hxxps://youtube[.]com/

Analysis

max time kernel
300s
max time network
296s
platform
windows10-1703_x64
resource
win10-20231020-en
resource tags

arch:x64arch:x86image:win10-20231020-enlocale:en-usos:windows10-1703-x64system
submitted
11/11/2023, 16:22

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://youtube.com/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133441933923896980"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4068	chrome.exe
4068	chrome.exe
3848	chrome.exe
3848	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: 33	3260	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	3260	AUDIODG.EXE
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4068 wrote to memory of 3840	4068	chrome.exe	71
PID 4068 wrote to memory of 3840	4068	chrome.exe	71
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 4204	4068	chrome.exe	73
PID 4068 wrote to memory of 5068	4068	chrome.exe	74
PID 4068 wrote to memory of 5068	4068	chrome.exe	74
PID 4068 wrote to memory of 820	4068	chrome.exe	75
PID 4068 wrote to memory of 820	4068	chrome.exe	75
PID 4068 wrote to memory of 820	4068	chrome.exe	75
PID 4068 wrote to memory of 820	4068	chrome.exe	75
PID 4068 wrote to memory of 820	4068	chrome.exe	75
PID 4068 wrote to memory of 820	4068	chrome.exe	75
PID 4068 wrote to memory of 820	4068	chrome.exe	75
PID 4068 wrote to memory of 820	4068	chrome.exe	75
PID 4068 wrote to memory of 820	4068	chrome.exe	75
PID 4068 wrote to memory of 820	4068	chrome.exe	75
PID 4068 wrote to memory of 820	4068	chrome.exe	75
PID 4068 wrote to memory of 820	4068	chrome.exe	75
PID 4068 wrote to memory of 820	4068	chrome.exe	75
PID 4068 wrote to memory of 820	4068	chrome.exe	75
PID 4068 wrote to memory of 820	4068	chrome.exe	75
PID 4068 wrote to memory of 820	4068	chrome.exe	75
PID 4068 wrote to memory of 820	4068	chrome.exe	75
PID 4068 wrote to memory of 820	4068	chrome.exe	75
PID 4068 wrote to memory of 820	4068	chrome.exe	75
PID 4068 wrote to memory of 820	4068	chrome.exe	75
PID 4068 wrote to memory of 820	4068	chrome.exe	75
PID 4068 wrote to memory of 820	4068	chrome.exe	75

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://youtube.com/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffbc24f9758,0x7ffbc24f9768,0x7ffbc24f9778
  2⤵
  PID:3840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1512 --field-trial-handle=1752,i,11038676753873234069,11232098382229884295,131072 /prefetch:2
  2⤵
  PID:4204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1996 --field-trial-handle=1752,i,11038676753873234069,11232098382229884295,131072 /prefetch:8
  2⤵
  PID:5068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2060 --field-trial-handle=1752,i,11038676753873234069,11232098382229884295,131072 /prefetch:8
  2⤵
  PID:820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2820 --field-trial-handle=1752,i,11038676753873234069,11232098382229884295,131072 /prefetch:1
  2⤵
  PID:2976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2812 --field-trial-handle=1752,i,11038676753873234069,11232098382229884295,131072 /prefetch:1
  2⤵
  PID:1500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4300 --field-trial-handle=1752,i,11038676753873234069,11232098382229884295,131072 /prefetch:1
  2⤵
  PID:4688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3040 --field-trial-handle=1752,i,11038676753873234069,11232098382229884295,131072 /prefetch:1
  2⤵
  PID:5060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4732 --field-trial-handle=1752,i,11038676753873234069,11232098382229884295,131072 /prefetch:8
  2⤵
  PID:4616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4556 --field-trial-handle=1752,i,11038676753873234069,11232098382229884295,131072 /prefetch:8
  2⤵
  PID:4328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4576 --field-trial-handle=1752,i,11038676753873234069,11232098382229884295,131072 /prefetch:8
  2⤵
  PID:2912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5476 --field-trial-handle=1752,i,11038676753873234069,11232098382229884295,131072 /prefetch:8
  2⤵
  PID:1960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5720 --field-trial-handle=1752,i,11038676753873234069,11232098382229884295,131072 /prefetch:8
  2⤵
  PID:4124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1852 --field-trial-handle=1752,i,11038676753873234069,11232098382229884295,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3848

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2616

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x3e0
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3260

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
456B

MD5
aa4aaab40b1f78a3cb34bbfb3576e3d0

SHA1
3dafd6b69b2c583f9ed345ba5287366acd865fba

SHA256
a7e252e58bf5b20da3a921a3afed2352bc09901e5923682aedea87480fd55537

SHA512
5823dc1fd1135993215337d99787a61d1d88e9bdf8b260f6eadc031f2caaf5eec3c4b1ae7ec84b011592525f6ba93c19ead4d4a537a0270617538ca090d4a5e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
7c6af022b90170b6ab5fe512babbc17a

SHA1
3098656474e6fc007db08524104ca08b04f461c1

SHA256
77fa498cb75fb1718de18007a892d92318a8c953a9d41c4171ecf7ee644d1171

SHA512
c3a48b067fe88b36e57698ffd0754f0640dbe5897ce9c3461738eddfebdf29b88bcfc0c36770d508b719fa4cb2e8fbc890a0ea2e8d5953d4d1b0363c7123402c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
a63ef7c04dbed14eef9a6f0c0735f1dd

SHA1
0adb3abc95284554d8d2b0a37ff2f679eccb8f48

SHA256
dac9bb33f6013045eb88fa74b5206a1f5226beafa1fbb507aec25a79e3179216

SHA512
46803a6b240f5278d79ecb90cc0bf843a952d7a7826619cb71fe6765af2ac02f2f3756911b8a8f18f0d4ee95a3eba6430cb1afe0b1ecae3791f7e1fbfd1ca509

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
28c5229a9341230bc9370f438019a314

SHA1
17e7108c1867ef7df4b511d8d097b1f3a338f0cc

SHA256
1c17d2b12b6c7b2ad5ea1c36c7ce6f7e4b7fef475f8a2a22f2141cfd52dd3b12

SHA512
b4f227a0afbfef1e278301c175606167e108dc570f73a640d9bb23a8d72a2d788597ec4372780bf905de5743f17fde6a02ce92825f7aecca283f5e2ccb78a807

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
32d77c223721a575b19a6ad96a08cf36

SHA1
553847d7ceb2be07e1a875bc36112867f559ccc9

SHA256
90663f3178b0af4487a086ed6c6e8c465eabd52159d42137666a47259e20dab0

SHA512
746af5a8300767dfc8a070f6370f5783fa228ea87c00831d6722c5732bb59ccfa71020fb08cec10ae1cf8ba7acb6d7641131840b8159845092b2940ab7893d21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
741720e41004884596880aafc375c910

SHA1
ef81b0af70525c0635d4965c68ad7ba81d9b4e36

SHA256
a1279589d74ebc6af38029070b848a1ccc01f3d1ba01d4b1f809382aa78c2d82

SHA512
9727a5019d98d72bdc7c96a542548f2d81505aa6112d497b2ed92c30da67cbd858a93ee0f2c76fe9db4c7ffd1e3879840067a7a600eecafe0a67bcd4fec9c6b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
93288662bdcb7ff9efc6d49ce33b5e1d

SHA1
ab9b121abb38b9a3d7c9d2d1ba8c174ed5164cc0

SHA256
14ff1bee3d23c5f5179401da95fd58ddcad2a4c897bd9f42badb364e258e4dfb

SHA512
d57aee9b2bf6c60496eea6c8bb5ff891bc14ec94db8b230669de42dff6217d5bae2d948c506e84d5402d8a8e725b49acdfc43fdd360c712d6d2467cc3f2f9efa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a7feecfc24a3366ef3758c86942da7f4

SHA1
d169365a3aea7c636276b4f1586f5a7efa6677a7

SHA256
b5eb06b26a523db54f82b08ef6c6a5d5de7452012d9c19553556902af2fdced7

SHA512
409ae1124b29d5dcc7898a32adcc0bb0d2527ed6c14e9b1acd630db7f50babca6eb14b3dcbc26566c1918f46dba8c63b52ce3ba6e60755f1eb5d0b0e6cab5bf1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
dbd9f6e90d1afb3a5a4f77099565de4f

SHA1
71d32d371e4cb693e777875467925cec34836b25

SHA256
1850cdb0cfbb9afa62fd2b48e20e65a436fbabc04854ae183d3275f0d54a60d5

SHA512
dc385cdad638cb0ef5530a2ae88aaff99ad14058a5b123f5e19e8d826f2acba984b5a827b7a6f14cddb49501de484c610e5a1be31ba12e8110c01775d6a76a03

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
b2e26384f51e9b5e99f728d59405fc48

SHA1
30c29302e5c6589d95ef98038908d50087a9c3dc

SHA256
5dbde12b4a8f7512f3b332387470c47f8399667fca13ec6723dfbb780e135b56

SHA512
7c929bef7a170233f8e24dd7ee0170848e7ddcfd0fc4be8ffe9c6b8eb17e6071a25307c512c443115ab0f47e65f8f6348f02f517631b10ec6d9b89c9718b7cdc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ab727f9b-37ad-44b0-8175-9541b56547fd\index-dir\the-real-index

Filesize
624B

MD5
9c0db82ee143496733d29656ca67a846

SHA1
ed81730732006715260e10f03a1497819c891ccf

SHA256
9a81f94352c6b1af43e6b10b235550d5cd2f8fe94493ed4a1d7104de8a797cec

SHA512
f371efea342d86593fe4d5225ab96dcde2d381778edf286b6182f334df660d31eef790fdb3aa4a7911756cf1a2735502e00856720ed9a520529c7807944cd493

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ab727f9b-37ad-44b0-8175-9541b56547fd\index-dir\the-real-index~RFe5822a6.TMP

Filesize
48B

MD5
aa56760b73d605ec240f712bd801aea0

SHA1
e6f3b56e323526dd5b78095c70be6db0e9f3de9f

SHA256
d35da89d6094642963c0c3fa5cb274108cdc27ef044dfb396f275376a3ac5087

SHA512
1d5e7481ff99dad09c731e188cab57e98f12125eaacb0a7aa5740c3201f11db4022465f34ea47b87e774e122f467eb2fc6cd20d9c703790bdf496eb265dd1ce2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ca2276c7-5960-40ed-8407-966a2c5e459d\index-dir\the-real-index

Filesize
2KB

MD5
7c9caca9f65a03906d36ba88f75c82f9

SHA1
f6be3d336e71b7f33a0eb9d2fdbb019702ad14d4

SHA256
3fd44ec96639d618903afddc7576d9bff705b7775d59212eeb9aede90420cda8

SHA512
4e439e7dfb50ba0f08eb9e62dcd8f942b24c739a628a0f053e7f4f810d95f0ba33b4c59eec90bd6175c639b2399ef344b0ce22b2c3f657298896dfe8a9316a5b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ca2276c7-5960-40ed-8407-966a2c5e459d\index-dir\the-real-index

Filesize
2KB

MD5
f7bec6c440fac98e22619d161a9f1993

SHA1
1217269a9a7201a496c67ad38667e5519f8f06bd

SHA256
c85f80bf5001a66a6d6cded1606c7e3da4409613be5de375148f2a7aa2f8ccd6

SHA512
a518a6c781878f998366cb9b8a2ee758f34d9f9e687691d1da403f7c575ca7a3c94fd4a9f7b8829e15ac9511807a5a871f553cb479c3f24c188087d3209c9e2e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ca2276c7-5960-40ed-8407-966a2c5e459d\index-dir\the-real-index~RFe582cc8.TMP

Filesize
48B

MD5
f43ae1c6c32c5442e7d5825b1a9005fc

SHA1
ae8d2b4dad7cf3d89e300b7d4ac437be95c2e59c

SHA256
ea195c5551edbbdbba3b3c11b01252604fde2df58593f7e02d92ae0a23277b96

SHA512
2c04530553a22c75e8427312c4f9e03185b766c79351160546b814adcf36e1077eb6e3fecc4d126198a67bdd2ffe3fa0ddc100cd94fee60024242442196238cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
5b529f4f051ce2e270763a89b1d270be

SHA1
c531412e5b8b539dd2aed0e27c2d33b6bd1f9eca

SHA256
de6a2216a95156486053e7106785193820280252179b0836912f6ce9bcece7d2

SHA512
e90661be430ba4c5c50ee5c53fe714661ef3c0bf1b9edbb5baf2f299bda8e0df23d170165fe7d2808a8b4b16501838bc17fcad316238f2f23097673565a3aedc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
185B

MD5
d2c4e0c3f4436971913593813387484e

SHA1
d2cde5124fdec4512dc8c8318e2eea153e351c3d

SHA256
f109d625048a449981cec972845d5a895012c4d09cf6b55b06c0358101fb2e5f

SHA512
7d71582af979ffa9aaa52c1061a7f44b01883ea76767b5a812a92a6a896e8c7bc11865720608de8aea1f964d5f44ecfbffd90305436dc72476e845b288f450ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
183B

MD5
039a4842737a307de6cbd76d48b43b88

SHA1
78802a1fba6d57421b813543553fe7e438c6e8ee

SHA256
55df7fe8ff0bc8cd9780237a702ed00325f1a123878d3fdb995ac02f8fdf337c

SHA512
097624602a5603dea0aa49dc1fb9f0e8d24e364fbd376f3f21a9923a5d8d01db4fe6b880d27949db6777ff3e188943ba8ef7087feed77127ee00e888030b6d38

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
54628ac58681b7e04015deb9af3d8ede

SHA1
375008e7cf05d4af3bd5e1abea3222b7000c4ae2

SHA256
63d86ceab7cd69072cf58bd854fcb65106249107039dc38f6ee67cbdb55a3eb0

SHA512
dcd1f438b77f29f82395bdeb2e932b66c3784d619fab60f5ade7231a26e22e0e91cd1271dde9a3d5b6dbd3078cd475b64913a8e80ce3f4df9915375c9a92e360

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
183B

MD5
900ac815f64da82ebabe41cfaf6731ce

SHA1
998d0b840d559646eb08289b25da1200c05baff9

SHA256
c1f5a0b4ab57afe5281bcabf1c2a922e046e188eea753367421d3fb97bea8f2e

SHA512
934d0ea891340d2746fcddc513c63ee2579e28fe8ceea3326b8a187ce531133295897bd9b4f2497c4fee24f499074d58889894bf6b20689a00f19da66e041e5b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57bc4b.TMP

Filesize
119B

MD5
1f129f289002e26d2ef0e07f157c49b6

SHA1
3cea4404109a173aa60e5a6464823c1479bf9e3b

SHA256
7457ccc0ce07854d1bcd2af0802dcbb5a675b27a0a93eb0b58ce1002896be93a

SHA512
319be4ed243272b1ad11a372ddb408cc577db320a4954ad9dd802ffa25ef59f2a3a97ed7cd0472b14cc3f92abb1a4a5850e0a3bc91026105c7955b780ff92322

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
4442c12712d8883cdc35d4cd77741eb9

SHA1
62f97a47335eac193d0abafa9c94ca344bf55637

SHA256
6182e53aa3e808c928c64df0fcca9f6683534494dc07c192a4e6b6fca4b9d15f

SHA512
eaf24600375f7ed0800b33ccd98e269b80192c3e05a1cf159eb087d27563e51e84cf35738256cc5bbab48bc344a215ab4e9e54f09539c73d4690d26ea3e14bec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe580cfb.TMP

Filesize
48B

MD5
200d75a41ba88a542fdc1d06a05905cb

SHA1
43d1e051b442f6db82109a0538803aee005373b9

SHA256
f0b84e2612fbfeb5e94576f228048bfab2e22bcb2d0ded2791a665864d012eea

SHA512
594ea03ef5a49326af2f88e321ac15164bf804cac69d159bed8b586a44a891131b48a91fd5b072227f9dcd63e83d30ee6d8c2ba6af825104df2b47f434acc3c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4068_1761398004\Icons Monochrome\16.png

Filesize
216B

MD5
a4fd4f5953721f7f3a5b4bfd58922efe

SHA1
f3abed41d764efbd26bacf84c42bd8098a14c5cb

SHA256
c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3

SHA512
7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
209KB

MD5
333e1115bf3e441f119de92c55da9c1c

SHA1
d84134adf6f59dbecb9620e2073d0965489b8ba1

SHA256
eac98921c4e449dc83293c3128ae6d4cb357cff6fdb62a096e04e8870cbdcda5

SHA512
d2eb3c8507253380c649b3b657533b22bc458d2cb98a30958899aac3cd72101e969d935ed554579940465e59c8fb5e169bf976b2f45e092c6836043c2350b872

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit