hxxps://lsrxg7ilgecy-1323053341[.]cos[.]na-siliconvalley[.]myqcloud[.]com/lsrxg7ilgecy[.]html

Analysis

max time kernel
270s
max time network
852s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
04-01-2024 18:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://lsrxg7ilgecy-1323053341.cos.na-siliconvalley.myqcloud.com/lsrxg7ilgecy.html

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exe

pid process

2240 chrome.exe
2240 chrome.exe
2240 chrome.exe
2240 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe
Token: SeShutdownPrivilege	2240	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

Processes:

chrome.exe

pid	process
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

Processes:

chrome.exe

pid	process
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe
2240	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 2240 wrote to memory of 2972	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2972	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2972	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2596	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2744	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2744	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2744	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2588	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2588	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2588	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2588	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2588	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2588	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2588	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2588	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2588	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2588	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2588	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2588	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2588	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2588	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2588	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2588	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2588	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2588	2240	chrome.exe	chrome.exe
PID 2240 wrote to memory of 2588	2240	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://lsrxg7ilgecy-1323053341.cos.na-siliconvalley.myqcloud.com/lsrxg7ilgecy.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2240

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef79c9758,0x7fef79c9768,0x7fef79c9778
2⤵
PID:2972

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1164 --field-trial-handle=1304,i,8677242256039663913,14439173897509092181,131072 /prefetch:2
2⤵
PID:2596

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1512 --field-trial-handle=1304,i,8677242256039663913,14439173897509092181,131072 /prefetch:8
2⤵
PID:2744

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1640 --field-trial-handle=1304,i,8677242256039663913,14439173897509092181,131072 /prefetch:8
2⤵
PID:2588

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2260 --field-trial-handle=1304,i,8677242256039663913,14439173897509092181,131072 /prefetch:1
2⤵
PID:2980

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2272 --field-trial-handle=1304,i,8677242256039663913,14439173897509092181,131072 /prefetch:1
2⤵
PID:2344

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1352 --field-trial-handle=1304,i,8677242256039663913,14439173897509092181,131072 /prefetch:2
2⤵
PID:1812

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3264 --field-trial-handle=1304,i,8677242256039663913,14439173897509092181,131072 /prefetch:8
2⤵
PID:552

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=1864 --field-trial-handle=1304,i,8677242256039663913,14439173897509092181,131072 /prefetch:1
2⤵
PID:944

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3468 --field-trial-handle=1304,i,8677242256039663913,14439173897509092181,131072 /prefetch:1
2⤵
PID:1204

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3492 --field-trial-handle=1304,i,8677242256039663913,14439173897509092181,131072 /prefetch:8
2⤵
PID:1564

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2140

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
7ec1b4583bde6f437073c954344cd9b3

SHA1
da5caadc52f629f1684ba425b8539794cc3e9885

SHA256
492aa79db7a01ae9a78547b89074f030e875ad417cfafeb1aa62fbf1685a6689

SHA512
8a68921573619631cb9042ac04879f7a535c0b6a1fb1ebc67d69e3baa2126a25467cd8f1f3b39b83ca467dcc6e6bce7b6193ffbafada28034a4d71e1bd4b6ea1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
460e9487346622493b47b3965be79a42

SHA1
e323faf43ec3ba72474f60b7e84bcd69fc7e863c

SHA256
17cb4c8a50abce329b258bffbc97280132c52c8c9d29bbd2c6d3d7157fce0d0d

SHA512
0b7e3ff2376c6be7c95e78a4315b22af6fa705baa4ea8e638dfdd43fbdabd86e9eeaf3953d088f994b376465ec69cab20c962705c8d14509c794f11c5e3fb67e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
c393fd629415cac8806296b8b3dae9a3

SHA1
8e7d7cf2495dafc87bf264341769267d2869579d

SHA256
75bb8bbe8d55666b7246ab7f3e6da7cb00b5599cb3bb8d67e550d1aa71f6d60d

SHA512
200b73cbee997db1cc8d27e3b3c89f013e6e26c8fed5b6167bd3fe96416bd38a78851ce874b2eb8ef9fbf6ba230cddf0442d96326d02f16614dd3d5421719186

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize
344B

MD5
d2e33ba94313e8bf19c062d871e074a4

SHA1
ed287c09ca916635a92b33524bac15aa977a5e63

SHA256
e1029037eb10d0b3f0b5bd965f881ba6110900776d38d0f4d6ceb212187fc96f

SHA512
fd0c5cd1385df03877c3f36c9d17db2255b5b193182e76888eb024f498663d874c9afa0ab89125e0a06cfb88f57ee18d6acd342b33a6881aabdf9ada91b9bdff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\775af06e-a481-4898-b7a6-06611acde012.tmp
Filesize
4KB

MD5
e529063b23e2394b50e5c600696dd6b4

SHA1
5deacfd2547a07ca41a3653aa30629424ad44395

SHA256
95cfba52824b63fff1aa40572594ffe07b850a448aab81c30862bdac17255d0f

SHA512
ce616b4485b4fb96532b8e94d9bc86f7b83def7a7a0a4197a5c668d8de7b2a3073193363706dacc304cb18eb42194b39664f18e3d616f1485a9606fe7a7a5e3d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
2KB

MD5
784d841e00f89910b7a01c47b69e9d4b

SHA1
7890ade1296e6a06e0ff4c76d16484da17036ae5

SHA256
0f409f790bf8d0a8ecbfa7b6099c83e15d97b731ed1db49029761f6175ac3d5b

SHA512
ad8696ed9dee433cf3f852796082e7728e60feb3ea28ad09fd9e3d5a0b71547863d9f009000719a2eff695160e65e4b01aac44878163c12b9afa41cea5b5c23c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
2KB

MD5
6da6ad5bd4d6044524702b4f1797028e

SHA1
27e033869d8dc80e3ee944ae3ab0e14a4fa40b00

SHA256
c4df49800509dc029cb868d2dacf02596b390cf0aa2021ff488db0784f716af5

SHA512
45118f2ca89c8469a0ad0eea22a5fa82e155695c616cb4f278861e61f499d6901118e2426ecce85a9a9f3ef0d48a596c6fc00ec21c13cd249f86e4e4047343f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
852B

MD5
6c33ea51cb6cb39efbd6fd2893cc300f

SHA1
c359dfac729fabfb11df8d040884392b7f98d35f

SHA256
6708699fb916af60572db3a2bb63256d03b39c44ddc7b62793cbf268ddb9652c

SHA512
405aa3221e8418de2d80e1cbf258b42d7c196392847c0927d26debf1b8ca0f6d0f1636db326b89bfa34466f76bbeb345b1b5fc8bbe52ae750cdf7262ae87cd69

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
4KB

MD5
22111cc92fdc4ffd224f9c0ef8146bfc

SHA1
a5ec0d181929731b68075987eec6718dff4fa40d

SHA256
7951d2c75635d8b3e25f96323f719edeac13fe62df1232560de629efb49389eb

SHA512
4d546101ea3382411998c8ac655b9050a979dd4123c096d69b20a2fa06c91955e691b4526142107b822e46ff6a62373ea3942ec81e31408cc5af6fc181687148

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
525005886bcf24e13b6bf7d3cf6dda7a

SHA1
7a339fd7aeebd0a13e91e4c0db5bf71a673fc832

SHA256
2cfba0689b962658154851a7fe346c4d4e73d555f6a3cabe89ef781821141d6a

SHA512
414f54701a0a066a4dd4878d32d1c66312d8d6645e23d63dac0ee56a3ad2e92e2bf86f301d99960b4a0c64a6bf4d09820e49683252af308e96e26f292ee39d88

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
5KB

MD5
4694e5663903a3fb1c764561986e8eeb

SHA1
8525d113c2d71dd782d66a6328db66d62fcd45b8

SHA256
19582ef4ce5c18f554d60c3b6ac6d46de8da809e3ba6e3e3d912cf1c6759d9ac

SHA512
011c8dbbd4698eb1942c3f84f39954381e54980cf06629c8d1b57f74c3d260c09f9ee9aafe678d4303a9f66f5a18c1db0ab0e9a5b35a7fff77aeb988ca32f5c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp
Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab9484.tmp
Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar9514.tmp
Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit
\??\pipe\crashpad_2240_JUJXWPUGFPCJWCLX
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit