hxxp://youtube[.]com

Analysis

max time kernel
1799s
max time network
1796s
platform
windows10-2004_x64
resource
win10v2004-20231023-en
resource tags

arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
submitted
20/11/2023, 14:50

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

http://youtube.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133449689841602983"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-984744499-3605095035-265325720-1000\{637CC99A-532C-4D2E-87D1-7CD096280BE8}	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2192	chrome.exe
2192	chrome.exe
3720	chrome.exe
3720	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: 33	1488	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1488	AUDIODG.EXE
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe
Token: SeShutdownPrivilege	2192	chrome.exe
Token: SeCreatePagefilePrivilege	2192	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe
2192	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2192 wrote to memory of 5096	2192	chrome.exe	71
PID 2192 wrote to memory of 5096	2192	chrome.exe	71
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 880	2192	chrome.exe	90
PID 2192 wrote to memory of 1508	2192	chrome.exe	91
PID 2192 wrote to memory of 1508	2192	chrome.exe	91
PID 2192 wrote to memory of 3528	2192	chrome.exe	92
PID 2192 wrote to memory of 3528	2192	chrome.exe	92
PID 2192 wrote to memory of 3528	2192	chrome.exe	92
PID 2192 wrote to memory of 3528	2192	chrome.exe	92
PID 2192 wrote to memory of 3528	2192	chrome.exe	92
PID 2192 wrote to memory of 3528	2192	chrome.exe	92
PID 2192 wrote to memory of 3528	2192	chrome.exe	92
PID 2192 wrote to memory of 3528	2192	chrome.exe	92
PID 2192 wrote to memory of 3528	2192	chrome.exe	92
PID 2192 wrote to memory of 3528	2192	chrome.exe	92
PID 2192 wrote to memory of 3528	2192	chrome.exe	92
PID 2192 wrote to memory of 3528	2192	chrome.exe	92
PID 2192 wrote to memory of 3528	2192	chrome.exe	92
PID 2192 wrote to memory of 3528	2192	chrome.exe	92
PID 2192 wrote to memory of 3528	2192	chrome.exe	92
PID 2192 wrote to memory of 3528	2192	chrome.exe	92
PID 2192 wrote to memory of 3528	2192	chrome.exe	92
PID 2192 wrote to memory of 3528	2192	chrome.exe	92
PID 2192 wrote to memory of 3528	2192	chrome.exe	92
PID 2192 wrote to memory of 3528	2192	chrome.exe	92
PID 2192 wrote to memory of 3528	2192	chrome.exe	92
PID 2192 wrote to memory of 3528	2192	chrome.exe	92

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://youtube.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc9fc49758,0x7ffc9fc49768,0x7ffc9fc49778
  2⤵
  PID:5096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1740 --field-trial-handle=1884,i,15622866814540443990,1463400222491482043,131072 /prefetch:2
  2⤵
  PID:880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2028 --field-trial-handle=1884,i,15622866814540443990,1463400222491482043,131072 /prefetch:8
  2⤵
  PID:1508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2224 --field-trial-handle=1884,i,15622866814540443990,1463400222491482043,131072 /prefetch:8
  2⤵
  PID:3528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2960 --field-trial-handle=1884,i,15622866814540443990,1463400222491482043,131072 /prefetch:1
  2⤵
  PID:2104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2952 --field-trial-handle=1884,i,15622866814540443990,1463400222491482043,131072 /prefetch:1
  2⤵
  PID:1464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4572 --field-trial-handle=1884,i,15622866814540443990,1463400222491482043,131072 /prefetch:1
  2⤵
  PID:1644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4804 --field-trial-handle=1884,i,15622866814540443990,1463400222491482043,131072 /prefetch:1
  2⤵
  PID:4340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5104 --field-trial-handle=1884,i,15622866814540443990,1463400222491482043,131072 /prefetch:8
  2⤵
  PID:4664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4736 --field-trial-handle=1884,i,15622866814540443990,1463400222491482043,131072 /prefetch:8
  2⤵
  PID:4056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5264 --field-trial-handle=1884,i,15622866814540443990,1463400222491482043,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:2584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5756 --field-trial-handle=1884,i,15622866814540443990,1463400222491482043,131072 /prefetch:8
  2⤵
  PID:3852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5436 --field-trial-handle=1884,i,15622866814540443990,1463400222491482043,131072 /prefetch:8
  2⤵
  PID:3776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5240 --field-trial-handle=1884,i,15622866814540443990,1463400222491482043,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3720

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:232

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4f8 0x4a4
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1488

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
39KB

MD5
dc38107e5a44dd1295e3cf4522d0a124

SHA1
efdb8e755d5d58b127976c425bb0f04b273bc872

SHA256
63c2bec5bcfdf168b77793c8be912979d723db66863cfbcdc7f0c66678023339

SHA512
c031f0064212e2e58b581bcd4aa92366d6508e8db801b4d369865d5d4f075aa67cf4c05de65d436dffaa004214b583db006606b4232ddf225db2b5f87279e57a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
480B

MD5
2ae3b5880671dc7838bb56ef69d2b487

SHA1
82bd42bc9a2e67682982428d0788859710287c7f

SHA256
dbf749ff0dfd91bce6bbef52d4afde426267275356bcc1ac1bf18f375ed14c34

SHA512
606a8c5bc7c467b7cc0a743b1f79feba10ae45a44c00efc03f4cd45e3a8c7d383cc378be879f34e8d0d24df6df7c54c5fcf623ff80d0b8eaf897828dd3a9e2ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
456B

MD5
d2d9b5eac468784b8a816a723a9289f6

SHA1
06811bb8b07ddea92545c548b66e6e8ed6a6336a

SHA256
2dafeb144a389d69341d6737ef300b0305f2d2daac8aabf63f85ac23ea35fa4f

SHA512
363eb16b9af20a6af53eeed18e4300f8f86de8c912404981d0c1c238fc17985929a3522baa6d0b241657a06745a89282898467e871d8fbf0b45eeb749ed84d15

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
aff93d98507b9fdd40baa36e44651971

SHA1
23bc55db25b14152431c2966cc284dff096e10fb

SHA256
8218e9b39e4bb2aeb601589a4722a0c6aa1ab69e3147156f56d92096fa1d28bd

SHA512
982c72aa43743de4a9341c50e9ce763f26e6ee33edea706081e8714711e8b5f8856b21e652ab56cb32136d6fe78b5977fbe776e76917ba4a3fbde8b089f40ead

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
2363e9aa777de800d64a76b72112fd84

SHA1
f6a69655aa081f58d5fe18ac122c38e49c9b42d7

SHA256
6dea32fedadcaeaa69e589155deef38904eb5b6b94fa2b0b0fb0c49541a09324

SHA512
6ee49a205e8dae07443e52744dc103e54bb78cae30357af2af5aa05aa077b49669c43e9418b19d4e9adfe2589552089459ac0afe1dead6abbe3c54f768bad41c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
bb4b27a0db330913134d917586bdcfc6

SHA1
f734800bc6a602b2dcf44df14b54b64e4a265d74

SHA256
a73b66b89d212fd6b16c998341af8d2c46439650c418fdf41b55295d8ab87e65

SHA512
4fe5e59f6e3bd02332b6b5aefd80f7d432b2c5123e32d5680f7a614528798fe1b5141832373689c1a7ec40728e84174d9fbcf9ffa2e1e932522e6e7ad4b2744a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
59bc598d82bb7a6ad2ab36a329ff34df

SHA1
4fb37f9dd44660caf45296da40468e87146ca018

SHA256
a1fadefc527df6aefca580eacd4016531dea7e7045d6281faddb8ac814412f75

SHA512
c22f50e6765517c8421065ac9530cced388fb254a750a148b243e8cd7626db7ee84d3ed866c7381dad62336b38cabf2cbd3edf2201b7bd0f36c82ee5575c27d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
ad34905f0a2eae4912e4f91688238e86

SHA1
97957f90debe75986444dce105cb209f6e0adc8c

SHA256
8be404028d9ed0e8c87c543cd739d81e7159e9650f32e1faa3d70a77b3b46edc

SHA512
c9da827a0b014aa9f99c6f537e309ed2f445ba4d3aa5e2d5a8be8134c6b2e6ffa57496fbc424d860cceb01b933c8cc71709f7397e27509727a94639a50c70757

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
12161a7660be6c0ce38e77e56c644fa3

SHA1
31d6e57e6fdf62c842e40daa313c0fdfb35d0035

SHA256
94e050878b5989fc2e1c84ac042706c20668e8b595b181a1a6e51a7bef192511

SHA512
42342e14bd7b2e220d82ebd12951ed44a36daf2285bd697b59e805a90bac2f3bd9c7e89f0ef6810ae2c54e87b837081be50cbf6652472b7fd302fcfb248111ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
722738be909cf45cb22d9c65c8c8da93

SHA1
e03db0ca35c7b838e43d33e2ee32839b7cb3b87b

SHA256
e1e2adc69b2a5d7e0a8eafb6905bdade9bd0a5d80c5851fdc5c77a94c321f64f

SHA512
97c6093b0ab55075ab0798ccf66f1b31166d9be8689f5ab9c51f31bbebab3d799f7789eb462767d28295b578429913625c8d852e1ca59b9156c6a3320efcf8ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
1e6246f0edaae57c707cc6e68c86e95b

SHA1
6798d3ff893305cebc698302e9e3adea56ccbe62

SHA256
554510a2b494454ad028a0df0671bae0abe6032fc91f126561a229b67cd4a00c

SHA512
d57f886fc5a8621ce1ca581713a49a45e511e9635349fa688112d9e4566847fbdbdb41c97c5a661af59eb99d64e35dd0f24e754c4b258b173a37da88065e0021

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
d68e3ec2a8097cf2aafe381696110514

SHA1
8626678f17c6e03776acf5b90fe3f92d6e0a9270

SHA256
9b88480eb1dee0ec2c9f4af7b63585f4f8769a242e96db63dabaf0c7d4f03515

SHA512
3608f7ddab965cc617e3e15b3c2c08584422a508659e103bb644224e672b3bc49ac5d85a374d6b9c8daea72daca1c7340e3004a4915c5b2d261d53b713833dc3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
594caabbc057ff9e40d02a2cc67138ff

SHA1
6a00bd78fdedcc9e0146df220cc9ec4b485ea329

SHA256
4ed81ec03c967c71feea4216ff9e508521c55845d5b92cbba0702d1dde578c37

SHA512
500bca9569090d7fffeeca3b5904f2fd3fc941b928d6b6c99fd049570db210b75493dff41122a282657dce5c615544b0a366537f4447df3326b1f3d5b0395c6b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
0950e62678a4d6e70dbbb14c61a6d3bf

SHA1
df91d82d1a7926a5f8db010635d190aad9b386f9

SHA256
04808931c18162ec3260880a3343e98286e51ad0a3c6df325f11eb65753f191c

SHA512
51d5d7c6f6740b2c0e051b94325eff53d948ce413a292298eb383beb8e475d6fbb548ba14dfb21b724a8c0bc9347a08ffd76394a54c20f2290e8d59beda95065

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
5abebb2e554530b714425555d09b5806

SHA1
6fa63b6ccb7a000c30d0ec83d098d6a4e233a81c

SHA256
9b04ddf3d04f7d0a6e06f37f0027e7ec242b899f642b36c61eda942665dc389d

SHA512
6953238694256e301f67b4e9ccba653a529f6193c2cc6176149e2cd9cd922b51ff80d0fb377b680bce673d5e4c9bab24d3f654bf01d7965b80aeaafae624b253

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
7bbcf9042d54316328e983376f891d82

SHA1
f406f7b333a7907f79f7e536447c75865ca92c64

SHA256
0cb95f6e628c5ab726c6a8072dde522205b15c20012bbf6072b8140cafd98d6d

SHA512
7d9b7423cbefa93b1917a30a01c2a18ba5fa343db09cf27eaa24b609abd3bc3920baac83ea659c82a0ca98cf642870cba6fdaaee14c7f47d9beb10fc28b71b34

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
bb2d1022b250bde9be3027a686b34e47

SHA1
41476c155983388a7a8d3af9fdac88ac9351cf67

SHA256
825238457f26b947578d53b4d2a6ace165c525943699c9a5ee2d8a4c132d263a

SHA512
8dda7c7b65322ed7b5aff85d9e0db8f2a8dea1d6d76b574b2a2ca131199a2d14d94bdf9eb813004f685494582fbe7d4bb174cd59f514de6bc73a75fc12e48531

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
559d65fbe6d21e41d5a9cd8a6434a038

SHA1
46df6ef236138964ac0ca78a2c6971b645da4f65

SHA256
b47f78ec3756ca3672ea7cbf98465d567ada84098f2e0f8191fca1c1211d9292

SHA512
63a6bb09a12bee1d7f72b03538f7b8feac913e77a186cdfbe5c094f6422a55337a4cea0cde0f71b78145b5008a1f611e2838f8e7bfdbfa6fd04bfd3cdb6a3e01

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
707B

MD5
16f486cc406dc9524f3019521c2dd50e

SHA1
5751feb5aefd721c1e92249de6fafffe875231e1

SHA256
5da4ac9d044537b76267e5921c52c88df07e490f241c237c22b4537965e1493b

SHA512
b16520a388a3c82315cbc0de44d999576a89e012213a90c2a5fb7e19d1a47e9b623df1820dc023e3ed70b2158441474a669e9e12cd16e007436b24e782b5b680

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
49e87bfb8b36ff209694adf448d71d4e

SHA1
1da115c114e6d09b97c35693e8156ceaf4c4ae5f

SHA256
2f6b6c5c5517112a613670574140c482680c264780984db69f5022f8e8242c66

SHA512
da29268f369cdc584e49a84a62dd7059283d1bdccd3f28436de69a414e604f5fde3ed02f986b935b623fe273f2fcfc5c92c60eb6917177bb0c978bc890b52c74

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
d3b95f3387c477744e9513f2420a6e82

SHA1
7a5c09f95eda3105b10c4dff68c8ce6556657a0e

SHA256
ba38bd3babe9d874b67aa157f901a60c5094878e12361e18b0be59e2d722b95a

SHA512
cdca67bf09ad04184917a17577683bcaf073ab0e7478dad8b6073917b02e39cc3c71119b498067178650dcfc370e76670179028b08e9337aa42f4cd89d6a69e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
1b0cfef99c179428ffe6060744b5d8be

SHA1
22777db99708030f7b3fb8765a3d99f7be80018d

SHA256
e27beda5dedadf1cd5e33a620f86ca5df35b07a6155061bc33714cf905b95d9c

SHA512
1a1f6c10c66b8b99b65afb994d0a97e8f2f8da2874bdc1f47ea52db6a99701292b486deeb7b573a55f024516731f498676fdd3285bb22cf5dc7ad3eecc9a7f11

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\1dfeab4b-0ae8-4a44-bb20-d8021a9a138f\index-dir\the-real-index

Filesize
2KB

MD5
7ece25f67c197d14b447aabe80444dd9

SHA1
c5fa6c84224cf94e9b22cc15a43307fe28b816da

SHA256
df4f22fe6f03e1b652a87e04c901ad4e602dbf0efd9fc068d35691ed3ad22c7d

SHA512
c9cf7b173e7f1706914efd339767525145dd8d8cf80cc203e5e6b882c96dce813159c8b544ac41f53503fa071d92277f9688cf47cbe2cc21d95d7f8f51834458

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\1dfeab4b-0ae8-4a44-bb20-d8021a9a138f\index-dir\the-real-index~RFe57faac.TMP

Filesize
48B

MD5
55082e46211392ce06dbc8d9a88027b9

SHA1
43e01f226e5f0b86515ab428af258c56a5068087

SHA256
5e6edf1d6112e4be95eb87727bc77b110b2ac370f16d4ba344b863a250a9a6b7

SHA512
9ce5379f70d42cc2151d65fe8e47406250ad26306eac5f730c3128df0dad48800b5939cf438d36c44f605c3798ccfab4130b5797eed9ca79e6b61c41b60411d6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\b5630283-f197-4237-98b7-fd5958362b68\index-dir\the-real-index

Filesize
624B

MD5
7c655e05184dbf38a097cfe477ebd7fd

SHA1
d688c4bd6d04beba148851896bed76d7c4506268

SHA256
d703370d561805675d26a281bac44c5047dd3d2edffb35c51155b5fcb2eab53e

SHA512
98eaca8d77d9088a4b1ef9a30d2264ee785a222c4af7876ee8f7a729590705a7c859b2bf7d3dada612c73d072cb4a4dcf9dfd95f23f1f7aa8a67119775742426

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\b5630283-f197-4237-98b7-fd5958362b68\index-dir\the-real-index~RFe57ff30.TMP

Filesize
48B

MD5
b2e3a6a72fbe212b6555ba8ca0aad237

SHA1
71e9d7b75678942507423ceb9fc1fc9df36ea195

SHA256
9bd406466ef7db649c1a61b3ddc96af18e72bec5e6fb2314afa93e44b35c7b92

SHA512
6b05cd97071798b473f759479d56c3e794af03d9641708b710982ec7c647162dfa59fa263f63bad4fee906ec9db16a63703e74f54fa0091a8e163f289a5bab5f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
2aec16c48ba096aa64e0d6eef5ef1e37

SHA1
1a65ba0a06545516b9cd10c80e2cfdcac10961d8

SHA256
b50db79b0a6f4fb458059bb6e7ab4a990a1da6f5414d1f7efade8e460e29d0a0

SHA512
528a434e96ebec55ce66e2429510acc314e92aedcb965226dc708a56f83140b240d554ec4dced062c1e8e80e59066294d3236211ea54c7481e6ea1f4cec7472e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
183B

MD5
23f31a5e332b890f44bfaaaa80ee1681

SHA1
5e521cb955e9164a0e222ea3a4eb59f599819856

SHA256
c005bbae502e4f88fb0f70b95a824c949c6399de53290938a63cfd1e791713ac

SHA512
b706b7eaf30bd25e59746739adb4673548e36f4feaae552b19440766f84cb3c0aa0ef5a0db78c2d77999ed0c6ae8a891914450b3c3e0afbeae4b21499b0177c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
f8e83bb1d9549f91abc3cdad68cd2141

SHA1
7d32cb00be26fca3b46eb59522bb4eaebfdffd02

SHA256
64b319a0ea7e170f9e724a531bcff6251de6e1df149d88a133945ced86f84095

SHA512
9e1e78ff94efea19aaeb1b55620e5c8eecb82e6a35ac0b53a9a4499cc7e1b880410aa59c75b1a66afd588b13134909d61fb45ff9c690dcdef1cbc1f3d38e2205

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
185B

MD5
f8d62bff1f2a140933cfc1881154962a

SHA1
b6a12e6e020711a6aa14b2367253084836b851f3

SHA256
d8e9d60c817cbdeb0b0dbdbab940e61e09f42cbf6995f43694612af5246388fe

SHA512
ca8260a3bec442c9713caa1b252863c14aae0d013dafa75c6eb824f6af2a05ce2e8e4b8e107dadd9a2b027259c713e121465fe04c607a268afbc5d480960441c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe579b46.TMP

Filesize
119B

MD5
0aa606e7dc111f9eca8ba39efa7f8dbc

SHA1
d0500255a0220874db98da0e1b4f738939e5eddc

SHA256
8fa32e6906d2b578421cd6a8b4cdfdcf5c37f7d7b7d48154913d92fac27ea57e

SHA512
388a27406be1773b2acdae592da29486ad5e07af8c9954930eda09d0c8e15becd6289efcfa7e4c6bc80b13120dbbe86557fce674eed0dbc0810867c3fab15937

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
a8d5d575f5f5dda79e1029ea72431a4f

SHA1
fbffd54560d53474a6e24c70f77461df27ba7da2

SHA256
b2d3bccbbc6aeaa84c6b934b6541a57d4ad45705bff8e284723d6d5baa009bce

SHA512
de7ea46c81e7a92b3fcb34bc2489a9d4dcdddb7f137d4e05c9c78e9275ad11901f9f7c7c9efe64e4bb5054fe44886500a407a12b566e661654fd306ba375a96d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57ec92.TMP

Filesize
48B

MD5
4597f14f45f544b0bc1c94bdd0c2aef0

SHA1
18ab204d00fb677b2b757871d8221dd874e422e5

SHA256
e724e7c1b78ff6c456a27b8029659fc8e2ea4d6df4a35576f911792d42c57461

SHA512
f371b1460de036a992f70efc962419aed6a0bf8c24670649f425458ee27dc7ccea9c62510af82bfcfc0ed9bacf994bfc232b816a2d3c8f7f936337de911884ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir2192_1058754292\Icons Monochrome\16.png

Filesize
216B

MD5
a4fd4f5953721f7f3a5b4bfd58922efe

SHA1
f3abed41d764efbd26bacf84c42bd8098a14c5cb

SHA256
c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3

SHA512
7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir2192_532415952\Shortcuts Menu Icons\0\512.png

Filesize
2KB

MD5
12a429f9782bcff446dc1089b68d44ee

SHA1
e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

SHA256
e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

SHA512
1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir2192_532415952\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
7f57c509f12aaae2c269646db7fde6e8

SHA1
969d8c0e3d9140f843f36ccf2974b112ad7afc07

SHA256
1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

SHA512
3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
109KB

MD5
ef91d35a92a099cccb652fb5bacf1291

SHA1
325ea3c1f37f376e5de0d2a6240d619fee5655e3

SHA256
19807041da9bb1ddb0762cae3ad36941bd5b11f86a977d647a54daa96fd3968f

SHA512
3beb1fecf0c414986493fe96bf34972d3b8ee50e52aad7cc31958842d61b19877be3e4cd17ed9e2e3a458a4ea01b48eb262d793c39a338186801a01e5171a8b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit