hxxps://www[.]cargaflow[.]com/

Analysis

max time kernel
140s
max time network
144s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
22/12/2023, 14:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.cargaflow.com/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133477305675753650"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4100	chrome.exe
4100	chrome.exe
2516	chrome.exe
2516	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe
Token: SeShutdownPrivilege	4100	chrome.exe
Token: SeCreatePagefilePrivilege	4100	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4100 wrote to memory of 4164	4100	chrome.exe	71
PID 4100 wrote to memory of 4164	4100	chrome.exe	71
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3880	4100	chrome.exe	88
PID 4100 wrote to memory of 3376	4100	chrome.exe	89
PID 4100 wrote to memory of 3376	4100	chrome.exe	89
PID 4100 wrote to memory of 3328	4100	chrome.exe	90
PID 4100 wrote to memory of 3328	4100	chrome.exe	90
PID 4100 wrote to memory of 3328	4100	chrome.exe	90
PID 4100 wrote to memory of 3328	4100	chrome.exe	90
PID 4100 wrote to memory of 3328	4100	chrome.exe	90
PID 4100 wrote to memory of 3328	4100	chrome.exe	90
PID 4100 wrote to memory of 3328	4100	chrome.exe	90
PID 4100 wrote to memory of 3328	4100	chrome.exe	90
PID 4100 wrote to memory of 3328	4100	chrome.exe	90
PID 4100 wrote to memory of 3328	4100	chrome.exe	90
PID 4100 wrote to memory of 3328	4100	chrome.exe	90
PID 4100 wrote to memory of 3328	4100	chrome.exe	90
PID 4100 wrote to memory of 3328	4100	chrome.exe	90
PID 4100 wrote to memory of 3328	4100	chrome.exe	90
PID 4100 wrote to memory of 3328	4100	chrome.exe	90
PID 4100 wrote to memory of 3328	4100	chrome.exe	90
PID 4100 wrote to memory of 3328	4100	chrome.exe	90
PID 4100 wrote to memory of 3328	4100	chrome.exe	90
PID 4100 wrote to memory of 3328	4100	chrome.exe	90
PID 4100 wrote to memory of 3328	4100	chrome.exe	90
PID 4100 wrote to memory of 3328	4100	chrome.exe	90
PID 4100 wrote to memory of 3328	4100	chrome.exe	90

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.cargaflow.com/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe6a8a9758,0x7ffe6a8a9768,0x7ffe6a8a9778
  2⤵
  PID:4164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1724 --field-trial-handle=1868,i,3357416543923732023,13271024709435072803,131072 /prefetch:2
  2⤵
  PID:3880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2116 --field-trial-handle=1868,i,3357416543923732023,13271024709435072803,131072 /prefetch:8
  2⤵
  PID:3376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2220 --field-trial-handle=1868,i,3357416543923732023,13271024709435072803,131072 /prefetch:8
  2⤵
  PID:3328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3196 --field-trial-handle=1868,i,3357416543923732023,13271024709435072803,131072 /prefetch:1
  2⤵
  PID:1876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3216 --field-trial-handle=1868,i,3357416543923732023,13271024709435072803,131072 /prefetch:1
  2⤵
  PID:1772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5236 --field-trial-handle=1868,i,3357416543923732023,13271024709435072803,131072 /prefetch:8
  2⤵
  PID:1736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5072 --field-trial-handle=1868,i,3357416543923732023,13271024709435072803,131072 /prefetch:8
  2⤵
  PID:4820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=2372 --field-trial-handle=1868,i,3357416543923732023,13271024709435072803,131072 /prefetch:1
  2⤵
  PID:1576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6016 --field-trial-handle=1868,i,3357416543923732023,13271024709435072803,131072 /prefetch:8
  2⤵
  PID:3420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5648 --field-trial-handle=1868,i,3357416543923732023,13271024709435072803,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=6100 --field-trial-handle=1868,i,3357416543923732023,13271024709435072803,131072 /prefetch:1
  2⤵
  PID:1624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4024 --field-trial-handle=1868,i,3357416543923732023,13271024709435072803,131072 /prefetch:1
  2⤵
  PID:4320

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3516

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
20KB

MD5
d536be2355dc474d50d8d392cf114786

SHA1
b2f27c466c0891f051a24931851f3a13547a4b19

SHA256
e2e328ed9979713ab8dfd84224b16977ca9b4bc575550f469e88853634363c7f

SHA512
4828c98ad0a3e4743259b31e863ef00f3ac065af5ccd4650bd90650fe0760e09c1b7676351ae16cf3279ab22327c265b852d0170431bc8b3ec69f0242e3733e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
38KB

MD5
9f99e587e019cbc46e9a14c5b7288e33

SHA1
a0dee92081f67d4dfeb9f9f386eea590a1fed077

SHA256
f126705436e828500255fd57ee21cc96fd598dd82e7ee7a125d6efcd3e7770c5

SHA512
c2916101755b47b5e7aee5f7b5e7de9586fb2b91193d59248f4942a25bc5a3e12429390e568d321c012b8c74148fe956756b18ba23c8d5c96540c9fb48337bf9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

Filesize
25KB

MD5
864ee8c0f2db5cbb690b6b5d89c2a0aa

SHA1
b46391b9cf7c023b17b85a947c364bd42fc54c47

SHA256
c51ad1dbd3121c11c8cbb3adca8c5682bb305c41e619a8fa5f78af8ac347e1f6

SHA512
1209967e2ac8516e87ef4312b84267ac5b3e327db09e97cee7656f75723b6d1b051612ba304306fc0a4653166697efb0781bd51c00d6b7c7e1ce4da0b6f36347

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
e84e1bec0acfb4b33f7b2d8b8b701f24

SHA1
4377ea82b10838440614c12f4561c163fb929207

SHA256
3bdc34a6eaabd772710a95fb9f3a051831b1a57f34bf9bd413e83aad3c1ac2d1

SHA512
c4a39eb8f62214729714e44709a07d5414229d65117f03076dae00efd85e30910cd6c9849ff998475d740efb7db4cc93f0aeb8b8a8c1618b275fab99f45311cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
528B

MD5
14e41d9a7639fd6cbdc1c0ec3da3eb0a

SHA1
b376eae3a0b06a4610a59021b14b818dcbafc09c

SHA256
d8a53a7c37360ac9f7133686f52fe0c641c721033f6e765354c8c33f1a48b16b

SHA512
624e983563823c5ecd8a25259381d769b45057a6c5fb32ad92b8075f9a8ff0e9d0d7bf6c61fb856810c8110f010196c072137e2c4a2b0e832c3d7601d67d3e19

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
5e7ad2b2fe970175ec3608399e8b2e79

SHA1
57efaf99933c2f21412e22375eb2c1a5d49662c9

SHA256
dfb0245e9276f09243cb988ad008319f97800a7f759adbd17fecc8e7f45bc54e

SHA512
14733e6ec73f411eea360180fe0ea8c9c097e711c48139b9c6b907326d34c5a942d1fd1457b544536227de76fc55e2dcae230fc09f83f9c17c46c31d787742af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
535B

MD5
42e39bdd2bd1310661894dafaaea85b5

SHA1
ed05f86c790ba763d8b5049049e48762800bad9a

SHA256
eed4940425a939c4de3594054771fd4bfe945f84dc0da91fcd65c1bd7bf5496a

SHA512
c0902ac0857d86bf9cf3015c50bf253f0d003a3a61e0a529aa1534dfd187c2ef7ffe42262c11412562af49be24cb4071d8a2c4f7b374d7b8a40a242450dab027

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
700B

MD5
db6595401216b68725e8a51f378052be

SHA1
25be67c7dc7855f5594c220bc30d021e6dfc9361

SHA256
c038ab90f291aef0a14e5ef350e78799e67e7a97d0033ca8707599d23d486e89

SHA512
73da3a6243d90d4abc40713fa487f99a7c8615b7fb925b93f0e494c7a712152e53ae4380edcb86aba8d99fd33888bfb8ae5267f73915dfe06cf67e56a22d86f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
b802e7d4003867d0963d4516ba343309

SHA1
64935bf9ef84179fb98a28787b230b2b34cd27a0

SHA256
1ae6d88019989a576b4027ee8003976c6a57978211bb1919a37bf22eca3aef95

SHA512
f464e86374d094e4f6624dc1cc45a11a5c035e8754fb50154b6df393c9144750b3397ff6654c115de4bc2147df4c1e6119ad90409da433ffe1298b5dc831284a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
89efd983edf99f99988c35b7c7cdc623

SHA1
7bc3c4c1bde1d6b620bd4546b8e8a7b9be982a62

SHA256
4084002aae5bd0d93db2d0bf51f4b66fd22dc11f568a12c018b6f718b4d3dcac

SHA512
1535c17c68e8a5bc9ffe51d18aad5f7e396caebfaa8ad3588281e1cc038e7923ebaffe6c6f2ba096dfa40e83057ebb0deb76b7b970ad5194322bc3b133ccf9e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
44788d92e7ce0c4a7dedbe3eaf0c56ca

SHA1
4d4c84088da706535b3264d766b2cf4f5494fbe2

SHA256
b5fa7a4fc4df84d8173fcb3ca224908956d1d463081df47c7eeb75d8a8a18a4d

SHA512
46f432d339e7344a35df21fbae2ba5ede2ef79fa39d948403e274c42a62c6d282dd911235e05853549e9fdf1611e904cca20df516954ea66431e7ba0c7d88dde

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
0c4d43a1375464a1cec9c062b7d07bcf

SHA1
37f264085a2b274743417b763c7788cd92e1dc84

SHA256
d2a8a9dcaced0d27ae3b553826a741a4be7145fba9945fdaa29d084c614aa0cc

SHA512
bbe5eba25d7fa5b7ecbf7f3ed6351b080155c579802bf4dd1bc6d6f332a974a8cb52276dd69fa7e07ec28bc52d6fe1816800564014e6ad81c811bd51a6208962

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
98993ae9d4b97de09bf052bde99d5cc5

SHA1
509a50c58dda81946994e33816bcfc1579ce14e0

SHA256
18447275209d65932a989ba0541be3cb098813a5467880bb6a670daad9fbbc8d

SHA512
7f7e5353ecf98b1ac426da008d24a6798ea60fcd220ddcfc142fa81d789ada5850c685cf9158e65a4115c94510c37ee25e04b8c9480b1cd89f4de00a4904f08a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
c3ce5082eca46a7f1cae568de7a9934b

SHA1
df5ed217ec7485fd4819a1a62bb2aea647074962

SHA256
90c19c76910c631a78f8b504b7be7255eca719f0c6ef3965a7ee0fbbd215d91e

SHA512
a5a7f801a998983266b2da7aad0c66bcabbecab56bd85ceba7ffe489237e79f327647b70c7a84ff49ec9f6afc11f7c472108d09b2be1d06ec3ac3ff0754e5d68

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
b57cb2124afdfcc3875a59110d99eaba

SHA1
5a3bdff2c24cba8353bbf29ef5312c16592cc373

SHA256
e4bd1e9660178e715302dd2bd517b004a5836f10273dbce5a9dd07ded5b05e61

SHA512
a088350ee518a9333d3ac7d1f04379e905f0fd93f3e137c73fee515d908ccfe317950bef83b514d06f8b8d255b4cb38db589e4b95d13f7062a08460fdfbdce34

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
103KB

MD5
6b3401107b74b591f19eb694ce31b948

SHA1
1c7d6d7c62dcfbf454b78932b19c11bdcd8083fd

SHA256
e4641aa1611d74f1f4349512bc34169247fb51eb0226831037fa2c6ffa824451

SHA512
d4dc4ee1971dc6ae39aa3733b4a92629aa61d8db769c458498ecb91c63b4bd546029675f1d7dc32811d00df52030ee12ed4b6b31712860514aa7c7b851130895

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe599e0b.TMP

Filesize
101KB

MD5
dcffbe4716b73ae7887bb31695abbde9

SHA1
00d9e87802f68dc02b2453db4bf3e6dbc080fd19

SHA256
c4de5766d185cbd0840697934953be213c6b896f5e2343c56d99e3d84786b6ce

SHA512
3036a0cdb873a7fc5c643b6cb5b4d4b602fa6859432f304389ecf42771bfd195bf332c04e12fdedac9bde910de9f3369816388b079d0b28997e041d1202a18cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit