hxxps://download2393[.]mediafire[.]com/g89qse524x6gM4_8xohA_TWuZxdEkRNIoHxILjT4kFSgJtbRshtdH6OBvhDBy2_ODRFowOvROQBaZE3FKwQwb_oAB-lKMwuNIkpC_4HehcNR399pQye3gE0jBfiEePxp6G7hZBaZTO6VaMSPitbmlvtcxDIRaAycmodWoO6-2BGb/fkz5gfddt826621/Xfer+Records+Serum+v1[.]368+WIN-TCD[.]rar

Resubmissions

04/02/2024, 11:57

240204-n4lgasaham 1

04/02/2024, 11:41

240204-ntxrksgcf7 8

Analysis

max time kernel
113s
max time network
112s
platform
windows10-1703_x64
resource
win10-20231215-en
resource tags

arch:x64arch:x86image:win10-20231215-enlocale:en-usos:windows10-1703-x64system
submitted
04/02/2024, 11:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://download2393.mediafire.com/g89qse524x6gM4_8xohA_TWuZxdEkRNIoHxILjT4kFSgJtbRshtdH6OBvhDBy2_ODRFowOvROQBaZE3FKwQwb_oAB-lKMwuNIkpC_4HehcNR399pQye3gE0jBfiEePxp6G7hZBaZTO6VaMSPitbmlvtcxDIRaAycmodWoO6-2BGb/fkz5gfddt826621/Xfer+Records+Serum+v1.368+WIN-TCD.rar

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133515214545641316"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
168	chrome.exe
168	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs

pid	Process
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe
Token: SeShutdownPrivilege	168	chrome.exe
Token: SeCreatePagefilePrivilege	168	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe
168	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 168 wrote to memory of 1068	168	chrome.exe	14
PID 168 wrote to memory of 1068	168	chrome.exe	14
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 4476	168	chrome.exe	39
PID 168 wrote to memory of 1516	168	chrome.exe	36
PID 168 wrote to memory of 1516	168	chrome.exe	36
PID 168 wrote to memory of 1980	168	chrome.exe	35
PID 168 wrote to memory of 1980	168	chrome.exe	35
PID 168 wrote to memory of 1980	168	chrome.exe	35
PID 168 wrote to memory of 1980	168	chrome.exe	35
PID 168 wrote to memory of 1980	168	chrome.exe	35
PID 168 wrote to memory of 1980	168	chrome.exe	35
PID 168 wrote to memory of 1980	168	chrome.exe	35
PID 168 wrote to memory of 1980	168	chrome.exe	35
PID 168 wrote to memory of 1980	168	chrome.exe	35
PID 168 wrote to memory of 1980	168	chrome.exe	35
PID 168 wrote to memory of 1980	168	chrome.exe	35
PID 168 wrote to memory of 1980	168	chrome.exe	35
PID 168 wrote to memory of 1980	168	chrome.exe	35
PID 168 wrote to memory of 1980	168	chrome.exe	35
PID 168 wrote to memory of 1980	168	chrome.exe	35
PID 168 wrote to memory of 1980	168	chrome.exe	35
PID 168 wrote to memory of 1980	168	chrome.exe	35
PID 168 wrote to memory of 1980	168	chrome.exe	35
PID 168 wrote to memory of 1980	168	chrome.exe	35
PID 168 wrote to memory of 1980	168	chrome.exe	35
PID 168 wrote to memory of 1980	168	chrome.exe	35
PID 168 wrote to memory of 1980	168	chrome.exe	35

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7fff1c2d9758,0x7fff1c2d9768,0x7fff1c2d9778
1⤵
PID:1068

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://download2393.mediafire.com/g89qse524x6gM4_8xohA_TWuZxdEkRNIoHxILjT4kFSgJtbRshtdH6OBvhDBy2_ODRFowOvROQBaZE3FKwQwb_oAB-lKMwuNIkpC_4HehcNR399pQye3gE0jBfiEePxp6G7hZBaZTO6VaMSPitbmlvtcxDIRaAycmodWoO6-2BGb/fkz5gfddt826621/Xfer+Records+Serum+v1.368+WIN-TCD.rar
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2092 --field-trial-handle=1840,i,14889632250505374256,13997504613752072863,131072 /prefetch:8
  2⤵
  PID:1980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1780 --field-trial-handle=1840,i,14889632250505374256,13997504613752072863,131072 /prefetch:8
  2⤵
  PID:1516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2856 --field-trial-handle=1840,i,14889632250505374256,13997504613752072863,131072 /prefetch:1
  2⤵
  PID:4392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2864 --field-trial-handle=1840,i,14889632250505374256,13997504613752072863,131072 /prefetch:1
  2⤵
  PID:1096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1520 --field-trial-handle=1840,i,14889632250505374256,13997504613752072863,131072 /prefetch:2
  2⤵
  PID:4476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=5020 --field-trial-handle=1840,i,14889632250505374256,13997504613752072863,131072 /prefetch:1
  2⤵
  PID:3048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3376 --field-trial-handle=1840,i,14889632250505374256,13997504613752072863,131072 /prefetch:1
  2⤵
  PID:4128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5144 --field-trial-handle=1840,i,14889632250505374256,13997504613752072863,131072 /prefetch:8
  2⤵
  PID:3388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5288 --field-trial-handle=1840,i,14889632250505374256,13997504613752072863,131072 /prefetch:8
  2⤵
  PID:4872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5164 --field-trial-handle=1840,i,14889632250505374256,13997504613752072863,131072 /prefetch:8
  2⤵
  PID:4644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2904 --field-trial-handle=1840,i,14889632250505374256,13997504613752072863,131072 /prefetch:8
  2⤵
  PID:2628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5368 --field-trial-handle=1840,i,14889632250505374256,13997504613752072863,131072 /prefetch:1
  2⤵
  PID:4708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5416 --field-trial-handle=1840,i,14889632250505374256,13997504613752072863,131072 /prefetch:1
  2⤵
  PID:3824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5832 --field-trial-handle=1840,i,14889632250505374256,13997504613752072863,131072 /prefetch:1
  2⤵
  PID:3388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=6132 --field-trial-handle=1840,i,14889632250505374256,13997504613752072863,131072 /prefetch:1
  2⤵
  PID:3484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=6000 --field-trial-handle=1840,i,14889632250505374256,13997504613752072863,131072 /prefetch:1
  2⤵
  PID:1280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=2892 --field-trial-handle=1840,i,14889632250505374256,13997504613752072863,131072 /prefetch:1
  2⤵
  PID:4628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=1828 --field-trial-handle=1840,i,14889632250505374256,13997504613752072863,131072 /prefetch:8
  2⤵
  PID:4368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5196 --field-trial-handle=1840,i,14889632250505374256,13997504613752072863,131072 /prefetch:8
  2⤵
  PID:2632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6212 --field-trial-handle=1840,i,14889632250505374256,13997504613752072863,131072 /prefetch:8
  2⤵
  PID:1184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=4564 --field-trial-handle=1840,i,14889632250505374256,13997504613752072863,131072 /prefetch:1
  2⤵
  PID:3536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=3652 --field-trial-handle=1840,i,14889632250505374256,13997504613752072863,131072 /prefetch:1
  2⤵
  PID:2248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5824 --field-trial-handle=1840,i,14889632250505374256,13997504613752072863,131072 /prefetch:1
  2⤵
  PID:2424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5888 --field-trial-handle=1840,i,14889632250505374256,13997504613752072863,131072 /prefetch:1
  2⤵
  PID:1652

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3296

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x394
1⤵
PID:4472

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
20KB

MD5
923a543cc619ea568f91b723d9fb1ef0

SHA1
6f4ade25559645c741d7327c6e16521e43d7e1f9

SHA256
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

SHA512
a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

Filesize
315KB

MD5
d013db2840a239cc4616531b85ef1a77

SHA1
9c563b6b2d69b72d338c8ca6576f8ac8fb39f21f

SHA256
0aa30d7546bc342e7a45fa907915c993e22ea11834bfff9a66094a4aee3f440a

SHA512
1a7a0b499e82782acc0dce2d83d5f5aaa67d2b8d73ffd7f77108873208ba1025c7db6df1f83b353142f261f3ee3d912edd263ee6c19d5771fc56c9ef89dd0104

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

Filesize
126KB

MD5
b01bbe74a37a660aab7069a5b0addcac

SHA1
c6df83851703dcbc56c2eefcdacad118399b70e0

SHA256
aff0bc82fa4f2b9663288a96a31f6c77441c2653a706d571fe2a240509df31f5

SHA512
92d7b9bfd69fde6c87e4de842f243e2deef50ea77e3d24a447607eecae15eae62014d6f4007992066cabee4aedd7c195465999165fcc8a644c34c1038a1c514f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

Filesize
35KB

MD5
e0029b4bca105ee6c488ff5859200811

SHA1
b803af3e54813c9f80b0f3f43fc3349c3b2b6bcc

SHA256
e3181747e13d9c4b5e66ede000ea505ec3a9caac73fb58740c657bdb9b0cf9c2

SHA512
b141da2c00a7bd2d174abf2a4ebf50f30aa19348cb3968d3e127eccfde3ff8ce4e90d54420f4129ea467519190c667fd8c1aebd88568ccdc48eb14939e7d5842

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

Filesize
40KB

MD5
1128652e9d55dcfc30d11ce65dbfc490

SHA1
c3dc05f00453708162853a9e6083a1362cc0fc26

SHA256
b189ff1f576a3672b67406791468936b4b5070778957ba3060a7141200231e4e

SHA512
75e611ba64a983b85b314b145a6d776ed8c786f62126539f6da3c1638bf7e566c11daf18d1811b07656de47ff8b50637520cf719a2cacc77a9d27393fc08453b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
99b55732dfc0672d8d1e4a75330bc5c0

SHA1
4a97137a8f0fd88f9724caf69260bd11f7816d07

SHA256
744e866a5f63d3cc959b5b49b3b6bb72bd8eebd6a72618a6729e182fa69460cd

SHA512
a15156d41fcc03076e43bcfd2d352fa5adaee9a71b06d1c6151a0ae506d33c53d836ac3b03ca2803ec45a9c683a3265231dbcdd846ac8f4992e9f52008c83653

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
617ab26a8d34e7777944d0882ec562fe

SHA1
27969c585fda1291e484725ba084f59c39ca4d3c

SHA256
f64ebbe8be325c1c594697ef77974231b8be158d49dff59f76a10dd63c0f45c4

SHA512
3ba98b166ecd2f662871eb4c85cc3fd18228df27e8fea23d0225c6dc094a099f8d61c1744c5e77da06c9bf5ca986aaa72f8bb94d9973174d4b738df7b8be34d5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c4bb472768bafec6cdf61b2edc4aa9d7

SHA1
880a8dae3257ddca277beaf3dc4ed563df88f6e0

SHA256
e8bc644c80c40d3bf83ba9384f6f262e072edac3f5b17d4fb6f2dc258d01591d

SHA512
d80e1300b662ad4b4e899b2d80351b9a0ac35ef069037805f4e9f335e681cda8305a9bc80a8e9c847e07ab86f4beac3b2eb630ef3ec2b308d661a2e15e6c1961

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
376bbe9830d3a1f3362561fad6c969f4

SHA1
7b29d647f46a8cf1d68ea9df2f13dcc7b1f8a8dd

SHA256
96dde04825cff3b81ba77e66a1f4e86e3b5c5f0f96a731a35804a88e8b4ef14b

SHA512
bcf55285452e8d3297eb0006139221520f337cb86d3da1dfdfc0faffac8a2f74d8c1405cac52fb5a35781c508bc1805f0c5fbe69e554a94f98e01acac35331dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
f6f5bcaf76c46d87dd14832bafce8b78

SHA1
553bb421d31991bfcb18f7a879716a74c55079d3

SHA256
91d0b39f4359be596bc7890080906153cbd26dc131ee0da6162da87a545f69a3

SHA512
fb36832d8829833b3bdb4719f7463798fa3f5c2d19f51fb3693b5aa08ae605f6b4210d7ba3ad038a2f7a3573539406eec8cf3dbb209a2f47d1870dfd70435c4f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
434a86a6a8d10eb13710c1b74821fc21

SHA1
6c710153becc9b815db0cac3a82f8ce151337aaa

SHA256
5a9ea0a9ef7a19350124353a88865023a6941bec0e19f1a35290aee8776209af

SHA512
e2265327068ab6103a3b89f1923856fe6151d4bd4007619e33c5059415c00547e9ddbfd0b96eabe4d122e6f3b60d6ae3f114f7030a04784eaabf4fa073e791be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
3733141d689de34ff952c4b93af89c1d

SHA1
2cb7456628221ddfb46cf8c06bb1a89e26765028

SHA256
aec5abf59f04161f3b06708a6416549b5e0e9177b0304712807d1dab9616c548

SHA512
45d451ac592ec1862f9addd6ee4359b4c67693c4c2cddbd4ec39a95af0923f606c6dea96db0e03e0d747b8bb68073eebb8ee83c3826a3dfbd260efc021da9f3d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
f2c1356257a121d01bcae4e98f468a7a

SHA1
8ec2494b7839624f9c39c00b774a09c74bf8da16

SHA256
0bf8398700cf017af46b2c3caedbfd7242e5c7db9e1b1cb1a52ea4016355eb03

SHA512
3de70fb2c9bbe190de6ed3fe7c5480874661afdf2cab6f50ca1ee4c5aee7df6672cef3053f72a2ce6a4d641e79aca81af22f7bf80003b373408fbc7255ee9373

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
997b494b8eea5f757a07bf3cd69dd623

SHA1
91e661e5731a2e40748a2a3f376112289dd220aa

SHA256
6a2263b58598e632964a5d3583c73de45db41f351b179b9b592b915d8e61f59a

SHA512
d7b95aac2af1ae862d4d567422e475543b8e7718d40cdd330cfb7bed1aa1b1e713ddbbfa7f6e279898625c21b2ef011ec6a8ca37bb9419a3494328700ef1a602

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
66293db4d91082e1a042442244c8e0bf

SHA1
77c032d53f427a58edfbc6147e9745c8d8cdbb53

SHA256
a85585bc39c23495d4c59527ec517346592a0a6c7d1dd74299d64839a8bc436a

SHA512
8630821f61fa5e551eb1b76eab9f29dc2b2ed9cd92cb0e38643eb191dd63317dc507bde4cab8a53ac565493305964562d7c9ca318ba62c489ea6d8582a6fae3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
e123bea3183012a1fde70e938117be1e

SHA1
019f9dec3b6d39490af33b7586376d0d2ebdea9c

SHA256
b5300ebb156d17fe36e5ce5e3e7c755e76a07911fa21b92e1cdd79ac637549f1

SHA512
002204be6d462a928296e5cf63c0de36eac1630948b99053a0dc0e50fbecf215c94c6ce17cdfc17ed89237d17e0a394a30f957a64c8f81ef2a902a7619fd0223

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
33ac2511d0bd6d8ecee6b67c363d0d7a

SHA1
de773c30f456b7c8aa988c4d7cae5f6755726c20

SHA256
f527d428e1f439beecbdefb4c63682e54d2ad06d20e335bd5c69bf1e458e42d8

SHA512
713c52e97a9f08aba42b23d8a5be9c90608404790afb1ced5934550113229dc2a5ca12b7fffb9de3b4e2cd2f66f1254858c686dcdc98463ef48b50c2e9fc9de5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
b06f5f9f1cec1c363b328ee0f3a349b7

SHA1
bbb002ce8c1df9f942c8fe0e0c06464deff8c756

SHA256
ae15e057d203cee57512c18ed243c077255599c384a8d4a5125e540ebf5dc082

SHA512
27dc2e0f8206573a6f9dd003bc77d30aac4162b42d31f9bd1c1f3b58c7695e440597194640a65e6e4ecf72fc439a9d1c4c58dcae22ba63fe2ba9785b31fba72f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
7893e9e8aaeb0c0ec1dce7c5d7961b72

SHA1
5e87143415475c7480e59c3fcf50868e45e4e27e

SHA256
9bdf62ce766196c6f0e78ab8276124673ec024fb127d1dfc6be2663dbf6e7c3b

SHA512
4e37e91a97b7a13a9f94220a8b605a3b0cc01a1876553362cb761de21cc6e3ca2da68aca23c306a450597852439f05da9a7c18c6238e3c2ba291678bf5d42b79

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\eaeee80b-48c0-493a-ad64-89b1d160d1f9\index-dir\the-real-index

Filesize
2KB

MD5
dc5022342e19a17ed77a38bc808cc5e0

SHA1
21289724a4f608201a3ba5bed3f6dabec258ff77

SHA256
77992402d8f4d45d664dac18fb6865511711becb577f009be93d97c51eacd975

SHA512
32889181fc4035694b3c7606e73be190e78b43dfcfe842c3b62665e59ab18a9920824b7642d54bfd668bdd8d4caf3b83bd7eaa5ca0683a13fad0626f2ee29bcd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\eaeee80b-48c0-493a-ad64-89b1d160d1f9\index-dir\the-real-index~RFe587f1e.TMP

Filesize
48B

MD5
8dc17ed4fefb33b794e2a39f80af35ce

SHA1
8fb520a1efd8ad1ff93b0b2f4bcb417c87bddabc

SHA256
8333572f37faf6912e93b21eed65b78ca97edf9cb8f2447be2e2c2e682da7399

SHA512
bd38959799ba46ac86dcb986010355753ce6c239bad104699982e005e4ae1918eafa220c274eade4f47dba842a0327acbf312c16edf9be3bd544892edca2a25f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
f8962b44c478304b115ceabea2f7cc1a

SHA1
4a622a6f30206cf0fa03fd6d4aa027b01fb8fb29

SHA256
873d92d35c8682bc050c152e42f4cd046cc91293d505ebd9186e7c11b6243632

SHA512
fecd6ca7dc6978eec2ee55eb16af30ffa9df2a4c617d928f740f35b6434b2981c186aae8892d279c80c965f87b2960f68569bf6d9686419ae39c75dcef596345

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
457f3a67be0641121e4cef2e31eb17c2

SHA1
6c1e3c9154dee3047a73772f220ae53b7322791f

SHA256
1632070f1ec2b3fc0e6040a9b40bdcdb5734c3e491770960e30918086c1962d1

SHA512
03ef397f5a16d5cbdb7f9324ba2bc4e898ff6d951bfbae4e537b3206d9102fff3b7c122affe33eba3dac89bd2fff55a8b9ab4f79cff4fc42d1b9fd0f7cac2d19

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
f740e9a978e5ee1f3499f67572d07698

SHA1
7d9c610c948d35f44b084d3dba09890a202a9fc3

SHA256
bb16ff108dfce2001f9ad89311cd2d644ba232d79908cf40aed03cc3f967390e

SHA512
c4595c5b0ab7d673e21ba60fc1d65f686b416db8ffe7b9d43f7d504d4a48bddc3725cc801eedf33b12af46118078fe69395226cb1cc2daded064673109943a66

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe58676f.TMP

Filesize
119B

MD5
46b7ffbbf62e870766ba04e2945a76c2

SHA1
ebb2f81586f47d51577f1ed6d99ffcf24706d61c

SHA256
c4b379a2c49e53c65bda2139b82aa4e50ea0667a9ed4b6b0f09dc94dc1f43bb0

SHA512
d0ccaeab44f95b7220c244b91671799688a09434a44db79c8c94bd64412cf7980a20d190ae32f646ce5b699654b1aef1f20c7602c9715a7459096abed4374809

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\5f8830bc-3a1f-42c6-a939-c28e7241b476\index-dir\the-real-index

Filesize
72B

MD5
e93a1cbcb063d0c65714871e0bf05736

SHA1
259f5d978952b06ff19366bc823e104bf03935d8

SHA256
ef48818b45aa3260c091a10d2dfdd414d66306e1dbfd358226bbc081e536916f

SHA512
e76fc072c47dca1454f5f4e5b85aa365c7bae4fed437a48111404a0205cd2b8a89c6ca7fb6bac209249016f831b29ab015aac8ef81ee85019e71a93257770c34

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\5f8830bc-3a1f-42c6-a939-c28e7241b476\index-dir\the-real-index~RFe591459.TMP

Filesize
48B

MD5
bea9ff8b8ed483dbf20c137648f02f37

SHA1
ab10e5921ed1f2bfba33b787f27b229426a2b8ce

SHA256
c06c440b3bb7fab476bb84e9a8b0c1b718254e5f010c42767898a76126203df2

SHA512
ac084966de2d119598630ef98954fb8e8281e032190ae5dc1be5124a62a5e2e0d3fc94ec7be1261d5c00d7edff05d50f8451826c78148d68da7793cd44ec98ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\ccf78971-f2bd-4871-8a74-c450a33f0386\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\ccf78971-f2bd-4871-8a74-c450a33f0386\index-dir\the-real-index

Filesize
1KB

MD5
e02d42b22cb5c4515ceb4ec8d76ba4a5

SHA1
998bc45eaa4ce3bd1533efb51749891879c14b75

SHA256
d30cb4f3267d785c1ace93e8d5754f35b3cd37825d391a644f11d447b8b123c8

SHA512
facc44852cef481289efdbad7acc414bc2521ca36cc8f40016f1ba1501d40e0a2de463b66edaba96b5e9d3d88a54311329ed42a1774446d1fe35c1f824be070e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\ccf78971-f2bd-4871-8a74-c450a33f0386\index-dir\the-real-index~RFe592050.TMP

Filesize
48B

MD5
13c4423996169e76b756b1ce76fa7635

SHA1
1f4b369ca8f4975d55496eb248350fbc7f858e9b

SHA256
f255ffd102b2732a667e348c6a36e5f5bc76fea87bfb8ca422555c3540873228

SHA512
6f88b3b40653eeb7e965743d9988522d763425560b5b7608051431f38e32a374adb97769337af5f42d6ba6387af45968e6a3a7be2b057d33817676005a2f785d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\index.txt

Filesize
237B

MD5
2f02e04dbe3a89cb4e2267c4ea81c0a7

SHA1
0883b280aa7fa6d932ae9779e89507a43142af37

SHA256
3766698c5fe9f18478366be6019d52180ca4833933e8f8af3d8d37324e65b4c1

SHA512
8b7eebd0f016fadecc37d1c76929274cebea1b597c8f210acb87081dc27f5d76e1e051de596f2d47265bb0a0b435c95b2f5ff7866c0ce4876b861560eb60125b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\index.txt

Filesize
234B

MD5
6d4a6433ec71fdc5f9a0604353e93612

SHA1
37f56fb196076556ae651b4dbd6d7550959fc1aa

SHA256
defcb68b9d8f0f09bb4dfabd9ea97557c0f782d7ee8ac795cb4b7ce2670ead67

SHA512
c4235121f8fc56586a3bda28407bc989bc48f6a1b1ac717a06026bae7767992adfb0b5f7bf407423f3f5e62dbbb1fc08b73290f7d0455c744e527c0c8570aeda

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\index.txt~RFe58c639.TMP

Filesize
142B

MD5
47be2f8d2800c8ccbf8bee25fbf45779

SHA1
571394fd6bdc0ca8eeeebd1b5f4c319b59298464

SHA256
7214ecbdfd51c820dd9b744a39daf636257f189eb4dc0307f3685d665ad1536f

SHA512
0655a67df322d3d47d49989f321eb479e4e56eee7d62cac9e0386cab6de859f47256bed03ba4aa84f595f5a87788bf4d53194fd6ab36eb050c2213e7786e186b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
1cccdf14a5e93869252fe4b863d99c9b

SHA1
9525bbc290a53005d92c68cf19a7d0ffc0a7893d

SHA256
bb5a53512b1a816c37cac25b4b10a325a6300c99bd3eace7e31bfaf434ebc64a

SHA512
4da68cabd4a033588a3cc5e45905d0b201295b05cb59b72bb74eda237da0dd3488406c451da27c742bd816b496b33ae5d5b63b02a6536361b27fa40a77e1bd4c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe59141b.TMP

Filesize
48B

MD5
d68430e087f95e3388db259dd339c215

SHA1
7afbcb37d0dd44da28b3f1c63967ddf782ec2a09

SHA256
b274119f42f7069357eb9530aa0c24e5ef5f67b7762395f62bfb5fb88125548b

SHA512
07086d4ff1a4e0fcda6c24b4da8a7bc8786d50d1d825e6a9704c1f9d90c38345c74af738e12d85cdc851801ba96efd8858875ac3d3c070c1d655bf2c2df7c22e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir168_1465717710\Icons Monochrome\16.png

Filesize
216B

MD5
a4fd4f5953721f7f3a5b4bfd58922efe

SHA1
f3abed41d764efbd26bacf84c42bd8098a14c5cb

SHA256
c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3

SHA512
7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
aa87846d2306246dcefd516168ecf50c

SHA1
5fc1c04af2ac27da3474265a393224516e1cb69d

SHA256
2199d8a74e0c4bbc604ef3dda5f7951750c57e8ed71c00bf763cb9322bcfaac0

SHA512
941d58473ee131d36d86e657d41ea2555176151cca8e8f364ffb019d71a32022cf6f8d6aaed0c0d6db397ac1c04f7f09a7277466e6becb31f4357300cc0e38a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
101KB

MD5
27f7740ca558f5b23fb9ff9d45486fd1

SHA1
950564060c2fd1e4a725a2377d33a55be0fe7427

SHA256
09bd4932d5a09cb1648090d762a37eee39acbb0d8991fbc174362e95339b0aed

SHA512
c35c68cbec6d12c2a45f7f0a08ed380cd17e5b38d576ede3bcf59a1f6bd32d872f8569252e4b4b5b4a29775002667b896c5c13a1906ebe217780c422c4fc9787

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58a081.TMP

Filesize
100KB

MD5
298ba66ef70c430e7f596353ce7bfce1

SHA1
2c22b77342063856c82cdc528960dafb964d5db0

SHA256
0fce8b436490e50724386321f1fb6085dfdabef235c655637001f0503cb9ed90

SHA512
876b8df09497f3845b35f68b524dfed114a22dfd7e52abcbde56b16396767f54d4ccd50f041ddc165fb1cec1336feb7cfe8425d445c5ef105402e16797ce4027

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit