hxxps://github[.]com

max time kernel
376s
max time network
469s
platform
windows10-1703_x64
resource
win10-20231215-en
resource tags

arch:x64arch:x86image:win10-20231215-enlocale:en-usos:windows10-1703-x64system
submitted
01/01/2024, 19:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com

Score

6^/10

Malware Config

Signatures

Looks up external IP address via web service 2 IoCs

Uses a legitimate IP lookup service to find the infected system's external IP.

flow	ioc
165	whatismyipaddress.com
166	whatismyipaddress.com

Drops file in Windows directory 3 IoCs

description	ioc	Process
File created	C:\Windows\rescache\_merged\4183903823\810424605.pri	taskmgr.exe
File created	C:\Windows\rescache\_merged\1601268389\3877292338.pri	taskmgr.exe
File created	C:\Windows\rescache\_merged\2717123927\3950266016.pri	taskmgr.exe

Checks SCSI registry key(s) 3 TTPs 3 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A	taskmgr.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName	taskmgr.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000	taskmgr.exe

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	taskmgr.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	taskmgr.exe

Enumerates system info in registry 2 TTPs 9 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 4 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133486107265761460"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
4772	chrome.exe
4772	chrome.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
3532	chrome.exe
3532	chrome.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
5048	chrome.exe
5048	chrome.exe
5048	chrome.exe
5048	chrome.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
752	chrome.exe
752	chrome.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2832	taskmgr.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs

pid	Process
4772	chrome.exe
4772	chrome.exe
3532	chrome.exe
3532	chrome.exe
3532	chrome.exe
752	chrome.exe
752	chrome.exe
752	chrome.exe
752	chrome.exe
752	chrome.exe
752	chrome.exe
752	chrome.exe
752	chrome.exe
752	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
3532	chrome.exe
3532	chrome.exe
3532	chrome.exe
3532	chrome.exe
3532	chrome.exe
3532	chrome.exe
3532	chrome.exe
3532	chrome.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
2832	taskmgr.exe
3532	chrome.exe
3532	chrome.exe
3532	chrome.exe
3532	chrome.exe
3532	chrome.exe
3532	chrome.exe
3532	chrome.exe
3532	chrome.exe
3532	chrome.exe
3532	chrome.exe
3532	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1392	Calculator.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4772 wrote to memory of 308	4772	chrome.exe	73
PID 4772 wrote to memory of 308	4772	chrome.exe	73
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4612	4772	chrome.exe	76
PID 4772 wrote to memory of 4460	4772	chrome.exe	75
PID 4772 wrote to memory of 4460	4772	chrome.exe	75
PID 4772 wrote to memory of 1572	4772	chrome.exe	77
PID 4772 wrote to memory of 1572	4772	chrome.exe	77
PID 4772 wrote to memory of 1572	4772	chrome.exe	77
PID 4772 wrote to memory of 1572	4772	chrome.exe	77
PID 4772 wrote to memory of 1572	4772	chrome.exe	77
PID 4772 wrote to memory of 1572	4772	chrome.exe	77
PID 4772 wrote to memory of 1572	4772	chrome.exe	77
PID 4772 wrote to memory of 1572	4772	chrome.exe	77
PID 4772 wrote to memory of 1572	4772	chrome.exe	77
PID 4772 wrote to memory of 1572	4772	chrome.exe	77
PID 4772 wrote to memory of 1572	4772	chrome.exe	77
PID 4772 wrote to memory of 1572	4772	chrome.exe	77
PID 4772 wrote to memory of 1572	4772	chrome.exe	77
PID 4772 wrote to memory of 1572	4772	chrome.exe	77
PID 4772 wrote to memory of 1572	4772	chrome.exe	77
PID 4772 wrote to memory of 1572	4772	chrome.exe	77
PID 4772 wrote to memory of 1572	4772	chrome.exe	77
PID 4772 wrote to memory of 1572	4772	chrome.exe	77
PID 4772 wrote to memory of 1572	4772	chrome.exe	77
PID 4772 wrote to memory of 1572	4772	chrome.exe	77
PID 4772 wrote to memory of 1572	4772	chrome.exe	77
PID 4772 wrote to memory of 1572	4772	chrome.exe	77

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffb51e79758,0x7ffb51e79768,0x7ffb51e79778
  2⤵
  PID:308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1780 --field-trial-handle=1844,i,14833537690732477230,8187093916594683885,131072 /prefetch:8
  2⤵
  PID:4460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1600 --field-trial-handle=1844,i,14833537690732477230,8187093916594683885,131072 /prefetch:2
  2⤵
  PID:4612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2056 --field-trial-handle=1844,i,14833537690732477230,8187093916594683885,131072 /prefetch:8
  2⤵
  PID:1572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2852 --field-trial-handle=1844,i,14833537690732477230,8187093916594683885,131072 /prefetch:1
  2⤵
  PID:2188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2844 --field-trial-handle=1844,i,14833537690732477230,8187093916594683885,131072 /prefetch:1
  2⤵
  PID:4992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4524 --field-trial-handle=1844,i,14833537690732477230,8187093916594683885,131072 /prefetch:8
  2⤵
  PID:2196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4924 --field-trial-handle=1844,i,14833537690732477230,8187093916594683885,131072 /prefetch:8
  2⤵
  PID:1112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4632 --field-trial-handle=1844,i,14833537690732477230,8187093916594683885,131072 /prefetch:8
  2⤵
  PID:4600

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4268

C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
1⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Checks processor information in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:2832

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:3532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xa8,0xd0,0xd4,0xcc,0xd8,0x7ffb51e79758,0x7ffb51e79768,0x7ffb51e79778
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1832 --field-trial-handle=1868,i,10026051758156435704,12601233050603513370,131072 /prefetch:8
  2⤵
  PID:3400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3952 --field-trial-handle=1868,i,10026051758156435704,12601233050603513370,131072 /prefetch:1
  2⤵
  PID:4348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2896 --field-trial-handle=1868,i,10026051758156435704,12601233050603513370,131072 /prefetch:1
  2⤵
  PID:1696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2888 --field-trial-handle=1868,i,10026051758156435704,12601233050603513370,131072 /prefetch:1
  2⤵
  PID:4536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2100 --field-trial-handle=1868,i,10026051758156435704,12601233050603513370,131072 /prefetch:8
  2⤵
  PID:4464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1628 --field-trial-handle=1868,i,10026051758156435704,12601233050603513370,131072 /prefetch:2
  2⤵
  PID:2136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4748 --field-trial-handle=1868,i,10026051758156435704,12601233050603513370,131072 /prefetch:8
  2⤵
  PID:4272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4592 --field-trial-handle=1868,i,10026051758156435704,12601233050603513370,131072 /prefetch:8
  2⤵
  PID:4824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4968 --field-trial-handle=1868,i,10026051758156435704,12601233050603513370,131072 /prefetch:8
  2⤵
  PID:4516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3768 --field-trial-handle=1868,i,10026051758156435704,12601233050603513370,131072 /prefetch:8
  2⤵
  PID:1728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4972 --field-trial-handle=1868,i,10026051758156435704,12601233050603513370,131072 /prefetch:8
  2⤵
  PID:2208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4996 --field-trial-handle=1868,i,10026051758156435704,12601233050603513370,131072 /prefetch:8
  2⤵
  PID:4992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4748 --field-trial-handle=1868,i,10026051758156435704,12601233050603513370,131072 /prefetch:8
  2⤵
  PID:4124

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3888

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
PID:752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffb51e79758,0x7ffb51e79768,0x7ffb51e79778
  2⤵
  PID:2880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1900 --field-trial-handle=1780,i,17246926219350156181,545245393276903876,131072 /prefetch:8
  2⤵
  PID:832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1628 --field-trial-handle=1780,i,17246926219350156181,545245393276903876,131072 /prefetch:2
  2⤵
  PID:3600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2064 --field-trial-handle=1780,i,17246926219350156181,545245393276903876,131072 /prefetch:8
  2⤵
  PID:4456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2900 --field-trial-handle=1780,i,17246926219350156181,545245393276903876,131072 /prefetch:1
  2⤵
  PID:4268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2892 --field-trial-handle=1780,i,17246926219350156181,545245393276903876,131072 /prefetch:1
  2⤵
  PID:4484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3916 --field-trial-handle=1780,i,17246926219350156181,545245393276903876,131072 /prefetch:8
  2⤵
  PID:3032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4288 --field-trial-handle=1780,i,17246926219350156181,545245393276903876,131072 /prefetch:8
  2⤵
  PID:2228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4148 --field-trial-handle=1780,i,17246926219350156181,545245393276903876,131072 /prefetch:1
  2⤵
  PID:1712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4144 --field-trial-handle=1780,i,17246926219350156181,545245393276903876,131072 /prefetch:8
  2⤵
  PID:4200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4100 --field-trial-handle=1780,i,17246926219350156181,545245393276903876,131072 /prefetch:8
  2⤵
  PID:828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4044 --field-trial-handle=1780,i,17246926219350156181,545245393276903876,131072 /prefetch:8
  2⤵
  PID:4588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4920 --field-trial-handle=1780,i,17246926219350156181,545245393276903876,131072 /prefetch:8
  2⤵
  PID:4584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5044 --field-trial-handle=1780,i,17246926219350156181,545245393276903876,131072 /prefetch:8
  2⤵
  PID:980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=2224 --field-trial-handle=1780,i,17246926219350156181,545245393276903876,131072 /prefetch:1
  2⤵
  PID:372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5104 --field-trial-handle=1780,i,17246926219350156181,545245393276903876,131072 /prefetch:1
  2⤵
  PID:4808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3084 --field-trial-handle=1780,i,17246926219350156181,545245393276903876,131072 /prefetch:8
  2⤵
  PID:2892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3008 --field-trial-handle=1780,i,17246926219350156181,545245393276903876,131072 /prefetch:2
  2⤵
  PID:1068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4840 --field-trial-handle=1780,i,17246926219350156181,545245393276903876,131072 /prefetch:1
  2⤵
  PID:1084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5112 --field-trial-handle=1780,i,17246926219350156181,545245393276903876,131072 /prefetch:1
  2⤵
  PID:5000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5084 --field-trial-handle=1780,i,17246926219350156181,545245393276903876,131072 /prefetch:1
  2⤵
  PID:584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5316 --field-trial-handle=1780,i,17246926219350156181,545245393276903876,131072 /prefetch:1
  2⤵
  PID:4144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5576 --field-trial-handle=1780,i,17246926219350156181,545245393276903876,131072 /prefetch:8
  2⤵
  PID:3912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5948 --field-trial-handle=1780,i,17246926219350156181,545245393276903876,131072 /prefetch:1
  2⤵
  PID:2396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5772 --field-trial-handle=1780,i,17246926219350156181,545245393276903876,131072 /prefetch:1
  2⤵
  PID:3252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=5736 --field-trial-handle=1780,i,17246926219350156181,545245393276903876,131072 /prefetch:1
  2⤵
  PID:428

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4128

C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
1⤵
- Suspicious use of SetWindowsHookEx
PID:1392

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
7b8df9c830d67582e529549e583ef26b

SHA1
db76495c70e2df93ea1bc9a3c3d9f88ed495bae9

SHA256
16d7fcba34724dfee49b2602a17f1f5350bed2630573da7a2db6278699c12f33

SHA512
db6710231b420bc517976bfb72350c2ee2c287c312374caf245f3ddd22e35d6195687f27ba8ce9a17d7d5ce9447cb844a9ce210e6d91535bcd76af73f6a57aa2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\99a0b1a9-c323-4461-84a0-55c7d9f6c7de.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
8e23de2e290e98621a485e5cf222acbd

SHA1
0df2cf20d667130dded440b8df8592938116ecd7

SHA256
d98ccf250db9c8e8830c8e59c255b386d43ff5ddba190428f7ba8297f4dcedd8

SHA512
f0948ff26b2ea16ac514fd674844b38853893cc91dc127baf9a2bb343382b29113b0f3da8cbf01602b6f4dd9f0fee6c7dd6d57e6f55f709b7571e6bb41aea847

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
d89d0822528eda013cd5671386703a23

SHA1
839110b4996c2282094585c78146d4206d0d52a3

SHA256
32334b0ebcde2531b1441b730d49356cca245d0948abe3848c4d941269432b14

SHA512
79f5da743f438ebe7d81958b02136e36564aa94fd6664c5d4c34cd501f3bfdd4cc7e8f3754decc909b5446ac51b45a46b30285715dbf8ae8f72a1dd5ce0fd97b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
c9d9e37b2b2c16116ba391a6661a2386

SHA1
07358476fcf0b8f63d86a7b2a6b0fa70d1a6b2fa

SHA256
87abcdc96ab59b7e86ee9aea5f3bc1d44e51991e0beb2e39116998058accb321

SHA512
5415b298bb535edaf8fdc62ed4aaffa188201efd5f7039927f22566bd24aa21ee8ef20d6bf98d22199c966cdc11ffa35f6f72d96cdb5abf3c6742192a7d1abde

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
384KB

MD5
2ccf0426a3201ade1d1cfdf1c406e0cf

SHA1
3b28fb4e60ec86b34b8d4693377f89d410cf9615

SHA256
d5643f5eb259ce4ad5d84e3ba3cb9a5300e48f131d6426e7fcec9a6a42ce4384

SHA512
3fb57a97089d1ee9b54362b17643093a0f97bcb1ec7a9e6da68afe0740ab6f26c58960ab2c97ff731cd8139ead290431427258dd9089ff11d61dcd2387660f53

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
2KB

MD5
9403ba3b3f9a90dbd445725776642485

SHA1
1771882df38a368ef2c179d27fcb145600d32749

SHA256
7037d192cb6ac3907ad7aaffb7978a20be42aa67d4ebdc355fe74bb0614493af

SHA512
da489804573cb77a6b8f1295d411aec2e40b7bccc2a986f6f3690b1c1da7f999f96e076a440edd317f8035b219f487c542b84442ae5b1fc3a634d9b2b5591e37

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
e94b402bb8efe3707653ddf68feafdb1

SHA1
206a04e0a9f7b6d58f31083726199e6053a797ea

SHA256
3aa64cb43bb199849696015e6b44684397537a78f81d909b716dce5bd56fbe91

SHA512
56928bf212f57e60ccc25040386d9a2574e50914b7bb1fd6e121a053909f27b731291389db403b3e258ef44e5fdd22b8688606169dae59869cd94370e1b638e6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
9268eed7484fd44da4509bf184224ec6

SHA1
6645a0be81cd0a88ee76ca869fdfd6cea0385a16

SHA256
5432b5e2d0af3462606c29603de7c2a347d89255d1bf2deb02a1f609ebd4cd70

SHA512
ce5605b49853c8dc52be903530cd6f579e7a0b7884e6ad364c0682ceef1498804034e618e9f54c540bbc824e3c303dea9f05ce08833aa2781dfa27867bcba14b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

Filesize
317B

MD5
1c9419dd76c807910e8f74b695d61328

SHA1
84ebb1d691b981cd72f39d3d1545ea4f21dcbb22

SHA256
0ce0f56a6bd693e25b60db3cac1858d0424416eaf713e9017d8101dd8d4ebaa8

SHA512
34afa3010b82f0f35bc04a8298d0cb45ae18db5816b7a439f1b6fc5b610d11ae8baf75850771e9294c379531be999f2c9578c29cd2cc67c2a932148a8806a8b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

Filesize
20KB

MD5
8e286dec2042862c6150a134b961d7c3

SHA1
2374f796dfe3d8b21f1e4621fb36de59b2a17909

SHA256
c67cec7670a3f53cbf42d3758fd0a6e07ba9a87a2526d4910a97420bdc4ca7b7

SHA512
143076032420002831690237a06f69f64b59f7cdce2b065e33825eab7981e7e4af90715c1395693ec5b83170267a3674342b04bab6fa3ef0984637c544416f7b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
d44d1a486903065a3519ead763292a52

SHA1
c8d57497a78a717eb714564cfa52d83d8b1a9e21

SHA256
78663f2d396b25d7bffc188d2ba0fb4b179430b16db577e4e58f39321788d46e

SHA512
195cf97c43e64312503a103a5c4cda17d4e47c465c8b12a982e57690ebb1fc4ab68acaa2a968d14fd2d5d811e9c767c2e7e200680f889b6c8882ca9e1cf8e47f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
148KB

MD5
3caf6f4702797da8a836dea2715b5ada

SHA1
a68ffab66f5ca69af27986906624a08820f7bfac

SHA256
141323e0d265e16420bea66eb6d99baddf9de58c83dad496e88e20de1b725d53

SHA512
457730c3da24d5055a2a11dfadb24c99171499b11f84ebdcc0e6040a3eab9ff9bc551675390d533e5adeea3cda938cd7b1aea0377b74cadabf49fb5e9fe14675

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log

Filesize
9KB

MD5
ee89ffb206a9df900af56895b3acda42

SHA1
c817afe1f87410d1cd85e62ed28cc11c155ec92b

SHA256
9a4b133637a4338fccbb2ba85f9e184f494a16e5c3acbe0b3916e6ec77e67379

SHA512
0b719fba85d7c9fc22591177d8031c17985b390470ae797adb121b06f709c1fefa5a8e87c4883ad1f0e6277d6c06fe493d1820490cc42fd845ada7bbce7a83d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

Filesize
329B

MD5
001adb9fbad26787bf565888bf5080dc

SHA1
ac85cd73e92cf3de5d2244df35a1a4c12c0834df

SHA256
3c4ca38459fda0adef32b329c3ce221b4f9e60caf9d3ce5c448df07a827683ae

SHA512
6e82409b68d9c029be9338117376b908c84ea46f2bd8ada28403aa8f57bf2551a2e2fd930aa3ddc45166705b4f76ab0ae43bd63a90163f8dde0b1589e1dfb6b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\161a8053-cdc0-4e23-a489-4361c8900f63.tmp

Filesize
1KB

MD5
35efe8528923d6f405142eb2e26c368a

SHA1
bbff816bfae5f47b7e4f0612acbce8162fb58ef8

SHA256
3e0ac9269d1593022a16e8873ec83673969d89ede9ac45a5065b7c68d74f797d

SHA512
2484c3d88649c04d192d5ceeccaef1a3b5771463325ba9d0de2824191e9a4f9d10f7034cae347aef97f3ecfe539af3c6d01a3a20ce7c05d35312716bd6acade2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

Filesize
20KB

MD5
f68eab71411940ef872dfd5a243e840f

SHA1
773a5f7bb011c0d06c58fff2f753cb18c6217dde

SHA256
3ff6a298f8c59abca87b3111f49398181e363d9301d79c948b48d8e48865ffe9

SHA512
a45c1e5f8659eb721b9df6ecd0d83432ff306829d4b3edb7019224d8fa220681bdca95eee11c198586feb091d55b0db491f61177d54e2724636c8d7bca43232c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
b3823478cefda39f422194f287628f33

SHA1
32ab999938aef5e947894afc79702b426d8ec9da

SHA256
6ca79d72f593ee3db585e301c0e101330f9300f0734f4f14355dcfbbf0a6e815

SHA512
2b85aa62cc363e51f074cdecb6e483ad2e13eab40e4a0187c21538e0db6edfa7c1a0d5ecbe238c0f2c9954da847b2fac908aea8cc6328d6f89dbdf96589569eb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
9e08ca72f304ab254c3fc13004cb88a2

SHA1
5d232fbde6f6b75253469f9417302f4d37672a29

SHA256
88616292dec4f4bcedd4ea9f69b5f28835aafb4eb9a429049b007a23ad95bb56

SHA512
aeb36fdcd136b34e62b7d68a447319c70524084115fcf48f4ffd48e9d07177a958e011323f2b51d7bba9c32c23f00997de1e3fcdb523026b98e44a68d1c1b7fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
3d7bd9b420fde696606ab500c54d9b58

SHA1
107f7b72f80682e08e32ad7df508c783e3f41b7e

SHA256
5e5e7a6fedc5700136883d676a1292ded9be6348a325c75b8bbe4fad54eaf014

SHA512
e46d9778f830d61d9a887e5e87b6225315deb290824bb17d7ac618a23ba3b998eb9c7b3822138bf96f872fb238b7767690642b6b92db5290f7fd0d242ca6d22d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
24a835c1a19eea1a883bba180c84584a

SHA1
7bbef41dbad27934f9d3f7d7798a305df0e3068f

SHA256
b3a2414f1b5184318bb0f7b5313b8470e1113d1bb85882bd88d2e3eb48885f8b

SHA512
6a1f7eea49bbe79a74c8e2419700d551a4d5695c60fc60bf3f06928a65f1cf175752d8e5f7dd680a1398236f8ebd642b85c2255bb7705fcc9b339b0a1c4267cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
128b3ac3dd8cb32818a442cf2c826b54

SHA1
a036205c878d34247044a67549b32ffaf90e1b28

SHA256
a369a8dc0003bdca75dff5f0c83130924071c0c62f23dfe4e75d622ae67635e7

SHA512
6ed3a37aecda235bb9a46d1152e3b6f3b70a26a02476583cc3281538e550f4b680ab7e7cf89331abad724f3aaaa641164bb55ffbf8e93d64e9fe216aa7855a87

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
09dcf1234e4d29f402f3a45528e076b7

SHA1
5e5adcc71d878cedef86225be8a36e6b5d441da5

SHA256
ccaf823fcea35fdf8c8218679ddc1142231e8719fe8688708743389e0f0ec437

SHA512
21e6640a1b3ad16043fb4a26b2e8cd2737cb3557e4e1dc7a4df721db72cb3f65ca36696765fc0b185b6c376939bd6b6bea45ce7f2b2ea82f23f8e2cfde081696

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
11e413ef9c2f3a782ac0fc1baae41b12

SHA1
0c8fe1bf45875f373b6682fb03e2c529ec013d55

SHA256
5a83faf2b0bb7b0ff5835f8778f49da07bef82f84f57d30aa95693988ed65076

SHA512
4f3ca4ea80173522cd6f3a69d9a7c6f40e5bff511f059d579e1593cb2557709ace9fe2d090822adfe1d9c7b24c87b63c883c3a6ba864fc2738366be4b6295446

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
b77e397e77468ed57340d9710bb4eff5

SHA1
56bbcc74df266abc6ef0972b799d3d0571bcce84

SHA256
89b024071b4f04eee3e6b635ba2a2f833cf6bca9cee6ec53b7f313d0dde05593

SHA512
4a69cc507b6246da6eeacc6aba4d0cdddc0859e035b2141dc2766376fda4b3c8303c130b4d78dfae82ebb5a224855b55f46e132d01a1695f364e5c48d2586bf6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
16a161a0c1a928691eb394555cd9e7c1

SHA1
974b5f1a5edb00584c44e0457cf92328c81c25a1

SHA256
4928e84161f6b6ad0b40885589d5402163c07e70706b5ebab398e9b07167d42f

SHA512
b81a691f5d459f65c4eb11819f7e1a4479a2205320f072689a64cba305a304690a33e8af72c0d08ba38066c58183380045a4c8bcd535557166447a7a62548f86

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
aeb65048d4215144ebfd5c6a62b21302

SHA1
7c22bf75d185fb0ecd06d76a05dde6f96ef2d1e9

SHA256
8cd60861247ab9bf16f52d329b2af7687011139eb2d3999239e7a9d04e005a60

SHA512
4636941ae4470eb079a53e624032c71b3158dbe9e6fc3a722f32105b9fefc4fcee0de9ee3dd40921b4434d73b87511d3f3bfd296dea9f0a0b1fbd74a46e4d1cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
6ba141fc5b836e196fb6cf31716b20ba

SHA1
17a15ef0e34598a242ebee97cda87f3df075bc25

SHA256
8cbf19c03927100ab376c722d9aa42a9d866919d915ec7615b424708847f7fb0

SHA512
0d3346f459de5c8bf52b089738fea84593a7bfca2a49dcad9d4837ade5f50c3489993f9c64b22c2036022a6f4910d6879eb0e13a952b9591198b943ca414202e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
bbec13342bee0f620cff02edf4b5952f

SHA1
f887ecac7cef03e2b11bc5fe3962096e8ad2c6d1

SHA256
aaed565d30eda4d8ac6a7d5dd7ddfb7032047d2a94ccb68d05a48da9ce2a08d5

SHA512
67dacd992b23f215f2a60e388b5147e33c147ead23863078ee2faa8382fd5f0144ac2d5150ba91c0a16013ed4f88982675b9fe6870201866f5e5bc2432472d92

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
41abd673703b5448205b9e6ce2defb5c

SHA1
c28e375a98b13e28a4a25b211b0b8b7ac6dfa004

SHA256
0d9bf285ae657c9630f39abbcbaf049b14d372ed3fb1b80fe80a94fedde2cdb4

SHA512
383454562b7b2a0fb004799591eb0bf5a694b2ff728ca7baf57ce9cac1ab002c67da744bc16e98ec87d4f7c7127604fcef29d6fb02484169b1c4f10a0cc3dd23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
b990b0dd26c611cce3876071ba2eed13

SHA1
9b3728fce98772dcb0df8da6b9fb2b40342a862a

SHA256
cf7af9a8b6e0e14034535c0392108d9e96069d68ebd187b7ca6f06624f2485ea

SHA512
4ad2854fff85fd8351e0e9c4d3884307115cc68fc459d80d4062669c72bda9414e498039c08a5d45c52122d6765fbc92c953b2d5256ba95e1dead14f975d396d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
554ab542b88c7a79012fa712c3d5ae16

SHA1
5d1e6cc23e08a626a7566a4f5074841ba6497880

SHA256
74d569ed608c1ef6facd28ab8c7d843dcd4a12b26f933a190d3dd1767334417a

SHA512
6aeaccc838345715397585d064331dab25678045f50bf0c5e5f2c78fd8f0672432275d74fc9b9a259c0d1d9a6159b75fd5bc6360c44a2f586b00c719b99c76a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
0475cec834d1d97e0c18fbf2e648f24b

SHA1
10208b2aee7ec9bf6b345165517d65bd45033695

SHA256
c093bf732e8225fca2a13f1d3c32f61915d9c55c43a7cd024ad99e9adb2d16c4

SHA512
077af51ce65d4721985ac52fc8b68623317b7407348207ecdadf0008feb2ef20bc6bd49213d64374df58cf34eb061a69f7ade057548e0e3aba9d358cf59b6d34

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
172eb4356f49ab5c871ef550f7d11d90

SHA1
ff5739efd3f625b8f9f4352f18e6a2afb2cd1111

SHA256
b7a6a64ed9e0646e7d64057dde67413c24bd73840fe7d47f0e29699802e683b8

SHA512
de35eaf7e1fcc182ab20db471ce3d86aee977a108852620b208d865d7fd8802db34a2ef85c8ec0199a2f1a8cd6abae70c6cff1f1ad98dddabf6e919453a9f5db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
714500ed5916a3a0d9344bffc7b5ac73

SHA1
39e7928951a5b69743e8627d29a757bf0dfa4b3e

SHA256
2e198d7b96e2bb66537f2a3615b64460a2a4c987bf8ef3363b964f2454b7bcfe

SHA512
6d72a1d5edeec6987ace926b77280ab2dc7856cea6f32cccd5bd7ee884aa9958c92a1362a69bfa7177337d5581a20d685f10437bba29c3655d222d1b34a35371

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
bc3570c5aa0f890c16799f1e1708e0d4

SHA1
740bdbb23a7d113a660874324f1eef2798fd8370

SHA256
d00e7fd52eff08c3b7d99b3fef7d3e957a864a85c8b92081f14ee23cb9ff1935

SHA512
4b71450a7acbb0aabcdeea108d7478e684892873bf9fba97522e807737d772b9cab6ea69752719d5d2477db4a5083f7ef4d06cb423becf06b30d9ba00aac7a28

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
7e7bfc5043f180b7e89f50b1b3924c42

SHA1
942e1e1d65b5c5daa336c563aec0a3e2f1b109ba

SHA256
0a635ae4ebf1734d14e6aade8a3d7d278dba05a32726f8b65521c1c838bdd764

SHA512
95bdec817d5911a23cf44c8fb92c33b07fb1b845ea202b51a66c99f38f12526ad797212c6eb95ee5b18b16a7126a5fdadb944b55c8bce936bc63f7d09c1295e7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a507930c64156a5a85ad6b3aab8e39aa

SHA1
d1487750a5ff97988715b43efb92a81a513cca7a

SHA256
edcad7df926bef542cd262bb17ed5348a3f786d1cd4804d19c7878014dc15a82

SHA512
ca56da3cd5122c765cd5c7bd46d9d4933a88738962b1603621176aa33dee4767355a9197450f46c229952a17288ecd38f3a78e194b7aa277761f503f1f19adee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
66bf7d78051e2db1357db7faea6f196f

SHA1
3c69baa007bc167e936c472fed01efb90413e918

SHA256
dd8993444d100af739baaf88f265c877e205166824a48422831b922f86bfdd4e

SHA512
82704940120db5371b31356b87340ea64753010cd880aa6315f487cd6b537a0455f306a5ea6f48750a99cd0b264fd670c202cf8303123e37db61bd69a234bccb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
be1379fd0599f611e8550b9d65716fb8

SHA1
c8d2e5f88c3cd1cfce6d62975d9ed43387ef868f

SHA256
65da365db96e032c219af7a3f5b3e0822cf3257ad34de733545da441e885ff7b

SHA512
4ed6d704f04656e3a420163c2a5aef3508e789b338252f49708caf08c3bf2743f34a0e8c61d611f6e5eb081d68dffe2bd2a61d19823fefc20ed6ad1ebcb7774b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
2304913687ed9aeadd77859279cbc5bf

SHA1
0ea327800b8c9034a1bf031be6b0331ce0c5727f

SHA256
4bf377b0889140b7030337b8ea484cf37bea681a910a10e532bd7508df307820

SHA512
9dd1e5835e2610787a160797b4aefad8c6851e86b1f13f418a11c347de399c62aad723d8d0350793393dc4ace33e32dea8a86c2a3e9cc7ecce1d97392927cb2c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
d1439d97d711028d0a7bdf8a58315d93

SHA1
915806972eecc01780ab779af650260ebc33a177

SHA256
420cda9545ae596eec1231443cc644dc3ddbab3c14b1eb31a3b7686d4fa22a57

SHA512
1a1fdb746c18503e89fc41619b6eee9e2b349f18741d9708e8d6309807af5829bbbde8f4f3c1ee09545342ebce6374abceaeaa75b1be964c17672622177ac67a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
12KB

MD5
bc491c7c5821a7643c45d1dc9dafedd5

SHA1
ed3a4187609a452b419ecc3e524bcd12b3efe5c0

SHA256
2ef4821c85d38ae902bcc1e01ffce5d60a669e68d3e96c740746a01389ac9758

SHA512
2678b7b32d0575622e6bfa5aa262627379c1b78a7d0e292ba00676d8eae7746247c32150887d70c150de171ec8a8466c54e341bc13f8b1899f061406552d3e20

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log

Filesize
453B

MD5
48e9163e117ba2c9720e08e9ec8488b6

SHA1
2d481db2f1ce1cbea373fc0fe616b9a6af8f820f

SHA256
0dfc5687b55788afdfdaf9dd37f0150165ab8c2439d6ab21c293cccea0651ad9

SHA512
39db6ecac9bee5c9ea8e86bb61231b8f943b785a91914bda8b0be9644b34c813985bdc76ad232966ef77500657b4ee05122fe8577bc02c52d1961d095431a627

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

Filesize
317B

MD5
4be595bcee06b953c5330b675fc760f6

SHA1
59081f800af4251842487d73a388e3f340602a2a

SHA256
dbc2e93be080f089b4ec28ee8307a7ffd57cf9c1a4fe889d11b6e500e5addb2f

SHA512
fce0bd341ef71c02a46b34acd99c1ec3396bf0830c9a940169abc5293a72266a178eea3fea9e48b55cdaf17934f41600557d8a771c06a14f04485e63a2d79543

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13348610812210610

Filesize
1KB

MD5
854a66f2c2267b17ddbfdbebcbc9dac8

SHA1
91f0cf3288d793f98aa55ba7820163bf205105d9

SHA256
0aaa24ad128addd2a51b2b6538366de25aab266a4610b0d8384f1b99f7da6f2a

SHA512
57fc7113fcdb7443155bea6dc085c5cbb6f7663bef5859b744fa37566d90bca203709417c84a3242e556a2442523b630c217ab3dd9f078142ed723e00390975a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log

Filesize
112B

MD5
b4ae3fa9437aa9ddb57861b6db50be90

SHA1
1013737ce8e73c2e3763f37a38ee356ec4f274d5

SHA256
ab7394af9d54207b62968d39ca7236ebb5203256e4044c33d3f60a457a1c0fe2

SHA512
5fd9ee5cbb8904d86184e91e9859a62f069aa929bd166d8929bbbcb8d827e164243fded5dae59955d868a41bae9dceda180701be79942eb88f506ff32f211187

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
345B

MD5
525c237f02083356e9c8baee70274a8b

SHA1
808d6c327882d5228fd4c47ef8feba327cc806d7

SHA256
0ef3ec141d446d41d5ca5574a70003a17f9d4202ab4292ff90f6e308fce99649

SHA512
6235916273b81071ecb790844b931d9eee3299f2450de746fe988ddbdabaf22d8f7f8e4d9962192413d19b4aef3c5833960789c9569e76366269b57d43e3c1a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log

Filesize
8KB

MD5
256f604782e4a33a8daac92503852435

SHA1
2d2437d76da83cacc0cd700300db429c08555d8c

SHA256
30ea243c7e74955b9252fd8517362acc1d3723369191f31487e972446acffcbd

SHA512
7cd6476ad986bfd7285ceccd1134610cbcd153792d0776aa40cf1eaabb9ef7742f877a98d5190320850fe9962e3e049dac589d9c7f70f4324260efdcf406f998

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
324B

MD5
42ae9391864cc3b0a62cdf3e5f4b4964

SHA1
23b5aa2bc06ecd3b36bed5fc3fa7124f33be2d30

SHA256
96987cddc9828883965df312a9d5a970d6ce45f0f75bd19af8f272e2aa825c8e

SHA512
67646fcd19781841920b2b9a2b40492b37539289ca7a8f95355aad3f02a78ebe62f136484c223524fca3667a38f637f23861fe9b287bfadbf227c5ff714d6800

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

Filesize
128KB

MD5
27fabd1f9733c65c460c66432c22eaba

SHA1
f11f59e830c672b2d0c901b46322416d295f3603

SHA256
d69d3232c8b857e730b67baba11d9c9816c234cef5e590e5af301aa9d4b73384

SHA512
78b803fe3fb4aa38cec88335c4fe19deb15631d4d0df6e1aacae5bbc0511942be75d835b2ec697346b94252566ee1ab724ab977023a4fac552b61b74d9fcd26e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data

Filesize
92KB

MD5
7241445e17b5aa6d73b431b97c70bf71

SHA1
02d26ee155f3032f42bdeba1d5c891020f55c844

SHA256
edeaa097ee31cd5dd48bfbf0b1a0b14be03ed80a129e0be3343217718d325440

SHA512
b3279e621573cbf606d20956dc88410b0fcec5819019dc42a3f45b0377a37bfeb1dfebd10cea107e81966fb2b18cc7420a6627ba731b96bdcc4bc0eb939583e6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log

Filesize
1KB

MD5
5078eadd1e0a34554a4176ba4ae2fb8c

SHA1
59b02cbcf4d2f1089d0f2dd28f47459b42050737

SHA256
0f652795c99764458939b4a2156cdf9f70519d05c0e8c033c4e926974b7ab26e

SHA512
2d4de355dd51206707aa0ae9cfe5caf29923e0540adda7759b1fee72786742234f6aff5634fe21e2c43c90c327ae8fc4c23bb9372a14d825d2121ebc09d05850

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

Filesize
317B

MD5
2c081ab4f882dc31f5b0614f2acf8cb5

SHA1
4489d6c402d46f29e4ed62e03ed485b893e40229

SHA256
bec0fd56dc2745287ebd980b30ffbf9cccc1057509d411deeb5b02fafdfccff8

SHA512
eaf219cad3a73f95b667dd74eaf928b2cfe0f96b44f518cb01383d75beb3fec5a50209480b7d109fbe89a903190584a18d3a0d0baec8213b3e6b148d951fa63e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log

Filesize
889B

MD5
11b0efce58aeea2a26b6ce2e57b04c41

SHA1
57d4b88a1b51235fcf1ecc4d5baf12dc8adc5dfd

SHA256
8b748f37165575483cd792eb456026ba162b1b04ea5307702379d74ca31faf84

SHA512
8df1437d409a0c8239c4d7c880f46afdc1dcfcaf4c0609e35bf2fc07b49f63f092be6a12f60eb7f4cd498cf456fa71995528911c6a9fe8f17a03db5779ee3cf1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

Filesize
335B

MD5
1a8362c87f1f44892cf583cbbd7d16c0

SHA1
c958fdf9d3198ce34c615243e766c4b9ffa8a806

SHA256
0264b2449d18f4b8355f8d75f240d4383b09939a0ca40bb461364b6ea2895f77

SHA512
94c2536904b2dd7750f4233d4ef166c440797cc69b10a9474c40d5993c6a9870573fb00bfe3474322cb72e1548ed9bb89ddd3bf22a26ee8a7c23f5786eabcd93

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0

Filesize
44KB

MD5
74552d33afcdabcea21f00a7ba198a17

SHA1
a9178366488c7044e430ce62728f927089000292

SHA256
b114e2ae03db086d52758433350b089fe37d66dc7c7afe4cf405c8055e1b08ba

SHA512
4510389a4f6b0feecdf26e2c2fa992083ab4618f334c11f33b13dcc16fb37d49c5bcf798a94cd931394f57cb64ba0182e97a2a641d803fdc6beebbed447d87e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1

Filesize
264KB

MD5
80a9c18d5f1cfbec9c3e7799546b5886

SHA1
829638c9f87bdcf644ccbf6e15bea99ac3ce3547

SHA256
d4ae8e3328fec23a5187f432ca486da2af65094eaa1219f070bd96263dbc59c6

SHA512
013532af3847c627b22c95761bdbc998eeab76eed5496a3bfd5bea468186d44b2f3b39085e519b0fce616922a30d6c3f4099294022de3fee3b79aff2e22aa804

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_3

Filesize
2.4MB

MD5
f7496130f2d7770837ae514ef7c99c0e

SHA1
0857e98370c2b3d3573d8a7da54d8021fbff88fc

SHA256
cf9fa572217473d95b4188f22a57926d2623eacbba0c9d58b926aabad50cc8db

SHA512
8332a92cfd1c22f86740b62713b57634b9728899d5b4cc4c13b56381652a5270af203fbd67e78e1093b78de9c259bd6b9943a485f9891023b293a0a5395520ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
9eae63c7a967fc314dd311d9f46a45b7

SHA1
caba9c2c93acfe0b9ceb9ab19b992b0fc19c71cf

SHA256
4288925b0cf871c7458c22c46936efb0e903802feb991a0e1803be94ca6c251d

SHA512
bed924bff236bf5b6ce1df1db82e86c935e5830a20d9d24697efd82ca331e30604db8d04b0d692ec8541ec6deb2225bcc7d805b79f2db5726642198ecf6348b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
224KB

MD5
3a46a7f71b1d1a8aaa9e89d6e9b3e569

SHA1
82b1293aaa8f066272ccb4ec593160e97278b9c9

SHA256
d3c6ba9bcb50e21eebdeafca036f3c04d60fa1c54f14ac75d0f6b5f29deb59d8

SHA512
dae30633d917e83296aaad9531aaa0d06efc6c578352ec1f97112ff10df85861e75023998051966bb0e8008ccf66c31a999592fd5bf0878491367ab3c1218ba1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
e853b24ade4d3ff983dcec395d956d94

SHA1
e7ccf2fbf44593d5663b4dacb96a2b6454483453

SHA256
ab3f5d4c36bc2ab7e9eedad9979671c1eacda130b7dad308190f8d7152c629d9

SHA512
8de53f9958798be46d6808df710e754bcfbcf3c338c6cacd3d9a4138cccee388bb1110fcc137dfc28a92642dcf7af6855b786a6e31c7937f875d0da4d4a3662d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
79440c9a9160fdc582aa92740f286b94

SHA1
91f663c1720036e8c6baac8ecce530a0263021b7

SHA256
5bf1699429d952b24a01bc32bffb5329f0e776773aa6e9c95cf0636a91ad7b9a

SHA512
14162a2e6d5bb27c2e018a2cc14387bdb6441648e29c1d4057dee64a0a88795d475ba050bc45d565367b736558af03e3c39b7ff209340a9f49c85062ac34ed82

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
e98978dfb56ee0680f3621789db49ace

SHA1
b5ae0b6069ca3ae34dd294a3095496584a0fd732

SHA256
2bbc9a08f55a85075f8640dac2d66ea0a7117cca463a214497373769dc098fb7

SHA512
ef05cfb788e39abdcb3bb75e888a18bf7887d548a7a48664d6a8233b04e313c0475a149e414601ae7fc5fd81f39e5a1cc5f039d689eb9ceb38d0e54697bc96c0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
66f38ed03fd33ecc178ce1b60d5d8bec

SHA1
303517f55d2382c044b54d5f5c2eb570304f57f1

SHA256
17844a435cebaecd09257d9eabfeadbeea9b6c93bfbf04799e7708371e5eaa3f

SHA512
edef48af0da34d56e70b4373ba83e3d7dd4527afc72ef1c28cb55514b0f6f2bf63c9664eae0535707bcc4bf9be423759a41793ca812eeb2fbd8c8bc710732ac9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
4caf32cc2b445c45a964d3fe55f7fbd4

SHA1
6f7fabcf93fac27c7053248c42be4653ac57b0ed

SHA256
056dac49ccc6b89fa1030413663b43d76d4a8bde9b653f067df085560e39e5a0

SHA512
8f9d64e29b91dc9c4043cd89198624c3663f3d816ea7e3f817c0844d150e2ea391b6ae3af0ce457bac2392a96cb7a8bebcabc76189d3ec3a12301b7a0972b3ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
107KB

MD5
ef296b9083fb2007d7cf70461a4001a7

SHA1
f7885da72b2dd86af97934baa48d96dc32040dc8

SHA256
67eb7c21559687eb57b7f00059fd11c54165701c356f71774ead0069140ad2bb

SHA512
a15dfd8f63786d22bb07584ba5390a8dc8d797e4b624ac42ef4ff272fc2b7bb3a74132cd2d8d76002d0853d6ff790e5c8d5a437346d899c0f791f681f7b5a6c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
94KB

MD5
a55361ddd688580b167bd65d92662569

SHA1
ae38c559bc58a58046d60d35ceb2e00bf3df14c8

SHA256
5545b8c0308bd8a5efdc7012ac12852b65ee2644145916c83f6b0f8a4eab54d2

SHA512
32f149165864ac699a48bae97249d3a6db3592aaf2defe4b4ca57fb1235b5721a885c317c6d1e6a421dc9deba681d6f711b9010ef45d57f5ecf60dafc0963429

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
95KB

MD5
a231a12505bc7dc20385e896e6a05761

SHA1
03cd07e9d2cb4736178ac1a7fb276ff78c8ca34a

SHA256
801817bc750142ac0c3c4a413aa5583c969c1ae5ed25e321c90a2c01edd2c860

SHA512
a779bc3e201c4a8c0a45f522a43d26ab461d542a34e6662ade46d2afad92e9ba6fef6beaf49b8c1f6fc0e035fdac972d6d17fb254f569cb0327f00dd890c2faa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
102KB

MD5
a905ebf155725a61f4afa2e63339929e

SHA1
ae44638446682b15658a914d62d4bf330d0fab28

SHA256
685211a6001783126742a90548fafae46205635c267c6dad4b8917f7e8d91e60

SHA512
8d7680d224710aa2079504c9e991fd04dd9c2ae8c864bb30b4da309d91d9be06292f9b37a6e2c140f736f2606c53f9592b8954564f0606752d3e4574432ea09c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
68753538063dabea94e192e1486f26e5

SHA1
e532937224530f121055425f357856e6828cdc1d

SHA256
2c4e0532e372cdd88ba921cb5c783413d3edc7d0c43c09e33d5f2d4abdc3fa04

SHA512
061e3f85971dfa2ffd63bfae4545a383e4d1c0be8589eb86c66d3b182901008c6c1064850a1ed509af723f6a3e4ae97a7eece6d0eb813d575f21b72dc9aa6891

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit