hxxps://github[.]com/clap-rs/clap/issuesC

Analysis

max time kernel
300s
max time network
304s
platform
windows10-2004_x64
resource
win10v2004-20231023-en
resource tags

arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
submitted
20/11/2023, 23:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/clap-rs/clap/issuesC

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs

Web Service
T1102

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133449950901412590"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2640	chrome.exe
2640	chrome.exe
1108	chrome.exe
1108	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe
Token: SeShutdownPrivilege	2640	chrome.exe
Token: SeCreatePagefilePrivilege	2640	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe
2640	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2640 wrote to memory of 4732	2640	chrome.exe	36
PID 2640 wrote to memory of 4732	2640	chrome.exe	36
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2132	2640	chrome.exe	91
PID 2640 wrote to memory of 2108	2640	chrome.exe	92
PID 2640 wrote to memory of 2108	2640	chrome.exe	92
PID 2640 wrote to memory of 4020	2640	chrome.exe	93
PID 2640 wrote to memory of 4020	2640	chrome.exe	93
PID 2640 wrote to memory of 4020	2640	chrome.exe	93
PID 2640 wrote to memory of 4020	2640	chrome.exe	93
PID 2640 wrote to memory of 4020	2640	chrome.exe	93
PID 2640 wrote to memory of 4020	2640	chrome.exe	93
PID 2640 wrote to memory of 4020	2640	chrome.exe	93
PID 2640 wrote to memory of 4020	2640	chrome.exe	93
PID 2640 wrote to memory of 4020	2640	chrome.exe	93
PID 2640 wrote to memory of 4020	2640	chrome.exe	93
PID 2640 wrote to memory of 4020	2640	chrome.exe	93
PID 2640 wrote to memory of 4020	2640	chrome.exe	93
PID 2640 wrote to memory of 4020	2640	chrome.exe	93
PID 2640 wrote to memory of 4020	2640	chrome.exe	93
PID 2640 wrote to memory of 4020	2640	chrome.exe	93
PID 2640 wrote to memory of 4020	2640	chrome.exe	93
PID 2640 wrote to memory of 4020	2640	chrome.exe	93
PID 2640 wrote to memory of 4020	2640	chrome.exe	93
PID 2640 wrote to memory of 4020	2640	chrome.exe	93
PID 2640 wrote to memory of 4020	2640	chrome.exe	93
PID 2640 wrote to memory of 4020	2640	chrome.exe	93
PID 2640 wrote to memory of 4020	2640	chrome.exe	93

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/clap-rs/clap/issuesC
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff96a369758,0x7ff96a369768,0x7ff96a369778
  2⤵
  PID:4732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1616 --field-trial-handle=1872,i,13028720093036893810,1971540548294079091,131072 /prefetch:2
  2⤵
  PID:2132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1872,i,13028720093036893810,1971540548294079091,131072 /prefetch:8
  2⤵
  PID:2108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2216 --field-trial-handle=1872,i,13028720093036893810,1971540548294079091,131072 /prefetch:8
  2⤵
  PID:4020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2940 --field-trial-handle=1872,i,13028720093036893810,1971540548294079091,131072 /prefetch:1
  2⤵
  PID:2700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2932 --field-trial-handle=1872,i,13028720093036893810,1971540548294079091,131072 /prefetch:1
  2⤵
  PID:1432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4844 --field-trial-handle=1872,i,13028720093036893810,1971540548294079091,131072 /prefetch:8
  2⤵
  PID:3272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4952 --field-trial-handle=1872,i,13028720093036893810,1971540548294079091,131072 /prefetch:8
  2⤵
  PID:984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=2580 --field-trial-handle=1872,i,13028720093036893810,1971540548294079091,131072 /prefetch:1
  2⤵
  PID:1676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=2636 --field-trial-handle=1872,i,13028720093036893810,1971540548294079091,131072 /prefetch:1
  2⤵
  PID:756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2624 --field-trial-handle=1872,i,13028720093036893810,1971540548294079091,131072 /prefetch:8
  2⤵
  PID:4168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5304 --field-trial-handle=1872,i,13028720093036893810,1971540548294079091,131072 /prefetch:8
  2⤵
  PID:4916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4864 --field-trial-handle=1872,i,13028720093036893810,1971540548294079091,131072 /prefetch:1
  2⤵
  PID:1172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4972 --field-trial-handle=1872,i,13028720093036893810,1971540548294079091,131072 /prefetch:1
  2⤵
  PID:4832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1592 --field-trial-handle=1872,i,13028720093036893810,1971540548294079091,131072 /prefetch:8
  2⤵
  PID:4528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4992 --field-trial-handle=1872,i,13028720093036893810,1971540548294079091,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1108

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4616

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
92a50726976d023ef201411ed483ffe1

SHA1
e735f76ad07383ecbb01a6b05624963859040ab3

SHA256
8c8db69d748c71e05fd1ac073a585abf8dbce5c1c77388d79d8a41dba194fec3

SHA512
93e734974508b7c3beef3c40ace57226be0c35ff85b312d6f0feb1f4a48bc7557d605649880713253a0f6e7cb3320ba0abd02eccd71d3c663fc8b312ca417592

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
79b26fc96ef0facc642bee733de8445b

SHA1
7a6ad3e5e955537f916a893dfb453a89400e9900

SHA256
2a5968e46af90f82d200e8a783b0db8acdd83b20aa6e0b88f20a8cc46ff74623

SHA512
448638823598abfc92abd288f1d39b8f6cf198706e0f777168b5fe1a30fc93e60beee183334376af6afa423ede5584e87d619cf0b41b31113a654d3b4af1b435

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
852e1c17ba2ad97c0a3bf1c66d8be4bf

SHA1
b8e9f4059f42f85e0e3f2fcb35c376b81cb6dd8b

SHA256
af9d8b614ebae77696db43e7192b52b5fae5561609e4a809a3f40c6f1c7a193d

SHA512
5008f52c9ff8a534409b6739b94afad575d806be79efb8e12c72f88bf07b86bccbeadfd314506391ee9f858bc416f784833a37ef5253771b5654f3024e33e1e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
2972e27f4074fefd7cfaecdf65d82f4e

SHA1
a6ab722fad127fd3cbf563ad0007b433c42adb97

SHA256
5b8d62e4416aad717956ee7d2f50b5efcd1201088c6f9bdb81a748932d7281c7

SHA512
724e7adc991a10c3387ba3d534aa2c1a3989e615986c54dac6b8139c82cdbeaa8f674cea2a7dafa297a880021d899260ab4057aa4670620fd4539485abda2d48

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
0b4ef32be6c51a22009d90b1de2ebfa9

SHA1
a5272ce128aa92611f8a989d69624bf1b913edd0

SHA256
a56c419db3cd7be0e927a8d558272fc0e0fc6b69adee296c50ec33785dd94383

SHA512
dbae03bfa27d8ae36a8227540ff22f37b61e5ca545273ee99c7e75a8d5630b97499f65bea5b94e16ce5a6e8b3cc6c995eec38842b2ca5e1be18f905e0461f7fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
50ba7b1303c238382507171e4c5ffc2e

SHA1
457288a333581ee5b9648f06f14cae1798e07581

SHA256
f48e9f11cee6865ca10e585ab9c185bacf224b6c7abc6aa3e480efa017ca21f0

SHA512
a93073958e4b3e3add132fec26639c8bfe3efe9d1bf2b6c2673f4622bfe5661fad62487f2d1f828e777c812036e748107fd8d42370ca14224e9028b2e88ddb39

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
d74e18e933aeb95837cc8db96777b87e

SHA1
0305fb18805359dcc942ea5d8fcbf3db8075d55d

SHA256
4c2ed1cc85697bdc1df7324055cd223fe6e73dabd01e984450190e846c5b8483

SHA512
51c0b3daddc8abd2581330d139e478f0552d05afefee64f604723b5ffe00708a63d20e73a6c0ad6a1e32e2c33fc605320760cb4de9de1132bfaa22510323ad77

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
243a090d03278dd4febc4762a512836e

SHA1
46605efb662c254bfbd1255fca0a306edf544ac8

SHA256
5f62a5d591ef04b75f23428ef9eb68121f2045bf4191ffca5d1bf5d450738059

SHA512
4d7fa3e8cb595970d3edaf111d2845209bfef4ab542f2d99d4dcf5c34887f116054c8f4cfc0a34a09edbaa295f9e952f79295fdbaac88bf4d945cc24660691a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
709fc4d58cf3aa45c5ba2a0fe4104c43

SHA1
5b0ced9103dddf43602f6030f7941b0ed49bc935

SHA256
5b8816a8f17443a01d1020e292de36e92a44d869767121010a67bcabbce52784

SHA512
74fb4bb369201a6112901721451db9026c60c7951f4400b89e8a72b4484a8d7f11f59b8e27f509fe17cbef7bc60f117c6de8e73ea1412d2f344d4a826f2294c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
65662677739ce3d7897c816201c6bb9a

SHA1
e1be4a67b843eee85d1266b09d7ee2ae271131ce

SHA256
501a5584da4578686a8757a7cfb422785c513f34c9320fcea56aee3ac4ce1314

SHA512
ecc8f011f2c31d22d91169dbb08cee9c52ea0d74b17dd7677ad8efb5bc0b2e8be0b28cb522c40d2f701310341bd6c773fdfe5f6a39a4f0920bc69b5b661dd4f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
40a06980fa40e74fa4d018c2854399b5

SHA1
1e3aa30680e9ad88855031616f3c47c3d8c73266

SHA256
dfc7e5a92a19697b96c05e9e003e73a8de07767554a0fb3631a397a27bd60ee5

SHA512
4b290e7e8e2d43acaa9d581ad3bb13193e22d4df2bce46ea18d1b37fbf416befbc5e28bdbb032e095feba60923db808c008baea24041e88a2eef32cbae2bb9ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
5021ef32a6b623c8b19462c886765449

SHA1
0314b1b58f1772ece08c32bc37c3aee5537bb7e5

SHA256
75337b6ae859cd16b42323b39956c0e9a86a7f2f390f6c3d5531b7ad7875cb8c

SHA512
eff3cf6fcb631731d9542050512ce368aecb128b68cb5d98d9009f97d5b748a981553b0668050e2d14d6730554dd2a4a4463f4a145de62de9a614bca85281d83

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
7e5c183ca87d81b4674e37fe3cf57408

SHA1
6fd6fe67e61a650e68f9e45b95aa21e2a19a3e74

SHA256
c2bf1fb2dda165a0f433cdc4452949a871ded8827a8745e8b515ab4d9ef11e9f

SHA512
92885578b3d50e462080ec1a2652ab52641f6584bb734b97e6de1d5fc3848ef45ddfa7d46122954be8a52f6ed14740acaba4c880cc5e5455a3f1386f603c2bef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
109KB

MD5
349ca35e3cf0943aba438b6cc6595b16

SHA1
250a41862f083ed740949e027b0af51aed0833af

SHA256
21cd56bab8ad4309fef7f98f520859e15a677d71277187be91cc2db7b5749bbf

SHA512
ad9f6f8787cab64ecfbb27e6d0b7f7b646594d9b1ad678b454d379a4d28c38a12470fe353058d31c9e898fc1621dd824b974c5eefaa8341da3572e47b73b87f7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
109KB

MD5
4f1718e060363ddc93a64e5cd4c89aca

SHA1
64c00eae4177b56b469ef568d23ca45348b71690

SHA256
6b0767103b75f6d6b42c8d61d3a62959ffd9db4a0bdf16c31001cb51ca270e2e

SHA512
9d8bbe24286d7c9519cb7b70d289725d5e3c40975ba86e74c03e0a7afa98a9d9ea6049a060d8ceb07682296a50aa29874133185569cfd954d38787ea76a5714b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
103KB

MD5
8bf98eb980a7affdea15ab419cd85ab5

SHA1
572a5dac936f823c339299a451b14f688ba09e88

SHA256
dd49454816d43c6e73000fa6cbb621a83e7f023cf1a0260a47e80f30d80385dc

SHA512
a9324ca7b92726d0f6e0175d2efe2aba6ca4798753bf4883bddcf92f3f71b8351e4bcaf8cfa400053d0ccfd23d657c73803e9d7e0d4f72066cd6c9844403a46d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe587b46.TMP

Filesize
98KB

MD5
1fdc3ab2f4fa98dafd636b5afece48c8

SHA1
8aeaa4b9af6192d96b84f0a7110a9663adea3778

SHA256
198af77c626bdbf0a8d33d108ab426d3ac9d3a5fc479db4f36f9556b891a2b58

SHA512
d8c8c411dc525a54896fa673f672937a19f2757a680d30a8bb661ddf3cc8d31ff39842da0416f3891340e83e7e65aa080fcbb862c7147f871bdc7064cf59b5ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit