hxxps://nimb[.]ws/s2aNh9

Analysis

max time kernel
149s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20231025-en
resource tags

arch:x64arch:x86image:win10v2004-20231025-enlocale:en-usos:windows10-2004-x64system
submitted
06-11-2023 21:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://nimb.ws/s2aNh9

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133437801723097987"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exechrome.exe

pid process

2360 chrome.exe
2360 chrome.exe
1200 chrome.exe
1200 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

Processes:

chrome.exe

pid process

2360 chrome.exe
2360 chrome.exe
2360 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exeAUDIODG.EXE

description	pid	process
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: 33	4556	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	4556	AUDIODG.EXE
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

Processes:

chrome.exe

pid	process
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 2360 wrote to memory of 4448	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4448	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4332	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4120	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 4120	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 2432	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 2432	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 2432	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 2432	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 2432	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 2432	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 2432	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 2432	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 2432	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 2432	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 2432	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 2432	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 2432	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 2432	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 2432	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 2432	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 2432	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 2432	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 2432	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 2432	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 2432	2360	chrome.exe	chrome.exe
PID 2360 wrote to memory of 2432	2360	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://nimb.ws/s2aNh9
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2360

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff91c319758,0x7ff91c319768,0x7ff91c319778
2⤵
PID:4448

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1592 --field-trial-handle=1856,i,15832371507912474634,12657125199782118704,131072 /prefetch:2
2⤵
PID:4332

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2220 --field-trial-handle=1856,i,15832371507912474634,12657125199782118704,131072 /prefetch:8
2⤵
PID:2432

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1856,i,15832371507912474634,12657125199782118704,131072 /prefetch:8
2⤵
PID:4120

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3076 --field-trial-handle=1856,i,15832371507912474634,12657125199782118704,131072 /prefetch:1
2⤵
PID:4876

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3048 --field-trial-handle=1856,i,15832371507912474634,12657125199782118704,131072 /prefetch:1
2⤵
PID:1916

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4884 --field-trial-handle=1856,i,15832371507912474634,12657125199782118704,131072 /prefetch:1
2⤵
PID:2860

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4948 --field-trial-handle=1856,i,15832371507912474634,12657125199782118704,131072 /prefetch:8
2⤵
PID:4160

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5508 --field-trial-handle=1856,i,15832371507912474634,12657125199782118704,131072 /prefetch:8
2⤵
PID:1268

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3920 --field-trial-handle=1856,i,15832371507912474634,12657125199782118704,131072 /prefetch:8
2⤵
PID:3776

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2584 --field-trial-handle=1856,i,15832371507912474634,12657125199782118704,131072 /prefetch:8
2⤵
PID:4700

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2304 --field-trial-handle=1856,i,15832371507912474634,12657125199782118704,131072 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:1200

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:624

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x508 0x4f4
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4556

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017
Filesize
867KB

MD5
6e8230fd6cf103d3cf020ead13831018

SHA1
ad028b29999a2d17e18b8bb17b2420f3c4de1873

SHA256
793b1d26f5a347c4e4848ed1cac7df2fbc3e093864b1cecd9b58987a3c3e8b84

SHA512
6dd6ccbac824c6a8282d8e7ddd42ad91e86c2001622a41b1379855cd05c78131a0d3f26a15d6100850c2cdc738382464fbd3535770e18508229aa759bf9c938e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
432B

MD5
f88b9744aa4b84984792bf6555bc5a5a

SHA1
a269d6c222d60e70fbbd7c03bac88ba3aaa278c4

SHA256
c62a00895b0d61932b1381c008bd7f62a05f7eff7026e14a4ea458c28bc1036e

SHA512
63ceaadd446aa5e5731904545151d0cb7c4e9598301d8fdd3c85f4959c74598fb15d501d66d12dab4dfe1de8bf85cb1a19c0aadae2cc09cfba86856f3721313b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
1KB

MD5
49fc42b927dbf8012ab0aa5093320eb8

SHA1
39c7d363d5d2ac80e6b97b35f0e145e73c9bcbe4

SHA256
b35341004f2b1910fea265b0c649b78ee179209dd34f46524b18be80e82f63d8

SHA512
a190506c182804b529467e3a70ec1fb83f9a616c8fc6ce2294fc74462dd985f2b672a86c516c7bd07f2553654d52536004062d2ce6790b6e82c2101bab49e8ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
3KB

MD5
8fc7d6d10f44023b7bf0daa54be067df

SHA1
4b613e79c5aa1ab1278ca30ed317e98d9f989a50

SHA256
1971d2b3cc6dcfd913d76f8a110805b2ea6574ef639483712548d121ac8735ec

SHA512
807b9fdde1c4991a43fafe5682faead9b991cf675cd1049be7771ed816944cd341681ff6a04452e7e25d35c9bdd8b7bc8c261f8a37ae74a29bc6004d745a3483

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
595f0fc9810e54554f8e59600f023060

SHA1
ddffc22090a945797ad663d45c58a6c20ec1f322

SHA256
5f0462922e504d3173ef18d6a6e23ecdc77758983ba6e1266c9f077d9efebfd3

SHA512
d6c24894c83c076f0e6937a4f55eead30276a26166e84e58ee0f40dec857880aca78c83113d8b64895b8c8e1b3951ac5c31375e04bfbee9f4c253813a3a4b4b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
e3dd2e439e47a032b9efb6550507c347

SHA1
a3a5e9be01899fc686b6db027c15c2e7270d2d0f

SHA256
4fb709c0a2dcf29371fc94c6594cd35808eae4a7e47deb43c83145fc24f2e0b2

SHA512
618991c9e7a1b42d36c1a0df6ac09daee2f10b88b59f88eba9598eb64528edbd6878a386714973fa57d4fdf28e7d061e0851be90b61f72035751ed441237318e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
05b083544d94cc8b6fe53d9aa8e129dc

SHA1
685fef611fa08824fc010e4455bbcdf427039279

SHA256
60338cbf768df5406fa7495bf3c241a0494e1b6905b09ee7b0d1212808f738b5

SHA512
1cf5387698beaff9a10cff5fa81d60f169054912e239da0e20117134daa08b69ea362d98ec26c81621e47e85fd6689a139f41faa563ea641fc19a31d12b67f23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
109KB

MD5
f073ab099aa2858eb46076f15763d175

SHA1
9827b1700ead5a7f658c4bf1d585aff8e5643cbf

SHA256
392ec513acf353645fef87e319462676ab44cc54ca3a3c05ad2069413d83400b

SHA512
7b749b955be926420cb7f4e47edb7ab02a64e2c2d6926e8ba9c064583023e5707b3c6a3fce2564c7447090ba6ffbc4e8b106355160dace47e8161c3114e9ae21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
Filesize
102KB

MD5
fdf97e72f3d88ee9a74f8a4ba610a520

SHA1
13461c20490a0b95c09bf0dc0bad4b50c90de82c

SHA256
0aba67bca5a208fb6892152270b988fdf936d9457a7567e8d886c8c70d1613c0

SHA512
95518e1b008d8ac62144442af209ce6cdd4e639cdc1ff93a703545f3aa68d01716ba3fa6cbdb7e9ddbaadbef9750e515f57a969e9b1aaff4098c1dce032d310c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe587412.TMP
Filesize
101KB

MD5
c46328fde270aca5c03212f417431e5f

SHA1
052e0f464547fa40975fdff70d1566d33b3e7399

SHA256
5ff174e108db142dc459ac63b819c30fc238e727422c512bfbd22c21825a08ca

SHA512
683cf63ccd396dade5124ea8ee52316a9b73b6aef33c3c7b4b8e6d58b18422e5361d60c37d909cbf53ce24c923afb5b58f11a2e087e4ed3df8d22b6200c4ad90

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
\??\pipe\crashpad_2360_APMNNAWPUWKFWMVU
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit