580c890f2ec9718beea96cacd8fda4bff4d8c16cdc22e27a2431565566eb791b66e0b81a6a7a110f5d28759e02882ab31d30b3e3bc4ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000030

Filesize
16KB

MD5
c73fc841e265ffbbeac6fe85c18de291

SHA1
27b29b1138daafb420a23f71c8cd4875acb4a38d

SHA256
5db47a5e6a982a9026fdd53130646a7e5dd3a3ef8610d75bf873248f5080b0dd

SHA512
a851b179ea7d75ec28a61b2421a57be62ce6b0ce9204d81b603f2deaad6b765f79882461d69569a3cba98f9fec6347ac15bd920f0002bce65b88456ec821f467

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000031

Filesize
273KB

MD5
7f811d52889681adb38037a1aa75eb4d

SHA1
5261edc4e0cd63cbb49bc11bc82a26bf4397ba3e

SHA256
fc6085eb6ca3ef55e68bfb7ea440e60c80393ec117f4ed6064fa0133423cebdd

SHA512
1f66d1c3ae70da51cc62461f83bb6c5537c39149a9e800ffa574557ef7942d1b1e216f25055c561b93e9d19fac56b7b9b8fc23a919e1d070f0112a042ad1d4ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000032

Filesize
95KB

MD5
c7e151993e215b8b7170bb8fb7bba86b

SHA1
7fb7a5ade8b60c9181116e057f34e32e97ca500d

SHA256
869c484a6a9f8a049ac631c59042f2ce3611ac1a6f9b6ee6500b6219c4e74f56

SHA512
c691edf94a883b6198abf1e864b222b41c84bfbacd050a6a8fe05d434514360690ce073d3e87a00667c7808ef8a64dc6eeef13717b358205cd18e230ff511a6f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000033

Filesize
755KB

MD5
17b8470d3ff352e030015ba2ef381bd9

SHA1
0a39a8d87c015f8c15e4589118b70749ff2ce7c9

SHA256
61a8ebd3e2cabca501d093dddb192d68bc5cfdd20aa221fe46f4f06e006c18ab

SHA512
88ae14ad725f957463d8b6f4aa1c356a1e5ef88c82d615a9badd08c7284b09f7f23d46588b6fe6e429198315cbd7afa8d1a9bafbcee552226c116eec00252cea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000034

Filesize
32KB

MD5
ec0ef10f3bc31b1d8aa40103a053d083

SHA1
ba4bef4bcd796517c1bb7edffd066d52389239e2

SHA256
ba251861ae75587bb14ed78bb3eeca7c4b86f96bc39ab04b3a7dc26c5fba2661

SHA512
1c8fbb7c853632586c27ce7da06ac5e33730f1e9604e1749cd6b0d5b2a3f1d71056e0428b112c146ba55fd14e01f1a6287f6cf559409b01289439d79e64a5ddf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000035

Filesize
36KB

MD5
850ff2288ce1d5ae4fa59e7f3590e220

SHA1
6c92f550c74d5ae9496c892794e0d7e2ab14647c

SHA256
3b2b8087d1f0b89142bd9c8064ac975d2978c1bab88fd336935ad7890cd8d477

SHA512
b0e9548fa71df58f428b628f768b7dcaf8948d090713df33ef1a6c33c00b4d26a85c3b0349447897df5a4e1a10d725e7c2e7441f57f0e285bf40eac8c26a07ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000036

Filesize
48KB

MD5
642e0bea19dc6d410afc1be099ca67f8

SHA1
6eb93159462cc5e0911adb11a9a1ef2a38f515a7

SHA256
1dbb62977e2d3b974ef9b2e1f02e84bc9eacdd648c7182e2d08305b9b3eb5a31

SHA512
b436a904096185947d8442875a8913050232622e4de339720183ee4e5a5dc1d059a92dff24df0c5800081f0ce8f79eacae035e5d9f4233261e3a6167dc89e08d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000037

Filesize
56KB

MD5
ca3cdde01c4d8f175c3294a8590f6b1d

SHA1
bfd60e9f9de5a0712059a17d07e1f7c1cbf7e21a

SHA256
76582fdf8906c8ce535707c29f0c1022fa0f1c801f52dc7b0507e581b9cfc2d4

SHA512
8b3ed0c28208f0f942113a0cd845d6a02176292d681f299976d028d5d18dfd597a1c8c427b59f6772ebbde6c55239f57bb9459d948291ed845222677287ecc4e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005d

Filesize
160KB

MD5
5282aa12869b95271ff2830d36e9468c

SHA1
2a7387b7d46daa71ec6fb74deb448c41bf3bf6a5

SHA256
f4daed872ac5b46c45bbc991fbb3801f5c21189c503de0afb5d08c00468f1202

SHA512
72bf67311644cc9ca17064bb8c207ea4d2e1b9e58b7c733e23e05e948e0b0b202bbd49ea599ee4875b6b002547f4725c11537a98c09c32419a966e4fddc5a894

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
ab0563cdfe92446cfa234ab8fe4ea61c

SHA1
aa4b9f000bb53ec3edf6bae4a0be7865b726278d

SHA256
2f86d92166fb25c988351da7ed670ee6eb5469967f3df010a5b927fec19783e6

SHA512
f64cc70a50f0a175e445e661f42b155d9eda88b066b5fd2b27aecc3fca10319703fb144da61b661968ee0647f9e9da4f338c7b336cc61b034eb19d7ab41c0292

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG.old

Filesize
392B

MD5
243cc877d7d950f81b90066e72b726c8

SHA1
52bb7e3bdde6762cdc0e3ca34785111885b92371

SHA256
88cb4ff11453f3eca4f6958d3ef807188b3d1876a0e7b223f7e6087e97813da7

SHA512
9c2a8b3634c56adf03a8d99eb23c9b334a2afb5ab76f3a906492c0f74f9067fcd3c9a5596e67b44c955568b753b35d9ebae27c6a720dc9187865994911710ee7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG.old~RFe5a30f4.TMP

Filesize
349B

MD5
a1712ff37037750c21ba846d40c81aaf

SHA1
d03f61579961644fe0b89f0c9dd25b5f1f60d94f

SHA256
569d3996d549e0b5ef33bd273c24fced5bf0b2af8cea5638ba49b284991f618b

SHA512
13dcedf5212f8ec700bcc4eb1dba12a2e635fd2101df329376fc91b4e8abf5e72acb8c218cf5d32de1a7a3dc11f1b79e50bc0187e74cc51b83e54598caf7e2d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.zurich.com.br_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
53df3eba4566efbdaea5973f1a0f3135

SHA1
6f7e95370bffdc1c2066e8d679001c42d13f3980

SHA256
599fd3a1a2228b5c3f2a0a019578fc8a46d754ad81ae15e1b44c01f2d7b05c06

SHA512
b9909238d824749fe7e6f96566642208177b7eb9f2999a9934f6ed27f7d8ffa1bda371df83591935b1f338992cbc303a807c6305ef736faf9fcfd752259b94de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
7KB

MD5
f96ca50f7960c23e76824b8a4d6f05a3

SHA1
8dfda14354da5e47b69cf8c85aa61cf00b97dfee

SHA256
98fb6cba9c86d97038c06b05eae82eed33ea40073b367cc9570e12efb49ae2e3

SHA512
c4d332f698c36c04b1af2f6b1767aed9a76597ef7d36042548e6898c298645722e539d2c2d8dea4c7321f80d535aaab2251347854a6ca250af054c990b5b900c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
da603da1fa13d2e9e30978d8354d2ca4

SHA1
c42aaf8b2905dbb5d29fd8244785f6bc12537ee5

SHA256
2c7c048dde17adea042ab4debe230a5b8d9d8e3d9ed8e1cdcbd19e23332c861a

SHA512
8ac57bb247168f0ec095aba81e5b265477751487e3d4b1412a456717d1296c9a78be9afedfa92542fe2aea2b16cd9b9b23d0b05cb1a9dc729509bb40c867efd9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
1e20c966260775908b7f48d1f504653c

SHA1
f808c3a4cfe2bb1eaa34e705e71801e9858a4855

SHA256
789810d559579a12043928c51191e430b6d2590d3f1697849cf2bfdb3dad7330

SHA512
4c6e1ffe8e0d8010b5743fa705900430332d079bb1ef0d958af46ae09d5fef7e24480329e4b7ec8f597e77d926466b8c5d8b13cf12a75fc0f16855cb56a3ff2e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
22b781c8f68e4006e27757295e2e52ba

SHA1
77cdf87a03fb2d8879fc18edcb9da5df7761b54d

SHA256
b4af10d13b8694b469b2c42489999525c8270d0797bf2fcef3375010483cd6b9

SHA512
b50090546fe89ac52c6877e2b4ecaf33f6c71c0bc09699b161c19c4955ab82361b74fcb1e31ab4a0e237585ff57968ba615d034aa227e7c96a5440f30148fce9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
33f1a4be1c5d894e1734310cb2c60978

SHA1
df502a5aa074e990346dc02db53693e5e1d264d1

SHA256
38e761b25675cbbfcec828bab01b756bfe1ca2eeab25566f7de4ceed99b1fb6a

SHA512
c9ee96c0e5ac359cbbc43e6db2c19010100c3bddd2a3628e5ac62b4f2fe65fdb45701d394462a8ab8121cc6f8f3b58faedeb97be65eaa00af21779df2da81763

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
59ad6b4b67106aa621fca306a757e4c5

SHA1
27dcfd5f7af9127fc5eea5c5743b00fdaa1be7b3

SHA256
34e67a818c3ef8dbe61431ef3d18ead72539952782faf99334752c8241a92711

SHA512
383845b6b0d31473ad45abf511563eb9a8f4db5a0df9f59d6370ff8712f076d1bee943c450f422aec988c43cf42b40e5cc78da525409997add88295c3db5f3a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
d94145ac835f9808379ce04e5f06b590

SHA1
59a0ddc99d7aaca6e8288ca3f7b4eefd77d75354

SHA256
8b87a2ebaa6a4f12b9d3fb26372e16aab5b09c506da1bbc2da9e8dce25518ce0

SHA512
d40bff283e2457e0620265dbc3ad60ee62d40642d033f7d832d69d9f322ecac0d30a48fd692068a8d10f11b01fbaa04f71b116e6b2ce0d6da2581c5d954e42c6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
05d45ef1fc6559bc0c223eba5ff3460b

SHA1
113106fb8fb655d08ab472e30fdd174dd2123975

SHA256
536f610bf84b156cf8c0501129dfa757d7a3d80d42f677bbdd3f07b17c45c64d

SHA512
dd5bdfa780ac4eaf19b9884f35446bdc5374dd8c806f19c9a560c607c14052cc7a6a6dba4f985e70ac21675819b20556d170b64aa42541858668d3d27dbffa59

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
463554cc5087cde8a0df47f0df2c9e96

SHA1
09c423f84bb5d1f38af7c9cbed1431c4092b92fb

SHA256
3a9b1dc4df95fd507b3fa938c4ca7300806c8a0a90c0c56542650e8644d7c94b

SHA512
37a677451831fe787862bc4ca873e0752dbe770e95b12cb9d5386b625d7c24c74bdfd1f491b1e75e9a4e3a0b4376ffa421beb37d547a07a140cef1d4f0875a91

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
0ecc57cfba02bf83386680ddf1fa16c4

SHA1
0b43b11bbb5b0d948809a50ea921d7bf37ecc6cb

SHA256
72fffe2ee756bc08e8e6f1f76a2cbe15dac86c51cdada4eede636139d7692142

SHA512
836b501bc0b62e71b22fbddaa924b9fb9bcae101c0f6a7c597a6b6a150ac82807664c67b2988fae2e348da06763d891696cca9d059eeff1a87b14d877da6fba6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
8276adc74ca8433c0c5689183e71b6b8

SHA1
984cb167520cba97b84bdba7f4a607aa78056f84

SHA256
5e383d965bdf61e8b11c234d1457f02c2e4c268f16fb5012063d0831aaa8b6ca

SHA512
9bd86771c3fd7efb92ab223864097dd360dd2529071f07698b379ed548b72968d761cd682ff077f1448293e703ab3a497f6bf6670964e74f400838cd5361e18b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
b7a468ae6d412e00e0f76d683ef4d03a

SHA1
da8fb366580b5f83927484b750e751dc95d7d6fb

SHA256
e1931f1e533d33d102f89a852124c60c9bf1bbce2e9077866f0ee4a866b873b6

SHA512
dca7cee03b04d4cfb827b15f78a6ca705617bd86c8d73b2ff8492ad8527c21de4d503ec49a99acebaa7198d8cd1bfb850901d4b794f1870e0eda865a152fa98f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
4eb2645b1afefef89c2b9f3a4c339808

SHA1
64a70a2730142cefbaba52b3b5155b155f70e3ab

SHA256
d7651de0b663321eb9c288f1816e06215d06e9c2a8ca18c89aa18d3dea3ded55

SHA512
8d4edf4f4a464cb4e2944607bd9e6ce549219cc579679fb2e0180ee9f60e471690070121d2693c21f1db6bc5159e0648c38d3ddc93bc3ca9cf3f662ad4564711

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
1ce24519868f9caf339fc01945456ccb

SHA1
a15e5f10d9bfe706b7072d0b127a8e30bc941f1b

SHA256
bfe455c6083c0da95d2536dfacd663494fc248fdc5d1808dd621732c4aa4dd56

SHA512
d69b7bc199118131482e6ebae22cc1858e827d3847a9b77e6b962aed2b06b1aa8945f3fe1635dd216212f6ebf7786c0ada7832f008d5cc2066f0c632532845ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe58c3c8.TMP

Filesize
120B

MD5
43c5f2f1f0351826eaa2bbccdbf3d24e

SHA1
5a1abb9976b4a2ff5cc7dfa37a0e22139f685206

SHA256
06d1cafd5453e131945d85801060ec090c028648dcff1055ef9034647a6f7210

SHA512
d5bbb64dfc6ca40ae3de9c96807ac03952d25a7d85208a874941dc6e602e98c308d34588596b4eeeb5f467d2115af211a3ce8fb297afd22a0ca5468928e82eb5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
109KB

MD5
32278f2c5b903a1c353af6857d1bdbb3

SHA1
7bc86282dff6b9278b4324750d362cf1964e8e88

SHA256
52bdadfe2dbc2b6512e62bbaa8a20fc6edde7d135c228fa2c337d2e37b8874fb

SHA512
c5dae28cba5019d5322b8b5bfd2c01790646a7ef8f9b7b151e61bfc9b738be07e9f1a084b7f11fee41063281f06e0faa238a1b01241cbdd835fbd2cc2b0f9634

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
104KB

MD5
d42c9c731892b734479c5d00bc0febf5

SHA1
36dc5720cc5c4a5f71ef5d0b26883964b7d5acbb

SHA256
9c4306cbd2cc7a599e83dddd5b173829c3f56640fa67257728a2c85cd5975825

SHA512
cf4c90d50a835ec6553a1223ff0610d9fc74ae2e024d9daff391b5e1c0dcca2c2787364843e8ced472c64eb8a158d2e6251f3fb479f4a8e5f2eca579474bc440

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe591f65.TMP

Filesize
101KB

MD5
bd080d5f597f23463425203371c7ef25

SHA1
f4f0a46468d571d395534bc93186455958f64b9a

SHA256
6ff2c1d75f66824e91ac15429e1ad5db924d51557233677e9c9bbb930bde7854

SHA512
cce79cdea4df7f6105bc1483c2cc401b8dd513422b3c3a7404871f5e365314bfecd82327b52acb8eeff3680506d917a363281a3be7d99c321746d549000a0098

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
memory/3872-942-0x000001D4B7190000-0x000001D4B7191000-memory.dmp

Filesize
4KB

Download
memory/3872-946-0x000001D4B72D0000-0x000001D4B72D1000-memory.dmp

Filesize
4KB

Download
memory/3872-945-0x000001D4B71C0000-0x000001D4B71C1000-memory.dmp

Filesize
4KB

Download
memory/3872-944-0x000001D4B71C0000-0x000001D4B71C1000-memory.dmp

Filesize
4KB

Download
memory/3872-926-0x000001D4AEE40000-0x000001D4AEE50000-memory.dmp

Filesize
64KB

Download
memory/3872-910-0x000001D4AED40000-0x000001D4AED50000-memory.dmp

Filesize
64KB

Download