hxxps://google[.]com/amp/ip140[.]ip-147-135-78[.]us#cl/40890_md/1/12916/2036/0/0

Analysis

max time kernel
599s
max time network
609s
platform
windows11-21h2_x64
resource
win11-20231215-en
resource tags

arch:x64arch:x86image:win11-20231215-enlocale:en-usos:windows11-21h2-x64system
submitted
14/01/2024, 11:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://google.com/amp/ip140.ip-147-135-78.us#cl/40890_md/1/12916/2036/0/0

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133497059844065844"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1584	chrome.exe
1584	chrome.exe
5728	chrome.exe
5728	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe
Token: SeShutdownPrivilege	1584	chrome.exe
Token: SeCreatePagefilePrivilege	1584	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe
1584	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1584 wrote to memory of 3108	1584	chrome.exe	80
PID 1584 wrote to memory of 3108	1584	chrome.exe	80
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 5840	1584	chrome.exe	84
PID 1584 wrote to memory of 4928	1584	chrome.exe	82
PID 1584 wrote to memory of 4928	1584	chrome.exe	82
PID 1584 wrote to memory of 1276	1584	chrome.exe	83
PID 1584 wrote to memory of 1276	1584	chrome.exe	83
PID 1584 wrote to memory of 1276	1584	chrome.exe	83
PID 1584 wrote to memory of 1276	1584	chrome.exe	83
PID 1584 wrote to memory of 1276	1584	chrome.exe	83
PID 1584 wrote to memory of 1276	1584	chrome.exe	83
PID 1584 wrote to memory of 1276	1584	chrome.exe	83
PID 1584 wrote to memory of 1276	1584	chrome.exe	83
PID 1584 wrote to memory of 1276	1584	chrome.exe	83
PID 1584 wrote to memory of 1276	1584	chrome.exe	83
PID 1584 wrote to memory of 1276	1584	chrome.exe	83
PID 1584 wrote to memory of 1276	1584	chrome.exe	83
PID 1584 wrote to memory of 1276	1584	chrome.exe	83
PID 1584 wrote to memory of 1276	1584	chrome.exe	83
PID 1584 wrote to memory of 1276	1584	chrome.exe	83
PID 1584 wrote to memory of 1276	1584	chrome.exe	83
PID 1584 wrote to memory of 1276	1584	chrome.exe	83
PID 1584 wrote to memory of 1276	1584	chrome.exe	83
PID 1584 wrote to memory of 1276	1584	chrome.exe	83
PID 1584 wrote to memory of 1276	1584	chrome.exe	83
PID 1584 wrote to memory of 1276	1584	chrome.exe	83
PID 1584 wrote to memory of 1276	1584	chrome.exe	83

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://google.com/amp/ip140.ip-147-135-78.us#cl/40890_md/1/12916/2036/0/0
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff988399758,0x7ff988399768,0x7ff988399778
  2⤵
  PID:3108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 --field-trial-handle=1820,i,6686047810958382619,13865225231206333729,131072 /prefetch:8
  2⤵
  PID:4928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2180 --field-trial-handle=1820,i,6686047810958382619,13865225231206333729,131072 /prefetch:8
  2⤵
  PID:1276
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1548 --field-trial-handle=1820,i,6686047810958382619,13865225231206333729,131072 /prefetch:2
  2⤵
  PID:5840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3240 --field-trial-handle=1820,i,6686047810958382619,13865225231206333729,131072 /prefetch:1
  2⤵
  PID:476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3116 --field-trial-handle=1820,i,6686047810958382619,13865225231206333729,131072 /prefetch:1
  2⤵
  PID:4308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3704 --field-trial-handle=1820,i,6686047810958382619,13865225231206333729,131072 /prefetch:1
  2⤵
  PID:3924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3128 --field-trial-handle=1820,i,6686047810958382619,13865225231206333729,131072 /prefetch:1
  2⤵
  PID:1060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3740 --field-trial-handle=1820,i,6686047810958382619,13865225231206333729,131072 /prefetch:1
  2⤵
  PID:896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3812 --field-trial-handle=1820,i,6686047810958382619,13865225231206333729,131072 /prefetch:1
  2⤵
  PID:236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5060 --field-trial-handle=1820,i,6686047810958382619,13865225231206333729,131072 /prefetch:8
  2⤵
  PID:4060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5144 --field-trial-handle=1820,i,6686047810958382619,13865225231206333729,131072 /prefetch:8
  2⤵
  PID:5304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5684 --field-trial-handle=1820,i,6686047810958382619,13865225231206333729,131072 /prefetch:1
  2⤵
  PID:5532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5396 --field-trial-handle=1820,i,6686047810958382619,13865225231206333729,131072 /prefetch:1
  2⤵
  PID:5328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2232 --field-trial-handle=1820,i,6686047810958382619,13865225231206333729,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5728

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:380

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
21d654aecfc24d91ae3c8b7b7f3fa095

SHA1
6af8c016837a1c378fdf2ffbc70bcbdd63fbb6e9

SHA256
fd163754f989e0cf1651dc8928fcff3e5d8912193d7c804f6974a60fa9a4a45b

SHA512
6fbcc5cbff27a8e48c885155a8de6310f997562e1542b2d6b341303b9bbeb50b7405ad519a66558532059afeb56916204b2d128bd6035627604dc54cc4e77777

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
b3fa5cd79a0d413911854370464ff26e

SHA1
8f513c92c18d12ea8ca604ff8bfbe6c5ca2bfaf7

SHA256
f257748f1461a4d53514527e5391c0464b8d8d5998b65bf98f51878679b442e9

SHA512
7c4a6262f51cf083c326ff5d3b87f4d92a56b8d4b08dd2f99602543f0afe948a44a363267613c62f5d1f33fc4190e0200a1610f1dcd1f0575be6591fbcf0f2a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
854d86699561bee9fa70b4e6850d5f30

SHA1
7e9953b0e2eccdaee65813f5372b02d486ac42b3

SHA256
30cac62dfd3857e39125d2c1f46f1ae49e2b07ccb95d76ffbde0a1a8abbce050

SHA512
ff3590c8d34276fab6fd4bafef1314dc788ee7e514d4bf045474887462890d29fb36c67a451a52b97d6592095675eb7f891eb5fe177d272f9d2b8a236bf17300

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
bbffba9f113055f9c4403d036f79e166

SHA1
6aaf57952fc094b0389496c88d93cdf02cb16be2

SHA256
3db225dd0c874b2bc4bea6da6eb4e2da8278080cc5394673cb6e103aa76d2bc3

SHA512
abeab167e1fba08a46ca97b415f06ce5d767b8bebe0497f639f6311dd42878217a0eb4102ed77c0aee42007b235159b3a04044bb9f97d5957ebf4b282b0f42cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
8b924bfa78c1bf8b0bcb32a648856879

SHA1
3e47d72e6111cc40618cad033e3b091bd9cc2bb2

SHA256
f7cd239e1921a46ae1cad53b92e0da576a265c2758c6a644539d2ed488fb94d7

SHA512
ba46a9eb2dda9a44afdd4ae34c915f2ea0ec8acc2005ae36b89b2c2a7fe523839fff21ae4a2417f9d011f78a71120f7820a33f04c5063e1a6026461d42c8da05

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
a1f2741c225e1cfc382e20a216f898f3

SHA1
5501f60674309c03b3441875bd71c486e305aca6

SHA256
2a4f7caaa6add64e039bbd2a60060a9699c105ac6612e6d7637a9d8232492752

SHA512
92ef8ae752b6d4dc65be0a59596804913e89763c2840a8a264127966098605867cc16e001a59968352e774fd8ffdc688b692880d43fce9e8489dd64a7624aeaf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ea06627adcb2fc57d4d8600bc2cd8ab0

SHA1
ca43a7291d7b4c2acc9725bcca6604909442cb13

SHA256
8c1da86c225c0f36b81a32befd6673dda62fc9d5170bf7d14cdf52d5594d7713

SHA512
b34d3cabee1b3aa3da1115c8317198406737205887250c8361c5df70738d175bb8bc18605408486a23b347ff72d2a35ae5817234f24d97a2fd5bc160b3d603b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
f9b1a4de02928c201bc29d950f76b92d

SHA1
4c814190bd3ffd3b77e43a48903478e3f41e6a37

SHA256
63ff98d862df9290992a96e77ff1758ecec0bcfd0a0796fedebfb2cbc4faa6aa

SHA512
e795e78e5acfde412c38131012ea9f0cd4a8dbbc2c9217e38546458f4e232688bf3ef7f28b0a89162e2ae3e0714e97bbbdac1a28b3b1c10eb891421820d1af10

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
90341914c388cf0c0efe8d5060d2d5ea

SHA1
60e123ac612dcfe454cac3ba8f01152821f6164a

SHA256
24f2b4ec298971a5f529178ad4d1b7b5e2c7859770bc6fb6550de37f54515a12

SHA512
ba250c9448a8a896466d6bf3765913d983f6a6c1f819c54af58abed68c7435a5bb7cf7e855eeaa6d49c8641a9b16a8ab777f10d28a4bc6f3b87cc0c2b0ed1d0f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57e678.TMP

Filesize
48B

MD5
2e04fe07e51e0c077446a21322c48935

SHA1
8a7768b375326fa71d507bb734c5892c52369e86

SHA256
e8041a91f76fa5a5e1668df9d344306e881c494193aa62033c3ca4e067d31f87

SHA512
ec8682660ed8754951153d78819a3069a1308f7a335edca321bd62b4d798bcf5c566aa21ed6cdcd18c14e29aad06d6e666f6cbb8d64b0cc9c83e90d7b11914fc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
dbb6140a81e7ea05056666fd572bf2dc

SHA1
b4df1eccde92e18c1cdb641ec419d025b09caf6e

SHA256
c2fc8edeab66aee7d4d97ae9298ae95448dab1b8058e3f5e692d7267d26b48a7

SHA512
550652d5302c8aacadbb29736e20f2354b635141a005b1bbdbdf26fab37028bd207d2dd885ef7bddb345e23a95bcb129d3180d22bb18e932d3296e75b890c895

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit