hxxps://carlsonrezidor[.]sharepoint[.]com/sites/RHG-RadissonCorporateAccounting-messageboard/SitePages/Billing---RGH-Corporate-Accounting-invoicing-to-hotels[.]aspx?web=1

Analysis

max time kernel
146s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20231023-en
resource tags

arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
submitted
21/11/2023, 15:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://carlsonrezidor.sharepoint.com/sites/RHG-RadissonCorporateAccounting-messageboard/SitePages/Billing---RGH-Corporate-Accounting-invoicing-to-hotels.aspx?web=1

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 9 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133450544242729950"	chrome.exe

Suspicious behavior: EnumeratesProcesses 15 IoCs

pid	Process
2792	chrome.exe
2792	chrome.exe
884	msedge.exe
884	msedge.exe
1680	msedge.exe
1680	msedge.exe
2316	identity_helper.exe
2316	identity_helper.exe
5888	chrome.exe
5888	chrome.exe
5888	chrome.exe
5800	msedge.exe
5800	msedge.exe
5800	msedge.exe
5800	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs

pid	Process
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
5888	chrome.exe
5888	chrome.exe
5888	chrome.exe
5888	chrome.exe

Suspicious use of AdjustPrivilegeToken 38 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2792	chrome.exe
Token: SeCreatePagefilePrivilege	2792	chrome.exe
Token: SeShutdownPrivilege	2792	chrome.exe
Token: SeCreatePagefilePrivilege	2792	chrome.exe
Token: SeShutdownPrivilege	2792	chrome.exe
Token: SeCreatePagefilePrivilege	2792	chrome.exe
Token: SeShutdownPrivilege	2792	chrome.exe
Token: SeCreatePagefilePrivilege	2792	chrome.exe
Token: SeShutdownPrivilege	2792	chrome.exe
Token: SeCreatePagefilePrivilege	2792	chrome.exe
Token: SeShutdownPrivilege	2792	chrome.exe
Token: SeCreatePagefilePrivilege	2792	chrome.exe
Token: SeShutdownPrivilege	2792	chrome.exe
Token: SeCreatePagefilePrivilege	2792	chrome.exe
Token: SeShutdownPrivilege	2792	chrome.exe
Token: SeCreatePagefilePrivilege	2792	chrome.exe
Token: SeShutdownPrivilege	2792	chrome.exe
Token: SeCreatePagefilePrivilege	2792	chrome.exe
Token: SeShutdownPrivilege	2792	chrome.exe
Token: SeCreatePagefilePrivilege	2792	chrome.exe
Token: SeShutdownPrivilege	5888	chrome.exe
Token: SeCreatePagefilePrivilege	5888	chrome.exe
Token: SeShutdownPrivilege	5888	chrome.exe
Token: SeCreatePagefilePrivilege	5888	chrome.exe
Token: SeShutdownPrivilege	5888	chrome.exe
Token: SeCreatePagefilePrivilege	5888	chrome.exe
Token: SeShutdownPrivilege	5888	chrome.exe
Token: SeCreatePagefilePrivilege	5888	chrome.exe
Token: SeShutdownPrivilege	5888	chrome.exe
Token: SeCreatePagefilePrivilege	5888	chrome.exe
Token: SeShutdownPrivilege	5888	chrome.exe
Token: SeCreatePagefilePrivilege	5888	chrome.exe
Token: SeShutdownPrivilege	5888	chrome.exe
Token: SeCreatePagefilePrivilege	5888	chrome.exe
Token: SeShutdownPrivilege	5888	chrome.exe
Token: SeCreatePagefilePrivilege	5888	chrome.exe
Token: SeShutdownPrivilege	5888	chrome.exe
Token: SeCreatePagefilePrivilege	5888	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
5888	chrome.exe
5888	chrome.exe
5888	chrome.exe
5888	chrome.exe
5888	chrome.exe
5888	chrome.exe
5888	chrome.exe
5888	chrome.exe
5888	chrome.exe
5888	chrome.exe
5888	chrome.exe
5888	chrome.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
2792	chrome.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
1680	msedge.exe
5888	chrome.exe
5888	chrome.exe
5888	chrome.exe
5888	chrome.exe
5888	chrome.exe
5888	chrome.exe
5888	chrome.exe
5888	chrome.exe
5888	chrome.exe
5888	chrome.exe
5888	chrome.exe
5888	chrome.exe
5888	chrome.exe
5888	chrome.exe
5888	chrome.exe
5888	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2792 wrote to memory of 1284	2792	chrome.exe	86
PID 2792 wrote to memory of 1284	2792	chrome.exe	86
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 5076	2792	chrome.exe	89
PID 2792 wrote to memory of 2840	2792	chrome.exe	91
PID 2792 wrote to memory of 2840	2792	chrome.exe	91
PID 2792 wrote to memory of 5100	2792	chrome.exe	90
PID 2792 wrote to memory of 5100	2792	chrome.exe	90
PID 2792 wrote to memory of 5100	2792	chrome.exe	90
PID 2792 wrote to memory of 5100	2792	chrome.exe	90
PID 2792 wrote to memory of 5100	2792	chrome.exe	90
PID 2792 wrote to memory of 5100	2792	chrome.exe	90
PID 2792 wrote to memory of 5100	2792	chrome.exe	90
PID 2792 wrote to memory of 5100	2792	chrome.exe	90
PID 2792 wrote to memory of 5100	2792	chrome.exe	90
PID 2792 wrote to memory of 5100	2792	chrome.exe	90
PID 2792 wrote to memory of 5100	2792	chrome.exe	90
PID 2792 wrote to memory of 5100	2792	chrome.exe	90
PID 2792 wrote to memory of 5100	2792	chrome.exe	90
PID 2792 wrote to memory of 5100	2792	chrome.exe	90
PID 2792 wrote to memory of 5100	2792	chrome.exe	90
PID 2792 wrote to memory of 5100	2792	chrome.exe	90
PID 2792 wrote to memory of 5100	2792	chrome.exe	90
PID 2792 wrote to memory of 5100	2792	chrome.exe	90
PID 2792 wrote to memory of 5100	2792	chrome.exe	90
PID 2792 wrote to memory of 5100	2792	chrome.exe	90
PID 2792 wrote to memory of 5100	2792	chrome.exe	90
PID 2792 wrote to memory of 5100	2792	chrome.exe	90

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://carlsonrezidor.sharepoint.com/sites/RHG-RadissonCorporateAccounting-messageboard/SitePages/Billing---RGH-Corporate-Accounting-invoicing-to-hotels.aspx?web=1
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa12c49758,0x7ffa12c49768,0x7ffa12c49778
  2⤵
  PID:1284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1772 --field-trial-handle=1916,i,9001098144126506472,12538143293920157507,131072 /prefetch:2
  2⤵
  PID:5076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2224 --field-trial-handle=1916,i,9001098144126506472,12538143293920157507,131072 /prefetch:8
  2⤵
  PID:5100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=1916,i,9001098144126506472,12538143293920157507,131072 /prefetch:8
  2⤵
  PID:2840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3100 --field-trial-handle=1916,i,9001098144126506472,12538143293920157507,131072 /prefetch:1
  2⤵
  PID:4932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3092 --field-trial-handle=1916,i,9001098144126506472,12538143293920157507,131072 /prefetch:1
  2⤵
  PID:1144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4656 --field-trial-handle=1916,i,9001098144126506472,12538143293920157507,131072 /prefetch:1
  2⤵
  PID:548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3360 --field-trial-handle=1916,i,9001098144126506472,12538143293920157507,131072 /prefetch:8
  2⤵
  PID:3224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3324 --field-trial-handle=1916,i,9001098144126506472,12538143293920157507,131072 /prefetch:8
  2⤵
  PID:4356

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4076

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0x40,0x128,0x7ffa08af46f8,0x7ffa08af4708,0x7ffa08af4718
  2⤵
  PID:700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,13925844579716512228,6491595112870095932,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2
  2⤵
  PID:4192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2144,13925844579716512228,6491595112870095932,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2144,13925844579716512228,6491595112870095932,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2896 /prefetch:8
  2⤵
  PID:2536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13925844579716512228,6491595112870095932,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
  2⤵
  PID:1704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13925844579716512228,6491595112870095932,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
  2⤵
  PID:2584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13925844579716512228,6491595112870095932,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5044 /prefetch:1
  2⤵
  PID:4916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13925844579716512228,6491595112870095932,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5016 /prefetch:1
  2⤵
  PID:548
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,13925844579716512228,6491595112870095932,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3416 /prefetch:8
  2⤵
  PID:2900
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,13925844579716512228,6491595112870095932,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3416 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13925844579716512228,6491595112870095932,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5264 /prefetch:1
  2⤵
  PID:5268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13925844579716512228,6491595112870095932,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1
  2⤵
  PID:5280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13925844579716512228,6491595112870095932,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3852 /prefetch:1
  2⤵
  PID:5668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,13925844579716512228,6491595112870095932,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5368 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5800

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2784

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3076

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:5888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffa12c49758,0x7ffa12c49768,0x7ffa12c49778
  2⤵
  PID:5904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1764 --field-trial-handle=540,i,11258755161433888158,5277653163303450642,131072 /prefetch:2
  2⤵
  PID:6108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1992 --field-trial-handle=540,i,11258755161433888158,5277653163303450642,131072 /prefetch:8
  2⤵
  PID:6140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2236 --field-trial-handle=540,i,11258755161433888158,5277653163303450642,131072 /prefetch:8
  2⤵
  PID:4888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3164 --field-trial-handle=540,i,11258755161433888158,5277653163303450642,131072 /prefetch:1
  2⤵
  PID:3224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3132 --field-trial-handle=540,i,11258755161433888158,5277653163303450642,131072 /prefetch:1
  2⤵
  PID:3000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4600 --field-trial-handle=540,i,11258755161433888158,5277653163303450642,131072 /prefetch:8
  2⤵
  PID:5840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4020 --field-trial-handle=540,i,11258755161433888158,5277653163303450642,131072 /prefetch:1
  2⤵
  PID:6136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4928 --field-trial-handle=540,i,11258755161433888158,5277653163303450642,131072 /prefetch:8
  2⤵
  PID:5452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5248 --field-trial-handle=540,i,11258755161433888158,5277653163303450642,131072 /prefetch:8
  2⤵
  PID:5264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5056 --field-trial-handle=540,i,11258755161433888158,5277653163303450642,131072 /prefetch:1
  2⤵
  PID:5320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5396 --field-trial-handle=540,i,11258755161433888158,5277653163303450642,131072 /prefetch:8
  2⤵
  PID:5232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5420 --field-trial-handle=540,i,11258755161433888158,5277653163303450642,131072 /prefetch:8
  2⤵
  PID:5832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5284 --field-trial-handle=540,i,11258755161433888158,5277653163303450642,131072 /prefetch:8
  2⤵
  PID:5296

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:5404

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
14180951e7e9e6af0dc7cb18bcbebf5e

SHA1
724b6802059bd27e8a2d09687be9ff1bd4dd11ca

SHA256
2fb6309a879d828fc4cf7b3ffef3956ecc0c57e1c1e8e98a5ca8a1e30b560330

SHA512
0ae6ce9e9855f287f37d9df00e60dbebdeb24740399c3cd948c1e975e219a68eaaeea4d48754a45c41c52efb26713f36e9115f77b9e20ebc05e4cac943b690e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
14180951e7e9e6af0dc7cb18bcbebf5e

SHA1
724b6802059bd27e8a2d09687be9ff1bd4dd11ca

SHA256
2fb6309a879d828fc4cf7b3ffef3956ecc0c57e1c1e8e98a5ca8a1e30b560330

SHA512
0ae6ce9e9855f287f37d9df00e60dbebdeb24740399c3cd948c1e975e219a68eaaeea4d48754a45c41c52efb26713f36e9115f77b9e20ebc05e4cac943b690e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
dca4c1ea6d6ac8a67d68d73b6fafbf72

SHA1
7b2631a139adddf4c503a91ee685b5e58e4ec31e

SHA256
1921780f8c32e7b2839cf8ba60b8e2633ed8c4b8778da832e89f53dc05a253e4

SHA512
fca8b0c4a145239449fd3fa0dd47fe96d26b6f97b33630cdf88fb3fc54a8032ecc23c3a917f26345f29eb27505685988d2d719b4698857f298623662a250330e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
edbc42f1e5fe6b6cc5f971295e8e36cf

SHA1
cf5048ecb6c4d1fbdacccadd35dec1e8cc14c57f

SHA256
693ff2ec5def0feecdc08ed55e81077f99cc363e4c4c925aaa099527751f69ae

SHA512
25933d216917b8fea5dc82300eb0e78fb2a768fde9a905d4b39c1beae6a535e1c8fe626e1b7ab4ce5ddee56788ded8702ea317bf5e97bc296015d4d37c6f52cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
283ce5f96e2bc7e989bb1c82af5d5507

SHA1
eddeb9ab94ee09f5ecc0b19cb3a467933accbdff

SHA256
6f5e6360c1eb0fe4c886cdc1ff6603aacf3800b0fb83a8a0f10896c44674580a

SHA512
d74adf4927cd475a19e401a9ef8714591c8ad8ca0e256013a399896964121d748c76268cb8a43d0217feea0c7dd4dc145a3952509933979b37113ecffa906911

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
0e6e81a502610e74194bb6d35991ed05

SHA1
79db0d11167bca414f9b6ec38594b143ca8d0f1f

SHA256
6d58a1ac13e1d5bd7caaeb53546b4a0365db9c1b4505c2de7ad77fca99357f93

SHA512
aa7566bb5bf9c44954458ff37de0798af5e8314b101ca2cb65cb69452afc307d1726636d74a875e1319ac3429136f5b7e442ba8337662d8e7e7b123f140ff5d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
47KB

MD5
328989d4aa9060c759fd67742316a576

SHA1
9199a976427e246ac5cd5867d00a8054f3dec9e5

SHA256
a1f2f83db8dfee3c9cb63d549e89f591d793e487c7aa9be0af10018584a82165

SHA512
3388d15fe2634c647d71b84bfdd078bbd922b439cf087d4346a4096a5c2e6e9999c561be3759388ebf2713dbef158868210d743b6a91c1fc8db0c56e2f9ba3ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
19KB

MD5
ce700cb8ec015f0458323559f29e300b

SHA1
18df88f6a0d13b2544de26032d61835b07220a84

SHA256
d3bb20dece9c68b7f3364770e1c175bac66ea261b8fd3ab9472116a2cd70a9cd

SHA512
3db0ce1788332d793985226b8e6d48ec72f4bbad75eef7cdd6172c810d8f9c080d4396fe6304e8412f4aab89cb1003ff56f91a1b413aacdd59dec007c700b1c6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
115KB

MD5
6b49eb61aea70a421687d9f7b76eb5f1

SHA1
4105e9e5790ba763603e0c16ae66316a2ec05338

SHA256
e80b19bbc8640fdc9bbbb503357e60fdded2a3db2c729ca55e6f29fe3157aab0

SHA512
ee8a825b41ccfc65e46233b9d0106ee5f53db85a4e1117e3611d536b792f9de7792cad33e6d8369318647511de4a2019c71195c42b1bfbf8a9f9d617717e0738

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
59KB

MD5
c1e82bf71add622ad0f3bf8572f634fc

SHA1
6ca863d4cab96669202548d301693b3f5f80b0d5

SHA256
ba48af15d297db450dc4870242482145addb2d18375a4871c490429e2dc5464a

SHA512
820a7f8a0c8ea33a8fe1e90cdc35f45dc1e143e836b0d8ea047e1e312f8caec72cdee4e7db54760a4d749cd0acfe103a27e39a9a56eb2d704e448a67b0d0c079

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
33KB

MD5
82de9b74d7cbd87514a51642d48ad650

SHA1
6c29e1958e60a31d4ecdac9816985ea0284a9b2b

SHA256
b0974470aab1d674aa1c75d50688aa7f08e60a9958d83618e0ab0537204ac6d6

SHA512
54717a98090fc10aac86cc3a4b618caf44923c9586c1378edd9ce7cf428d3eb2fbba2c1de2b3cbcb809d39383ffbc047440d4f84e2026f89b319e31ac798c487

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
16KB

MD5
12e3dac858061d088023b2bd48e2fa96

SHA1
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5

SHA256
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

SHA512
c5030c55a855e7a9e20e22f4c70bf1e0f3c558a9b7d501cfab6992ac2656ae5e41b050ccac541efa55f9603e0d349b247eb4912ee169d44044271789c719cd01

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
35KB

MD5
0304c027da17aba2d1f03eab9d235f61

SHA1
7c5dde1e93cf16679c4ffc878270f8e1c9f971f3

SHA256
9abbca7adfb7da05809739387a97d66ea1a5b99ba0a4d4af5c029d7c79e289f9

SHA512
0b85c43ea46f2253f309f2d2c9a57f0c5620056f09430360f708d6d5396ced3e5c9f8d58d442b52c40bd87fa6650608a0b2cceffebe0f57fba99df54b0624c4f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
509b1dadbf11b86012b0e64d73f65968

SHA1
8b53eeb0fa7b8a3af1c4b76fc225c996acce98d4

SHA256
b1a729799a07995a5e326aeaec412c5a741a5400306cb43d326f7e9d73e4e25e

SHA512
1f2342fb7aaab02789619966a03ae889c5ff7bfc3ce3d405cd217915a1a0f0c7e9fd5a072472baa59ad473a1c145b4c4074ceec009927662be48a6a3d5ff470c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
05694cf7874b94c8fe920cbef59365cd

SHA1
08d71a5f3a019c3a2cf3314aca0bc6ce97453534

SHA256
6b1445cd52b53868e938895691fea3bcc84e31c8e1e9a0b6f32d0ebc69845016

SHA512
de618da2e16d0af26d3ae912528bffee8a773560ddba7f26f47674eaa1aac78d7bac18a799b362e28c9293199724057ab0a76002895ae8db30beef24164cd591

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
05694cf7874b94c8fe920cbef59365cd

SHA1
08d71a5f3a019c3a2cf3314aca0bc6ce97453534

SHA256
6b1445cd52b53868e938895691fea3bcc84e31c8e1e9a0b6f32d0ebc69845016

SHA512
de618da2e16d0af26d3ae912528bffee8a773560ddba7f26f47674eaa1aac78d7bac18a799b362e28c9293199724057ab0a76002895ae8db30beef24164cd591

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

Filesize
28KB

MD5
6b802cfbe609190dccc3ddcb2e3dbaf8

SHA1
929acbfc3584bc8d4d594c22b194dc3b06f6a5f4

SHA256
7a691d5b5c8ab9d8cb71467e7268c62deba17e1bae81c9156383cdd7a46e8e0a

SHA512
7ec92a410b95b9a1511b5b861b08073a84f2a1a24b332ec38b8e90593e64907f55d89ba051cc646473219df6f3cd4030771cca7f121ff3cf68ea515536ecce5d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
148KB

MD5
37ec588e490b41c16d5f91fc92765526

SHA1
0ada921a5185cbd61f65c6715aa6643f5ad31b00

SHA256
d7ebb93f4a1fc1e6274508f6b09592fd1c3118d11d9efcd4d6a42d9d50095afc

SHA512
f36d94d02ab4e409c3fd6a151fb1e95bf2ab622d80eab4333ab4ad2ced6bb0394d9199cc5b6eb51636bb51c9223cefc26ff55441de3b14f7230bb4cf85d3be02

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log

Filesize
170B

MD5
a98a25311bdd1d1d90d513ee5c180c5a

SHA1
34b68e250d812ef68b56bfbe81a95b2e948a7368

SHA256
b0fb37c159c122ee2db97383e35556aab5e82c540ba723cd765e3b4fcfc36b20

SHA512
dbc5dcd3c09f026d36e88d3f59b3ec868f2238d866a9a83d0a766350b2dc567aac115185d656f6cc7b78704107a0d456d21d119b2bcfc2370ea16a143b87859a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

Filesize
329B

MD5
8347a8b3e4e258cfebc59bcc961bad7a

SHA1
187d459372b3093c70d35de80d122e25e578595f

SHA256
cb30dcc950488cfc786dd0fe9cf762a2a09cf2b92e7963653f22f9a0b514308c

SHA512
c270b8f0fdb7a0ec39e7a5fd70ec2e2db2a995df72ba524fe5edbf24585f35d00427d666b8ca08d13082dc3d9a3dbae921e0ce5a664ccb90d2982b43edc7ab4f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

Filesize
20KB

MD5
16e5ed0ff630699053990790168f20ab

SHA1
c7b9942366970a59817bbf2ce7c2789a6424b128

SHA256
7c7cd367c9bd6940c8babb81216e30c5aea72e264aa07d08810c1032ab4cd654

SHA512
349db3d82dfd245a56e22e71a7f3aec6b878e15490f27778b4a176e4b85e2bb87ec4bad23254c7aeff698016c5a50cce54c5564b38e05d920015bb47927423ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
d1dd0126bb83275b90d5ffbc63a750cc

SHA1
98872e318cf59a215984b2633af3af02762b349a

SHA256
0df298f4922fbed2a9a2746a0b008ba31d2823f5c647b456e63aeed0b9dce446

SHA512
be971fad2cfaff65e2c8f2403b74996b9fe58f51eab9b021a7a0b588a413384db87e5dd30e1afdb088c06965d9dffc811fe5e78822a776c301f6e9239ac470a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
c76e15a54c47f81c16e702e904dfa133

SHA1
b6f09ce9a1ba7ef70b894caab58663878d137469

SHA256
10eaf4288cb365cbbe324f8370df28580cb255c65bd3d87471c3119cb2e3cac8

SHA512
67e9b406fa382301b9eaa22520a468800712cc8531b75f4d3a48be390aaeb05ad1b601ce742026f50f75a6490108aea4f0d6eb32f36b90197e1b9137bac6db2a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
c76e15a54c47f81c16e702e904dfa133

SHA1
b6f09ce9a1ba7ef70b894caab58663878d137469

SHA256
10eaf4288cb365cbbe324f8370df28580cb255c65bd3d87471c3119cb2e3cac8

SHA512
67e9b406fa382301b9eaa22520a468800712cc8531b75f4d3a48be390aaeb05ad1b601ce742026f50f75a6490108aea4f0d6eb32f36b90197e1b9137bac6db2a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Reporting and NEL

Filesize
36KB

MD5
ae26e9510ccc42cb42a02d0c0140acf7

SHA1
b37dea1a14f1d6d17875217d3be764357c915634

SHA256
f49c652a6903bfdba65d7b439724677e8aa67992e76795c9e639b6a8fa16a210

SHA512
b8fe42e287e8ec886b7780fec11e36d77ac099e463ae2a4bb56a035b4601145e097914725ae4235bf0ae44183b2158b87c784fcbebe321dc7c55d6d53c3f8ebb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
3a1ccd34c08201315c93e235480ec903

SHA1
5fb546faf9eb40e948aab19d8f7a9094de780323

SHA256
c8767ee10798461dab78a73fe91e5f126585b71b15f3b375f566f41db68a38e4

SHA512
f7c8dd76c6ce4fcdce318d162fb08f9c1396fee304cf85e61e6a9446d5cb67ad846f4c9b5dceca7d7c1e6fbe69e24b8403598a0131ae61ac1cda206adcc73f94

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
3a1ccd34c08201315c93e235480ec903

SHA1
5fb546faf9eb40e948aab19d8f7a9094de780323

SHA256
c8767ee10798461dab78a73fe91e5f126585b71b15f3b375f566f41db68a38e4

SHA512
f7c8dd76c6ce4fcdce318d162fb08f9c1396fee304cf85e61e6a9446d5cb67ad846f4c9b5dceca7d7c1e6fbe69e24b8403598a0131ae61ac1cda206adcc73f94

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
f4c51b47c6e592e6698d38fe0b924663

SHA1
7b569e84b06335fe9ef84bb42ae0d15162bd9ec8

SHA256
bf05db982ca63bd9f979b87237d8fdacfbe7dc7f6c462c1a179ae318532a7907

SHA512
b38ef1ac5ce04573afd95b331e59196214dc3da94f6b6a59a1cb7efc8423fce4731ba4cd93a8a612060a083a2d510873095ef0a2b467873f18a2a4017cb6b54f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
da130af18aeda4cc75ed9c3002856e5f

SHA1
2807d072a484f21decaed732093e670252b2d353

SHA256
9ece58da08a736c78849b338329ac32f355a0ebd372d99ca6c7b679f254c39fb

SHA512
8fd5179ca21ab7337bcf39df37fba8f2446dae5b90d7fdd3cbdde7f9d4393e0a0b3258ec4ffbc6d6815e12390e43e06bbb567e123a8d9e62a3090339f475ce4f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
4b9c337df34389f923283504c80bc5cd

SHA1
a8c3b8466f5a581a52497f945fbc4a136df68b85

SHA256
26e5765be24ebb3548dc08bd8999f27dd7239116d57cdcc65c48087f2832ca0c

SHA512
b4257946744da7d101017cd3d28b84bee044396344d80f9d1ce41b498f11e0b4ef03b3751ea3616e12e1957af768fc0dd64d834118edc188fd9688561950bec2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
4b9c337df34389f923283504c80bc5cd

SHA1
a8c3b8466f5a581a52497f945fbc4a136df68b85

SHA256
26e5765be24ebb3548dc08bd8999f27dd7239116d57cdcc65c48087f2832ca0c

SHA512
b4257946744da7d101017cd3d28b84bee044396344d80f9d1ce41b498f11e0b4ef03b3751ea3616e12e1957af768fc0dd64d834118edc188fd9688561950bec2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

Filesize
317B

MD5
6f2c508c7c120c37b599e7daa3d5e5e9

SHA1
3578fe634d95c3dd394d98aaa84c0b75dd5f9b1d

SHA256
e401b5c821d7198245a3b5c3f5a984a291c47c5960bcb93bc2023baf5be37adf

SHA512
839d2cf0902ce09cc09b96cd0a51752d123850f755c48b11b80ecda706430a616d206b624bb324d364c3d040a8bdd45fc4bcd64a7fee0214b5817e4935e3fb4b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13345054427042595

Filesize
5KB

MD5
67831c7fae6c006d503fe497a1435df0

SHA1
4202d11ae8eeff46bccbb3984fc41c9f1a973d5e

SHA256
e4c98a66c2f84be5af57eabe5937439d59f9c121ba7b7c573e48ff99007d36c3

SHA512
47db121ce6bc1c3b5a18c9d23b1556de01f405788c30b48fc26759df14ff347846f46e843a1d032af3cae469aa012baa3586389c76d520a69d7c63f7cadae399

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log

Filesize
112B

MD5
f8d03629f56eed0d2496cf9273ff47c9

SHA1
be3e16f1301c63e05e4a37f867ad748711baee3f

SHA256
cc9152c6296fccec20117ed10e4ad49c9f32504ea25fa9dcd340d1de14298048

SHA512
09f2607872212451500847eb6401104e3d9acd39384390e3704552371a7fb9a535375d9e64c27a78ca9e0dffa6e3e131c6a731d71028db6e3886b4bee7e1d75e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
345B

MD5
7b069789034709904129781012052e7e

SHA1
325a8ca9ac874c2bd3918138e4f2c75372baf9e8

SHA256
4ae40e3f15526b2e139703049462c148f37e6a2e71f62d9f5b8960451fbf95e3

SHA512
dfd8a7cfe1ea3655adf1504f4d1b88f150235c570c045771ce25539914d309bad452c5eeee6889ff5d76a03cccdc82deafc112d97f23bb1da1c6ae853da54620

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log

Filesize
8KB

MD5
66a7adb74aa694413b5bf4a0a47be6e3

SHA1
1e59141c47dddf685f360e65a520156a54c9e373

SHA256
c61ec87889a9117a1dba2eb4120174a710e6475e91bc521a32bae71784a13307

SHA512
37e9130f77e9bbb456b8833c6922223ef9db3a720bcdaabb716fb512d0fcca2079577f52d3df14c2caca6b0a4e3db4ef11d271c0496ad3a2752fb33e839c1b53

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
321B

MD5
92363c3b778e7904f3140f7c84b84adf

SHA1
e9f968cec05126f210db6c85cf5480ea3bd8c114

SHA256
ac76627de394a69e2d79c8c52b8b156c4e2be8ead6a0c72443685c4e681305f0

SHA512
55d796c81b0129342c8e4a0c287b97a2303fffb131a11dc201f42336a766c313aa6e8945911bc3ea55a39779a8cab51fea9d8d4c7af34872f10f4ad1ac25d20e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

Filesize
128KB

MD5
e066feec912f0535148d47c0c360100c

SHA1
03f29f5aa33f428c8add196fc19f0b3a43e3a70a

SHA256
bc620f3cded8313fb713a0a303d6ad2f12eea08420dadd056d4d36743335b2c2

SHA512
934698522426f779aa0c6cc649f99fd7ae5c6eecde385ddd7bed67a831b98bbd9faec8e7265b7f29eaacae41caa65d3415c86f5e5a477dd68b8fa8bdebff1a7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\e013e7ed-524b-44e3-b4d0-9145fa1288d7.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log

Filesize
786B

MD5
ad0925d25f9ae9a09f030f7f7e2b0484

SHA1
2c329dee6b510d09b8e7a951f3ba49b05bef9fe1

SHA256
74e811b6ec649d6e300500cc4ce0788ecbfedb00dbd1fb08a9bb66d310286a1a

SHA512
6859a6937b2c72c89ec436d122269df3025509d640b63258703cb639a9d5ce105ba0f953012e304dbad487b2bea7b2606936730061009c8d9f23175e2790d4ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

Filesize
320B

MD5
59e2048d64f72f948df9d45379986f32

SHA1
d7ffeda87c723b62468eae7d076849e536dfd6f6

SHA256
55405849945ba05e62ff265bc2cb5d4b39015134ec1704ac425d50d4ec5c85a6

SHA512
2bc8856cee88a1b74c5331f9f4a66eca23ba7b3865f575343dddd4d7380afd845535d906aa533e849698a88700d5c8027e8796ab6851429d61154b0b429377f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log

Filesize
860B

MD5
19f680b350d390531226890ee447244d

SHA1
324b860e84079446cdf31958e0365cf2c40dd6d9

SHA256
02cb63639bbf99b794a1e6ce26a791555d43b46ff361fe2eba510d0a2f0e1c67

SHA512
848bc5294c21074cb522f29ba2c2820a7d21a8f31a58303b06c4a683983a1012bfdad95a63e7a4632d4fae304aeb345963a49873008d6c49c62fad67ea1568b7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

Filesize
338B

MD5
019c0fbb0ed7e48dbc5c6f80cc5b60b9

SHA1
f719ba574012ff38576b7ff919548aac00376f0f

SHA256
e99234dd457b11e6e19d16b43dbe90d6131f81294d4f6c4240d41bd848267fbe

SHA512
af49d1dcbaf4a08b468df8a635f662faa795aedbca0f2dfd37045e03fabb6efa1e023e20560fcfb2c8f18b7d079819fc0c13ca1e92a2aea1a4aaa138daab5230

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
9eae63c7a967fc314dd311d9f46a45b7

SHA1
caba9c2c93acfe0b9ceb9ab19b992b0fc19c71cf

SHA256
4288925b0cf871c7458c22c46936efb0e903802feb991a0e1803be94ca6c251d

SHA512
bed924bff236bf5b6ce1df1db82e86c935e5830a20d9d24697efd82ca331e30604db8d04b0d692ec8541ec6deb2225bcc7d805b79f2db5726642198ecf6348b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
219KB

MD5
c7b8ed3332254037a06e5aa845b61a94

SHA1
346f00842433425b0141adda204e63090e297e0c

SHA256
a9ed4969442fba4c979f690cb8f24286b228a001a82e06be85449ed1c09faae3

SHA512
babfa2ab7b2cb4ce448ab0a1a5f8cbbc30f21e259f19f99385a5fa337929fd9214bc655dd0e1cdfa19b7be40feb787c281d6cf3eed905ef988c08782648ba389

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
109KB

MD5
60afc26c39f656ddeb14c5df8f8d412f

SHA1
6e6fb27757d311dcf6e4a9f4dc8c2d928d139a05

SHA256
f81a7565b4c904ea8c362a95b270c6fa0e6aebb551381863e9c37372d89281d5

SHA512
d504b4e2536bf2439410a3052d9a0b8a99a3ba5336d1b9cfdabad20b30891390816656f2b4d217218b41aa7e60e8bed991e6b0870a5e397327799d6158d95e64

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\e4eac39c-0cb4-4987-b7b9-238be31a386d.tmp

Filesize
109KB

MD5
60afc26c39f656ddeb14c5df8f8d412f

SHA1
6e6fb27757d311dcf6e4a9f4dc8c2d928d139a05

SHA256
f81a7565b4c904ea8c362a95b270c6fa0e6aebb551381863e9c37372d89281d5

SHA512
d504b4e2536bf2439410a3052d9a0b8a99a3ba5336d1b9cfdabad20b30891390816656f2b4d217218b41aa7e60e8bed991e6b0870a5e397327799d6158d95e64

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f4787679d96bf7263d9a34ce31dea7e4

SHA1
ebbade52b0a07d888ae0221ad89081902e6e7f1b

SHA256
bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87

SHA512
de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
acb9b77f01914a998c29790b3a8ca370

SHA1
c4ad9ee9d35f7c1a5307b045d5d6d71017105514

SHA256
e121c020d98e192a6e5d933f95d1a77fda60095bd9ac9b1399e331011ca6f82d

SHA512
fabbf66e94a56efa63af672f053095a0255a7922d1fd37303ddcb7a265ab5325bfdc6c4e05a393243403a802b4a843206583cb0b9853ed72d08b4237138cffa3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
0a0fb233627c1468948b161cf6a98048

SHA1
7fb1b2881c7271c3a28af38b0e04fcf5931e5908

SHA256
473c4b979aa33d57449534fe6c2af67e2e901667984a6ff4bf421463477922e3

SHA512
054cfbc2f466b4e000a74cb3ff1a7ebb4a65323703d32c1e014160f0658fb6e779a1531e3cc1ee688946e29910fea9e08ed8d43d59ed3978d82a453c93553ad0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
3a748249c8b0e04e77ad0d6723e564ff

SHA1
5c4cc0e5453c13ffc91f259ccb36acfb3d3fa729

SHA256
f98f5543c33c0b85b191bb85718ee7845982275130da1f09e904d220f1c6ceed

SHA512
53254db3efd9c075e4f24a915e0963563ce4df26d4771925199a605cd111ae5025a65f778b4d4ed8a9b3e83b558066cd314f37b84115d4d24c58207760174af2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
1c8ce23c72d90e25bc4d3fa3bc778b46

SHA1
eb593a9d728dc54f015b6cee54a291bfa43f7e81

SHA256
d3d24487261006cdfd3f2a9033fe2283ec2a258a6e7ed9c370b972d8c1489659

SHA512
935ec004350a2b5c02f93a0f3b06f6d8238da8436235db9f07c43017c6424215e3bb2098d7706cbf69632b597a850ede23625660e8be039442b9f53cc8ef8888

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
114864c57da83b814a40a13424eab45f

SHA1
5036e993a2942e42488c423fd146579e28d67c0c

SHA256
ee8b3a4bfb6af5357f6a1d64287b0e25c4ab63edf8a2554ccecae3bce6251e67

SHA512
3bf98e98de0cdec74544549e5a19b0fb77df8ac3fca4ad615a546bf2ffbe2ca90e274e3d640e98dc272d59fcf79a38cae0d7199a0d51506d532bd11f3c008436

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
87b064d6389a0a02df0ba66674123f04

SHA1
5bb0735720ba164b9576f6fceb08549d87551c26

SHA256
563a3a8922aba486448a644d731f8796fb299b3ec31bf8db16f5d6e57b650a7c

SHA512
dde1cb438ef22e099222da7d14dbf563af5ad0c50de7ba055a06ea6b29c40337e728cf99e8ba5eb67cf070bb6048ba46335b6c516b5ff1784d161721706ae1ee

Download Submit