hxxps://www[.]intertek[.]com/amazed?utm_source=signature&utm_medium=Outlook&utm_content=yba&utm_campaign=youllbeamazed

Analysis

max time kernel
149s
max time network
158s
platform
windows10-1703_x64
resource
win10-20231215-en
resource tags

arch:x64arch:x86image:win10-20231215-enlocale:en-usos:windows10-1703-x64system
submitted
20/12/2023, 10:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.intertek.com/amazed?utm_source=signature&utm_medium=Outlook&utm_content=yba&utm_campaign=youllbeamazed

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133475429215286466"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1016	chrome.exe
1016	chrome.exe
224	chrome.exe
224	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe
Token: SeShutdownPrivilege	1016	chrome.exe
Token: SeCreatePagefilePrivilege	1016	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe
1016	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1016 wrote to memory of 3436	1016	chrome.exe	72
PID 1016 wrote to memory of 3436	1016	chrome.exe	72
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 4720	1016	chrome.exe	74
PID 1016 wrote to memory of 2136	1016	chrome.exe	75
PID 1016 wrote to memory of 2136	1016	chrome.exe	75
PID 1016 wrote to memory of 4340	1016	chrome.exe	76
PID 1016 wrote to memory of 4340	1016	chrome.exe	76
PID 1016 wrote to memory of 4340	1016	chrome.exe	76
PID 1016 wrote to memory of 4340	1016	chrome.exe	76
PID 1016 wrote to memory of 4340	1016	chrome.exe	76
PID 1016 wrote to memory of 4340	1016	chrome.exe	76
PID 1016 wrote to memory of 4340	1016	chrome.exe	76
PID 1016 wrote to memory of 4340	1016	chrome.exe	76
PID 1016 wrote to memory of 4340	1016	chrome.exe	76
PID 1016 wrote to memory of 4340	1016	chrome.exe	76
PID 1016 wrote to memory of 4340	1016	chrome.exe	76
PID 1016 wrote to memory of 4340	1016	chrome.exe	76
PID 1016 wrote to memory of 4340	1016	chrome.exe	76
PID 1016 wrote to memory of 4340	1016	chrome.exe	76
PID 1016 wrote to memory of 4340	1016	chrome.exe	76
PID 1016 wrote to memory of 4340	1016	chrome.exe	76
PID 1016 wrote to memory of 4340	1016	chrome.exe	76
PID 1016 wrote to memory of 4340	1016	chrome.exe	76
PID 1016 wrote to memory of 4340	1016	chrome.exe	76
PID 1016 wrote to memory of 4340	1016	chrome.exe	76
PID 1016 wrote to memory of 4340	1016	chrome.exe	76
PID 1016 wrote to memory of 4340	1016	chrome.exe	76

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.intertek.com/amazed?utm_source=signature&utm_medium=Outlook&utm_content=yba&utm_campaign=youllbeamazed
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffa33f19758,0x7ffa33f19768,0x7ffa33f19778
  2⤵
  PID:3436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1532 --field-trial-handle=1728,i,7852336880087745564,13463852672331114115,131072 /prefetch:2
  2⤵
  PID:4720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2004 --field-trial-handle=1728,i,7852336880087745564,13463852672331114115,131072 /prefetch:8
  2⤵
  PID:2136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2044 --field-trial-handle=1728,i,7852336880087745564,13463852672331114115,131072 /prefetch:8
  2⤵
  PID:4340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2876 --field-trial-handle=1728,i,7852336880087745564,13463852672331114115,131072 /prefetch:1
  2⤵
  PID:1408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2872 --field-trial-handle=1728,i,7852336880087745564,13463852672331114115,131072 /prefetch:1
  2⤵
  PID:1372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5052 --field-trial-handle=1728,i,7852336880087745564,13463852672331114115,131072 /prefetch:8
  2⤵
  PID:3320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5296 --field-trial-handle=1728,i,7852336880087745564,13463852672331114115,131072 /prefetch:8
  2⤵
  PID:4772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=1572 --field-trial-handle=1728,i,7852336880087745564,13463852672331114115,131072 /prefetch:1
  2⤵
  PID:1608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5356 --field-trial-handle=1728,i,7852336880087745564,13463852672331114115,131072 /prefetch:8
  2⤵
  PID:1264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4368 --field-trial-handle=1728,i,7852336880087745564,13463852672331114115,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:224

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3688

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x420
1⤵
PID:1656

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
55KB

MD5
b102e6c1b440ec3097bf193fcbca32fc

SHA1
378c8ab05e269446a824a844e1238b33411a00bf

SHA256
3b14bab8ddb394f71d12f3809605b2add4cdc9803b69f3c487c8051564b3144a

SHA512
8a1ead20bdc1ab4cea07eeca759085ebcb51bcd7c27cc307ca82adacab294b0d3e9e6b2fdf7a0548f4ad1b74aa75177824c0210e38902b8349949f86830d32b7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000167

Filesize
1024KB

MD5
e6601f8293f73a9637fc64e2eeaedde6

SHA1
3c50e9bd16a4d5d31113c9a76e2f27e874acd93f

SHA256
e211ae3b0167a4c542b286904bb0f243bd361c956d1d435db787a4c09e216dbd

SHA512
731c24db22181ed4b37565700b6c1a95bf81da7e6f2351af3be2f05c258cabf1938ddccc3672a23ea66be5fa75ffaae324e8d617654d67626e128ad73547d10f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
552B

MD5
1467066dbf1ed08a79260ea1c0a3936b

SHA1
eca82094556c247f5cc59428abef3ffea108d239

SHA256
0d4f8b42dcabd0a29d2f42f30a0e2dd6cbc284c584a3012f13d624f195cf6fa3

SHA512
4f66bcb4ea5589381f7dccde06b269fa7016759b8155bfa00afc760ddec8949499b8a8c0ee723143d3781f55fa7c7cace79ccfc2357909767b9e26ad6eee68b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
6c818be30874faaa0668714972bb1ffe

SHA1
138ef2590dae2f00ea0c6105e645105a50473d16

SHA256
961f6492e1f6a2cd46be824c55c661572b3a8ab129ad9e80d31780da726f3c63

SHA512
08e00760dac157585d0189abeda04e2337c79e4084bf326542ea501d2ba341cc9afe2067122e53b48e7bdb596ec76386250d4e91a312cb6c2817e23e81ccabb5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\56ea750f-22a8-41c4-a69c-f5d6a3a1a973.tmp

Filesize
3KB

MD5
b94f6c71375c4f74a4036d38aec5dd93

SHA1
06b94efac1920010784e0dbb039a032a3f06d538

SHA256
71d28499afb0b831d9bb5ca801bd2b14ab69b7be0feced049eb11eef57527fa8

SHA512
a21b76a8ae94e21ce67fa1b7550ca715889ed2a8a452a3c4755d0307c1a08da4c9d7af5c811198ab7585d926b0dd31ff49e480248ac4c5484faa4bb28dd374ac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
bdad18387b4b4ba1e0c1b8c5868a3b6b

SHA1
68f0b9c842f96be640c1a245067b95f4bde7b98f

SHA256
cc01a0cb8532c8a7abcea20312e3e274b57b849e2b93d065b06784916d01a4b8

SHA512
3d15becb7b6e121a986cae78be50adb3efe6bf4dd40d74ad8cb9a0fa6d5d35ff955d169c49012ba7e9ffcfe66348d4dfa5722f7fe0493c19dfc76bf65a103d19

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
7ce36bb33e109c570136081c62fad9cd

SHA1
5144254face0249dc9302d65c70731aa19a4757a

SHA256
32fe0780182ab2de85cc23e5d1fe1c8a9cf5405d204ea30e9360bd9cb5f7e3ae

SHA512
540594ed2e79d3a7204da575ef7f74d491009c730f13570d3ba0371e15e1d7e0e4adfc58a4aa4bacf52944cd83f4821d222dd0f9c7c04211b0cd537397ca95d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
9600ced7f74aa53021aa6a0c426b6cfa

SHA1
3d339faae5e248c2ad86f1d3179d97ae6a39b972

SHA256
57739981265063128f428ff691d87931ff20a3b21ed72995b44e7d14fc2d5eb0

SHA512
e0eedfb801135a8de8be6928f7cbcf62fdf9d31e16f705ddd4d411bb09924261a671793db7d60ca2b272e188bbad736956ff984365d29a36227e909baecfbf2c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
7869acc9473d40233fca6af155e0c8f6

SHA1
f987458a1b8a1e6103dff2d563da22e2a28fe913

SHA256
dfb58dfa4b2610a1873c36ac7e922d0398ad65dc3c043aa81e3124a01f031a1d

SHA512
a85e361d3acd6f0b1d58f9453a1a8005d3596bd3d89cf2cafd4062adaf2e811e25cfa120ef472a377033a958545573317480e9247922d57cf013c280632b706d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
54385eafdaaa82ccca113f4df399446c

SHA1
00359539f9e42a3208805eeacc38fdffeeea3601

SHA256
ab0b9e729f3c1d82ed52c323117e0484c641d656e17b98ded4fa6c2ee92cbaf5

SHA512
4c9c9ba2f888a492492696e65b77f38ef081e7d2f29ad1c466e1712a82d80eb78a50824827248269877116e3c3b35202425f37c694881f378e736ca1d1f50090

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
55dbb6620bc635fb4f81fe49a8e12413

SHA1
675f6145b7b36408768bf2dde5b25bba598d9ad5

SHA256
1f151f499cef651143d597be6111c02da16bac74bf78c21ece9fbed8cf2733e8

SHA512
97e69dec30ba960055143c66dd771c474925df5409e04883b31e7fc128a19582a6ada620b738403f25a0383ffce336df94d60a041b9685c3fe41aaeb2b1befff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
a6441be801cf1ec4a57ed74562498d51

SHA1
829071cb9df59cfb7dd2a340f6083bd35072f83d

SHA256
6c9469b9efac7217a17be36a5e279523f151684df0289cd7692af2d8f5d4d1ea

SHA512
6de8d7567dfbbe89003b9616544f38d6b561a9cc9f867a131ad72b2fc2c00f474c9b83ffe55a2750d61c575ee45e91e68dfafaf693a3de92691f41f7f6b42792

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
2b1a81a2e29dc62326dd674d25acdbdf

SHA1
2d12a4463688dcf5350a1183f57daa285940c859

SHA256
e6f9f74cc4fe3d352d84224b57a20051d3be32e98c16f7943aa5d7b217666fa3

SHA512
a83e6f7fa46841f7f660f16188eff15944810fa6efcff27b8439f11fcf1b1089be40ef9431aea544f44c23a327741b891a9037b44c5899690b48b8c058f4b86f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
c08b283271fee89bce58d4b51372c277

SHA1
a1c56ade318d7ce734b9b7f3853674cc9beda718

SHA256
dfe9709a2191b5007714b13392665f9a3e861b3b70c5f2523e4584dc81f6571c

SHA512
93354cd84d4746e2c33602be7598027f95a3a364d060e28d09d3df1d11ec97d68f41350ff25ec56f1e1252359d542a7d94fa2ed5053acad05f83ab8f19408c91

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit