hxxps://flatsafe[.]com/

Analysis

max time kernel
150s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
22-01-2024 22:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://flatsafe.com/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133504349151959698"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2398549320-3657759451-817663969-1000\{78F7A4F7-AD1D-4285-B23F-4C51763DC6C8}	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2152	chrome.exe
2152	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe
Token: SeShutdownPrivilege	2652	chrome.exe
Token: SeCreatePagefilePrivilege	2652	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe
2652	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2652 wrote to memory of 4516	2652	chrome.exe	50
PID 2652 wrote to memory of 4516	2652	chrome.exe	50
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 3724	2652	chrome.exe	87
PID 2652 wrote to memory of 1316	2652	chrome.exe	89
PID 2652 wrote to memory of 1316	2652	chrome.exe	89
PID 2652 wrote to memory of 3500	2652	chrome.exe	88
PID 2652 wrote to memory of 3500	2652	chrome.exe	88
PID 2652 wrote to memory of 3500	2652	chrome.exe	88
PID 2652 wrote to memory of 3500	2652	chrome.exe	88
PID 2652 wrote to memory of 3500	2652	chrome.exe	88
PID 2652 wrote to memory of 3500	2652	chrome.exe	88
PID 2652 wrote to memory of 3500	2652	chrome.exe	88
PID 2652 wrote to memory of 3500	2652	chrome.exe	88
PID 2652 wrote to memory of 3500	2652	chrome.exe	88
PID 2652 wrote to memory of 3500	2652	chrome.exe	88
PID 2652 wrote to memory of 3500	2652	chrome.exe	88
PID 2652 wrote to memory of 3500	2652	chrome.exe	88
PID 2652 wrote to memory of 3500	2652	chrome.exe	88
PID 2652 wrote to memory of 3500	2652	chrome.exe	88
PID 2652 wrote to memory of 3500	2652	chrome.exe	88
PID 2652 wrote to memory of 3500	2652	chrome.exe	88
PID 2652 wrote to memory of 3500	2652	chrome.exe	88
PID 2652 wrote to memory of 3500	2652	chrome.exe	88
PID 2652 wrote to memory of 3500	2652	chrome.exe	88
PID 2652 wrote to memory of 3500	2652	chrome.exe	88
PID 2652 wrote to memory of 3500	2652	chrome.exe	88
PID 2652 wrote to memory of 3500	2652	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://flatsafe.com/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc7e099758,0x7ffc7e099768,0x7ffc7e099778
  2⤵
  PID:4516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1668 --field-trial-handle=1252,i,8040832772160512298,15533241030684321342,131072 /prefetch:2
  2⤵
  PID:3724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2216 --field-trial-handle=1252,i,8040832772160512298,15533241030684321342,131072 /prefetch:8
  2⤵
  PID:3500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=1252,i,8040832772160512298,15533241030684321342,131072 /prefetch:8
  2⤵
  PID:1316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2708 --field-trial-handle=1252,i,8040832772160512298,15533241030684321342,131072 /prefetch:1
  2⤵
  PID:332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3040 --field-trial-handle=1252,i,8040832772160512298,15533241030684321342,131072 /prefetch:1
  2⤵
  PID:4068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4672 --field-trial-handle=1252,i,8040832772160512298,15533241030684321342,131072 /prefetch:1
  2⤵
  PID:2344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3892 --field-trial-handle=1252,i,8040832772160512298,15533241030684321342,131072 /prefetch:1
  2⤵
  PID:4340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4920 --field-trial-handle=1252,i,8040832772160512298,15533241030684321342,131072 /prefetch:1
  2⤵
  PID:3360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4716 --field-trial-handle=1252,i,8040832772160512298,15533241030684321342,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4724 --field-trial-handle=1252,i,8040832772160512298,15533241030684321342,131072 /prefetch:8
  2⤵
  PID:1656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5608 --field-trial-handle=1252,i,8040832772160512298,15533241030684321342,131072 /prefetch:8
  2⤵
  PID:3600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5696 --field-trial-handle=1252,i,8040832772160512298,15533241030684321342,131072 /prefetch:8
  2⤵
  PID:224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5288 --field-trial-handle=1252,i,8040832772160512298,15533241030684321342,131072 /prefetch:8
  2⤵
  PID:2328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5732 --field-trial-handle=1252,i,8040832772160512298,15533241030684321342,131072 /prefetch:8
  2⤵
  PID:2248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5012 --field-trial-handle=1252,i,8040832772160512298,15533241030684321342,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2152

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2412

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023

Filesize
201KB

MD5
c445ab4315d0633d446998c80764cc36

SHA1
47d3dee9845cc6e29b6771dd6560793b8b93000e

SHA256
5635695eeb70b51c449aea7a5bd3c9699c3c28c64498fb7fcb8173aad45d7242

SHA512
83a32ffdddf3ee56e89f232c8d05a4b00265895b0e41d13700f90fa389f0bf3f112c291c24c3819751803322b11e2ff866971d835d601672b36818c4e099bff1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1008B

MD5
5bfa8df318c189af8e22cacb5f570d11

SHA1
893493c9d06214e55569a38ccaa5daf6fbd3caef

SHA256
b717b0b7eeb2e82af43942ec8c0ac37e531a84ae0b052d01e76f549d6cfff40d

SHA512
912fec1944349ac99605251932009fc2796990e01540574b61450a11c4e26cc6ae3df799bc6145db1b16485ff0be6c408315089e4fb196e732eb87d8170921ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
a86498a21cbbb7c4e6f52da23908b48f

SHA1
d2a7d12b7dc8b7d288c82fbd270b4bfd84837f92

SHA256
e5c89d8b95b39b8ea6e7350a9ce1e3960a1774d7d4e002fa4e20cca192268e48

SHA512
a09aff57d56b4cd3e5b2cd79768f8e214939cb1691d57376afe2c39e33486ab4aeadd5677ff6e106456c877d7ac066b073c39023d236e6cd6e31e2f2fc4b2291

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
124e5fe72c96ba5f911fb77293ec6531

SHA1
2237e43a04267054d0722907096529ae138dc52c

SHA256
e2f5b4d53f59512be09eb11bdd6a90f2194bb07939b97d0ab68e860b3bde6bff

SHA512
4e0bca8b0022f3c131a1e03fd3b63bfe3de1a70b915b90b37421a80c838ed8751cd5465e394aa257ceb7addcd372a2864ea5d9bce56d21dbfa3eac7162b198d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
442a26d419b95cbf7520eb03f2d9748d

SHA1
1afeefce2319336e8c30348d98953f88c37d0078

SHA256
0dbecb25ff5132429188213d559e7fa93732630020c96e04d9e4b8e03883388a

SHA512
1623921286902d80c339cdec4682b808b0872ae9a0448b35736e48ebfea97bf90eb1f28c116b6071a55dbf4f35597b351959434020e98bb16211d5a2c0fa35ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
10bb35a6f96a8c14e61c00a0db01f36f

SHA1
45a3776f711f3f6cf9928db386a1479ef7f5f5b4

SHA256
4259d95485066035a646f604738980051551656ea00dc9945d18a1529a4a97f5

SHA512
9591b30201c76604d4031bc6cf9244ccf18de10b6db6481e2b0fe4943665fe0947c74c6886f33790bd6ec8b78acbf58043cf43cba626c3c8b9f1d097c5b88ffb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe578b58.TMP

Filesize
120B

MD5
0375ba33a6f0f42b15db9866d220e08d

SHA1
413235ed1d9b799b54885ee5c80ce1e54e3f0b1d

SHA256
f27a03e21be59dc2891b3ae828f785360b8667f1380f489217226fd6c880085f

SHA512
5bd991481c8f2d7932ded55649df003bc339c9251e454c644b960807a803c6f5c7c4de8a43675906cfe816acc09257c261675d824c04ab99bee0319e9806644e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
df80af9e4a8267a40fe3861e5c368ea8

SHA1
a96fb7254022fc6dc4cff11396aad695284dcb06

SHA256
f9bd88e9a5cf6fddda7636a7d23bd0abba332b0eb2c91342ab324516f61595e9

SHA512
6c8be044bd1cb15c7c1b288b9326fd7be542c456c2ff0f243028dcae129dce4cf541bf4f5a5e36f9c93b72c80f5a67a9cc200ac5ed0056a728644f7f8b0a32b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
115KB

MD5
28e13cb70fbd2cb62340577396b1b998

SHA1
96941248b0f1c9cdd51670ae873744937085e0d9

SHA256
2b90f94a46873a083c20ef1ed2fcca03a6bf7a92b635633f7f36be702d5b9f59

SHA512
36cad19017d620c388cb641682db6f5baec33f531fea351041a1bf94dc8dd78f5637123eff60ca54786727c4ff816fdf89595d155f9631fbe071cc840d283489

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
115KB

MD5
316a22b4aeca440aad2f81fd836f2819

SHA1
98b3aa6edeed914a9736855d2c52524695e2e919

SHA256
d7e1a6eddd155fac53d080a48f88f8c84c7ac126ca2336bcd4d8467ab3db8a18

SHA512
0619b99f85a8c0b6c5b5375139d293f79263805c892b3fce587034da7fec61e13a4ffd636b3f2608066eddd66129d5b166f80b0cb4557c5bdee3475390fe660d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit