hxxp://globalquake[.]net

Analysis

max time kernel
2701s
max time network
2650s
platform
windows10-1703_x64
resource
win10-20240214-en
resource tags

arch:x64arch:x86image:win10-20240214-enlocale:en-usos:windows10-1703-x64system
submitted
16/02/2024, 19:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://globalquake.net

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133525852794129413"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3592	chrome.exe
3592	chrome.exe
4732	chrome.exe
4732	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe
Token: SeShutdownPrivilege	3592	chrome.exe
Token: SeCreatePagefilePrivilege	3592	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe
3592	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3592 wrote to memory of 1840	3592	chrome.exe	74
PID 3592 wrote to memory of 1840	3592	chrome.exe	74
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3696	3592	chrome.exe	78
PID 3592 wrote to memory of 3572	3592	chrome.exe	76
PID 3592 wrote to memory of 3572	3592	chrome.exe	76
PID 3592 wrote to memory of 1280	3592	chrome.exe	77
PID 3592 wrote to memory of 1280	3592	chrome.exe	77
PID 3592 wrote to memory of 1280	3592	chrome.exe	77
PID 3592 wrote to memory of 1280	3592	chrome.exe	77
PID 3592 wrote to memory of 1280	3592	chrome.exe	77
PID 3592 wrote to memory of 1280	3592	chrome.exe	77
PID 3592 wrote to memory of 1280	3592	chrome.exe	77
PID 3592 wrote to memory of 1280	3592	chrome.exe	77
PID 3592 wrote to memory of 1280	3592	chrome.exe	77
PID 3592 wrote to memory of 1280	3592	chrome.exe	77
PID 3592 wrote to memory of 1280	3592	chrome.exe	77
PID 3592 wrote to memory of 1280	3592	chrome.exe	77
PID 3592 wrote to memory of 1280	3592	chrome.exe	77
PID 3592 wrote to memory of 1280	3592	chrome.exe	77
PID 3592 wrote to memory of 1280	3592	chrome.exe	77
PID 3592 wrote to memory of 1280	3592	chrome.exe	77
PID 3592 wrote to memory of 1280	3592	chrome.exe	77
PID 3592 wrote to memory of 1280	3592	chrome.exe	77
PID 3592 wrote to memory of 1280	3592	chrome.exe	77
PID 3592 wrote to memory of 1280	3592	chrome.exe	77
PID 3592 wrote to memory of 1280	3592	chrome.exe	77
PID 3592 wrote to memory of 1280	3592	chrome.exe	77

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://globalquake.net
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffba8459758,0x7ffba8459768,0x7ffba8459778
  2⤵
  PID:1840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1832 --field-trial-handle=1772,i,9552666883848011446,10067638333275296813,131072 /prefetch:8
  2⤵
  PID:3572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2088 --field-trial-handle=1772,i,9552666883848011446,10067638333275296813,131072 /prefetch:8
  2⤵
  PID:1280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1672 --field-trial-handle=1772,i,9552666883848011446,10067638333275296813,131072 /prefetch:2
  2⤵
  PID:3696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=1828 --field-trial-handle=1772,i,9552666883848011446,10067638333275296813,131072 /prefetch:1
  2⤵
  PID:752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2680 --field-trial-handle=1772,i,9552666883848011446,10067638333275296813,131072 /prefetch:1
  2⤵
  PID:4296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4376 --field-trial-handle=1772,i,9552666883848011446,10067638333275296813,131072 /prefetch:1
  2⤵
  PID:4692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4676 --field-trial-handle=1772,i,9552666883848011446,10067638333275296813,131072 /prefetch:8
  2⤵
  PID:2260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4664 --field-trial-handle=1772,i,9552666883848011446,10067638333275296813,131072 /prefetch:8
  2⤵
  PID:4164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4604 --field-trial-handle=1772,i,9552666883848011446,10067638333275296813,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4732

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3400

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
456B

MD5
b26b98e3bf251ad31618747cba6016a5

SHA1
c928cc2adea686ffde7d7620ad371b5497dd9dba

SHA256
3f9df0bc1d519d5efea643c8cc2d59cec394c039116074d20dab455714bdd784

SHA512
323030c03e8bb38a7b5b4b0dd4ebbef11f333b6437bf6f8d13ad887e04d8cd4421e00f779032f2971ac2bd92dc3de2d85492a96e27604e29e043c989716432ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
5013e38c233aec4f88aeb1786ae44a7e

SHA1
7fdfa8a7d4572546fb90c4fee47060d6dd9777ca

SHA256
9ea1bb1d5074cbb575da1dc46465ab4f96b9c2a999ed282857fa412a5dae0831

SHA512
27e06e1a188a14e0aaef693b36379f84e37bd2f63509eeb2f6f9e2a5747649ec0521b5f2ef5b7d5780b8e16fa78aa18cb8a0d7c35f3e3d8cc6c9e706626dd989

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
705B

MD5
8b9afd3b3f3fefdcd8f8a8543855e4de

SHA1
47df6700ef8d00072ded0c1325180a0ac5aa0f42

SHA256
a0941bf698693beb3a00946219d02629d379706d4306b046208e33c3fc6f3d0d

SHA512
f8e14a76634a85b093be363d95dcec7f056153769b72424d4f2485dba6fb18defc1662a0053e9a9fcc78a5ce0f444e3f3a57567c251a663ea810b8060487f299

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
705B

MD5
f50eb43dd7cee69e87ee2f84db6b2f21

SHA1
027bed3aa6508cf9b9a8e631733f7e41fd48b6eb

SHA256
ef3313aef6b33c72b6074cfaf9c53cff6be878128a9c74baa947063e5e670e74

SHA512
a5c30892c2e8ffde3838e8537c62b18b78e732a45e0c0322dce749c8f024ee58f7cf90a9a2b0e27ab008771c291d6b2403c0892ec5b773d4b7e5856e4e94b547

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
63a534c615d42f39d3a7b7239afd87d0

SHA1
751a51935422874ad61ee1e654c8bc8c1374adce

SHA256
3f75f8f4d5c04fde5883a48648eaa86a02326d628bc4e27910f43646722dee70

SHA512
bbd16a84370efd28c627d469989be2c8d781111ada195fb36d015f6c02f8e6e982ad47607770e6a0d8e4500e295fd76dbcd5ed2cf6c098eb85d91833cfb89b30

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
38a52e679438d37308138cd8020f4fe5

SHA1
e07510ecf1c9162d7601eca83befe04d890f1506

SHA256
cdd5aca4cfb009d3da8e3662af8130611bf0bf0fd445954b4ff9977b093aee7e

SHA512
1118327f6c0c8d2d86d5abfc5a2bd646b2b5b49505bda42dbf07da87e39a8674967378c1b715a3dea50d1a4d249cca1ceec948f793e3c70b0f5e283770669ca8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
bf0dc52fb08436c0c15bdc90cb945943

SHA1
b4b9c23ef0247682c8ff30edbf2605d2c69ddc86

SHA256
03402b1216374855e310762cea4dba04c6d5a844e4b7087997b0c3f644c71ec8

SHA512
492f886055b3e82517190b1041d78639e7b67ad1e136a2a191ea81e6ed8e599dc2f50940e2ed9f58ab272d276baf86c9a8fe2c974ab8f5db6443cbbd1ddb4919

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\9e1e6cece682cd2cc4374896244476bf243660b6\75c880fc-98d9-49d3-9626-a3d53873717f\index-dir\the-real-index

Filesize
168B

MD5
23a00ec75dc8439b1a574c825655ed44

SHA1
f3ca86f6b9944295940e2433fe69e89544af00ed

SHA256
d8349c51b5b474c64474335b204a93f8c293d30f6eceeebd84fde6a9707c91b0

SHA512
29736cf0b43f51b00bab2d7ad9b5aa5944fd527e1ec1e64aa6411d4f45b8ee35aeeb668d9b37755c51aad7cf201a59ee3c7e3ec6631fb6cf8548cd3aea6a65e7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\9e1e6cece682cd2cc4374896244476bf243660b6\75c880fc-98d9-49d3-9626-a3d53873717f\index-dir\the-real-index~RFe57fd3c.TMP

Filesize
48B

MD5
9dad1c4fd608ceb57408b15a419ad48a

SHA1
ac3ebf8c553018919bf00b19d82cd9cdc830e3b4

SHA256
ef9748990f1f0ccd2a244f152aae179ca0a8ddcbf126ddc17049e83db33cce13

SHA512
4712bf432fd29f58a8cba6444b6413c352aab76e8c08aa459a00a2e7721acd9242b9cc7c1380c5bd1d0cf66d68acfffb75edb3a126a4578f0a2476011471f8a8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\9e1e6cece682cd2cc4374896244476bf243660b6\index.txt

Filesize
150B

MD5
0e24a285a3876c47e6d0e621571b11ed

SHA1
b99b4583a84dbd6a73bf0b30c2394b66da2e9bed

SHA256
ac65e0613ae09b246cc397403fbd24f64ac3d24c86ec2f5a09cac4f22beece12

SHA512
698b166f954c1b3fdb135f2e31c554151a23d4ed38f6178040dc22c8b53a55e9d0cf6f9e547b4aff98b8548f8cb672ca4f2b8baaefd40b9ec5b59f3d0bf73171

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\9e1e6cece682cd2cc4374896244476bf243660b6\index.txt~RFe57fd6b.TMP

Filesize
155B

MD5
f3742705fa8c0a14e6f9144f56e8c691

SHA1
6e208c8bd82210b12ef99d603e8cb2151b159ac6

SHA256
98f64a3822129a5d23f745aa1cf1ab228df6c4864addc651dd2f0e562f7ad170

SHA512
b001d006e35e246193c36c70105db9ee9406148683cd66cfbe32b7a10483bea6caec5ec9255fa45e4242002e3cbd978c7ab2c78ff106b398cc6f56f7a49a9656

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
9e9b5673bff1ae98183439b49e9e2d10

SHA1
25807887091bb0b97d8eddf0d845e463cc2673e5

SHA256
c1b30fa5a899bb6ca85286cb8e0bf263cdbe669f6710b440b0dfd6b85227544a

SHA512
bf168072cf594fe2140c9057359a2fd6567520c6c4fc0e27274582810906399aea260cadcca3b378331d8fe54cba3eb086fa8069380bb71683c38fba9d40bca1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57fc32.TMP

Filesize
48B

MD5
b75e7374afe405c0dfaacd3afd6aa639

SHA1
b93ca19aa11488b504636b870d853074179fc299

SHA256
b05b4cbb11cecb767a79559f4574ecd45884e5c240ed6cbb467653e9c57d5dc8

SHA512
b245b16b90044178b76f683cbc0aba0cd5e99009ae8288ba58ef078f0e47ba2ddae405cc39cdd130a741e96df5b72cec86831dc2b0bb951b80bf6978cb9910d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
129KB

MD5
b10cda4e7e0ca5361d674791f31af3f3

SHA1
0ae15b8b4b0d7a58b275a7d6fce1cce1a27127d1

SHA256
490ded6f137598fef9b036d201bf8d1544546f7654b1024a0c2392ece3edc289

SHA512
8a937871f0e4df48b7a4df98ef0fc05f0bcfef4324836c57a645a718027e716add86c3c0e968a00fe5060f4c20bebf8cec1f2ab442400988922e87e60763766d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit