hxxps://github[.]com/ytisf/theZoo/blob/master/malware/Binaries/Ransomware[.]WannaCry/Ransomware[.]WannaCry[.]zip

Resubmissions

12/11/2023, 11:39

231112-nslb6aff83 1

12/11/2023, 11:28

231112-nlfhbsfa2x 10

Analysis

max time kernel
28s
max time network
95s
platform
windows10-2004_x64
resource
win10v2004-20231023-en
resource tags

arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
submitted
12/11/2023, 11:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/ytisf/theZoo/blob/master/malware/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.zip

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133442627975452426"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3788	chrome.exe
3788	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe

Suspicious use of AdjustPrivilegeToken 50 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3788	chrome.exe
Token: SeCreatePagefilePrivilege	3788	chrome.exe
Token: SeShutdownPrivilege	3788	chrome.exe
Token: SeCreatePagefilePrivilege	3788	chrome.exe
Token: SeShutdownPrivilege	3788	chrome.exe
Token: SeCreatePagefilePrivilege	3788	chrome.exe
Token: SeShutdownPrivilege	3788	chrome.exe
Token: SeCreatePagefilePrivilege	3788	chrome.exe
Token: SeShutdownPrivilege	3788	chrome.exe
Token: SeCreatePagefilePrivilege	3788	chrome.exe
Token: SeShutdownPrivilege	3788	chrome.exe
Token: SeCreatePagefilePrivilege	3788	chrome.exe
Token: SeShutdownPrivilege	3788	chrome.exe
Token: SeCreatePagefilePrivilege	3788	chrome.exe
Token: SeShutdownPrivilege	3788	chrome.exe
Token: SeCreatePagefilePrivilege	3788	chrome.exe
Token: SeShutdownPrivilege	3788	chrome.exe
Token: SeCreatePagefilePrivilege	3788	chrome.exe
Token: SeShutdownPrivilege	3788	chrome.exe
Token: SeCreatePagefilePrivilege	3788	chrome.exe
Token: SeShutdownPrivilege	3788	chrome.exe
Token: SeCreatePagefilePrivilege	3788	chrome.exe
Token: SeShutdownPrivilege	3788	chrome.exe
Token: SeCreatePagefilePrivilege	3788	chrome.exe
Token: SeShutdownPrivilege	3788	chrome.exe
Token: SeCreatePagefilePrivilege	3788	chrome.exe
Token: SeShutdownPrivilege	3788	chrome.exe
Token: SeCreatePagefilePrivilege	3788	chrome.exe
Token: SeShutdownPrivilege	3788	chrome.exe
Token: SeCreatePagefilePrivilege	3788	chrome.exe
Token: SeShutdownPrivilege	3788	chrome.exe
Token: SeCreatePagefilePrivilege	3788	chrome.exe
Token: SeShutdownPrivilege	3788	chrome.exe
Token: SeCreatePagefilePrivilege	3788	chrome.exe
Token: SeShutdownPrivilege	3788	chrome.exe
Token: SeCreatePagefilePrivilege	3788	chrome.exe
Token: SeShutdownPrivilege	3788	chrome.exe
Token: SeCreatePagefilePrivilege	3788	chrome.exe
Token: SeShutdownPrivilege	3788	chrome.exe
Token: SeCreatePagefilePrivilege	3788	chrome.exe
Token: SeShutdownPrivilege	3788	chrome.exe
Token: SeCreatePagefilePrivilege	3788	chrome.exe
Token: SeShutdownPrivilege	3788	chrome.exe
Token: SeCreatePagefilePrivilege	3788	chrome.exe
Token: SeShutdownPrivilege	3788	chrome.exe
Token: SeCreatePagefilePrivilege	3788	chrome.exe
Token: SeShutdownPrivilege	3788	chrome.exe
Token: SeCreatePagefilePrivilege	3788	chrome.exe
Token: SeShutdownPrivilege	3788	chrome.exe
Token: SeCreatePagefilePrivilege	3788	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3788 wrote to memory of 4148	3788	chrome.exe	87
PID 3788 wrote to memory of 4148	3788	chrome.exe	87
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 4672	3788	chrome.exe	89
PID 3788 wrote to memory of 100	3788	chrome.exe	90
PID 3788 wrote to memory of 100	3788	chrome.exe	90
PID 3788 wrote to memory of 3020	3788	chrome.exe	91
PID 3788 wrote to memory of 3020	3788	chrome.exe	91
PID 3788 wrote to memory of 3020	3788	chrome.exe	91
PID 3788 wrote to memory of 3020	3788	chrome.exe	91
PID 3788 wrote to memory of 3020	3788	chrome.exe	91
PID 3788 wrote to memory of 3020	3788	chrome.exe	91
PID 3788 wrote to memory of 3020	3788	chrome.exe	91
PID 3788 wrote to memory of 3020	3788	chrome.exe	91
PID 3788 wrote to memory of 3020	3788	chrome.exe	91
PID 3788 wrote to memory of 3020	3788	chrome.exe	91
PID 3788 wrote to memory of 3020	3788	chrome.exe	91
PID 3788 wrote to memory of 3020	3788	chrome.exe	91
PID 3788 wrote to memory of 3020	3788	chrome.exe	91
PID 3788 wrote to memory of 3020	3788	chrome.exe	91
PID 3788 wrote to memory of 3020	3788	chrome.exe	91
PID 3788 wrote to memory of 3020	3788	chrome.exe	91
PID 3788 wrote to memory of 3020	3788	chrome.exe	91
PID 3788 wrote to memory of 3020	3788	chrome.exe	91
PID 3788 wrote to memory of 3020	3788	chrome.exe	91
PID 3788 wrote to memory of 3020	3788	chrome.exe	91
PID 3788 wrote to memory of 3020	3788	chrome.exe	91
PID 3788 wrote to memory of 3020	3788	chrome.exe	91

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/ytisf/theZoo/blob/master/malware/Binaries/Ransomware.WannaCry/Ransomware.WannaCry.zip
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffaa9279758,0x7ffaa9279768,0x7ffaa9279778
  2⤵
  PID:4148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1732 --field-trial-handle=1888,i,11102563304077762975,9591391253626840127,131072 /prefetch:2
  2⤵
  PID:4672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=1888,i,11102563304077762975,9591391253626840127,131072 /prefetch:8
  2⤵
  PID:100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2232 --field-trial-handle=1888,i,11102563304077762975,9591391253626840127,131072 /prefetch:8
  2⤵
  PID:3020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3092 --field-trial-handle=1888,i,11102563304077762975,9591391253626840127,131072 /prefetch:1
  2⤵
  PID:3292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2964 --field-trial-handle=1888,i,11102563304077762975,9591391253626840127,131072 /prefetch:1
  2⤵
  PID:5064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4556 --field-trial-handle=1888,i,11102563304077762975,9591391253626840127,131072 /prefetch:8
  2⤵
  PID:5044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4908 --field-trial-handle=1888,i,11102563304077762975,9591391253626840127,131072 /prefetch:8
  2⤵
  PID:3600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4724 --field-trial-handle=1888,i,11102563304077762975,9591391253626840127,131072 /prefetch:1
  2⤵
  PID:4360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5184 --field-trial-handle=1888,i,11102563304077762975,9591391253626840127,131072 /prefetch:1
  2⤵
  PID:4464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5336 --field-trial-handle=1888,i,11102563304077762975,9591391253626840127,131072 /prefetch:8
  2⤵
  PID:2596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5484 --field-trial-handle=1888,i,11102563304077762975,9591391253626840127,131072 /prefetch:8
  2⤵
  PID:3460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5424 --field-trial-handle=1888,i,11102563304077762975,9591391253626840127,131072 /prefetch:1
  2⤵
  PID:3464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5800 --field-trial-handle=1888,i,11102563304077762975,9591391253626840127,131072 /prefetch:1
  2⤵
  PID:3976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4904 --field-trial-handle=1888,i,11102563304077762975,9591391253626840127,131072 /prefetch:1
  2⤵
  PID:768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5584 --field-trial-handle=1888,i,11102563304077762975,9591391253626840127,131072 /prefetch:8
  2⤵
  PID:1872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5064 --field-trial-handle=1888,i,11102563304077762975,9591391253626840127,131072 /prefetch:1
  2⤵
  PID:5396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5460 --field-trial-handle=1888,i,11102563304077762975,9591391253626840127,131072 /prefetch:1
  2⤵
  PID:5556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=6264 --field-trial-handle=1888,i,11102563304077762975,9591391253626840127,131072 /prefetch:1
  2⤵
  PID:5804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=6400 --field-trial-handle=1888,i,11102563304077762975,9591391253626840127,131072 /prefetch:1
  2⤵
  PID:5812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6740 --field-trial-handle=1888,i,11102563304077762975,9591391253626840127,131072 /prefetch:8
  2⤵
  PID:6064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5840 --field-trial-handle=1888,i,11102563304077762975,9591391253626840127,131072 /prefetch:1
  2⤵
  PID:5536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5796 --field-trial-handle=1888,i,11102563304077762975,9591391253626840127,131072 /prefetch:1
  2⤵
  PID:5744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=984 --field-trial-handle=1888,i,11102563304077762975,9591391253626840127,131072 /prefetch:1
  2⤵
  PID:552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=6600 --field-trial-handle=1888,i,11102563304077762975,9591391253626840127,131072 /prefetch:1
  2⤵
  PID:4856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=6996 --field-trial-handle=1888,i,11102563304077762975,9591391253626840127,131072 /prefetch:1
  2⤵
  PID:5988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=7152 --field-trial-handle=1888,i,11102563304077762975,9591391253626840127,131072 /prefetch:1
  2⤵
  PID:4692

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3260

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4e8 0x33c
1⤵
PID:4052

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
330B

MD5
1f1fa32714ae4272169e57c2e0dbe386

SHA1
9a613e344ae5d076f08ce0538f5ef239654014d8

SHA256
7a33926bd94a9897bed80a99717baae3a50b1e9e5508e7999ed6d1b825a5cdc7

SHA512
6737aff518c23e113fc1dc9b6cf905dc694be427e20faaaa6bd4476a8acc116ab078e2d80943ce9907086a9f09ebc4dbfac9b42e4169403ad02d0ef23108e606

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\7a5a204d-4503-4199-8666-a38bbcd3460a.tmp

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\4fc19b01-7251-4480-aa07-c1d5f2ed0b13.tmp

Filesize
5KB

MD5
e41f83578a30929081953ebdb0ab4a80

SHA1
2293c4645f5241965e73e037f9da935a7c97a542

SHA256
15c17d6b514764dc2a18997c90a7f0c6ed22ee6a0120ae2a950168f3250cf47d

SHA512
60b363bbb957b43e3ddf73b02483e1095755aec12e0c788fe627a0106f7df326a848284629114b8fa33349ddb258e5b51573a67926ed29366b3e55a73aee15f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
31KB

MD5
096c149e3ad6864cb22b412df0fdba2b

SHA1
41fa6491213a02be69143d838c959b22424ebfcb

SHA256
55913af3e27a5a52058ce192a344ab41c93681ecb0a50b208891c7fffaca93a3

SHA512
a831c6af95cb01c1695835a89c2a7f24a1fe9f5ecdea28221313ca2ae9228e9f993bdc0e4e63821a7a30cf1eddd94256b90e118ac62576242397cc84553f3333

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000034

Filesize
107KB

MD5
39eb158cee5942822028571313635642

SHA1
2ade59c165e1d447d149fa3da3567d2273b323dd

SHA256
680629b0d4b0fc375d5b197c8410d8e472d4bde39f34eb8755be844cc3128f18

SHA512
474055a76989b68bba81767002eeb6b6c1d15681c7a6db8641a0eb7b866442633de09d68b1bb3bc8c009e87a0b5184be37834a03966173dcd7a633783c468279

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000037

Filesize
18KB

MD5
5251b6d58b6596721621e740e406535a

SHA1
cdbeeefc140e8bbd041678ff5973b0bd4b99697e

SHA256
05e24cd4fb805cd3858ec2bb53d3b39d998ec94f5f1577cebb8c4413a16ccf5c

SHA512
7db760075dd64c1dc6c0944e5aaab10bc1bdebbb1aeb80709a3c6c9e141fc1513e74e17ea90c6488715a6f32067e0bb144764e0ca16a2d9e14e0cd2f3b11b6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000042

Filesize
275KB

MD5
51b3730aa1d5d67ac3b42d5f2ef12533

SHA1
1ac3aa28b33052b2c63d29f16a9b22988ddf4fa7

SHA256
c01feb03a947880eb423f9abff930bb41e8b9d7584f73818158e0fa914396dd0

SHA512
7dbd7459968f2d50e05122bcb209e293a544312142c3b3bd775dcff1bfba6eae47a5001d408213d31650efb5d0d5b856ae93d147f75435bc9c41287ac43cf30c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000045

Filesize
81KB

MD5
5e9d6b2afef27571651ddae3da70c61c

SHA1
beb028b8b75253c4569f5c2186b9217a96af519c

SHA256
86540f58e8c377d82804fe96d1b37b49cec4bd3f1df33c565bad9530b58dcbfc

SHA512
6ead4fe30fce3a096f037b207d42b019133cac4790f0b60caca268fb89fd0cb4c867c7a723551b1c983141818a2a94c0dab3e0f17ec51cf7f934e9f0817902af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004a

Filesize
97KB

MD5
5c99356594e58edc07153dea708260fb

SHA1
7bf85286140092c7d88bef6b9ef62a670c6ce9fe

SHA256
f204967244715976b63bbb045d2da6836dcac195e881a7dd6873b999cef01018

SHA512
1c12c4902b277303371d154f40112d920d84c132ae24721e1a8510ff74a032e973773315a9d85efabeb86c468474f74e152244214b6f5c7dfc182799e019cff2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004d

Filesize
22KB

MD5
cd3a4aa677881427c57c0ba5259f276d

SHA1
80aa71eab7b266c13ff8ca4837c0eeb1403e7037

SHA256
d44946be0e8c7562a1206af82bd2dd54f65d37f108a1e4c81f348fac358e15d7

SHA512
6c8515fa5738f2878ac891cb6ad61f32f5f38ed08ec8c40bf0dbbc47f710eb567c1a88eff18c74fa55b132be0433ef5de3d6146178078b2584bd3a3f1ce2482b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004e

Filesize
55KB

MD5
d854654eca1f7ee46f3f0971d9dc081b

SHA1
3a3ad52c8c8f3fd2dcf8dba9249ee5594e0ebca9

SHA256
a3ba51e97fb548c2146f4912e4b5ad90286cade4e816c04ddb40c95fabd2cd51

SHA512
15e47254ecc952a0e2e78f54bf0ab11a1f1c063cedcd6f056067ce35ec6ad5bddda22c44521f0e32db23bb095541fc7283f70bb588f3e0dd3cc214431349fc90

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005c

Filesize
47KB

MD5
8d3695fa1c99aa4e6effaab7c8ca7f08

SHA1
d450c278d023f0f5389f0433772512935a5254ef

SHA256
192695a211d7e782caa7e8928257cd7ab260a13aa41f49dda309d7bf6a8b4e4c

SHA512
cfbf3e75ed411d547108ffd71014c32ea90ff3dd476259c14f8ac30cde1e976e698e7c1cb9accaa9b1239eb65132b0848ecc79ee433d7cadce7170875bd391b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000066

Filesize
19KB

MD5
ba0c31a88d186b9bf37f038600a30ce0

SHA1
263bf7796d6c092a27c3af812b318487b9065ef2

SHA256
200026d61c313f864938c246085a8e66a4146bc26f08b8d55aa0d1517b181bb5

SHA512
044b3f5129d93206b32a5659bd288b23ac886ae6ed7a3a505b0cc0ce88dc2a443c4677d1bfe841a9cc952583440cb56f7c041fa365150ffef5456d74fc1f8097

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000072

Filesize
188KB

MD5
73eb41b42d2bbcb4b2937c7f72784956

SHA1
ca6a26fd20016425aabd86a2ea50292d1e84fafa

SHA256
ef9aad20cadd5827ca88fb1e241b322761cdd68e57ee67fa92e53e29985d762f

SHA512
625afc440c78479b5c2a6aeae9c82692063b56ad377caaba3cc3940299601428f8608d0cb8774c5534c414710998ea432b1a8bbba89ff51e7b8be6ab5caca0ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007a

Filesize
258KB

MD5
81bbbcadbfbf74760c2883500672d648

SHA1
b5b4bcc4888484bfb04f81163b1b16ea4692d7a9

SHA256
acefbd6fd4b5bbc81604266a6d48f5d6a0d3f75529309194c9436aec18c19230

SHA512
e64001167182d12a56222b7d77a5eeb81cd6ccfadd180cfd92abed73bb7496a51eb5e640ffb9ea2f8b0d140e223bf65f38d392bafc6a8e720dd66a0185e1d0ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
3e9ba01eff87240a06f59692800bed08

SHA1
e180db9f04b7ac3458a2993c88680e34f4f02643

SHA256
aa2328380e1bb9f2a0d2ad1a8434dfad9fab3e90dc15ce67c3bede6213468871

SHA512
2168936dce781ac000a998bfe98753385bb7121fa3b03995f1069036e1fb69aca715b42362c29eda72e5850431e8f8dcabc4e0989569f00ccaf4d307fe0cf8bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\40fba880-90e6-4e5c-a556-f179471a2bd1.tmp

Filesize
9KB

MD5
7b6fdc23f657bcb5e94a0f672cd47a0f

SHA1
42b7bef813d6e55a6a16a93d9e1c95db4ad7f1c2

SHA256
0239199e597641644dc9834b8f589b544f8a9b04b7d2b2a2bd0bc1eee4412306

SHA512
3b75a32b317795db8e783835c7d53d90071e6778a5ee2793cac03d7ccab680c79dc3688f0a95e38206f2bda719813a6daf9c160292ba2457f40b1c1ce82f8353

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ae4f214e80f86f9ebfaa3301a033fdda

SHA1
d5065378be636b89607ca4e2fe087802e0f705a9

SHA256
bac49be08dc937aae03dad26398b35ee93d509e4a7a53fd156d9708305d17230

SHA512
c48a110aede9c7f2279174b64356a0965e5d64f5e26efe4d36c3c2d5a55aef06a7cc773a5cb6ca30f6ec586a78892ff3412a9a034e4ba3ccb4fe7a037a063d5f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
1805c3e3240e96f717cb93cf1e559d34

SHA1
68b0047622d785ff0a3efe8ee403fe9aa6594eba

SHA256
ecabe3e22049a3517f8aaedd4b6986545078c5fdec2031f5f7b105642a4d8af3

SHA512
8296b532f40494fc718f569770df28d22e9a0e7ce2f8b290d2b3402a61ed9d05425069ce05aff5ad7d97cc5acc021eabac3e5221fbc5d51694feaa386ea9edb6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
bf7e5aec176de1641e4f769e9af51429

SHA1
c06ff5116baa5dd90a2367af4258cf0734ec1fae

SHA256
0612d4dacef90c5587ed004c35a2b371081d1bb61db2ebda00e9e5af11d3b5be

SHA512
51db6201637b80058e3dc578aa1c7d656de41c2d292df2a84fb0379606d75b87a748e0cb764eb5f43d3726c8757b51ae353a137984baac6f7911ee2075723ea0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
5c6beafbd3327074eb7dfc533bdfe147

SHA1
ca85081c98753f70d2ae978f0f32c8c0083ecc93

SHA256
1ee3369af04ab2d0b736c9acd208fe0c958e3393dfdb51cb9a82a4047cbe6245

SHA512
1bfb916a2cc3d421934f1be44c8bc3a96dbe25079dccb8ec22767bab7b33837176f7ac72547740f424cea9810f1587a1f830389636922633da5fbc55b244828d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
142244733b9c73e0b77927e989cd380c

SHA1
2a996297be75a12c9aee485782565d1caa2ffced

SHA256
85f1866f1e07fc1594f7a412f7d48fcc12c9da544445ccff06259d3f30043753

SHA512
b86caad127001d0345463c304f0fcd06de82818a4c65ba61dcbefb0c1541103cadbe4a0fb22158eef75b5b60750579652d5e4d08d2ef5405e6a8b06d84ed2c37

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
3121119661b56d8f70e48ea3f05e2b13

SHA1
0497910366ba8512dbb1aa5ad6a13857ee3b8547

SHA256
a5702b6ce40e9acb683dd98cf842a24d8de2a6a4b8d6319f884f4646838cfd8d

SHA512
bdeb0f97a3d289265a6a844f3e4f282d3faf0bcfa41ca5feb91eb34f126337d538c8f80f69e58313cdaf4c6c43dfb436c961d744c7481acd9fa92e4d73e5422b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
649528ff197fd20b410171b3da73fc8d

SHA1
2d05fc95cd652bf505b770a701587f04c3d35c5e

SHA256
aca99f3de23ccdd18acd92a0805823c27711e64cf20035caeef2fa4a67738c0f

SHA512
068d0a3a32b01e2e4e63ee058f390245c926c3244c26a9b379a0c9d34e735692779e025f58b56681924d55c1c9ef93c6ff39d8a81a27d15fbcb32ea4785226ac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a58124570715dd3d1dbf87dd60d5d388

SHA1
e0e68ff49aaed0f81e615c71b5ec4119b581c5ae

SHA256
0eb7752e7067d16cf38b56b28b5956519f406711ba85303d001274e624e95380

SHA512
4b9abc5aa8b4b78ba5010e29de7ea4ac3ad5a14997c75e173daec32ebe172efb327a70ed4494fd982e6e94320bee55f842cf951d1bbc1fca693bbd6ec183b224

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
c9ff10a58aefd1ee2f8ebdefb1b8f5ad

SHA1
a442ff9ea843a0d8e75d290acbd4328aea54ebfa

SHA256
add84d125708dc9078dadcda02c6349c60523f4e497ef1f8ef6e1339b6cb1452

SHA512
c44f1b4058f4144dadb72bb522ed8a046e96647fc91697d7c65ab55db9a69d3de945a292d25c85c90254b1cb36889b36ed2a635f8b7692c821804a141f4c56cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
67ca13b424f91558c41fe5a3c4908371

SHA1
274879d335b0348100696f73651493f82e9ac576

SHA256
a111ce62c783fb1788afc398486a64a70ae7a39bf142a2e06b6763badfef756f

SHA512
e9146c71dfb4cd17a22066f552dde987227504deb98f05caf4c29c645a01781a42e3342706c90263b1b0a1c474b3060d7e727b0cd060e40a4d497cc381d1e9d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
7ab369e95cddb50e8a822ede90c77d84

SHA1
9aec3665823bc424de1827a88683aa3ddcf9965a

SHA256
d57b93b6bcef11cc28daf87c8cde6a0e13fccfb79fc9401346cf2c9c0b380800

SHA512
27ca3c0887790108ee3debf9f9af66f7d9e89202a0881f47a472d32a6685e0c331649a4b6ab7482874517b9ed0be1c229b20c4ea3482d6ea4b6851929f1b67b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\71e3898ca7ca16818b6824187072f2fc9873d589\09fe4e25-04a3-4cd6-bbc3-bf1eb3272e95\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\71e3898ca7ca16818b6824187072f2fc9873d589\0ba534e9-a8dd-4f04-8273-9ebd3cadb12c\index-dir\the-real-index

Filesize
72B

MD5
4d4c8b8191ed6600d5117338ecf0c123

SHA1
3662273f0249bfe58f4e8c36e88475869a9442c8

SHA256
8af60d4f47f278d562eb7ede988249a325b0b1c9aa05e850fe7e5d13284569dc

SHA512
9ce3890cf884b31f911e4e8ebecc64175ccbb855992d3536088af4e171070f53b3fd1d62cea7f17fa7b93fae157424eb76ddbde9190f62c6a884080e13b4c366

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\71e3898ca7ca16818b6824187072f2fc9873d589\0ba534e9-a8dd-4f04-8273-9ebd3cadb12c\index-dir\the-real-index~RFe58b030.TMP

Filesize
48B

MD5
2138e22bf06ffaa2e008b80a579bad85

SHA1
6548f8a3fdc9b53102c8ffe090d8c027720d516b

SHA256
ba7127082b9956ab932c8abbf635cc1bf01ba82244626d4e3f18acf7efb932b0

SHA512
e8dbca380fd7d689977373cfc5b6a4fe1ef46ab89971ca7e7e6eb16955753eee8dd1fad6300a625e34a8a65d997a046728bb7e526496a7a97d85bff4116126bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\71e3898ca7ca16818b6824187072f2fc9873d589\index.txt

Filesize
184B

MD5
367c4abe7074c1e65d2703416379d65f

SHA1
2dd694e697a28ca10be58f2ba50861393c6fedbe

SHA256
91512306bf20e91f75b1538b8c2ea4c831ab829946cb374f45f0c68aa49d1970

SHA512
e3b0bd70f746995ca251ba22a26804e85bfd897cd1b66147544c6b104a2b0c03e8960ecc67680d1aef3cfa8f2b653c5d39a43bcef4eb5d69c0ac4b24e063f50a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\71e3898ca7ca16818b6824187072f2fc9873d589\index.txt

Filesize
177B

MD5
492c87e724232eca25fa3a6c9091c5f1

SHA1
8f7410db68d0df1bb00191ec1086d49035bc2dac

SHA256
32b8064d9a828719c1cc68ab21ba3373f319ff9e222899015339ecc188cc06ba

SHA512
86c27632946509a629b56623fb521cd44299bbf6fbeda620e102e7c1cac36ae8e6876726435eaf5d2984c94fc45c3d87b9a12b13312f1590d968e7901841e122

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\71e3898ca7ca16818b6824187072f2fc9873d589\index.txt~RFe5883f0.TMP

Filesize
118B

MD5
fe96e25f44aba1bc1436aa469b49b287

SHA1
c7d42d39b01c5b34816444718905695834ae433a

SHA256
d42736ffbc3473551cfc2fcc5242d119b87b8a12c0ba26a00281c0d35db58a3d

SHA512
3cf3b68aac30ecadb37f4c50cb4e4efd2e96a2420161ca93754f16c735db8f135cca70f9386c7d4685e9015d3c282c35a11ec0f5ed76d244ef57b6533d07de04

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
48B

MD5
918caa2719404d363c97a9d742e0c146

SHA1
6b9a737153bc0c6b904a07a6a217413e8e9c7f9a

SHA256
d85ce22136bc4c83e1b9f11b00682d7a57bfb68b24f2339bdeb2955067656723

SHA512
6b5f1318a62abb47d79f0ef1d79eb03c89e123e5b2ac26871c0f20591e1fb8a3aef1ec44e7a277cace901ffcffd2b508c52e9d257487907191b73fcec9ea913f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58d27e.TMP

Filesize
48B

MD5
b374e8561766309b7e074bcd85f68ce2

SHA1
9b7771c2bb552d27baef8412d4da60060ca62fb2

SHA256
ccea58d6b2e10d1d19f455fe14a8f52a604982ba31d43447cfaf2bbe70c9d449

SHA512
5765974cbdced7fdc78e09da463f093e4e49ef1c16c809169a250fc07f6f556805056f23c43e96ccdea74454418d28fdc007c07d3866454467de6698945c882b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
109KB

MD5
89e5a95a57f85a0b48e92f35d5608e8b

SHA1
94b75925a723675f40ad3f630f4ab153e44c06fa

SHA256
235720f1329ccdace438b94fe051c8e2dc19bb3f219231ff068977c5ef3457a1

SHA512
c2fdeb270c4cf91acdf387c93917bdefeb42d74120bd89107baf06acf6090806d2771d8472cc65bf369f26e9c483acb83d4e140ef00e0c88406a6b54b717e92b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
109KB

MD5
c22fce1a3767c273b261c29eccbae97d

SHA1
7cc11ddee2d630161d573ba339a700c1c3573337

SHA256
d58606339003e7b68ac9083a35e0d9519b1512fef9080354c474e1ee39ff2280

SHA512
92d123694ddd54c072a7c85c2fd1480ae66f480c690d97ccdeff119e113597226f28e9737b41fec3bcb75818aeb712d48bc0009dca6f22228aa4cd92fa469c20

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58de07.TMP

Filesize
101KB

MD5
479a8e03ae2d7ef845a36a7e0ace5886

SHA1
9bd7754f8f4b1a9a6c2486b11d966e0f3999b48a

SHA256
f2337f5bfd7e60d4a071e308fc7ccee69f6696a50a8da425cdede367e4fdea00

SHA512
ef741e16ea93703dd41c331b10d492ec750d67542013c520d772c05b0b6f573a414efef5cefeeeb1610d1244e00e97812be491534718658952cb20e664ed29ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ed36e98f-d585-4c0e-a571-daff66ada36f.tmp

Filesize
104KB

MD5
6c40cbca2c039e4987778aed103f9e42

SHA1
64cdd1a7848b9652a9be4602cf8361be69948345

SHA256
b5b724601ee0cfac4fa89f493e3a6f5b5a4221ccbad8e02be25c7cb59a928264

SHA512
75d74398e2cdc2167a1eb51ce908f03ab1a45b9544e15a63390337d50d8afb90060403cbd12f92acaf9b9839801822d84ff86e3bdfa9b9b446c6b4461a6a664c

Download Submit