44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Analysis

max time kernel
607s
max time network
449s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
09-02-2024 19:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2-8-2024.txt
Size

2B
MD5

99914b932bd37a50b983c5e7c90ae93b
SHA1

bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512

27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133519815604934561"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1128 wrote to memory of 3084	1128	chrome.exe	87
PID 1128 wrote to memory of 3084	1128	chrome.exe	87
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 2600	1128	chrome.exe	89
PID 1128 wrote to memory of 1740	1128	chrome.exe	90
PID 1128 wrote to memory of 1740	1128	chrome.exe	90
PID 1128 wrote to memory of 4836	1128	chrome.exe	91
PID 1128 wrote to memory of 4836	1128	chrome.exe	91
PID 1128 wrote to memory of 4836	1128	chrome.exe	91
PID 1128 wrote to memory of 4836	1128	chrome.exe	91
PID 1128 wrote to memory of 4836	1128	chrome.exe	91
PID 1128 wrote to memory of 4836	1128	chrome.exe	91
PID 1128 wrote to memory of 4836	1128	chrome.exe	91
PID 1128 wrote to memory of 4836	1128	chrome.exe	91
PID 1128 wrote to memory of 4836	1128	chrome.exe	91
PID 1128 wrote to memory of 4836	1128	chrome.exe	91
PID 1128 wrote to memory of 4836	1128	chrome.exe	91
PID 1128 wrote to memory of 4836	1128	chrome.exe	91
PID 1128 wrote to memory of 4836	1128	chrome.exe	91
PID 1128 wrote to memory of 4836	1128	chrome.exe	91
PID 1128 wrote to memory of 4836	1128	chrome.exe	91
PID 1128 wrote to memory of 4836	1128	chrome.exe	91
PID 1128 wrote to memory of 4836	1128	chrome.exe	91
PID 1128 wrote to memory of 4836	1128	chrome.exe	91
PID 1128 wrote to memory of 4836	1128	chrome.exe	91
PID 1128 wrote to memory of 4836	1128	chrome.exe	91
PID 1128 wrote to memory of 4836	1128	chrome.exe	91
PID 1128 wrote to memory of 4836	1128	chrome.exe	91

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\2-8-2024.txt
1⤵
PID:5088

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xdc,0x108,0x7ff9680c9758,0x7ff9680c9768,0x7ff9680c9778
  2⤵
  PID:3084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1672 --field-trial-handle=1860,i,2243089489738431733,14389180476778735485,131072 /prefetch:2
  2⤵
  PID:2600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=1860,i,2243089489738431733,14389180476778735485,131072 /prefetch:8
  2⤵
  PID:1740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2212 --field-trial-handle=1860,i,2243089489738431733,14389180476778735485,131072 /prefetch:8
  2⤵
  PID:4836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2992 --field-trial-handle=1860,i,2243089489738431733,14389180476778735485,131072 /prefetch:1
  2⤵
  PID:1680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2972 --field-trial-handle=1860,i,2243089489738431733,14389180476778735485,131072 /prefetch:1
  2⤵
  PID:4564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4640 --field-trial-handle=1860,i,2243089489738431733,14389180476778735485,131072 /prefetch:1
  2⤵
  PID:2428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5176 --field-trial-handle=1860,i,2243089489738431733,14389180476778735485,131072 /prefetch:8
  2⤵
  PID:3296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5224 --field-trial-handle=1860,i,2243089489738431733,14389180476778735485,131072 /prefetch:8
  2⤵
  PID:4556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5440 --field-trial-handle=1860,i,2243089489738431733,14389180476778735485,131072 /prefetch:8
  2⤵
  PID:1548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5672 --field-trial-handle=1860,i,2243089489738431733,14389180476778735485,131072 /prefetch:1
  2⤵
  PID:5080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5684 --field-trial-handle=1860,i,2243089489738431733,14389180476778735485,131072 /prefetch:8
  2⤵
  PID:1364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3744 --field-trial-handle=1860,i,2243089489738431733,14389180476778735485,131072 /prefetch:8
  2⤵
  PID:4984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4064 --field-trial-handle=1860,i,2243089489738431733,14389180476778735485,131072 /prefetch:1
  2⤵
  PID:4432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5816 --field-trial-handle=1860,i,2243089489738431733,14389180476778735485,131072 /prefetch:1
  2⤵
  PID:1632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4700 --field-trial-handle=1860,i,2243089489738431733,14389180476778735485,131072 /prefetch:1
  2⤵
  PID:1432

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3668

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
194KB

MD5
36104d04a9994182ba78be74c7ac3b0e

SHA1
0c049d44cd22468abb1d0711ec844e68297a7b3d

SHA256
ccde155056cdce86d7e51dfd4e8fb603e8d816224b1257adfcf9503139dd28f1

SHA512
8c115e3e5925fb01efd8dda889f4d5e890f6daaf40b10d5b8e3d9b19e15dadcb9dcf344f40c43f59a1f5428b3ee49e24e492cf0cb6826add1c03d21efdec52ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
24KB

MD5
b82ca47ee5d42100e589bdd94e57936e

SHA1
0dad0cd7d0472248b9b409b02122d13bab513b4c

SHA256
d3c59060e591b3839ec59cad150c0a38a2a2a6ba4cc4dc5530f68be54f14ef1d

SHA512
58840a773a3a6cb0913e6a542934daecaef9c0eeab626446a29a70cd6d063fdb012229ff2ccfa283e3c05bc2a91a7cac331293965264715bdb9020f162dc7383

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
b83e265c7d697d6e17528c95dd411e50

SHA1
3d93d6245443b657a0ba7ef200c4aaf3fa2504a4

SHA256
4cb0f92a4bba613c2d96932affaaee0bafd85c58efeb72b621296d981b9d1bf8

SHA512
c41c1c1e3e775c96aec2ebc847424036543cecf1c5ad9f98a22dc9cdca71d199ef7c3ea256e9320317dd9fa90a62a909c109b97f30bb1bc8b2b447a2609f8da3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
1fd7da2cda07c7c21243c08ac851158a

SHA1
4336f39e28d7c63f6fbe1307e54393112cb56071

SHA256
48b0bdb64f54c528a2aea0b2726aabb7821a7624891b00c480730e4978bcaa66

SHA512
6de71b2b38c3d1b4b3821cacbb019a58313d661623e95cc95ce955b6bca1b1c57496eda24e6855299e2513cf78aef18ba14f052380a9e1ff20e56bfd43a5c74b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
eba8306f23c0f586db4a89a91db7d99c

SHA1
b17221fb6e7091cf3b4dd4a4922e92eae885a724

SHA256
e16564e6681fd91aa7402340adbcd9668d00abce8ebcba660e3408809467ed19

SHA512
a9d09fde6e071605c91f8bc8e9cf82fac18b400cf6debcdfa046cb30a904e6f2b10c5edfb6731b5eac9bef2fd799a3cffdcfba838ca1a04b131d4eb66167c25c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
d75693fb7dc64f8166420dd26b5f72b2

SHA1
1f7848d131d2a9d3907158d903f557ccd797004e

SHA256
0bce8e9c0f8c763b23a1df46a9c8a8fe9a9a9222e8f4b58c8884c02a77730310

SHA512
958ab5dbf0045428ca396b365b5af2263b802f12362a46c04731764a9fca179db298efd2742e03cacd0c1e15d08129a959e7f58abdaa069ce1aee8b27abb3e3f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
1e9d01b9d99ab33855d3f576c94ad418

SHA1
5e932cf7784403112201724841a1fdb6ff1865db

SHA256
acf5df6c562082c0d6dce35f1e4341a616b96335be65fae049537f86e83083f1

SHA512
cd4c6bbabfd8a15c947441a10b7b81a93cc9174983fbb43eda27a91b02d420df3af852d2daf6a08cf8bf474e4802dcc28d24d9cce984338473f8715937a9e57e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
01659a184a86399939bbf913edde31c0

SHA1
e30a0611862df3100a985c45d1941a442f5bd266

SHA256
bc98ed2f7193b7fabddae0760fad2b1d47d11c6a97412243af8a089f0242e038

SHA512
d21956af314701a0f48d0b182c556a160d76cf62101a6dacf5096f72504c2437072b2f18e4f461e2705292a9626f52afd6428f4bffbfbf7dd9ff35661b4da0e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
965ae62ce1fd29e011d49f83afb53d8e

SHA1
75030294c439b2ca13387cd7391cc147cb55fe47

SHA256
02ee91932ceaf14ca040d7401b59733ecba53d617012c3fb8e6dabe82f7cc2ee

SHA512
943fa888150de6c02dc0f57206cd3f90ff890a751b530401d041916d1b84633be9ec978fbffa5666d25001aa00ed3165466df0dcba0294c608f475425517362c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
bf0d30a7edb4962a2b27b33ded79d65a

SHA1
c17743894980bef94fb26819c93aab2e966210a4

SHA256
88ddec361c25eb50f4fc77be0fde43bf0d2ee9110e0ddfe661d086c1b9b4507d

SHA512
de0ab7db4fa329c1529ef62a59255659e2355891d7c48dc834463198bb6557327af388decb46618ad18457fcdb7f3877491d543f4bf12084baf2c6dc68aa87f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
4ec63999bd82f4ef0cb18b758727df17

SHA1
3742c12b78981557d89344c3d0a3fdadade8111c

SHA256
933379ce1cb5d1f800c1411e05104570d7e01235589ed02afc5728f568b67f36

SHA512
26507d5d95044c57d2030340bfa4eb897d8b16adf3eafb6ccefbcf5d011778fdb1b48b29f9c08d9cf73f82f8550fe0b9b080f1fa8c55f6b73a55a258b0e9bbf6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
96e46f767b5b35126110063fe2a28e09

SHA1
4e58563e4eacc9003f7b2ef6f63df31fb1997e33

SHA256
adb32435df0ddf2539efde4ec791957dc7bb372b328f229699d92601a332fc65

SHA512
d02b1c2f6c80a41dbabd245655c4c89182bfb5578d6c975d1e10f7afb41e7019d9218be08e24df4eeafcdf220d0fd0613afac06f71fcdf2f24d286d41c74bd75

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
240KB

MD5
130dc04cf047e236516c5c1b9b870cbf

SHA1
07824c618d2ac33abc806e9e53fdbbdf14b47c62

SHA256
e93fc088555ee269615f0becaabe74c12ef64690197208bf4c172917e001b445

SHA512
5f207b46aa04ca0bcc7bf5956114504b58433e6c4971f779a3bf66e0bb268835377c332117cc07e2832d69cd36907901947d6ccf707a9e77c85cdccd72a085d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
280KB

MD5
340cfa85fe804ff81a1e0c74cabd0364

SHA1
0f6b6c418df7da2d96828c5165cfd1767285d1e4

SHA256
cda19bae5f3e0da281f00fa47f34e7de627b698851d75e8760cf21ccc55b1f11

SHA512
f49c5fcaf791ffe708045a82b6460bf1d7cce142cb17cc7ffe38df31359dbaf367b5dd1335617900c6251b85d637a4279ab8db4bbb94d7897fd3ea13b284f15a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
294KB

MD5
7bbd32b374488a3e4fa099ec3ed3b7bc

SHA1
1b2d447344e5b24b8a30709072ce0d744d42a0b6

SHA256
77bbae1483434d60a919ea470ed1bddbe6e24245957a1e07f5bad9f453bcbde4

SHA512
e57e1a6f73379f23001288b49b1d13d1b35daf613d7b3c11e6e9cf0373fe9c2bb1b705d88e2377794d418643660ec16e15785485cb88f944eb59e51de5272750

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
115KB

MD5
5ede10e767a03f73e2334b2d7a89abad

SHA1
1e8c8c447de3fa167252a58906ac52f377d08b5b

SHA256
fc37a4f72a683a1e1ec93e23654c705fa0da33ad08eae4ea8e3e05deb1bdc303

SHA512
4a33e24e4951bca53f9db37bc80f5ef674eb26f36f6c7889e12aee4dbf32465de0b5272b4aa2cc2be149af95478929728528bddc4743d77c6a379ef64c03a637

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
240KB

MD5
be0cc2f00633684008794936f691d7bb

SHA1
020e1b6f0c8fdbed22dd62bfa67a255fd63ef1de

SHA256
d77dfc53d4fc62b5d839b6260196958a1cee5710a1d5992935efd8edc488d3b8

SHA512
a435a810d8d74f8c5b07bb14c441dcd3d4c19cdb1a1ed0fda7c04ce92de79b66000b15a6ae61110d4328afbb28a650c378ce86d3648783e0fc9292e227f4d701

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
bcfb79836c426673fe52818df150e27b

SHA1
decdb133eaee15059361bc7205d3c43b86c76eb9

SHA256
e919ed0aadd60b3ba6cc625345a81c0804b7facac92db9d8c61b8a58be45d03d

SHA512
85809f211505bb089513b21b985f1ba7f81552bf33f5e9ad1bc3d0f42916bf29d09f98345bce9caa9fe0eda7440431ebfed7c63903be58a16872a31e1902cc30

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit