hxxps://deanofstudents[.]utah[.]edu/support/csc-digital-badge[.]php

Analysis

max time kernel
630s
max time network
636s
platform
windows10-1703_x64
resource
win10-20231023-en
resource tags

arch:x64arch:x86image:win10-20231023-enlocale:en-usos:windows10-1703-x64system
submitted
17/11/2023, 16:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://deanofstudents.utah.edu/support/csc-digital-badge.php

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133447127839231775"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
4664	chrome.exe
4664	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
2548	chrome.exe
2548	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe
Token: SeShutdownPrivilege	2548	chrome.exe
Token: SeCreatePagefilePrivilege	2548	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe
2548	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2548 wrote to memory of 5004	2548	chrome.exe	71
PID 2548 wrote to memory of 5004	2548	chrome.exe	71
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 4440	2548	chrome.exe	75
PID 2548 wrote to memory of 428	2548	chrome.exe	73
PID 2548 wrote to memory of 428	2548	chrome.exe	73
PID 2548 wrote to memory of 3512	2548	chrome.exe	74
PID 2548 wrote to memory of 3512	2548	chrome.exe	74
PID 2548 wrote to memory of 3512	2548	chrome.exe	74
PID 2548 wrote to memory of 3512	2548	chrome.exe	74
PID 2548 wrote to memory of 3512	2548	chrome.exe	74
PID 2548 wrote to memory of 3512	2548	chrome.exe	74
PID 2548 wrote to memory of 3512	2548	chrome.exe	74
PID 2548 wrote to memory of 3512	2548	chrome.exe	74
PID 2548 wrote to memory of 3512	2548	chrome.exe	74
PID 2548 wrote to memory of 3512	2548	chrome.exe	74
PID 2548 wrote to memory of 3512	2548	chrome.exe	74
PID 2548 wrote to memory of 3512	2548	chrome.exe	74
PID 2548 wrote to memory of 3512	2548	chrome.exe	74
PID 2548 wrote to memory of 3512	2548	chrome.exe	74
PID 2548 wrote to memory of 3512	2548	chrome.exe	74
PID 2548 wrote to memory of 3512	2548	chrome.exe	74
PID 2548 wrote to memory of 3512	2548	chrome.exe	74
PID 2548 wrote to memory of 3512	2548	chrome.exe	74
PID 2548 wrote to memory of 3512	2548	chrome.exe	74
PID 2548 wrote to memory of 3512	2548	chrome.exe	74
PID 2548 wrote to memory of 3512	2548	chrome.exe	74
PID 2548 wrote to memory of 3512	2548	chrome.exe	74

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://deanofstudents.utah.edu/support/csc-digital-badge.php
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ff89efe9758,0x7ff89efe9768,0x7ff89efe9778
  2⤵
  PID:5004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1824 --field-trial-handle=1660,i,16227922826550139543,11018222358514699270,131072 /prefetch:8
  2⤵
  PID:428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2068 --field-trial-handle=1660,i,16227922826550139543,11018222358514699270,131072 /prefetch:8
  2⤵
  PID:3512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1536 --field-trial-handle=1660,i,16227922826550139543,11018222358514699270,131072 /prefetch:2
  2⤵
  PID:4440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2852 --field-trial-handle=1660,i,16227922826550139543,11018222358514699270,131072 /prefetch:1
  2⤵
  PID:1072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2860 --field-trial-handle=1660,i,16227922826550139543,11018222358514699270,131072 /prefetch:1
  2⤵
  PID:1316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5036 --field-trial-handle=1660,i,16227922826550139543,11018222358514699270,131072 /prefetch:8
  2⤵
  PID:3468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5260 --field-trial-handle=1660,i,16227922826550139543,11018222358514699270,131072 /prefetch:8
  2⤵
  PID:3168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6104 --field-trial-handle=1660,i,16227922826550139543,11018222358514699270,131072 /prefetch:8
  2⤵
  PID:4144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6112 --field-trial-handle=1660,i,16227922826550139543,11018222358514699270,131072 /prefetch:8
  2⤵
  PID:424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=876 --field-trial-handle=1660,i,16227922826550139543,11018222358514699270,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4664

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:600

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
a800c6ef5b9a24a5e913062215847473

SHA1
50658f7b4ec2e8aed5695bc7ec896c73722c88e8

SHA256
1747168bbc1e7531fd0a85f1f97981fd662f901179f70e326584cda6fa168f23

SHA512
bce7dede71425604a7b9a303719b7327f631bf4c3bfef4d2ee70dfcf549d793d387408bb3331e62694140786826f649e7e0917fc1b8c4a29fee8bc5c64643490

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
80cfae947f8be9eefe5b4858c78a82ce

SHA1
843269e16c52a51f71889eec2c51950f847b984a

SHA256
64d70622fee4b618dea7393ef493efeb377b70d651a1e860fc5bdcea46070aa5

SHA512
ab559c641a6f24255a1122c5e949eafa9691abc08256b79d86d87585bd358b5e218b1fe14f99999cab6fe954a3bec57a5080fb7fe43a3d6ccddb29b986b3a7c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
3800c75d71b2033f3c74bc1ef319a740

SHA1
435ace7068133c744a569cafbe5d028aee27060b

SHA256
dfffdbb834503a2fc16059c8ea36c2966351e38f350feb8e26dc9dc2af5ae908

SHA512
c5685005c76f49a827949b11acdba6b11f63fac57e253de8692827a8d05ea5d1306173783b99459e3db30fa93a20ae4d4296e6132ce724cffd9b5debc404447f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
16ae5f5d2c77d96bee50dbd83c902ad7

SHA1
7e5968dc85226eff5030c4b75feaaaae83f74dac

SHA256
8f041157bb21b30917277755f1780d67bf5255bf254cb239cc0f6ddbcd4b1615

SHA512
7aba9b0efca5fe281ddfdcca13a1c7b3c24283ad16e97f7b848df2e50e5aac1eac7ae0b0261ac56723e50f0c597c48974b32c973ef31c731a902c6288356795b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
61d9998098be8313e6337eeb19b85d00

SHA1
0b71dfef6abb02d9a3ed91d3853d58963cff00b4

SHA256
4bab7d0c835a5e64a00814cc45a507c264ac0d22bf05e695962db49b87d4bc54

SHA512
0b5f7eb6adeb1904a7d8b668dcf7f5f0c4329ab312421df450e1917b82790cb37f7eccbd53694a34b06b93a386edad3d2af71c436a60a6003a44f582420b2732

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
3ceb9bc2e9b2d652963d2e5106480619

SHA1
07e4db0cd5466d5cb6e4ca6f219791612d4ae593

SHA256
b5af8fdc46decbd2f5bcf3d8350e45103d8ee750b7b1d33d517b0cdc0fd639c8

SHA512
93372169901d36b4482e3d70b917decf46d0a1efe84d4d36836bb6c8d7454b755a1fcedbe03bc4260c6735aa73fd52845d71e7c3e8ae6e3b52315627b3609497

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
9176b73930f5d3491ac2888206cfaa71

SHA1
f18b1543d2dd66335a5bd0c107b05ba4673af6c9

SHA256
02274ebf515076a7c18778edfd6e4aca868703f8b7f2659f142e86d30ea5db1e

SHA512
6200b0a0afc2bf913ca4f4a81949b59b133519fd9acd50a177de123971c9a136638fd890f7a4b0febeba753b6fff31304b5e93393709ba70ca7b5b02684e6674

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
fbce34fa89317d933ee03c603a0276d4

SHA1
294bd42d1ad9ec00bb90b260ff9154ae669e951e

SHA256
f625265f5add860e656f7e583695a62f6684e93e6e20d81631eaca7c3a0afa58

SHA512
6958ed2f7cd00c3288728bc226201f00d63aed1f9d6de324cd74059fccef0efe0e1bde9a9882be86e03cc0f71151cf539399f6344964c6469d08d59e12152c17

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
33c7316e55c10d2c3319138982c4388d

SHA1
daf3c940481f5de2177927d7704668bba8a0a4df

SHA256
7c1ddacc8c2a795992299c7a37be7c1e0336b40daa13351da16dafa69c87b634

SHA512
dcadc402bf787eaa0da8f69e662437066883439670e55787cdb920679ff51d29353e1d863a32640098bf10234ea600d5c654ec8de778762755dd51879b1d0ee5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c063b9a86f97720ffaed73b82f31ca07

SHA1
d281eb96ddfc61a5c842062f7e4145a1ac939aca

SHA256
2f4eaa1a2e0664c84c6d51c0fa7acfd898013a7560e7a0bb93485d006082fa7a

SHA512
b3a327137076629dd3dea6df61e03d1552b4452cccef9f2478a49556e62f6902879c223a7e28eeea36ad964d5326a3e4a18b1289be161098297a5b1a6fe53a0b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
a885a7529a75d8475691ec61ea12ee58

SHA1
0f1b27735256b806d199355d009209ba57177c73

SHA256
6b0a0235f9cee21114b5b410d5683a5a03bfb58158752b42b30d450f8fbfae38

SHA512
f2f476a77f301bf629a14a5e75d276e240350962db8b05e6554bf509311611ba38519df9e49a2c2c1ec4108d7928abd2212435bc40334c56669f505653a28c4b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
af95660afc8ce512b698c47ba179c873

SHA1
2be9112d761f4827df3d5a60a6df346dfc1c8b0c

SHA256
f32658a16be9b4e04f4aecf5a1a9f88362ff277a920bc94f0160ce68794c7c7a

SHA512
e4b3b9366950460431194b7adcfdc55f91551813f08473741bef2db3fa3d7df9df8a4b2f1a281da8576b12de285c6906cd19efa867d3328c9b9873f1685db74f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
cddaca09ae277237f1062775382c0429

SHA1
c3623a8d5d70566b61d610b63211c27a7f9e3864

SHA256
ff8a5a6bf0f128a806811fe5a41eec710fdbfc3f4c9815db587329db614e38e4

SHA512
8c2f10b55b9d6757cb3c4c2539022f855710f5cfdf66c7aff70ea2a1d2e008fa65c2ec45af633f7aaf3c14261f2532e2885e7bf0521996cbb316ace6789d764b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
492d7812d9c9d0bb7a78fe2f618d9242

SHA1
12e5e92529d7ca89fd041c35f11bcb5b4f6b4594

SHA256
4f91bbc1e26e7077e6cdb21d942b6a25ea805a0e55a70a5e3cb1cb25fe172647

SHA512
5fc4d0585ec85658f27a6b68e2244e93e98f156b253b725a8d2a40f59c3e5b9c949932a0b5a2916613aea5f812d6aba1080167436fdaa2a0b3fb0b6ccc5b8ff6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
111KB

MD5
ca074a8f65e8d5bb50c8d3dbc7a2fb3d

SHA1
dbdf4e254a01107b954219d2fb78e8e2e8c5c2fb

SHA256
7d9e39b979411948adbc047c7887b32ad3dc4068f20a8fb6a13181096f4fd53f

SHA512
db3dae36292b85b4f9069e069849ed7250ee98fb5e797adfff184932f7f16b7d9ed5313ce51e0cd636f361b3312e136d84814fd37934dcc969a4837ae4451e5d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
110KB

MD5
166ab4ecd042327ff23f102361d91b8b

SHA1
656d792957f4403411b296911bb4a3bad5ac357e

SHA256
8af87d3bf8df26148a152a162db70dd4ece98e8f834b8204309ef0ddc0677a2d

SHA512
3b244063f216a2e3bc3b9e1484fcbe1297daf231b524ab198cc6139d65fbde1c0d02679171f68e40c3d02c62ca3b33d1151f75d5aa11d87490827838a591ebf2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
110KB

MD5
6e3f0ee2ad5f2d8ede7537a22828db97

SHA1
321a93eae4055c6de9a3f8ffba06e9ce1d4f5e92

SHA256
9358308723a1effef97cac59724946034ee2eafca7dd2d5ff1e9a7d1bfcb861c

SHA512
98283658e13279ecac6cbcd282cfbcb56bcbbb90e766a09df091a07a8bbbf75734293e9be0cf8c2c8dd7f2faa1502018ebcae26f4dd2545e570e62de0bb59f6f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
129KB

MD5
cf8e4a0984e4347c6cbeb85fff14de58

SHA1
09d74557ee4036bdb7d105cf05d6259cbb69f0a2

SHA256
b299fd5d73c482f0c3a3c4613b5ed3c0bcde03f665a01a7d69f691bbd2a377c7

SHA512
4c43f42cf4af33dba0d2547c02883ca93e91238de7d2689f78b7b3a446335bdd39c9271b09219f66c5abe03c3b9dc4f60cda8e3c4945dc633a1a3ccfd576e809

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
110KB

MD5
5004444c2f0dc84237a92c2568a9abe7

SHA1
b3bf109200a8360a99e1fc4c020a901a39ec14d5

SHA256
0f0706877714bda0290d2123935b57a2a6b3a39d10ec295a44c626b0efda741a

SHA512
51f5af166644c16885c501129d980e5771da1a4705cc2fb2bc1689f45a499edd451a804f4a925fb2c0096814f8c2b8dee727969e23ea3d93108fa3407a2665bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit