hxxp://url5549[.]relianceenter[.]com/ls/click?upn=O5-2F-2FZBEDzXm-2F7e9o0m42WT2zWYIEPbHGuYsnkd-2BMd8GVVOmtquybGA-2Bs2j3rt2MJRPNn_EIGm-2BLW0OhhXv2vaDO5x-2BP9-2B5DZqQBB9ORKBGno0rw7FvnyJMlxS4KY-2BfrYnonZT9QGB-2BNPhbIfhFoklc2DSHQ3mGSYlFWrGWkJsk6FQcEgV-2FkvDR7cWZLLeVVYKTouBUn-2BGJFXHVIWTPY4vEr12Qy-2B4a1Rd9zYpYtv1fbx-2FTav-2BQH9ZOs5QAVQoyOVXkjqzWmn068bxJM1DUjUUU5Y-2BBw-3D-3D

Analysis

max time kernel
153s
max time network
160s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
11/01/2024, 06:56

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

http://url5549.relianceenter.com/ls/click?upn=O5-2F-2FZBEDzXm-2F7e9o0m42WT2zWYIEPbHGuYsnkd-2BMd8GVVOmtquybGA-2Bs2j3rt2MJRPNn_EIGm-2BLW0OhhXv2vaDO5x-2BP9-2B5DZqQBB9ORKBGno0rw7FvnyJMlxS4KY-2BfrYnonZT9QGB-2BNPhbIfhFoklc2DSHQ3mGSYlFWrGWkJsk6FQcEgV-2FkvDR7cWZLLeVVYKTouBUn-2BGJFXHVIWTPY4vEr12Qy-2B4a1Rd9zYpYtv1fbx-2FTav-2BQH9ZOs5QAVQoyOVXkjqzWmn068bxJM1DUjUUU5Y-2BBw-3D-3D

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133494298725659647"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2576	chrome.exe
2576	chrome.exe
5096	chrome.exe
5096	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2576 wrote to memory of 2556	2576	chrome.exe	61
PID 2576 wrote to memory of 2556	2576	chrome.exe	61
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2180	2576	chrome.exe	90
PID 2576 wrote to memory of 2252	2576	chrome.exe	91
PID 2576 wrote to memory of 2252	2576	chrome.exe	91
PID 2576 wrote to memory of 776	2576	chrome.exe	92
PID 2576 wrote to memory of 776	2576	chrome.exe	92
PID 2576 wrote to memory of 776	2576	chrome.exe	92
PID 2576 wrote to memory of 776	2576	chrome.exe	92
PID 2576 wrote to memory of 776	2576	chrome.exe	92
PID 2576 wrote to memory of 776	2576	chrome.exe	92
PID 2576 wrote to memory of 776	2576	chrome.exe	92
PID 2576 wrote to memory of 776	2576	chrome.exe	92
PID 2576 wrote to memory of 776	2576	chrome.exe	92
PID 2576 wrote to memory of 776	2576	chrome.exe	92
PID 2576 wrote to memory of 776	2576	chrome.exe	92
PID 2576 wrote to memory of 776	2576	chrome.exe	92
PID 2576 wrote to memory of 776	2576	chrome.exe	92
PID 2576 wrote to memory of 776	2576	chrome.exe	92
PID 2576 wrote to memory of 776	2576	chrome.exe	92
PID 2576 wrote to memory of 776	2576	chrome.exe	92
PID 2576 wrote to memory of 776	2576	chrome.exe	92
PID 2576 wrote to memory of 776	2576	chrome.exe	92
PID 2576 wrote to memory of 776	2576	chrome.exe	92
PID 2576 wrote to memory of 776	2576	chrome.exe	92
PID 2576 wrote to memory of 776	2576	chrome.exe	92
PID 2576 wrote to memory of 776	2576	chrome.exe	92

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://url5549.relianceenter.com/ls/click?upn=O5-2F-2FZBEDzXm-2F7e9o0m42WT2zWYIEPbHGuYsnkd-2BMd8GVVOmtquybGA-2Bs2j3rt2MJRPNn_EIGm-2BLW0OhhXv2vaDO5x-2BP9-2B5DZqQBB9ORKBGno0rw7FvnyJMlxS4KY-2BfrYnonZT9QGB-2BNPhbIfhFoklc2DSHQ3mGSYlFWrGWkJsk6FQcEgV-2FkvDR7cWZLLeVVYKTouBUn-2BGJFXHVIWTPY4vEr12Qy-2B4a1Rd9zYpYtv1fbx-2FTav-2BQH9ZOs5QAVQoyOVXkjqzWmn068bxJM1DUjUUU5Y-2BBw-3D-3D
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa1a499758,0x7ffa1a499768,0x7ffa1a499778
  2⤵
  PID:2556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1732 --field-trial-handle=1872,i,17467743449904900240,14334821365101667487,131072 /prefetch:2
  2⤵
  PID:2180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2000 --field-trial-handle=1872,i,17467743449904900240,14334821365101667487,131072 /prefetch:8
  2⤵
  PID:2252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2212 --field-trial-handle=1872,i,17467743449904900240,14334821365101667487,131072 /prefetch:8
  2⤵
  PID:776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3264 --field-trial-handle=1872,i,17467743449904900240,14334821365101667487,131072 /prefetch:1
  2⤵
  PID:3964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3124 --field-trial-handle=1872,i,17467743449904900240,14334821365101667487,131072 /prefetch:1
  2⤵
  PID:232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=5108 --field-trial-handle=1872,i,17467743449904900240,14334821365101667487,131072 /prefetch:1
  2⤵
  PID:1368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=6132 --field-trial-handle=1872,i,17467743449904900240,14334821365101667487,131072 /prefetch:1
  2⤵
  PID:1376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6108 --field-trial-handle=1872,i,17467743449904900240,14334821365101667487,131072 /prefetch:8
  2⤵
  PID:3964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5360 --field-trial-handle=1872,i,17467743449904900240,14334821365101667487,131072 /prefetch:8
  2⤵
  PID:1640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=744 --field-trial-handle=1872,i,17467743449904900240,14334821365101667487,131072 /prefetch:8
  2⤵
  PID:2756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5152 --field-trial-handle=1872,i,17467743449904900240,14334821365101667487,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5096

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1496

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x340 0x344
1⤵
PID:4500

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\8d7b48c9-f47a-483e-a909-9610a07356c1.tmp

Filesize
114KB

MD5
985222ffdc2c222e38e24000e7b63d10

SHA1
e211ccb7ea2d30c26678feb80ee07a1de2656a23

SHA256
91c36e7b8ef88904945dc420fd19822d584e94d7d3fb09795b15847c8d4f3da7

SHA512
077b94326128ca5ba5a15ae1280a9903781819c1b447019adaceaf1a7e7cebc62b817ab47b286ccd4a4686c2e1043fc42c569a7cd75050ec3da0db4e5c2990fc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
9b4586edf6352d669c346210c2d52136

SHA1
11b47c06907a4b7880b9d9eb0cf2fc7097a9ccf3

SHA256
e7ae5cffc4d49dc0fc23284331d298a86f818033e69be03e5fd6a434454702a8

SHA512
d162fe53ab9903dde1bb32b672cf78159f33440d20a16e3b6d1acabd1510633e0801a6b450b53e36c9e9dbd9dea4ef5652a67baa4db609a8387c5956a1144fa1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
1acf1ec4c95c00c2f6c5964100c83e9c

SHA1
e22b2c6a894cd8e8acbc29d4a8b2621fd0992cfa

SHA256
d82f5ad6b26a85cac9799bc883218a41d074347a1e0611e778a3bde07f738af1

SHA512
ee31da45c6f48dc6135221071620406d05a3b32d487fec3aa7fd608aef984792345084f526b85bae924944b61972ab1980fff558d239ea82ac2c13632934661e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
979be602c00fb5c58eed0b550e4cf6f6

SHA1
f214e82a3b38adda2b7e068743630e5ef4df6fa8

SHA256
9dd6f06bb4555a8d21dc84a4a976d371c71d18646fc35df1cfe96323015faa7a

SHA512
f8709c705f42ba734a2853ff658c33e4a426674495c4009b79dca8712f9b838e4bf8f1b09a3a8da0af3bb62b785a0d65a12d5b3c9a9479bb96f682903eee8394

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
16273298444e46b7cbfbce558a70f26b

SHA1
d5cdf5dab38ef241a582427227b7249c888f8510

SHA256
1cf5e4d60dc4063ff429b2fda9b9d7434ef78a71149ef84db0d289d116c9d1d6

SHA512
33bb99b133e78545af8e25bafaa28a22f001e4b9ed60d6903d315293962c3e11524a38e25f547d2f1c600ef235353699338b1753a1ba021749e9c163e8106d55

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
5253c9f5b8b99c1356b1e12ee9306f07

SHA1
ea2e24c03a8a92f3da2c5f73eacdaffec35b2078

SHA256
c8ef442f69b3cc70bae1b7416ec18ad86f5328a613758f7cc559217813ff9697

SHA512
0a5143181a6c5cd355d2b680e2967e1d7a95926865ff94d9a95ff509d190d633ae4a76be919d40345107e5212116db9191239ab362bf1876f08f92488c92d81e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
7f7c0543f97bcb775ed47e9b03c6a769

SHA1
4691394ad6dc58acf3b23204866a36e53971a2ed

SHA256
e997a40c3980eea20994461bc922e073e7e6c2cf034bf496fd04d95e4bd9000f

SHA512
34f58a2c173bc98ffe2305471c4169f829321baf1efb7992b576187df4254ede63f080d22f734dc8c726dce8d0d5bcba89e9efcafe92838421dc7d454b81b35b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
fba45a73aaea616e318317863a794085

SHA1
a797ab231e05d923fbb49b6b23bd81586cd354b8

SHA256
5d2e3152162b6cffb5fb74808781712a80984cc6c6e42bb1b5a0092a5521f037

SHA512
d973d84bcba6fa50e97f1848d55f9d83afed8468f71e2bde9ba0e918059a4f63efb294b3b6c8902263f0f7d600e91afcca110cd555e409ab27bbe87db17b66b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
22b749d20787dbce5dd3cf7c63b8e0f0

SHA1
cab0cf3e2d8503d91e77b07a6f2530772ec8441a

SHA256
4c221c5051c087aac5e8019f6d7713ea9a38a7b1ce32149f300ff953e950153e

SHA512
e7ae770aaf25e29a0f4c294d9a938e6b4a8aec1965a57c8cbe826698a9e6bc86c3fb3d352ffb305a58e59f5c7895a9508db7ac0c6be36b5bd1212290d4a42f48

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
57d837ab5f40fe5c826b654bfcc6dd6c

SHA1
acd03dbd11b020bb44106d709c41a5c4ffad5785

SHA256
850747efdc3067ead70714111a773dc6593cebc69334e0ad348ded716ada90cb

SHA512
b1f3fa51588adadc213c48b684fd4ca3ca3b0ab1e92d3769b369bb7917b367ae10f8502d52c4a6ccd04e0b62f6114d08df36be3b08771fd692d89c04a8eabc48

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
8d4a437c443714e6520f0fc6962dfba5

SHA1
b4688abe60cf6953d8c9dea5461a9a31109f8a69

SHA256
34557ec678ec02b3a5ba55aa18693c6d5279a9711476bc2825f1610cef3e6f18

SHA512
9eccadffb602f9385a20d7aaa46c29553bbd0dcf4e3004a87dc9f1505b20ccd9941a69d38511a1b6b57734dac21ebafde613656107fd0b365b804d44be5ecb76

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit