hxxp://trueventus[.]com

Resubmissions

04-01-2024 07:11

240104-hzzkgaddg5 1

04-01-2024 06:50

240104-hl942safbq 1

Analysis

max time kernel
131s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
04-01-2024 07:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://trueventus.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133488263177371927"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2776	chrome.exe
2776	chrome.exe
812	chrome.exe
812	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe
Token: SeShutdownPrivilege	2776	chrome.exe
Token: SeCreatePagefilePrivilege	2776	chrome.exe

Suspicious use of FindShellTrayWindow 28 IoCs

pid	Process
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe

Suspicious use of SendNotifyMessage 26 IoCs

pid	Process
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe
2776	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2776 wrote to memory of 3504	2776	chrome.exe	14
PID 2776 wrote to memory of 3504	2776	chrome.exe	14
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 2208	2776	chrome.exe	51
PID 2776 wrote to memory of 4936	2776	chrome.exe	46
PID 2776 wrote to memory of 4936	2776	chrome.exe	46
PID 2776 wrote to memory of 5056	2776	chrome.exe	47
PID 2776 wrote to memory of 5056	2776	chrome.exe	47
PID 2776 wrote to memory of 5056	2776	chrome.exe	47
PID 2776 wrote to memory of 5056	2776	chrome.exe	47
PID 2776 wrote to memory of 5056	2776	chrome.exe	47
PID 2776 wrote to memory of 5056	2776	chrome.exe	47
PID 2776 wrote to memory of 5056	2776	chrome.exe	47
PID 2776 wrote to memory of 5056	2776	chrome.exe	47
PID 2776 wrote to memory of 5056	2776	chrome.exe	47
PID 2776 wrote to memory of 5056	2776	chrome.exe	47
PID 2776 wrote to memory of 5056	2776	chrome.exe	47
PID 2776 wrote to memory of 5056	2776	chrome.exe	47
PID 2776 wrote to memory of 5056	2776	chrome.exe	47
PID 2776 wrote to memory of 5056	2776	chrome.exe	47
PID 2776 wrote to memory of 5056	2776	chrome.exe	47
PID 2776 wrote to memory of 5056	2776	chrome.exe	47
PID 2776 wrote to memory of 5056	2776	chrome.exe	47
PID 2776 wrote to memory of 5056	2776	chrome.exe	47
PID 2776 wrote to memory of 5056	2776	chrome.exe	47
PID 2776 wrote to memory of 5056	2776	chrome.exe	47
PID 2776 wrote to memory of 5056	2776	chrome.exe	47
PID 2776 wrote to memory of 5056	2776	chrome.exe	47

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe8e119758,0x7ffe8e119768,0x7ffe8e119778
1⤵
PID:3504

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://trueventus.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=1888,i,5460935022162143472,4856869776968119524,131072 /prefetch:8
  2⤵
  PID:4936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2252 --field-trial-handle=1888,i,5460935022162143472,4856869776968119524,131072 /prefetch:8
  2⤵
  PID:5056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2892 --field-trial-handle=1888,i,5460935022162143472,4856869776968119524,131072 /prefetch:1
  2⤵
  PID:3088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2884 --field-trial-handle=1888,i,5460935022162143472,4856869776968119524,131072 /prefetch:1
  2⤵
  PID:2860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1712 --field-trial-handle=1888,i,5460935022162143472,4856869776968119524,131072 /prefetch:2
  2⤵
  PID:2208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4744 --field-trial-handle=1888,i,5460935022162143472,4856869776968119524,131072 /prefetch:1
  2⤵
  PID:5172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3060 --field-trial-handle=1888,i,5460935022162143472,4856869776968119524,131072 /prefetch:8
  2⤵
  PID:4344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5088 --field-trial-handle=1888,i,5460935022162143472,4856869776968119524,131072 /prefetch:8
  2⤵
  PID:1688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2456 --field-trial-handle=1888,i,5460935022162143472,4856869776968119524,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:812

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3576

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

Filesize
16KB

MD5
acaddbbfc0063809d66c793b09a3089e

SHA1
5f1df696d7d62c8cd86fc1605029bc9b5cfbb3f0

SHA256
e9d270b6051d00408e23b19a8c1c64245e76447bca1589a9291a04527fb2bc35

SHA512
2a04e6710b26cc64f6590c63ecc219e89198669ab9697ca098873c1835b95e9dfb178d6e1fdf609d83bc9082bd18d214a7c70f7021d5c8f5e256d773dde228c0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024

Filesize
27KB

MD5
c39463a922d3fb8f60a9eabbd94149e1

SHA1
565de9bcd85107cc1220db7f4f5c9683a2148b52

SHA256
ec3cd30aecba0f14d4dde6f33bc4f3f0e4e81ebd1342a20afd31ae8035034713

SHA512
42df6a547d901a007081d20c93f67431cf68ac5122f3b19a9c3240fb317bf30c1c69679f664aea780f113080980af545d125fc325e454186ff3a44a9e90b08b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000027

Filesize
53KB

MD5
d9be684c560f169273995472313ddc2a

SHA1
218b8536564171a9175cb971ef78fdac4ab05e96

SHA256
ed91f8e83878bb00b561fcd0021831b567fdce544810bdfd70731c051e2168e6

SHA512
927ffaeaad3f4a47665ba04c4fe8b8fed9c66db94218780ad760e43e6c1afcda5aafe7894b671ce5e31fd5204488e8f7ba1079c50c62f326f78dc3d423b158d5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

Filesize
25KB

MD5
f6f28bd61cb5aeff264f51955f53d977

SHA1
5e82f6a93e86ba5d83b881b8a139e7f0ef2e2bed

SHA256
9fb0fc86dfb3bbddaa4dec8ab65f1048cf2a9a0c19a2a82ea7ea5794c09a265b

SHA512
7a0165248d5dfc5e25af72466fde22a0e770b2ee28e7ccbe1500dc4c3b452a437e4b96f2ed37e432694a7eb630b50b350dc4d1507feacc3bc405198ae711edd4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
696B

MD5
a345e46ece763ff6265d427bc10c789b

SHA1
77b7ddc3d644574a41ea4b174585f5ff08259b9f

SHA256
2a84d65f00e4b39dbf70a5494cad3c6035d2c619692da2996397dca382c78e4e

SHA512
3d3ddc6a7592286b99869adb881a7c98e6e6a686f8306136014bd49f2b87f093b65d9a746d02afa8d423727b1b46b9fd129c25dc41b8576628e091318c55ca75

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
672B

MD5
3430eef8f2aed7ce6e6feb4551a6ee16

SHA1
af539c33d5c474cd76ee59386c506dc51a5d7173

SHA256
b57ffe9001ee7064ad798e1d7c834fbfc33b36c5585d021b12f2f0d59ea449f1

SHA512
448385ff9e496e58edba632cefb9e13fbf26dbe12e48a7b707be921f7bc87d7a7085578408a818435747af9f95f982a308dd333d919b9d0e811a90dd6b190934

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
984B

MD5
a54f65a4a97ddaeae463a286989ddf03

SHA1
22947bd0ee50ad875277f006dae096cf3431ab6c

SHA256
0b574fe271ce43dc890080cd60ef628ceb3e98c5ee0ce67f4270648a92f602b6

SHA512
aa930b80c93153fddfd9c16490294fec27ea086fc3761a7aa700840235cacfc6e2519d01d2a61112e07becab5be40b109f4b6b410d160863f8405c3c04f9aeab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
050bacca6428b7336ac17652fd64dc92

SHA1
ee87a7e63ca2eb422ae3ed5783c42ac07d5fd9ba

SHA256
3d0f40a081e20b9a137f1ffe49dbf3a6b76990b2664fba64795fc186b197a1ad

SHA512
10226d7b3006958136cc28a785ddacd6d4401c9b1a80c562abaef22bddc9eeb141f1bfd396d6769e7efc36cd3b0154ab50153db0816098f93382a8372bd9e8bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
3f994410338bac2461240e5ba357ecc9

SHA1
7006d707046eb382ccbc6d96ea66136b33cde581

SHA256
bc4246c9266d4846638de043c38c8be025fe7fb1d87d05a3c8c67aed4718ee94

SHA512
c9d7bb3028acabf213cf9d33c6cec9fd97db351fef099c8f16e204944806253533222bb65b2a481a471006bc3a315b1d122f417057212fc1fd468ef1ce8f05d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
36a88a018e033deda05222ff1bb51275

SHA1
a2d02f77bec215fc2561de0040ea7b5005877779

SHA256
c53903d4c584e01225ec04fcb34ef1d6ca6652fd2fe260579c939ff6b38f1a2c

SHA512
5834f6d7443d1413cc7110447e7bbaac5394d61d7e01ae602410c896ba8539a75b04cdc268b3b93ccd91dbc99ab22dbfac12004e3ae04738086ba4a68c6007d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
873B

MD5
373a3dddebe38f39ba341469f3937aae

SHA1
aba15fc26c861bb0a23e33b679c70cd1dfbee302

SHA256
a601fd2f426e70341ff8fb8d0539199867b21c89260b9132bae0b94e9e3813f5

SHA512
c2e4ba86ca7fb236b51c9d6648550eafd1838cc1bc55cfde6094d6acfdbd9e34ca96056294777f47358dea62555703531f07bdb59641b3971d084ab867e00d7d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
873B

MD5
6617470e37c3bbc788f67b3d42050ffc

SHA1
c126cf48959deb3301ac9bd0bc292b298b62a100

SHA256
f6ccf5660aa9760a96da748dd3fb07dcb592b10944c0c15a5bf661aefc88c653

SHA512
2c9bfa14e217e3933e2b35dc7df976b88c35c8a141c01c582f453378656fa97bece6da43a6fb4dbcc07a8f63678d2f41352e3b3844c017fbd2ad7f994143dc6a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
873B

MD5
482b1ac943f611a326a5b3e63837e33e

SHA1
f37e894cd5e20fcf93016d908c8ecf1148fec1fd

SHA256
699f9a6591e4781c17fc4b6c4c7a38a854f6d98ce509913580334601b0a1d8e9

SHA512
715e6e76ab1ba51c88f43db2b98eb3edd7f7b31e0e76fb42531bfb0444fab6b4e50a0ffe581a0282dfd36d582547f9c49ed9dd13bb275c99220aba21d5397ca3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
873B

MD5
11c17b6acce55c6b480039c47c26723e

SHA1
f0d67790cba4493c77dc5ff42eaaa54b6fca1186

SHA256
21dd5da8d874b9e722478400a4dd0dd9c68876084a11d58a720c0f703a1a085b

SHA512
9d5c148f2e63a5319b400fb1e341cb3a01aa51fb20a651eea045fc642888806c0989f66ef7c91eb1b5afe208e102b136d44e1ab1a265c51e6c2a5acf904f109a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
873B

MD5
1c44d521bc2d4acbd6b91c951e8aa8a5

SHA1
1777f008f8200fb459fb097868a43939a3129ab7

SHA256
5329b6cf15e102390368377b824c423e15c54da4adf207c348f797371d147150

SHA512
d1d0a9355766d84d6420b65980d7ee5b297a8ede8975b0bfd26ea1a689da6b30bd786155fc7a52f4533518faaac8aceb22b68f52faf68411a80afa2dc7512ede

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
c01dda45b616beba2bb3657648416070

SHA1
012edd123fce0ec875e5c02b76a7baf063abdadd

SHA256
14d52dff219308564f369aed8a417a008f311d1f6db80ff3f7d2c442a2c0e7e1

SHA512
193ef0c53256562050b6fb96add17e88a468ef0f88d6eb61f3ce1b3fe9287cc2480f2004a47735e61a6679048154190c811d8213ba850cc5020cf4bc84d0ea73

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ad1764aaed740e57f517fd4931c3d249

SHA1
1c98a0abc2630f859dcf545057d6b0819cf42768

SHA256
5878a27a6e8111f83bb8226f91a0ef135f74af8a604a283abebd3f311f363b04

SHA512
75ac544d5b4c7eb7a81ea20558c6281ef76832fcb3a9b2ae26b96a151a4afba5dab642462695e5b1f362e67ebb3ba2a28bd63923fadd776fd0a4e7788051f29c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
2940aa5f1f993b80a0ecd904a373b2dc

SHA1
9d713540835642e98121e62ee1d324fc7beda4d5

SHA256
0f198205a8bd7387246aaaab8cde9ee541f5d3fe87338ee182df0d3a112f33f3

SHA512
776fe3ea7c10711d95c91bfb44eeffc4177fe28e7f32ff3a92abca355c0f78ac8359f55f5d527b6a65fd9b4010458f3ff1df2ffd515b015aa55ea22d6f8474fc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
d35f23fbd32c71a1aa3d043bdb2bd39f

SHA1
229ff4cd2cc67a4d3ab432db77034795405c3b6b

SHA256
b0de6d2b40ad405d9a8f67846a638693b7984c4b8eb65ee72b3da4a4ead26eb0

SHA512
3df662677c2a994d716432c1d74c13d27cb6e7ed6d08ab92f27bb721b948867c688ef309b0ddd2b8b82b636f3934cda33c9bb18da1626a8d8f9fdcca364d427b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit