hxxps://www[.]youtube[.]com/results?search_query=adobe+audition+crack+download

Analysis

max time kernel
79s
max time network
85s
platform
windows10-2004_x64
resource
win10v2004-20231127-en
resource tags

arch:x64arch:x86image:win10v2004-20231127-enlocale:en-usos:windows10-2004-x64system
submitted
12-12-2023 05:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.youtube.com/results?search_query=adobe+audition+crack+download

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133468342083057408"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3635043082-2972811465-3176142135-1000\{F7829484-8C18-4DDD-8D2A-CBA61D276C68}	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4944	chrome.exe
4944	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: 33	5032	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	5032	AUDIODG.EXE
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4944 wrote to memory of 2272	4944	chrome.exe	85
PID 4944 wrote to memory of 2272	4944	chrome.exe	85
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 4820	4944	chrome.exe	89
PID 4944 wrote to memory of 3380	4944	chrome.exe	90
PID 4944 wrote to memory of 3380	4944	chrome.exe	90
PID 4944 wrote to memory of 776	4944	chrome.exe	91
PID 4944 wrote to memory of 776	4944	chrome.exe	91
PID 4944 wrote to memory of 776	4944	chrome.exe	91
PID 4944 wrote to memory of 776	4944	chrome.exe	91
PID 4944 wrote to memory of 776	4944	chrome.exe	91
PID 4944 wrote to memory of 776	4944	chrome.exe	91
PID 4944 wrote to memory of 776	4944	chrome.exe	91
PID 4944 wrote to memory of 776	4944	chrome.exe	91
PID 4944 wrote to memory of 776	4944	chrome.exe	91
PID 4944 wrote to memory of 776	4944	chrome.exe	91
PID 4944 wrote to memory of 776	4944	chrome.exe	91
PID 4944 wrote to memory of 776	4944	chrome.exe	91
PID 4944 wrote to memory of 776	4944	chrome.exe	91
PID 4944 wrote to memory of 776	4944	chrome.exe	91
PID 4944 wrote to memory of 776	4944	chrome.exe	91
PID 4944 wrote to memory of 776	4944	chrome.exe	91
PID 4944 wrote to memory of 776	4944	chrome.exe	91
PID 4944 wrote to memory of 776	4944	chrome.exe	91
PID 4944 wrote to memory of 776	4944	chrome.exe	91
PID 4944 wrote to memory of 776	4944	chrome.exe	91
PID 4944 wrote to memory of 776	4944	chrome.exe	91
PID 4944 wrote to memory of 776	4944	chrome.exe	91

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.youtube.com/results?search_query=adobe+audition+crack+download
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xdc,0x108,0x7ffdbdb29758,0x7ffdbdb29768,0x7ffdbdb29778
  2⤵
  PID:2272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1768 --field-trial-handle=1916,i,1931375383777335388,1495080644255666888,131072 /prefetch:2
  2⤵
  PID:4820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=1916,i,1931375383777335388,1495080644255666888,131072 /prefetch:8
  2⤵
  PID:3380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2236 --field-trial-handle=1916,i,1931375383777335388,1495080644255666888,131072 /prefetch:8
  2⤵
  PID:776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3088 --field-trial-handle=1916,i,1931375383777335388,1495080644255666888,131072 /prefetch:1
  2⤵
  PID:656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3096 --field-trial-handle=1916,i,1931375383777335388,1495080644255666888,131072 /prefetch:1
  2⤵
  PID:1564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4568 --field-trial-handle=1916,i,1931375383777335388,1495080644255666888,131072 /prefetch:1
  2⤵
  PID:4236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4856 --field-trial-handle=1916,i,1931375383777335388,1495080644255666888,131072 /prefetch:1
  2⤵
  PID:2712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3476 --field-trial-handle=1916,i,1931375383777335388,1495080644255666888,131072 /prefetch:8
  2⤵
  PID:4496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5504 --field-trial-handle=1916,i,1931375383777335388,1495080644255666888,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:3516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4524 --field-trial-handle=1916,i,1931375383777335388,1495080644255666888,131072 /prefetch:8
  2⤵
  PID:5708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4728 --field-trial-handle=1916,i,1931375383777335388,1495080644255666888,131072 /prefetch:8
  2⤵
  PID:5804

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1448

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x490 0x384
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:5032

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
31KB

MD5
2475d0743fd52adf6722b9c3ee83b487

SHA1
7716f21438bdb3f86b3344f51c550a9ea3fdee1f

SHA256
6506615ad0ed7e47ce725a4a269663aee7dd2a8627a03950fd54f94dfcb578c1

SHA512
43e07e106aec11c6b6f87c82c21343dcc4d4e6cff2d2bd73b714ae2ae096522aa8e6d3e32b6f27eda986e1a434bbafaedc819b38df16f4dc8e5518e8159e4a08

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
552B

MD5
3cf0b6ffc80a04230d8b0393671d2387

SHA1
bd73046ebcd545e298a3d8ccaf787c117f23b2f9

SHA256
be5070b52824ece0dbb08504470b16f9b731ee3bc35e686436ee13baca46c900

SHA512
1afd5e049b21d593cad3505fbf769837da9d46a1c4e6739ea4de87d1f163983e50802b4d2d801f76ae9c5b635d813e6255c0796834afa0f49903a9acbb8f6066

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
528B

MD5
6debd065c3ea546d4ea8ad45988c9fa9

SHA1
4e507b23f5f17623664d8567f1055d474efa9967

SHA256
bcd8ffb31a56fc6b4d790be8c432234c948f02182159edd8433182632c271054

SHA512
422cbe11eddfb8f883da0cb0f1596b92b90edba891001330362041a7daf037e962453bafc23fec7792e23f3180e697557139e64841f4163d929f60f1638264cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
705b9f10192fd16ac45d0d1f9b65b47c

SHA1
76c2c77812a1b7989b7828af46684253b4d2bc76

SHA256
5eadbd410128899e8f8f427168d38ce2ae6c541ea8734eb256336661e504fd6a

SHA512
6bfb5f3f88a5efa46e8d101b9db0afd7d599ca767a42fdbb80ac3d35945ba0ffcbf1c935b9194683380836b2adca7fbd6fb207cf8d2375d4995ea49e9962dc2c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
564f0508f7951ec80965686a64da9cdc

SHA1
a9c1d0101d3c027ae1c0bb711e3cd1da1855a6e1

SHA256
975269a04a848e432412dc9c2bc621390d6e322f840c5ea325c060470bf60767

SHA512
d9ff433c13d5829847b3b32467df82f4304f874802cf363eda8371079cbffe59ce1c9b6b843a0151ee150c47991b899c27a46466a81b64b7f4bcfb9367137103

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
707B

MD5
d279505d709bc997ec6fb7a71aaaf7b5

SHA1
6036fbb01f4a572bb5fafe3df24b3c8279c6b06e

SHA256
2c271161129a07a57d425ac284abb673e61a7e6ad5425d94523d5137579e8bb7

SHA512
0aea3d67a60eb94adad6493a891938f7b5c67b59c7bc39afccf4b8c7de70a313150bab9511b66018984dd9f108ecd3e8c2b7534b8579dbd1fc637669c172e62e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
d71b2eb1e38de5c7d3238c6bcc85fd26

SHA1
7bb129630060cc4cf3e6ece35b82d84ebeeda417

SHA256
c375569039d35914e41780460140f629c920a4ef02b491b84cb6bb788ed0497e

SHA512
15f7b3a02834d00104a3241c54ebbe2dba35f4982386db920fb1eb5a268cab2e8adf0a211040f433034bc2f839fb4a35ca5b5847710fc57ed09574352214c859

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
6deef7762d0021b6d6966a4ea23bb1dd

SHA1
533cf97e4f994b2c55e9e1b8e55aca314b51e0a0

SHA256
7194686d567a58fd9bc410e69c071c6bd44add6478a62614f53c1ed3bef7772b

SHA512
b6c6df91a328db1085f4362a3112333d187e3b62872676ea8660185d93e0a9f8a93445b50b9729086a3f5720771b7a9f085f9e6eb6fa6377f4479f77787e4420

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
4acb5e57221bfe2b08aab59313db3fb3

SHA1
8deb8f9231b50908d90a224ff6c84a9f944f380c

SHA256
934f6c062793628701cb6a2501a52ef0cfb1e4e9b13c28516587a0b0885bca53

SHA512
a16ce832f0d6827800d318c24e10ed0d092237db0118cfd1be7491433624af9806c37bb006403338f7ae35790dad198594361e50517f55c92845b1502b2fb463

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
82d73b30cfec85aa678969fc16dc2904

SHA1
e393da9283ada0c802082b4cb714f417595d331d

SHA256
affb2f7357fcc61fb3726b9fcd59ccbfb5f32504c27e8210ce64a0ec78a14c71

SHA512
3ae0fcdcb5da18b51a3e5be50364d6aaf55d5594d8f043f5bbe4d055c83046e5c8fb0d5eaa2a493cbb068cfa6aa40ea35a9c4cab58f8bb98b060a8b89fb88f94

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e7eca53c-7e03-431b-a6c4-21bcd07012ed\index-dir\the-real-index

Filesize
2KB

MD5
2488f25105dfc11c566894549eba56ce

SHA1
80b52978ea466773497a32a53d44eae1d4da003b

SHA256
1d6efd98d52391b6a995f0e0b430403b41327d13fbf643f466f6d5cd15ce1321

SHA512
7b80eaf8b2965ee01613aeb997c069254c9c43d94bd9a12a48a0e8320f958fcce67684e8d183dba4941ed6055496b38e1464752f50f031aff3fdeab26b68d324

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e7eca53c-7e03-431b-a6c4-21bcd07012ed\index-dir\the-real-index~RFe58d1a3.TMP

Filesize
48B

MD5
73eb15c6f20f9a0a2e25953bb08b180a

SHA1
c28d3c63857035cb215ce6df804ed881abfe838f

SHA256
e8aaeb8600b546f4ed51bf6a034c2d5be9778bd7975f2f631fab5c38e3af0ff4

SHA512
493f05e894b38186003aaa84a959aa8112d727c0b81bad04b4bfd9164be9ac3687d6233fb1fc3fbf68020d043df1b388035ed579bf25ff72b7a681e30b7d340b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
bba315b0129a9cd3b228a3f99d2fa579

SHA1
cb8601ae7dd1a4dcbfe79edd015b6347527e0867

SHA256
09b58dc03d82fce1e57c9e9ab0bcafb125ef3a39943871435ada3c94cafed473

SHA512
698f9304a3eb73b447bf148f913eaca7cbc58155a9b190eaf6c0ef0afcc8f6bb4b521f6070b1a2b71461aa04db6acf40e62137bd8b067c603ad3e36693863d38

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
4d203e11566b20de1e8e345f50a05b9b

SHA1
6e852b3c6b83b61c27f7318a32b396265f583e55

SHA256
9f6a005fc2a8c939d956b86ac4f72d32254a95f30979ffc87c12f666b1716fac

SHA512
bdb8ed482960ffe4b13c4b27c3a61a426610f4a2de7ed91ccd2f6631776b6d65dce37e98eedc81ae733e52aa1e2736cc0911590946f87841b41054accec933a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
de67792bac82575302d19dd2c0033f8a

SHA1
48e230849c4c9e58e1ccf1890a43c468929d1f22

SHA256
dca9e233dcbf04fd538d6b58430ecd1eb891e3df4cd702397a4f905cd127c748

SHA512
3061dbe6b085771a6be8113437cc82c564c413f06cfd52b30a32f79e9e4fbf5421ae9ddd2d80b23dfb2235fd6a53bdbb642ad7397aaa2d714f91177f8d8e4706

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe583534.TMP

Filesize
119B

MD5
04eb7b978bb9a4acc54a580ba18b02ce

SHA1
2c068d8938c8eeb8d72540eb145a4b37251ef608

SHA256
0ee105e8ce79637734104915b437ab101fefbd9c5363cae43b21bf88723bd6bc

SHA512
90f2957be977f7fad298202ac00213f7c63ced5c28d4828abd869b59b4a98e3aff2e47e8f73df931e7fe159c03c7c07799ab5c92a319b8d2ade982a435e4395a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
6be1f8619f961fa0a4cd801448cc1845

SHA1
45657dd4f7e094f5f49b050224c551cb4312f13b

SHA256
0890e7e76c86c508d2fbeca3ebde77864b469c9f024d807157bb8967edcc8313

SHA512
d024ddea2bba4e0df3c3dffbae7641c14ca2e6f6b889fff95c41557bf8c8bade32d8bee5e95510ed180a7b21292fc19bcc8a8c1c6cd7ef3d010c56c64fa8de0d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5884ac.TMP

Filesize
48B

MD5
d91df0b81ae116372b04ed30cc17db96

SHA1
4c6f5ab1fbe200e3511d3e454e69f47c704b8655

SHA256
e4cec24472308807c6ba610764ba532af41cb26402920fa99bd1c8fe833c7ba2

SHA512
3444684e06368bf26e60d339e56feae87d045a48cccce887c39a498896e2785b3ae1d5c35291df44cb197571bc72b2fdcc2802cc0f6a6e600ff7aceadbcca8d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4944_1162857375\Shortcuts Menu Icons\Monochrome\0\512.png

Filesize
2KB

MD5
12a429f9782bcff446dc1089b68d44ee

SHA1
e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

SHA256
e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

SHA512
1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4944_1162857375\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
7f57c509f12aaae2c269646db7fde6e8

SHA1
969d8c0e3d9140f843f36ccf2974b112ad7afc07

SHA256
1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

SHA512
3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4944_726870560\Icons Monochrome\16.png

Filesize
216B

MD5
a4fd4f5953721f7f3a5b4bfd58922efe

SHA1
f3abed41d764efbd26bacf84c42bd8098a14c5cb

SHA256
c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3

SHA512
7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
115KB

MD5
8f46438cd9e71851c2fa9e9d32a75555

SHA1
2780ff954fb02862cc2b0f63c12fd4fefd7dcb48

SHA256
e2bc656a845e47e947344426f3183ed7e2d6313ade8e2b7d31e554ea31027215

SHA512
3378cbf7431c219075a75e608481c07a35e7b6d2eb786b55de300c12606d7d2b76e1b72df7df8e6365ced8cf7399590e77afd5031e452e74ea388ab1aa492c36

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit