hxxps://www[.]youtube[.]com/watch?v=MycCwkdJ4Nc

Analysis

max time kernel
152s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
13/01/2024, 00:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.youtube.com/watch?v=MycCwkdJ4Nc

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133495783044645703"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3073191680-435865314-2862784915-1000\{4FE375DC-7B19-4865-84FD-D482AB55DDE3}	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3472	chrome.exe
3472	chrome.exe
660	chrome.exe
660	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: 33	4000	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	4000	AUDIODG.EXE
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe
Token: SeShutdownPrivilege	3472	chrome.exe
Token: SeCreatePagefilePrivilege	3472	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe
3472	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3472 wrote to memory of 2952	3472	chrome.exe	92
PID 3472 wrote to memory of 2952	3472	chrome.exe	92
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 4948	3472	chrome.exe	95
PID 3472 wrote to memory of 116	3472	chrome.exe	96
PID 3472 wrote to memory of 116	3472	chrome.exe	96
PID 3472 wrote to memory of 4340	3472	chrome.exe	97
PID 3472 wrote to memory of 4340	3472	chrome.exe	97
PID 3472 wrote to memory of 4340	3472	chrome.exe	97
PID 3472 wrote to memory of 4340	3472	chrome.exe	97
PID 3472 wrote to memory of 4340	3472	chrome.exe	97
PID 3472 wrote to memory of 4340	3472	chrome.exe	97
PID 3472 wrote to memory of 4340	3472	chrome.exe	97
PID 3472 wrote to memory of 4340	3472	chrome.exe	97
PID 3472 wrote to memory of 4340	3472	chrome.exe	97
PID 3472 wrote to memory of 4340	3472	chrome.exe	97
PID 3472 wrote to memory of 4340	3472	chrome.exe	97
PID 3472 wrote to memory of 4340	3472	chrome.exe	97
PID 3472 wrote to memory of 4340	3472	chrome.exe	97
PID 3472 wrote to memory of 4340	3472	chrome.exe	97
PID 3472 wrote to memory of 4340	3472	chrome.exe	97
PID 3472 wrote to memory of 4340	3472	chrome.exe	97
PID 3472 wrote to memory of 4340	3472	chrome.exe	97
PID 3472 wrote to memory of 4340	3472	chrome.exe	97
PID 3472 wrote to memory of 4340	3472	chrome.exe	97
PID 3472 wrote to memory of 4340	3472	chrome.exe	97
PID 3472 wrote to memory of 4340	3472	chrome.exe	97
PID 3472 wrote to memory of 4340	3472	chrome.exe	97

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.youtube.com/watch?v=MycCwkdJ4Nc
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb5a829758,0x7ffb5a829768,0x7ffb5a829778
  2⤵
  PID:2952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1624 --field-trial-handle=1788,i,4960042405912377262,11818516219467487486,131072 /prefetch:2
  2⤵
  PID:4948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=1788,i,4960042405912377262,11818516219467487486,131072 /prefetch:8
  2⤵
  PID:116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2208 --field-trial-handle=1788,i,4960042405912377262,11818516219467487486,131072 /prefetch:8
  2⤵
  PID:4340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3092 --field-trial-handle=1788,i,4960042405912377262,11818516219467487486,131072 /prefetch:1
  2⤵
  PID:5064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3056 --field-trial-handle=1788,i,4960042405912377262,11818516219467487486,131072 /prefetch:1
  2⤵
  PID:2596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4548 --field-trial-handle=1788,i,4960042405912377262,11818516219467487486,131072 /prefetch:1
  2⤵
  PID:2292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3248 --field-trial-handle=1788,i,4960042405912377262,11818516219467487486,131072 /prefetch:1
  2⤵
  PID:3660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4920 --field-trial-handle=1788,i,4960042405912377262,11818516219467487486,131072 /prefetch:8
  2⤵
  PID:2148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4924 --field-trial-handle=1788,i,4960042405912377262,11818516219467487486,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:1896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5672 --field-trial-handle=1788,i,4960042405912377262,11818516219467487486,131072 /prefetch:8
  2⤵
  PID:4276
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5708 --field-trial-handle=1788,i,4960042405912377262,11818516219467487486,131072 /prefetch:8
  2⤵
  PID:4720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2704 --field-trial-handle=1788,i,4960042405912377262,11818516219467487486,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:660

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2376

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x3fc 0x3f4
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4000

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
528B

MD5
6e32b61e6f386eaae829f6c0cc4d60a7

SHA1
bd608437f12a0db9bf4cc450d8b076e67bbeff91

SHA256
7fa37348666fc2d6e346bf725c12b7dffe93c40be6fed20f8c6041d27c0c3c2d

SHA512
5e45dbed17e6859c3f69556d9a8749d10d68f6a84a59bd74336c3c1c04541c03d98aac295c3fb0612c1739f06c38ab5b484430271e93e70b7d2812f840e18be6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
674810029c8fbff75b36a57e91a04a33

SHA1
6a5336fc7fcfc9ed803af13c4d8a38bba29c3e21

SHA256
7c2355b393c6ed45e353099e376c438e11b7fa1fcb6700739904c6719eeefe16

SHA512
25f05c8ef192b668142ae76e0c42d5ebcadcee9c95ad920f31b7c17bacff19edce1ad873b53c7986cc7fc0c95c278fd3a9af40801dc75fdfa1dce793ede2a14d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
bdcc2b1cfaa52b6874da2132a7d8f63a

SHA1
603c6986dd65c87fcbd0251e91dcbf8b6db171ae

SHA256
2fcf0c2bac4fbe612ac39fdae1b3007c4db0fa8857399f05cffd1c7ad0a2b04d

SHA512
ccd317e8d6f4821341da69aea287db5b44f8868d700e9fa8f165647f7968d4420fbb94836910b1bdb0e929ebb93022e3ae58fdda4cb85754aa31ac9eb6bdb03e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
707B

MD5
a9583d5b86d67dec9122beed8222e5ab

SHA1
49fe498ab09a0e21f37f05ddf5e9af7aaddfef19

SHA256
ae06f6e64c0c98e42ffa1d7231706ccfcf343b97a00981a2165662e32a7435a8

SHA512
f34c616f034100978a3975e79aa3d3b55d747c09fb7601e99c96bd09cfaf8360c01b3a8085aa070e76df4db3f4435fab1b927ffd14b68f8816e49cb9ad4925a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
8639742d2dddb318ed3143749fe04c8a

SHA1
f60da477488e74b8ef1b4f487dddd5b365e094f8

SHA256
423c41a483bb5b10f8480b54a7b6f0dc2abbe4b8aa0893415134e9ec25372b22

SHA512
c21c3ee75dd3fa47106ecc12008930e9cc2e7a2730f2185a0dffb9ee1cbe3b288c08dfb10a863db2570a307e2aae132b1fd58894ea9ad52557b08746131388e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ea3246122cc60d4a99ef6db0f71021f7

SHA1
73ce9d414e15965f6350d05e76f9dda7aa1ff7cc

SHA256
0e89664af14a245258717b5fa80026d3a3237277157342fbacfedd356644f91e

SHA512
d153b30d9c7add9525c05ebcadfe7d7483e703a609331a15beed42258a0d230ada1f8ab2c08c7a1592588b404e423652bb37559a8ccda927db6bebf9bc9f907d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
263c88a461e52dda45b8c6f829a82c47

SHA1
566e488cc990ce3839d8b9c1ec222baaa8a1b04c

SHA256
94041a25da1c543df7abbedace869e54f5411f8e2667ee52bf0bb1e152fe2b4d

SHA512
f53810201466ca019a8738a6a51e7347ee6b6cca5a7f3f7d3d4e086b64da00b39dae6d15c018a895d6bd7741af1ad20105c0ce704ea4f75396c6c7c92ae3f1a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
3076badbf90e1dd03d9b28089c32bdf9

SHA1
a1aaf1d9c2a8e99d05ded8b5d1facb36d30d4926

SHA256
df66d4e970a77ba1fbbd659d0738e54c3a111e490c619384cac55b1770498919

SHA512
bf24cd4a880dbbb36f2b907998e6ff6b2432d849715a9a2303c8b731d26218b4bc0a05dcdd443fd6119f4d79a04833cab7262ce467791c190aecf6a807d66f17

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
c5a085a4d687186ab03adc08434e27b0

SHA1
70d5fe983ce4bf524f1f0b17769e315cde19c9a0

SHA256
226477d4c52e8daad2d79a5530f3b6c9c18d3a23ce3455c7efeaa2684d8ad1aa

SHA512
6c35158b9a6d35d2900b7d169dfb38315525c51bc4173e15dfa2e713322f4c94740957e0366c85da3eee65361e7c415c2888fb939bf2afccbd29fa0720550c72

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ae0f4a29-2b00-4668-86fe-ea1f98028d7a\index-dir\the-real-index

Filesize
2KB

MD5
7e10aed962aead5cde210df3b04bcec3

SHA1
7d6722a3024d19012d2e4a357443c43b7f51800e

SHA256
79cb77e6ca18517ddeafc62ce53230500b5f5975685c5ef349ca57390f3d4bdd

SHA512
41ec33ac48a5bd76b911c68072374146a6cf4426b48e5f2691a89a0cddf29db6021e00de981af8f27f09505be81553088d82c483e855b0d25c3d7300b8668981

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ae0f4a29-2b00-4668-86fe-ea1f98028d7a\index-dir\the-real-index~RFe5852fd.TMP

Filesize
48B

MD5
ff7bf23e0aa9b79ad5b84a39425b6aaa

SHA1
44ba9f27f184eb8e52dae93eb3b72c289c487ec2

SHA256
5b1fd72413b7ae10934e65b64b5cec491febaa636cdd538b6e9ec29890e14f69

SHA512
8a174c9c251eaf7889cb6f68144ddfd9ce3ac0ba268be2f13b1df0cd5e75fd2b3a9ed7b5b02257bef1cdf71d540b326aab8f0307fab7c92a0e8e5c9bf8fb01a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
12d056f4e35ccc500cd9009ca78db219

SHA1
2aec09bd0b7cbd3b9a4a4f1db64092cab4e1b5bb

SHA256
90a849f017a36eb8b69630ee0394ddb5273b00cee53adc25f13949363b1c656f

SHA512
89fc4ba3a92c12c7b9e5921061c6967840ebcc6797d4e1a4c629848a896c58b5a5a9aae4ea5bd6b4a1d9d29a141b113bcf349147b6d297c43aa0066b70579715

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
ada2c1a39b706f04438f5064c71e1ac7

SHA1
ca555600dcfd8b7d5a9244d0ba40fe320fbfbbe8

SHA256
60022659d05620f62bbc83295271a18ed86a02768db6f98e866f2a8868e04dc9

SHA512
b3a75a7556c4fe521c618010b2a5159c7ff772ca4ef89375deb2872a8bf76e9e7ec8a17588430cef6058c8dec3e7f9efaa030f9362e2a35f249c9bd847703224

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
2b41645a46d003ec50e548eaeeccda38

SHA1
c5b13c7760e489195c6084120316757265123845

SHA256
9f1ed8f8712e5dbef10eba7cce96ea72564eafa658463bbfbd1da667d04ba5e4

SHA512
a520338eb5b2c581db0dd7562a7788a13bbf807dfa44dcc0f53faba7ac683911abe629f607181efd30075a8179c9b618b38a78d8d6398cb2fe31a7731aade334

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57dea8.TMP

Filesize
119B

MD5
9fd186ce40f12b3a724772a842ac5ebd

SHA1
81e2d6d0becdbd79fdb1c4b9d958a31a7919d523

SHA256
9250b1778c210ddfaf8742ec380d822dd0a46f7ffb9ea5fec1854b274b5f408c

SHA512
c82abfeb0346c189c6f6ab5b60971c5c8f398bd045c6b7cf35e334b3f83684a7e366590f9bfdae04ba204a137ef88d47e28541ab7251c71b054b78819150f0f1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
5a7d03f64c75bf624b5f68f79f977ac6

SHA1
7320783913f8dd48b2834ebab9116893f602bcd4

SHA256
0c9ea5acd121e7fc48c25babe37dd82b31a608625de177e05d4a32c0308711d0

SHA512
f23e400a9f3044068e6916991676e0c76fe2919fc033c0baa604f613bf9c36502daf9ab5d935295194146942c69ff79e800727ec2070af3989f5e82a64b636dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe582e3f.TMP

Filesize
48B

MD5
5613d9e0308fa3826de1f519597a0104

SHA1
e72052eeb13da370bc2e5f2bdc59fc5ec8a4de8a

SHA256
1ab435366f217cb9872076a6b32725c09ee7c2101e3c54d62de38fe0aea1fe59

SHA512
bccd8cadd564f7a3176883b8f0c2e26569ce4fdb14ab34a2b1230e729d9e1a91f02a540ad298654dcd4dcc93b61110a97a7c9245e8ebdf2a086f9d7173de0fae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
80f7c21747d0c4fccca5d8abc1f341b8

SHA1
8ea6159943f02450d9dd9aacdb8c66a956ac0662

SHA256
0e085a606d710deb2f6491b77fac6c230a044e094cc330c7a7e574aae34dd72d

SHA512
e44ad9050250e987c79517a0a5381c49ba728a249f97a038b72ba1ddfd65db6ce6186622e84896ac2dc6ef7f4b86df6a3c216b61c58f8cbcb91805b787333758

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit