hxxps://www[.]amazon[.]com/gp/product/1642251933/ref=dbs_a_def_rwt_hsch_vapi_taft_p1_i0

Analysis

max time kernel
150s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20231023-en
resource tags

arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
submitted
17/11/2023, 09:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.amazon.com/gp/product/1642251933/ref=dbs_a_def_rwt_hsch_vapi_taft_p1_i0

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133446857219374203"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4452	chrome.exe
4452	chrome.exe
6028	chrome.exe
6028	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe
Token: SeShutdownPrivilege	4452	chrome.exe
Token: SeCreatePagefilePrivilege	4452	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe
4452	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4452 wrote to memory of 5024	4452	chrome.exe	40
PID 4452 wrote to memory of 5024	4452	chrome.exe	40
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 312	4452	chrome.exe	88
PID 4452 wrote to memory of 4112	4452	chrome.exe	92
PID 4452 wrote to memory of 4112	4452	chrome.exe	92
PID 4452 wrote to memory of 1100	4452	chrome.exe	89
PID 4452 wrote to memory of 1100	4452	chrome.exe	89
PID 4452 wrote to memory of 1100	4452	chrome.exe	89
PID 4452 wrote to memory of 1100	4452	chrome.exe	89
PID 4452 wrote to memory of 1100	4452	chrome.exe	89
PID 4452 wrote to memory of 1100	4452	chrome.exe	89
PID 4452 wrote to memory of 1100	4452	chrome.exe	89
PID 4452 wrote to memory of 1100	4452	chrome.exe	89
PID 4452 wrote to memory of 1100	4452	chrome.exe	89
PID 4452 wrote to memory of 1100	4452	chrome.exe	89
PID 4452 wrote to memory of 1100	4452	chrome.exe	89
PID 4452 wrote to memory of 1100	4452	chrome.exe	89
PID 4452 wrote to memory of 1100	4452	chrome.exe	89
PID 4452 wrote to memory of 1100	4452	chrome.exe	89
PID 4452 wrote to memory of 1100	4452	chrome.exe	89
PID 4452 wrote to memory of 1100	4452	chrome.exe	89
PID 4452 wrote to memory of 1100	4452	chrome.exe	89
PID 4452 wrote to memory of 1100	4452	chrome.exe	89
PID 4452 wrote to memory of 1100	4452	chrome.exe	89
PID 4452 wrote to memory of 1100	4452	chrome.exe	89
PID 4452 wrote to memory of 1100	4452	chrome.exe	89
PID 4452 wrote to memory of 1100	4452	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.amazon.com/gp/product/1642251933/ref=dbs_a_def_rwt_hsch_vapi_taft_p1_i0
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd635a9758,0x7ffd635a9768,0x7ffd635a9778
  2⤵
  PID:5024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1668 --field-trial-handle=1888,i,3052084359247654940,3782450010686964684,131072 /prefetch:2
  2⤵
  PID:312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2212 --field-trial-handle=1888,i,3052084359247654940,3782450010686964684,131072 /prefetch:8
  2⤵
  PID:1100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3076 --field-trial-handle=1888,i,3052084359247654940,3782450010686964684,131072 /prefetch:1
  2⤵
  PID:3340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3068 --field-trial-handle=1888,i,3052084359247654940,3782450010686964684,131072 /prefetch:1
  2⤵
  PID:3660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1888,i,3052084359247654940,3782450010686964684,131072 /prefetch:8
  2⤵
  PID:4112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5068 --field-trial-handle=1888,i,3052084359247654940,3782450010686964684,131072 /prefetch:8
  2⤵
  PID:4296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5156 --field-trial-handle=1888,i,3052084359247654940,3782450010686964684,131072 /prefetch:8
  2⤵
  PID:4780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5364 --field-trial-handle=1888,i,3052084359247654940,3782450010686964684,131072 /prefetch:1
  2⤵
  PID:4680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5656 --field-trial-handle=1888,i,3052084359247654940,3782450010686964684,131072 /prefetch:8
  2⤵
  PID:3752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5704 --field-trial-handle=1888,i,3052084359247654940,3782450010686964684,131072 /prefetch:1
  2⤵
  PID:2816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4744 --field-trial-handle=1888,i,3052084359247654940,3782450010686964684,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:6028

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2692

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000051

Filesize
96KB

MD5
485b8608a0c2a572f2eb743c2e61954f

SHA1
63cf38a838a9bf8a535d0d85a7662c1cab415fb3

SHA256
fda66229871656504572ed3da70b7fb6c7216e5a50854fedf5dc709958fb9019

SHA512
3068e7cc96cc727bd22d4e41cb470fc54f3a451ff099216963b95dd357359d3414534d455ff8d90f2edd159091c9459a6a9e5ff1791150a56c4183d342cea2c0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
07b6ba069716960a2163bcbfb587caa1

SHA1
f7915328f9144597aeca71e9a1bcb31b0ac8bb52

SHA256
f2b24a7b97d132a702602c1726dd960a6667c82a1ed2a23d76be6f7ceeb18e35

SHA512
dc3c335f167ef57c8622b4abade4cdf523cbf2ec9ee3fa880959f810a2248b69abc868a95b8458020050447670c986faecc56faa1fbd3181ac583d6fbb92f1f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
bbacbb08e8aab0b3eddde8ec3a73d816

SHA1
3dda39adc4e57a639df3a28aba67d546b7b242b5

SHA256
ede726c41808eae5a4af853dacaa6ea1e81c1171158d3e46d1d88d6c41248198

SHA512
a33cd32e80149fdf107827951eef6a459234846adebc6c9f5619a691da32d83f52f91fc833501a9899668cbb8ad68254c35ae59e70e2997bcb6e70e7473ca288

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
8c14f10679e898f8fe4f7ee852a5bbb8

SHA1
536e421b5585eb4b8468f7610d4364190c72f468

SHA256
040126cd84084714146e455b656f61fa49797a9d061e21f43593b8567a9c6620

SHA512
06f6e5cc5ab9894d3412a3042527204c2324c4e6785af54e30266aad2448ecb691106916a5f90b54b06c9c802134535c255f00ab222ad39028066aae0d429d6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
79f258d478da9ccacd97795b827bd48a

SHA1
bea999334beb0e095d9856b3538c143d977c2f14

SHA256
5352899ae8a6dd73837fdc63dec2e0f906c65c685eb49dae8464b8cff462323e

SHA512
31bbe3718a864e4133942d4e92415a738dd14aa62d7b51cf19dd14e3a44c5f10ea202f23e8c93fd677fee5c594dfc42f44909c02576a82cfb63a5dee0559c4c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
fd387c161d2b94952c13d83308a207eb

SHA1
886270e1f19b725f7c30891de4fb0e51e8d35fec

SHA256
4a05c395776b04cf7c63572e5716c87eb7ae4f4b715c732cfa087ef63096fbf2

SHA512
9aa4e215e44adfe26d5edda7c52cb3c1b940e3c7c72b51aab8c7c8b1642f2c12fb4263cecae7fdc307fb3408c18e7e33abb0a026a976b7aded3d7da12cf0d64b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
538B

MD5
86418b96858057ee9f4c0e7a33aece2e

SHA1
09bfd942a800051860215c9899d003ec81d0f789

SHA256
dcabbc08f3e1cf75df30050d9b9c55c2b533ded9a8a6f46a6f55de94e9f0c357

SHA512
d198d6eca0205d1bacf3eec806fe60969acef483d3983b4af1a572e352e3c01cca30fde4abe6ecfa9dbd6aa6bc3794f70bd630700bd747c661f51a52ce06e4a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
291bff10bd6635732455edbe3da7b443

SHA1
25feb042760c4d0a6b04f465cd69c171461a9fee

SHA256
3baf27762c5f03f3217402a05ba43e21a45827239372fdc0f8e09c051ea2e649

SHA512
59a6954a154c491671bbef5b3980d5e6f5bac747728c11b3e8d05f6560d3a82e3cc030ba36464899fa51ddcab3fb301f81c0ee01d49b10db2211b67d93c765bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
a29c1bf49f38479be7041e8fe57a02b6

SHA1
0714f120bd8db05018487b068e67c063e5e51550

SHA256
da25cf5678d41ef5cab71cdb83c7eee6cd89166eaa73f95332c49ab494c3f128

SHA512
b98f5eb006b8293c2d79bd83c665ad4466f4c1b8a223bbcec2415f1f16b1016464b2b8090e87689af095641f1d859d6efab02c8ff79672fb456c89beda0c02d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
03b7742fd8cccc9087554755239d6692

SHA1
f58905bbe668c9ef3499eb3cc8c8ec35e36c6c87

SHA256
3a78bac087b73e259ac03a858b91a9027c39e3a8071393b961f8f1013b36c667

SHA512
a92a0f1aee3742222fd9ba5f174fc06ddda68a28791450351467df22592fb863c07c9152b55ea8c08ab2a9d01a4e1d9d5b684a7c4e094a42ab57d4553115cdf4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
4b53e8420872b9bf9d5dedce3399c8bb

SHA1
2a689caf3f2070fefbee47d08c090de6e9a10196

SHA256
5a85f162c214ff22f5bdf37755a6ed136ec199bd979e6e97842afe3e4484c9cb

SHA512
743a14ca3e272528c43fc6fa6e4c129b4993972c5f3f9df1ff882e311df677dbcbd8961233d4c5ae0569917c09b589825cd484c07ace677b5d812c45c49e21d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
88f4a8c4b597565016e0b4d138bbc954

SHA1
cab576d2c8cc9030cdab56dcfffc9c0e499b618c

SHA256
23c2a788bfc620c2e544e14f6c255ed1e22fa5ead40c42d279fb9909bca9c8f3

SHA512
a41f78210d739e63bf7bd0db3f49289f9886efa54a5702f8c2dcf725757ae661ebfe428b628e1099b67613dc8c5fcac9c6dcc3759491312470600e6086fa1c1d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
109KB

MD5
8355d59449231f94fff580e7d1b86fde

SHA1
549eadd617cdf523acf60f842f38eab0b6092c18

SHA256
edee7bb0cad726347534da6a64cf2e3c44c66c2cd3ffa0ca1d12437798305f98

SHA512
a71ba99b2af5ace56feb3b704030736309f73a8b61d64608e57d19f106edfecfe9eaa33e75a83a9e8c5849fbd458f57f1a98731cd2402eb4d142ca20abfc0079

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
103KB

MD5
551fe2e14bb5845bfa8cee6022e0f4ad

SHA1
8f611128b9687c584b18725e158b16b03d945f1b

SHA256
a66edde4b109009c4c188f58a217034db57484ea4926b186ffc4a30b6312a8eb

SHA512
8eba9f6a57be89d8b096db803ee9ac300e222ee1084868d75563b234cee84c977d695c7629588b6f4bc37e3af18311926fa8e261ade9ca111a36073c63d1d9c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57fc23.TMP

Filesize
101KB

MD5
c1fd4e030b9a1c8b601b56f0d6357e17

SHA1
b438d3de2cf684b61c06789faa2c33f37906833d

SHA256
571067bddc51c32c985cdb2f239907db06d77862fdf366ddd6ed169e0ffbfcdd

SHA512
e98880e0042e076f7e5cf5866ae33a264c332fd9be8daf5a65cde1fc666103b95461a2ba1c92fd0aed13ac59b4e364d3226b29a081cfd7f7413046648c2e7b4b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit