hxxps://nsw2u[.]com/

Analysis

max time kernel
1799s
max time network
1764s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
19-01-2024 16:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://nsw2u.com/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133501572669045825"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
892	chrome.exe
892	chrome.exe
4420	chrome.exe
4420	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 18 IoCs

pid	Process
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 892 wrote to memory of 3692	892	chrome.exe	30
PID 892 wrote to memory of 3692	892	chrome.exe	30
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3516	892	chrome.exe	90
PID 892 wrote to memory of 3472	892	chrome.exe	91
PID 892 wrote to memory of 3472	892	chrome.exe	91
PID 892 wrote to memory of 3088	892	chrome.exe	92
PID 892 wrote to memory of 3088	892	chrome.exe	92
PID 892 wrote to memory of 3088	892	chrome.exe	92
PID 892 wrote to memory of 3088	892	chrome.exe	92
PID 892 wrote to memory of 3088	892	chrome.exe	92
PID 892 wrote to memory of 3088	892	chrome.exe	92
PID 892 wrote to memory of 3088	892	chrome.exe	92
PID 892 wrote to memory of 3088	892	chrome.exe	92
PID 892 wrote to memory of 3088	892	chrome.exe	92
PID 892 wrote to memory of 3088	892	chrome.exe	92
PID 892 wrote to memory of 3088	892	chrome.exe	92
PID 892 wrote to memory of 3088	892	chrome.exe	92
PID 892 wrote to memory of 3088	892	chrome.exe	92
PID 892 wrote to memory of 3088	892	chrome.exe	92
PID 892 wrote to memory of 3088	892	chrome.exe	92
PID 892 wrote to memory of 3088	892	chrome.exe	92
PID 892 wrote to memory of 3088	892	chrome.exe	92
PID 892 wrote to memory of 3088	892	chrome.exe	92
PID 892 wrote to memory of 3088	892	chrome.exe	92
PID 892 wrote to memory of 3088	892	chrome.exe	92
PID 892 wrote to memory of 3088	892	chrome.exe	92
PID 892 wrote to memory of 3088	892	chrome.exe	92

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://nsw2u.com/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe19a29758,0x7ffe19a29768,0x7ffe19a29778
  2⤵
  PID:3692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1728 --field-trial-handle=1928,i,7983400696714532565,2009435278581805337,131072 /prefetch:2
  2⤵
  PID:3516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 --field-trial-handle=1928,i,7983400696714532565,2009435278581805337,131072 /prefetch:8
  2⤵
  PID:3472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2188 --field-trial-handle=1928,i,7983400696714532565,2009435278581805337,131072 /prefetch:8
  2⤵
  PID:3088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2936 --field-trial-handle=1928,i,7983400696714532565,2009435278581805337,131072 /prefetch:1
  2⤵
  PID:2644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2944 --field-trial-handle=1928,i,7983400696714532565,2009435278581805337,131072 /prefetch:1
  2⤵
  PID:4356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4584 --field-trial-handle=1928,i,7983400696714532565,2009435278581805337,131072 /prefetch:1
  2⤵
  PID:1500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3332 --field-trial-handle=1928,i,7983400696714532565,2009435278581805337,131072 /prefetch:1
  2⤵
  PID:4676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4764 --field-trial-handle=1928,i,7983400696714532565,2009435278581805337,131072 /prefetch:1
  2⤵
  PID:1252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5332 --field-trial-handle=1928,i,7983400696714532565,2009435278581805337,131072 /prefetch:8
  2⤵
  PID:4212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5312 --field-trial-handle=1928,i,7983400696714532565,2009435278581805337,131072 /prefetch:8
  2⤵
  PID:316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4836 --field-trial-handle=1928,i,7983400696714532565,2009435278581805337,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3700 --field-trial-handle=1928,i,7983400696714532565,2009435278581805337,131072 /prefetch:1
  2⤵
  PID:1876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=1028 --field-trial-handle=1928,i,7983400696714532565,2009435278581805337,131072 /prefetch:1
  2⤵
  PID:2924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5056 --field-trial-handle=1928,i,7983400696714532565,2009435278581805337,131072 /prefetch:1
  2⤵
  PID:508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5000 --field-trial-handle=1928,i,7983400696714532565,2009435278581805337,131072 /prefetch:1
  2⤵
  PID:3076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3356 --field-trial-handle=1928,i,7983400696714532565,2009435278581805337,131072 /prefetch:1
  2⤵
  PID:4336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=3944 --field-trial-handle=1928,i,7983400696714532565,2009435278581805337,131072 /prefetch:1
  2⤵
  PID:2132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=1036 --field-trial-handle=1928,i,7983400696714532565,2009435278581805337,131072 /prefetch:1
  2⤵
  PID:3336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5024 --field-trial-handle=1928,i,7983400696714532565,2009435278581805337,131072 /prefetch:1
  2⤵
  PID:3328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=3324 --field-trial-handle=1928,i,7983400696714532565,2009435278581805337,131072 /prefetch:1
  2⤵
  PID:4168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=1668 --field-trial-handle=1928,i,7983400696714532565,2009435278581805337,131072 /prefetch:1
  2⤵
  PID:4708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=2260 --field-trial-handle=1928,i,7983400696714532565,2009435278581805337,131072 /prefetch:1
  2⤵
  PID:3120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=3332 --field-trial-handle=1928,i,7983400696714532565,2009435278581805337,131072 /prefetch:1
  2⤵
  PID:1968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=912 --field-trial-handle=1928,i,7983400696714532565,2009435278581805337,131072 /prefetch:1
  2⤵
  PID:2748

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:5028

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8594a99c53967b7c_0

Filesize
38KB

MD5
9c67ca76de1a70737fd44f1606e9e226

SHA1
8367ee064563e8223df02b8fd676a526f6e6cc04

SHA256
8d7ba2f6400964fa75816f5e7b6d5b5835aca357f16bcd1bb6ba6665856d3bce

SHA512
038c04878f0a11015914ea1ad0e430cd025c2c0e9ea5547ef7ff946d42fecc05b0c7eab9ddc3002824a5b5b85b9caa1219184ca154aecda66738928a863841be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b4e4234c7f0457bf_0

Filesize
299B

MD5
d9bafa3d4251b2c046ba740814f84195

SHA1
932a2ce17a635cbf4f38e5570977dd787965ab55

SHA256
96f090a2c6c0a5167e5c1cc5417ab814339b923a24759d7e8a0bd17ec0b4dd43

SHA512
a48146aae318c4cac147dd59ddb0054c6a67000b3cfc94e3c9a54ef32ad86bc3e047a0a372a9152449b0d970ce22bd9824331f73316bfd5d1cac0ebb6efb877a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
480B

MD5
9d0e84095118bffb4bb81e8afc078576

SHA1
724e38d808c0a1866949531f26971673b9f45e4b

SHA256
ae16f6f9b89173892c63cc770d548260fe262531df308040b0bf7d9fb6ae5c6d

SHA512
55e652d8dbe1be57b66875eecd4a445e9db85efd9dc1e96227a5cd4dd27d55f6b6873ffc1115d5f71b62e7e70b9dcf867e1e8a71d32d1dc556c8df2a87fc44ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
576B

MD5
780851da273d1c39463fcaefd686239f

SHA1
4cae777769110345380defd61f16a0d9f49ecd71

SHA256
54946e699ec1f29da356259353de47a014896e9a12641a4dd29b0cf5c65ba89d

SHA512
85eec8eda977ff044a81afb523fe042d8e54ad006fcc23cb0b6b8be4c03840318856fedc7cd749cf6643bc2f3314ebb82abeab7334484915a967f73c1fcbbfa9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
240B

MD5
bb4330cda5e66a6519ce1e578fe0d00e

SHA1
8a7f211398b7f8b1fa2e8ce398cfa05ad797455d

SHA256
e68c62350f95b802daf284c3e8b3605e918d2bf408c27eb1ec5f70d25a250c99

SHA512
634c72c26b1139cd285826eb6199fbe5940882c2edb0533dccd958dc58883623ccc9f518d576844c4de036f49b13f4c7fb72b3acc54dcf8c8569f0fd36f78a6a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
3c3d7112422271a9744cfde175a1156d

SHA1
137ce1af58d9b64ff42eaa56e4376771d7a695ec

SHA256
bfa95325be6d7a4237e5fd5763e40d6682b1fa3c364c0ce63d7692e9616176b7

SHA512
492542d3bddac0cae3742741342d870de4039dbbebababccfb2f09beb3b6f2a18791d00de81391a88ff53f6bec579503feca5bff8785dbf46ffe29afda6d5330

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
f9b34e605e877b25ff279eb92dcde577

SHA1
2b3df17423757c251f0b0f78c4a29635a286b05f

SHA256
c0886cc213e1751cdcdb778c2d1db904b4b62ba0fa5b7f16735bd1394ac02e82

SHA512
c4dd5bbbdd263ae5c3ae67c844edb32f8d665669b4706aacbfd1de85283d8435892cc5215abfaf14840e23f484223a61772656d37eb1b5d2eb47c27838ab4221

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
384B

MD5
47d30cbfc154d00fbd27f3fc23301746

SHA1
c15765f6f50501e78b7e704ed5d4676fb44a6c4f

SHA256
0cf8afc3363ad8c1109211359952920cb074b895adc46c4faa8b92827b9a549e

SHA512
b4f8e3faedeb00b39ce9db85c8a93975bf4b1be2a7f0eef34226631ea1f049080c14470eceb360fc875ace6b7a0a82700d1ede527055ff0e6c8239529062914e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
768B

MD5
ca733ccca7884283ebefff63437d8ba1

SHA1
0c6a6db918f31c666b02dce0a1839a7049999240

SHA256
ce3b0c9467921f1543929367e02d22728cdaae3acfd7c1a6da593302431789df

SHA512
efa95292d5fa54c8e0006e728bcdce5649b99363920706551b57473a5b3fb86521c7e64822835cc6df1ac79a9ffdb4b52318e7419c3e4761374b5c70357d2faf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
336B

MD5
a357f6a8582a93dc843bbe0c95d6dbf4

SHA1
bf2d78042e5c98ccb451d82e1830228a6105a74c

SHA256
2a837e3d5148ee2ff527724d4fbb8dce1df922929ff1c683f945e6b94f2f2435

SHA512
9e086fd5241de40996b76a865b345addcea43479415657ec30ceefb3d3b15d47f0c8d29deda5a94654920c20e9b2df53855d1689120143d39228bd1ceae1e68f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
432B

MD5
0e48ac5dbcfa1cf3d60a47c5c3f2204b

SHA1
0b664cef3b8ce1c291f2cf619401e8e897876fed

SHA256
83b11d4cabdff8f8ff6505169f9e6bc5edf0a377caec7010cc413f343f5a1150

SHA512
0e5494fb0ae16236d9db55f173ddf594c525c5e8e76b296f5b964210cf62e9e0cba576d3caba721a65fc20e35472b13b39f428e2573be002e32f38973deaae0c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
672B

MD5
bd79bf620ee592167a919ec424a80157

SHA1
7f004eee9c5eda7257fb144f3f573f658586f90a

SHA256
2c8bd45fd05add6c7a929605b8453f599beeb845909ffed471efd2e1dfcfbe79

SHA512
1eefb11d86d0be3a67cd738a1e2bf41f38ed6b0e10625575e5bc3cabe675fbdb3f756c02227fc433f1176a51702323fd364ef7fb5a3c0f7d19e23a856f7f90c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
528B

MD5
4e56038e1f4193718bebf48f71de744d

SHA1
e806a041e48cc4075a8c8c0863b420517b261a85

SHA256
7c1bd38ad8991938f574e850d4c35e67af8c658d8d6a430263a2b8a2a1d27486

SHA512
b49e0f1cfa16cdeb0e0d2e71e71fd43890ed5946f8fdd893e0154dc7a9233581c8b029a66583daea7677881a7843a30a7d78004f9456871671e3fe5896f50b79

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
624B

MD5
97c9936558099aebf8c9f106a2245e01

SHA1
291d97c6fd9e3ddf82ac9863341a447c75ba3c2f

SHA256
43abb96c088b7252dfb7daa82ca641fcfdbd39d494dcd78dc04c4a1d9da6cad4

SHA512
7755db3abd44d4724588553e4665ad96242dee305e58f8372c801332104276107de52c35a2809cd96e8c05d440d105faf0cc9b9c02a44d0f63e0b1cd2940507a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
e67c52a64adb828e9b685128a90c3e18

SHA1
110708052d13613224ea145482c3ea8d7178449e

SHA256
8d97eddf3404091daf004e03cc8daffb1ee14a4a9f63b67a9807295c38645306

SHA512
5c0d9b61950d9b608090d853c6ada8aff9d194194f6e87fabe7ae32368347ea848ea211a025a1d46e8cb7277c1b426ffe8181a38a70ac1ef11f87b20d06b61eb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
720B

MD5
756a97b9af4faccd15e84e6546f3bff4

SHA1
1b320124b8f1555da2b2982af3c74004003d81d8

SHA256
2ea25bec88bb3b5ba95be7252e053dc283a0af9c753061316d04dc8e017fc43f

SHA512
dbedde2dbf546dd84fbcf3b806dd814b8c26cc6fd27671acc083588f8f200c3feb4cd9cc79bd2d6fc5db5cfbe17c4ae252edc7e9f315179fba15d9544af9238e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\3324f929-603b-4426-a6ea-e01216c4f97c.tmp

Filesize
1KB

MD5
b88528896229444fa8208f8cdb9c6893

SHA1
c269907575832f97097bf2d31ca665213e50a804

SHA256
27e55e38420f3f6bd2aae0aec02fd67ca133efb66f548c128f663690436365d0

SHA512
cd2041929d1e1e83f22bfefe8f95f94f5a233fe8d48a5529a3da75a21692936c7b221e871cc4b9851ff4f95b77f07b21f4ea820298d2022e4a7309261e369c2d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
4035cd285f1bbc328fc9abf87d52ac0a

SHA1
b771c768b2156ea65a1e2e9b6d41f14b405ec273

SHA256
fa3e0b6ec24d2a76981563afb0d60066221e32d137feb33b118386d8997aff4f

SHA512
39f727a50c23fca26547937d5e1d8ed30713e2a937430bbc1e94a5364764cc6145bbc99e8feb3fcfa4abf6b943650d8d43dd8eb433dbb20f26a50237e28aedb2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
495f5b46a8fae1532a682ff86149c91b

SHA1
e5a9d5ad5a7169fff2d4854d0cccae947dfd8d59

SHA256
93f19a1c21b9a7843f02f48eecae1a00d88b014c15f74a1fb0d1cd5d4aa1acf9

SHA512
4949136eba67ed519450247ee8794a871f5127e1c0fe0879ad02297a527527d659302ff812079ba43ea601f26fcc187d1308f2941b4322e9c955564f7c0f85f1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
1eadc2bc0ffe7ad0b707feac30321eed

SHA1
7aca4e0426cfcc329f3a792b8fd0bf5687514af4

SHA256
ad0047e268e63921afc31b84ab0778035fa34e9b9dea5034dfed9be176511edb

SHA512
643386282a071de0efb0675e3a96a01f621100fa1d3668ff254b52ac216ff99bd3773056a9d23bfadc6954868521a492eea67d78f1f4893863098ec2c4505bc5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
6a57f1cbff813f965a1a7455b4745e8b

SHA1
4343cf1fa90eff5e3025722c2d1c448d8a52de0a

SHA256
abc40a803cee0ce798ba2e5959e03630638a230de8b4665e253e4f9ab4929ef9

SHA512
b48b3179a80647b6172dfdad7db5ef3cc33fca9adee7aec985c560adc96707321bbf0ba18f0637f7b999724c84fd3743957465a2a0c31ad2386efa5aa9034823

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
71d57865e41a40102857424810bc4819

SHA1
f26fafe30d808fb9b8ff7abe47fe86c26d333508

SHA256
f20bdb117c4976a1ca63e446e2ffabf21417d10c62925fd278fce08c78396af8

SHA512
c11fab9d4e77b485058ad1b32606f4c9597b9c5333172040a3d8ea37c726aca67b8fb5d2c47b6091ab0aac354e0190e08c6eea4889b7db85e7b3baf03b43483c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
28acf9314ac271784ac3a861a50f0cbe

SHA1
89314e08c59d81301b2950722cea30dec10c7252

SHA256
017fde17015584399c78934cc60994a48aac88d599b4621d05ef55ff72f0703a

SHA512
7c5cacd7915d1ef0f8906e8afe0842a3416a023cba0c4a408cf02cd52a8bf1581f97c09f8a4f110cb347239dfed7c51aeaf3786c8cde542b5fa3141fd297a531

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
2d73e70d094f3bc4a7ad02dfbe361f77

SHA1
ff42277ce45490a0ff4b18a1fb99ef857f6e0124

SHA256
c420ab88684527ba3ac34ed2ebf61d6d11cf5fa905103e3bc8c723cb3ec50d10

SHA512
138464499aef3ca28d33db78bef4e0915e4198d899f1d05ba9de4a4e8d22e1544fb08cf1802dc54945469ac7a2e340997e74aa9fa9efdf95022f1953a7d64b4b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
960eb42b4665dc941a4868f33c4b529e

SHA1
25794b4738023633d294ab6daa8feb69cafafc65

SHA256
d9ff2762cdc5dab93d404b99eab8f857ee006f85a740e30f400863513a9d45c2

SHA512
c69debf61d561fb845159c5eacace899745537bba3441e9e0dde7242456111d951abb6345dd24e6ff3f848a332d3afc6d02ab3d5bc225e42a585a0307041cfd7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
eeda1c36732434b7a00a4c109f144634

SHA1
186c7b21ff0b18657a5d5213186bf1d4a470755d

SHA256
e06e878e47d8edcf7e87978a3c8db1a328a2a53efd29760d6ee6e23abca18fbf

SHA512
39e344d64cc284b592fa56bb9e81743c951db8974cedcf100df3d76f949c5fef1d0793e49a467bec8fad039015ad2a8a839b6abf85b936618c685d37e832a138

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
f8bdf89d741fe2f4860360b20f234b72

SHA1
51def41a750f573a6a6ac34eab3af0af2c6693af

SHA256
50faa355eec02bc11d6f76a91434959cbb8973f8596df0f498726e8f272c9334

SHA512
79b96a9c35f60952d0effaabf84b582baa4400636373697383e83145e2d7f4099e1894b3c95a8a0b7181a1abae904d183b06c6614143b22dbb2f0aeb577a0996

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
64c809645ac95b6f0b7f800be5f7a6ea

SHA1
54192833a65fcaa39ded9c629373fa6e3d3d8d7c

SHA256
19ba932be25b1062c95e9620ea3aa57b6177fd8d826900348846014196098913

SHA512
37e96613abbc6100bb9f1cf0be9669ea3f69226385c9f812cb331b2885a35bad8dd583640a1468062935f30061399721c749fa3d65f95fc5bd234866394b0c9e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
326fb6d727f2a3017878c5391bb26c27

SHA1
a098d157d77d3fbad329320e4829a760f9f14059

SHA256
bfbb48166849de52c837abb89542f6b0e8e457b9c553434d93ed5bc85a2450bf

SHA512
229377f67c9cfa843d14e74c44cb0a85f2cde4ccfad4c2186d4f612adfbe2c524ee626f8a390a3d4986a1e67b2615f1c81f2c191616edad66962c09a1948aec7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
d0f07a0ab50bbfe23aa071f05237650a

SHA1
d4a16b5fff61246b7cc73904957f906839180a73

SHA256
d4b8a4cfcada500dfa1799cf81753ec080a85b10de603bedcd116fd56ce35baf

SHA512
506bee157d30c2bf0d71fe10e5cd0fca3e59f4ba29edc404a73b116f3ffea3a1c343d575310ae82f348a297e77fd2cb4ae36a5ecd2dd373b78e3808d13582a02

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
8bb2a31e582b083759fe6d092f1948de

SHA1
53c70365b950c00ef3f3958329fa32623c43610e

SHA256
484f7b7ecdb34168e602dc5593939ec5001190564262d290f36993c4a2ad68d2

SHA512
e02a67cf0825d9621d321be13902a250ab34f102b2c94eeac3eef3f742bb4b395bc404ab4d774492199ce98c76cd552fa0e23efcde8219099c1782de06b9bf55

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
8b9d2db09bc694fae6ce94f99de33be4

SHA1
1a8cc1996cdebdadd5f6d3e097809baa58e284d9

SHA256
4b4343f73a188943512180ed31938c4fd31c75f07a50da65964e18b51e8fe320

SHA512
9ef325f52624a2c49bb462c3f3dc011a3589c909bdae3c7c34bf42ec3eb570cab707010f4559856f65a300d6f42ce1fc56e2c7d24a028e0debf17671ab5ba90d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
d8d484fea0cf514358ef8fc2866ed299

SHA1
281d01cb9b202147d0fc60dfce067c288efea550

SHA256
38f9dc608b39efe287ca9ad11e273f27b4d73accbc5039c31d2c7626cb7c25c5

SHA512
1ad6980421d70cec94d31a81c88c30dab7c78e96505b5bb5f58c7754fcda5b3f46770bd8a65a189279805741f7c492b92d038b644086d851c88e85b6afde89b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
1955a3c155af2a1fc964a34423e62918

SHA1
efe4ea594ba213d86c64a0777f5b0486fc1eec2f

SHA256
b34bfe0efbe1aad296c9a58df2aeb8daba9204abb80eeeab8cc8f51a5a6b9264

SHA512
6dcb3187a3bc9b88e063d11e4b8dc6e071e759cac30902a835f3a1062cebc646f7c511bf9b746ebfc80b05818a83997e016e76e1aa8c763981bd846d2205a545

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
9f00ec0665284a4a16ced0c6c3628448

SHA1
fb74be50daba2c9867da37da990945d9efd9f4bd

SHA256
61e0665fa15e57bd5766acc2c517acb298584252fb37e7de1c80e13be228c648

SHA512
1075d31b2cd01fa618acfcc3c7e6d0edd382f9a58638da7f38973ac318c955ee2f38df492f8ed9e29292306de810af325a20c3218ae8a6f19c4e9e525b8ba10f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
5c79591849707a8267a3b4b5d42cd0c3

SHA1
62291a340ba559dc51fd691ca656620675cc0d91

SHA256
f2c16eef518e8ced2143c636bfa37dcef25f2c5ae063a2012d9c18d48f66768d

SHA512
ce610a223fc28925fe59640ac24ef32d22cf07ea6bbe2636c5133f411bd781f65e13b70866755c4a4d650752b069e94e1fb456f28cdaaebfca595178a4ec4800

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
b4f3709f0000c8257fa4bb32f86bbc8f

SHA1
d02321711e4a7f0d1bbd0e11d2361b5fe65556a1

SHA256
ee62d6402f3e12b76b935acf1867d6accf9d44110f702197f0a62c78a16026fd

SHA512
40055c804301fa88c10e60f6dbbff8c021937f70cc944590d1e6eb6ce6e7ad7103ff17a9e976632ff4dcedaaffe13e5cc90219b1a0aa9a2bd87c0208229d583d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
45e89aed80565a027c70bbac24654d0e

SHA1
0254917fea888f9475cc8f1517460a1572e155d4

SHA256
7a2fac39b233eeb112ed86476bf71fcaee2b9a4f66aec69343f3520ecbe99302

SHA512
43def6f0cfb6511a79e6ef5eaf3e65409026f99716c38cb45a0acd7d40e519b1fe6e831ab4a88feb29ea87708b2d1ae7d2873b50a0c619f6d9f6bdcc9034113d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
43c312fa60b9cf49cac1f5a6bf28c932

SHA1
ce322214c510112d6610e06c18dc1e7be190ca0c

SHA256
407895e725029e112ce03cb97a8b005fcf1eab1760ebade4c64831e3e66ab75d

SHA512
a1a3696a72dcefa2355c9d2ea08a92b89dc73897184585c53bdeb2dc52b92d21d5af0226dc577cfa1f9a7ae4b1c2259943ef27ba6ae26f296fbef3425d4ccf6a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
7befac9ef9b174217c3857300fcdd466

SHA1
3eed3125fca260b266b39c0541d77376c308ffc5

SHA256
5a83709eee11f16a7ef17ca4fff190ff634d7d8de6173b418027bb637e053ce2

SHA512
36f6c1c13126b84e58e2c1bb77999924f6349b0dc47e3d126289e5fa669a94e248013a604ee98acad84bcd37dfed619219e317291a91f9081a098356e2254347

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
5aa5341b95013b1aa251917d3d2cdf88

SHA1
41cf11d526c244fc19192b667a91a151d44fc8f5

SHA256
cee08ed43f93307dfac38e2e926f40d54fa3038cf8e685a86e32e9c8bb8bb6e9

SHA512
10d97d0563eb6900e4e1fe322c64de2f439b7436714f151bc04aa79f820dbbe7e40eacf0d57a06ce94a41edec73aad08f481563a7f9b474cfa5d213d0e12d340

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
433a7999cfda1b1c9900a3240fddc1a8

SHA1
9c684526588126a625ebab5b17d2d300772a54dc

SHA256
df8358203b1c943de2da1999276108317672f07f2e9c53568b4838dc0b4c697a

SHA512
396e7df000f2a8b7fb774c48f16f82c1bc79a0494bc835bdad3f2e711fc867e3bd7fb6e6c7ea0a9c466cf818e07fa2a180282e940129eb4d6d6baa899e34d492

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit