e586431f548ee2395fbaaa3f35564b3b7fb8395a62daad7c8478639ba7129539

Analysis

max time kernel
604s
max time network
1233s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
07/01/2024, 18:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Ayakashi-Cracked.zip
Size

146.9MB
MD5

e7b37fdd45470e7afa7ae1a2ee678671
SHA1

6681a30a2fe27773cd16600668f0511cf58abbb2
SHA256

e586431f548ee2395fbaaa3f35564b3b7fb8395a62daad7c8478639ba7129539
SHA512

8ae89cabaaceeb20965e75d0d6a40f1cd55ec60cf58dced0f4bd43a5e3cfa106972324551c90813b1d9f3b624853b830126802995dff7427a559988db549e2e9
SSDEEP

3145728:j+BSrv5mbTFsPvlCpso/gB79uI0XX8zTLR/9HHzeQMeoLea57Xe9j:qUYy9YjgB79fR/V0Pbk

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious use of AdjustPrivilegeToken 4 IoCs

description	pid	Process
Token: 33	1072	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1072	AUDIODG.EXE
Token: 33	1072	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1072	AUDIODG.EXE

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012
Uses Volume Shadow Copy WMI provider
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\Ayakashi-Cracked.zip
1⤵
PID:1700

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2796.2.894677455\1226257717" -childID 1 -isForBrowser -prefsHandle 1960 -prefMapHandle 2168 -prefsLen 20868 -prefMapSize 233444 -jsInitHandle 856 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {dcad11d7-0186-4d96-9670-ba8b1eb93638} 2796 "\\.\pipe\gecko-crash-server-pipe.2796" 2144 1679ac58 tab
1⤵
PID:1504

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2796.3.1601688769\2079460657" -childID 2 -isForBrowser -prefsHandle 1568 -prefMapHandle 1564 -prefsLen 26111 -prefMapSize 233444 -jsInitHandle 856 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5622da67-44ab-4677-93f2-e983a11237f6} 2796 "\\.\pipe\gecko-crash-server-pipe.2796" 2340 e71c58 tab
1⤵
PID:3024

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2796.4.1459272431\1756784346" -childID 3 -isForBrowser -prefsHandle 2512 -prefMapHandle 2508 -prefsLen 26111 -prefMapSize 233444 -jsInitHandle 856 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b8af28e2-52b3-438c-b6ef-a32f02508128} 2796 "\\.\pipe\gecko-crash-server-pipe.2796" 2524 e68158 tab
1⤵
PID:2288

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2796.5.2127076833\836122571" -childID 4 -isForBrowser -prefsHandle 3064 -prefMapHandle 1960 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 856 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7a03cf28-6f6c-4e8a-8789-3690eec19dc3} 2796 "\\.\pipe\gecko-crash-server-pipe.2796" 1576 e67558 tab
1⤵
PID:2668

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2796.6.1042013395\345174800" -childID 5 -isForBrowser -prefsHandle 3456 -prefMapHandle 2836 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 856 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c00a0193-37a0-4e60-8b03-5bb0ed66c533} 2796 "\\.\pipe\gecko-crash-server-pipe.2796" 1640 1888ec58 tab
1⤵
PID:2252

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2796.7.822356320\646155314" -childID 6 -isForBrowser -prefsHandle 3716 -prefMapHandle 3720 -prefsLen 26251 -prefMapSize 233444 -jsInitHandle 856 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9ad543fc-15b1-4c6c-9ef1-82dc082df760} 2796 "\\.\pipe\gecko-crash-server-pipe.2796" 3796 12996b58 tab
1⤵
PID:2488

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
PID:2240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef4c09758,0x7fef4c09768,0x7fef4c09778
  2⤵
  PID:1708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1156 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:2
  2⤵
  PID:1164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1504 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:8
  2⤵
  PID:1880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1596 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:8
  2⤵
  PID:2084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --mojo-platform-channel-handle=2316 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:1
  2⤵
  PID:3032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --mojo-platform-channel-handle=2324 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:1
  2⤵
  PID:1668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1292 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:2
  2⤵
  PID:848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3376 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:8
  2⤵
  PID:1636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=9 --mojo-platform-channel-handle=3428 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:1
  2⤵
  PID:2160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2060 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:8
  2⤵
  PID:944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3792 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:8
  2⤵
  PID:1264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=12 --mojo-platform-channel-handle=940 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:1
  2⤵
  PID:2252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=13 --mojo-platform-channel-handle=756 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:1
  2⤵
  PID:2772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2524 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:8
  2⤵
  PID:832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3788 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:8
  2⤵
  PID:2720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3976 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:8
  2⤵
  PID:1744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3628 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:8
  2⤵
  PID:2512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3624 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:8
  2⤵
  PID:1476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=19 --mojo-platform-channel-handle=3692 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:1
  2⤵
  PID:1692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=4248 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:1
  2⤵
  PID:2256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --mojo-platform-channel-handle=4336 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:1
  2⤵
  PID:1648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4468 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:8
  2⤵
  PID:2128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4620 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:8
  2⤵
  PID:1792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --mojo-platform-channel-handle=2648 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:1
  2⤵
  PID:2456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --mojo-platform-channel-handle=2488 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:1
  2⤵
  PID:2844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --mojo-platform-channel-handle=2572 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:1
  2⤵
  PID:1184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3452 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:8
  2⤵
  PID:596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4068 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:8
  2⤵
  PID:2660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=29 --mojo-platform-channel-handle=1616 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:1
  2⤵
  PID:280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=30 --mojo-platform-channel-handle=4176 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:1
  2⤵
  PID:2264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=31 --mojo-platform-channel-handle=4700 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:1
  2⤵
  PID:2812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=32 --mojo-platform-channel-handle=2616 --field-trial-handle=1208,i,3852318024264535035,3296707631905882912,131072 /prefetch:1
  2⤵
  PID:2452

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2708

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x1c4
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1072

C:\Windows\explorer.exe
"C:\Windows\explorer.exe"
1⤵
PID:2356

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe"
1⤵
PID:1808

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
58KB

MD5
2aee3fc3e364b70ef4c4749750f9c944

SHA1
0bc85cc0e2db959c4906a0b835a31e94460dcec9

SHA256
abc79a21a760ad74f4bccf506bf55a96c1b9cd8909e715c256db19da448f398e

SHA512
e8bd7188a5542012b50f57270d8360368108aefad80a5addba95fec149d01e1bf19751267559c5ce25e0aa5af5ad3a99e59de2786bf62f6778527dbc0c72c8f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
20KB

MD5
923a543cc619ea568f91b723d9fb1ef0

SHA1
6f4ade25559645c741d7327c6e16521e43d7e1f9

SHA256
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

SHA512
a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
88KB

MD5
33324d24b26fff1d223d14abe8d83574

SHA1
9fc813b1c78f8abaae0ff5cc4b71fc0bd96797a2

SHA256
558ce663d75cec3b7fbeb5f2f54b0edf44a96cc520b3df3edf52358dd71e2093

SHA512
3baeacea9f1f7948e2d2f3f88dc50e30bd528862e1a5720115e9dfc917b6d37f710231c750b546c8cda1b08cbdbeedafb8cedb471be62ec07496823ba2721cc8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

Filesize
19KB

MD5
250357fd8f98a460d7e2d2e861f53da4

SHA1
3e9dc12368adb42ea99a9f631a8c6f4e109425ab

SHA256
ea6e1177345427a7489ef7215c0e2b891d96030a61c39b3bf05f58120ec93a2d

SHA512
a6d877afa7047fbce8ef4dd0f402b1db1a0e431bb0c97fdafbf69c54071145afa31cc6e8c9777341cc8421f408b0a0f3df0572b60564d0a7816b75a9d3f7f2c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

Filesize
87KB

MD5
4a4aa01091048524258498c7a9f62f95

SHA1
ce22415f1cda21ee0e91fe1d481829fed12dfb82

SHA256
d4816692b231e7846a560b576185aeb85d9c13d06fe6e415c3fdc0248e6936e1

SHA512
a08da65871da1378f396803ef6f9544759e800ef7452d7e105b8510a46cd0ee88c119cb47a5bd1ac3c56cc7a90e7274304c01904bbbe19882a64e6ff5cfd4ecd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

Filesize
16KB

MD5
98db1548d3e5e3a6b56d10b8ba9ef56c

SHA1
4e3b3f90d6b865fa406ba653d9480167e2a1bb74

SHA256
680af336204ecbacb8e513a9009e51d427199172e1451c3bebb5c292ec2380b7

SHA512
c2fe8d284f3a9b0c6901cd15c4b87d58c7e040fd45915919fec94d457dc28c584e7f04cc3669e0e0dc309d9bb0d21de49dfcb323f0e749b4c48a58da74732aea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002c

Filesize
313KB

MD5
808580680bb29d3f78c943be6db45650

SHA1
72eda7a4e09408d23ba2d4e2a7cab49c27f3aa39

SHA256
d81806b954a596a9e8e2bccf1aacdbc9cb767b58ab7daf93f6eb948f3a429a58

SHA512
309ec90a8e39f84b222a5bae4841e5641d1325b59f02ce49b59aafbb92b02a4bfba749040be68ec5d650803d1cdd9a860ea3211f14e728888b2a0d8c9ba78b90

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002e

Filesize
123KB

MD5
1294cdce67eca260cf362ed934dd33a8

SHA1
e910b7f3137a8883b1dbffbe84ca041adae81fa8

SHA256
74dfbc0b49783249521c75e21718f258a6e9d82a7caa0be4aa4e323dfbf6e12e

SHA512
972b3f5240f30d009843e1ed502bff6156c786d24ff7417abdfaa054b1587a1cfe84e34aab9fe8f6702ab34624b6052aac9053395e8b00a93304a7219ec1d2dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000031

Filesize
40KB

MD5
1128652e9d55dcfc30d11ce65dbfc490

SHA1
c3dc05f00453708162853a9e6083a1362cc0fc26

SHA256
b189ff1f576a3672b67406791468936b4b5070778957ba3060a7141200231e4e

SHA512
75e611ba64a983b85b314b145a6d776ed8c786f62126539f6da3c1638bf7e566c11daf18d1811b07656de47ff8b50637520cf719a2cacc77a9d27393fc08453b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
25da0c74498f45efd228c922ff3393c7

SHA1
09bede6e352e838c2d8934f45b5b7bab6bed5579

SHA256
5a0d19125d46b5de276096f50203f13bc94e2c57b60f93b111e4e6dfa91a1335

SHA512
5396f524b290f554c833d3dee6f3e8d2786a17a5cc934064f86036f5f3ecbe020929be415e5fb983b18b49085f311d82015bd89459b39fd09bbfc939b7f71375

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
43b7746b1036f83c623b16da2b4141be

SHA1
f5e02f0c699c380ac8ac9abbc34d3c08327ea7e9

SHA256
3fc135e1c660ccc1adbc0ca9f6b94915f3d5ec5101c9c7577bd45cb2345fa534

SHA512
7081909e9d901166e99c64f684fa3752aa47e146d5d43e45be93e17cb07b76a0af1ac9b545e65f94ef2713a948065e2e2a5ec753d46239aa1e3821402828a31b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
d4b2cb545688ec61cba3b1e6cd008bb4

SHA1
f428ab56a63fd35f0d06078999e0c562f77ef0db

SHA256
d60b40f79952901b648d9a074b18c9265eee03a01f6c8007328a61b72573ac3a

SHA512
d0f0d75fe6109ca1d2f912ceba77a4eaedf23708777c4c74f937199097210128750585e5d8a676c4737d9439eff638124e510336edaa4384bea39db7a39514f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
552bf7d634521cb47f6b9c0102cae191

SHA1
d1a1e17b65dd0771c9dbbd84110952678544f801

SHA256
f6c0c06cf8898f5a7fd8db17c45a02ffb444b9f59d02dc3152bd0e360fcb8d93

SHA512
a340c21d7da88a7e1450c6912fe1a5e2ffa4abcc802cfbd1c2d0f227d643f205f2f06f115268e4da8394f4996d3ec15a05a458f13b81c27f0f5485813bb8aa9e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
8b138651b5a28cb553be4c9bfdd45a51

SHA1
a4712747bfc7c36091007f7ea0f443d17da49b72

SHA256
8058eff131e3707bd307f05ae1e370ff7c1c7c70d2da3d994f4273e601bc6043

SHA512
724124c1928bb8060ca57f29d421c9301353fa5e0d10b936780a45b24401a72b0b8b05545a23078399e5dc81c6aab367e47bef8ec3450b04e99c8247b45add8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
933c6aba1b6a9cf1f3d27ac0eb6ad080

SHA1
0435a06bfe404c9a4d7b2393c015580a79b63671

SHA256
54746ff873f67e30f5745429315bf2fa5143026d0847cd2f07afa1908803e88c

SHA512
9ce9e90c5032c5241cfa2966ff526ecd978c592c138a7c0cc61fe4a46854732690ea658e3caba75614b0f805886cf6634f90b800acfaaaf09ca34dfdd9454d0f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
e36f8d35479198bdd30b6ec176f0deeb

SHA1
ea68b0a751b58a8e2ee7b63b3cae449191f7b800

SHA256
a5e29ed320350c3b865ac9d86a89f9e48fedeb4cdc7c87421b348fda159d8944

SHA512
ba4144e5436903ed4837a257267718fef8bf67f210e048025d0b3854db5365ac6ae43bd7b3660d485791aeafdcacb9b7d254d07c8736a4ff01a54a378cf1d01d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
25225575fcf0f3aa2d5695296401edb9

SHA1
e96e3eb870b8020a043512dbd3230e0ee391ed30

SHA256
f0fbc134a56cdbb589528e97140d57ee17802877ed9a71b2175c17e64144afa7

SHA512
5211c6bbf20f6b26861b5fbbe89bee22995e5b2cedb47b13e13ff0cd1ce869b91fd931ca2ce60b02fc766383abb4e219a6bdcd4f9e3bedba2303f89c4f5ac916

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
7KB

MD5
779c56046afe6d3d33bf12cf1df61046

SHA1
876bcdc02a5f2b2ed9bb4eab7e61c0233ac80c98

SHA256
56bcaecdc50443b18dd23b3ba9e34a5e9dd3448f5232bdc41ca95ffd6924dc0e

SHA512
e29af5247df76bab21d144c31f2f83dff4a5745800820cc462b59d5a8d4c511defa97aea8c4289b41560586a2062809e482808ecff89cf9b2d6d5d4479e11e16

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
361B

MD5
a811502c4ff1354d115ac977352697c8

SHA1
6215aea69ed9a07da0e35bf7016a839214a52a29

SHA256
5c89b2e9431d483f45d8a38d2331255905e3f42757ff6c3d751a8f114fa3baa3

SHA512
cf1164e7dd0eadc18094b80038a5836187e9e8d13d8f661cceefa5ff5afc868b2e36337a4b7fa0bfedad241f15143c61a2632249de23bc15fcccf48256094aca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
38a9315b985cde88b9469b5922a4fef2

SHA1
c37848b78647c687267ec90d53408ce4d0eca443

SHA256
f3d9c688c5859ea8ffe7849aaa57cca4c794c373116bea32e84ab2e599655a12

SHA512
03066ee5ba645bec602d8fc793379d4ab8f3ea4c26924ef3c6373d4510f958ec2c201814f218cf3eb94de174218d7978506bf59cd6521881e7e407d6b1780476

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
655295cb0ba4cdfe8003708a15c79215

SHA1
13319a30ad8f2ffc7b5f80f2acff4b69dc025e74

SHA256
f431d89bde1e277023b00d4221e46355ab4bfea7e391fab0b0c23541d4c69570

SHA512
6c2a5ac05f145938673bb6cdcfaa9aaf29776c9813e6ee7669cec5e287f363e882bda797c7f23f1b5b1ee4cce629c7e0230dd74346b1d4eb9bee9e68422a0c50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
9ba5b402ae5bdf3d8993bf557da24d56

SHA1
4ee63185014f8cae9683aa3f877b7f342f209dc0

SHA256
664a30ac982ab6352a30a1921f7332fd6ebbc0e31ed0dfc93e09b5009d104d75

SHA512
c6bee7131a28688ad8dc1507dc4807112c4d1e80de2598e93e0b4d2c3da94e0659a01154bab79b53dbef66d37c7b66396cd0217f488e4e746913f533542f21b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
363B

MD5
0aa07969c3a587f8a848bab9b847eb40

SHA1
a9a21e6a34951ac990efe789cdcdb0e4f1cdcf73

SHA256
f55fc0d95e3bbf4689e06932e1261989103cb111ec1fd907a86aa296244d7edf

SHA512
977d0a76198fd24de7c6f6f7fb01c81936008dff2bf8a6e4d5f6fe7c4f0a146e1cd6f946e534b1e7cff7345cb5e5fdc230b29c5f9d7d50d0624ccef87124df27

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
690B

MD5
29171152834789062a82152550b961c6

SHA1
fb29fbf8ddb106ab3f82b64c25596b8c197fac9a

SHA256
9d8f510938e55324d791b01969d3010299499f1124b159db9517120bab1c08c2

SHA512
f73974b68c3f870e5be8df748ae7944e25264c8e047f326d2be32c53ecb686be721dcd5b70890388970f6996157d3d3ddbdd9f83d38e7ef483762cbd34b1b828

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
da9487f43f578efa52d715bdd6d245d0

SHA1
3dd3c65c2e3ca02ecd605ee9f7710bf15f1c4dd5

SHA256
0fe194b4bddf59c8a286f1c37e15142c7cdb5569592fed68814761050b2a48d4

SHA512
88f368094c96d411468c482aa13df0d4d0ab878cc90ef66a70c179ef172f3bb72dcb4b851a226fce06ae436f07885e1b3fe3a5ace6b9488d0603cc72c3610d7c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
363B

MD5
27ca62a0a921aff259ff30fb5917ba60

SHA1
2b67813e8f7184e2a2b0d74abb0b4290e46229a5

SHA256
314c45efeeceb036c6a6944e3d075934108127c4f5a9552bc22e9341957f2dcf

SHA512
6d283a8e1944a3803af4b275d35668495c786e8581344f2f29b6d862f6e177eadccc4f166938ce9df0a58cb74e35afde22b455e5193dbdbe707ddeb515b352a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
6e61e417ed452a5e6373f0cb2c7b14e0

SHA1
dbab2832ca3a63e35f5ba2c613995805b2a586e6

SHA256
86f4610139e06693a8d2f1bcc1863448f6b24b4a62048befcdcfe43a6954b1ef

SHA512
e2cf11eddca65e76d621e442525709ea8a8c62f5161161ecdbf200a27ee7238178f6d00e7933eb5610923d985c28821db5c1072fbfc9bdb02ad5be964a1d246f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
0a56729cddef19d1e98b52931b3ce6fa

SHA1
7989ecc8d7210cdbc40bf54b7d9fb36c2ba9b8fb

SHA256
01b13f0e18c8d3b9c5dac59554fe91a19cad2bfeff06284bcc7808d21f5db99a

SHA512
e40f51904269878a0f69842c86203df9abf009d60f586505565b48341da52b94a35dd1567bf6d49807353102aca52e8bc0d7e35666624ae3a6b35dad39daf1e6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
43ef4335781a9d75504c5c89c84540ba

SHA1
321153e3340818f669825e80042cc6e978898c8b

SHA256
1cfe8be559a27c25a2c927901841451983b2586c71581f17b917af41e99f0b10

SHA512
f24c0f71bbd98cfd0483281ed195b8dd77fad6dd9d266e5ab9ec9ea50f1cba21e1bf26e130359da1bdbc1a73c3042060312008d3c38ca9e7765a37f1105ac8ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\ce132425-f5a1-4681-b289-8ace63044688.tmp

Filesize
7KB

MD5
911195d1b007ec51baa95af574033605

SHA1
820a984b3f124cae7c27aab536bc9fc55c94940a

SHA256
a4978b42b4fb390f8f24a22bbcbd94fccc916ff321c99bf7f3b15dd32b6bf02a

SHA512
e14c828dd9674ef76407bd230c4e20faf3afce35129e39db28be1d31ac66858d7224541a0623fd003caf2bcac750c9c0d44be0941a0038f5992cb9adde8244a0

Download Submit
memory/1808-323-0x000007FEF21B0000-0x000007FEF325B000-memory.dmp

Filesize
16.7MB

Download
memory/1808-322-0x000007FEF5500000-0x000007FEF57B4000-memory.dmp

Filesize
2.7MB

Download
memory/1808-321-0x000007FEF6590000-0x000007FEF65C4000-memory.dmp

Filesize
208KB

Download
memory/1808-320-0x000000013F020000-0x000000013F118000-memory.dmp

Filesize
992KB

Download