hxxps://www[.]youtube[.]com/redirect?event=live_chat&redir_token=QUFFLUhqbklqVmpDN3J5dXA2ZWdDSjhpTEstTTJFTGtfUXxBQ3Jtc0tsQmhOanRoWDEyYTZKdWpuVDFnaW5BdkpHbnZjSzdodU1EMVRjVG9qQkJnNjVmaXc3U1hxTHZJWktBaUViUE5tc09BRi1ZT1Nwc0lvdEtiX1FtYTNfMDludUhfbl90ODVZa1Vfb1MzeWlrNlZHV2VHYw&q=https%3A%2F%2Frb[.]gy%2F78xr2q

Analysis

max time kernel
149s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
19-02-2024 22:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.youtube.com/redirect?event=live_chat&redir_token=QUFFLUhqbklqVmpDN3J5dXA2ZWdDSjhpTEstTTJFTGtfUXxBQ3Jtc0tsQmhOanRoWDEyYTZKdWpuVDFnaW5BdkpHbnZjSzdodU1EMVRjVG9qQkJnNjVmaXc3U1hxTHZJWktBaUViUE5tc09BRi1ZT1Nwc0lvdEtiX1FtYTNfMDludUhfbl90ODVZa1Vfb1MzeWlrNlZHV2VHYw&q=https%3A%2F%2Frb.gy%2F78xr2q

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs

Web Service

T1102

flow	ioc
355	drive.google.com
356	drive.google.com
354	drive.google.com

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133528538429295561"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3336304223-2978740688-3645194410-1000\{CC1375B5-B5CE-49B6-887F-5C23B742B811}	chrome.exe

Suspicious behavior: EnumeratesProcesses 11 IoCs

pid	Process
5088	msedge.exe
5088	msedge.exe
5088	msedge.exe
3304	msedge.exe
3304	msedge.exe
3180	identity_helper.exe
3180	identity_helper.exe
4560	chrome.exe
4560	chrome.exe
2776	chrome.exe
2776	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 24 IoCs

pid	Process
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: 33	3688	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	3688	AUDIODG.EXE
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe

Suspicious use of FindShellTrayWindow 52 IoCs

pid	Process
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe

Suspicious use of SendNotifyMessage 48 IoCs

pid	Process
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
3304	msedge.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe
4560	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3304 wrote to memory of 2632	3304	msedge.exe	48
PID 3304 wrote to memory of 2632	3304	msedge.exe	48
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5028	3304	msedge.exe	86
PID 3304 wrote to memory of 5088	3304	msedge.exe	85
PID 3304 wrote to memory of 5088	3304	msedge.exe	85
PID 3304 wrote to memory of 4472	3304	msedge.exe	87
PID 3304 wrote to memory of 4472	3304	msedge.exe	87
PID 3304 wrote to memory of 4472	3304	msedge.exe	87
PID 3304 wrote to memory of 4472	3304	msedge.exe	87
PID 3304 wrote to memory of 4472	3304	msedge.exe	87
PID 3304 wrote to memory of 4472	3304	msedge.exe	87
PID 3304 wrote to memory of 4472	3304	msedge.exe	87
PID 3304 wrote to memory of 4472	3304	msedge.exe	87
PID 3304 wrote to memory of 4472	3304	msedge.exe	87
PID 3304 wrote to memory of 4472	3304	msedge.exe	87
PID 3304 wrote to memory of 4472	3304	msedge.exe	87
PID 3304 wrote to memory of 4472	3304	msedge.exe	87
PID 3304 wrote to memory of 4472	3304	msedge.exe	87
PID 3304 wrote to memory of 4472	3304	msedge.exe	87
PID 3304 wrote to memory of 4472	3304	msedge.exe	87
PID 3304 wrote to memory of 4472	3304	msedge.exe	87
PID 3304 wrote to memory of 4472	3304	msedge.exe	87
PID 3304 wrote to memory of 4472	3304	msedge.exe	87
PID 3304 wrote to memory of 4472	3304	msedge.exe	87
PID 3304 wrote to memory of 4472	3304	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/redirect?event=live_chat&redir_token=QUFFLUhqbklqVmpDN3J5dXA2ZWdDSjhpTEstTTJFTGtfUXxBQ3Jtc0tsQmhOanRoWDEyYTZKdWpuVDFnaW5BdkpHbnZjSzdodU1EMVRjVG9qQkJnNjVmaXc3U1hxTHZJWktBaUViUE5tc09BRi1ZT1Nwc0lvdEtiX1FtYTNfMDludUhfbl90ODVZa1Vfb1MzeWlrNlZHV2VHYw&q=https%3A%2F%2Frb.gy%2F78xr2q
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffaae7746f8,0x7ffaae774708,0x7ffaae774718
  2⤵
  PID:2632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,3147293206551420901,3272501324175193981,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2336 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,3147293206551420901,3272501324175193981,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
  2⤵
  PID:5028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,3147293206551420901,3272501324175193981,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3000 /prefetch:8
  2⤵
  PID:4472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,3147293206551420901,3272501324175193981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
  2⤵
  PID:380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,3147293206551420901,3272501324175193981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
  2⤵
  PID:4128
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,3147293206551420901,3272501324175193981,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4992 /prefetch:8
  2⤵
  PID:2452
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,3147293206551420901,3272501324175193981,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4992 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,3147293206551420901,3272501324175193981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:1
  2⤵
  PID:3388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,3147293206551420901,3272501324175193981,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1
  2⤵
  PID:4744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,3147293206551420901,3272501324175193981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5328 /prefetch:1
  2⤵
  PID:3680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,3147293206551420901,3272501324175193981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3732 /prefetch:1
  2⤵
  PID:1940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,3147293206551420901,3272501324175193981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3420 /prefetch:1
  2⤵
  PID:412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,3147293206551420901,3272501324175193981,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3436 /prefetch:1
  2⤵
  PID:828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,3147293206551420901,3272501324175193981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5388 /prefetch:1
  2⤵
  PID:2684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,3147293206551420901,3272501324175193981,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3672 /prefetch:1
  2⤵
  PID:5056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,3147293206551420901,3272501324175193981,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6060 /prefetch:1
  2⤵
  PID:1192

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3920

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2516

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:4560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffa9fb79758,0x7ffa9fb79768,0x7ffa9fb79778
  2⤵
  PID:4460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1792 --field-trial-handle=1920,i,17730280560926022709,16951859320940949185,131072 /prefetch:2
  2⤵
  PID:3652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2256 --field-trial-handle=1920,i,17730280560926022709,16951859320940949185,131072 /prefetch:8
  2⤵
  PID:3148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3004 --field-trial-handle=1920,i,17730280560926022709,16951859320940949185,131072 /prefetch:1
  2⤵
  PID:1948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3016 --field-trial-handle=1920,i,17730280560926022709,16951859320940949185,131072 /prefetch:1
  2⤵
  PID:5060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 --field-trial-handle=1920,i,17730280560926022709,16951859320940949185,131072 /prefetch:8
  2⤵
  PID:3188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4188 --field-trial-handle=1920,i,17730280560926022709,16951859320940949185,131072 /prefetch:1
  2⤵
  PID:2640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5132 --field-trial-handle=1920,i,17730280560926022709,16951859320940949185,131072 /prefetch:8
  2⤵
  PID:2072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5180 --field-trial-handle=1920,i,17730280560926022709,16951859320940949185,131072 /prefetch:8
  2⤵
  PID:3836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5372 --field-trial-handle=1920,i,17730280560926022709,16951859320940949185,131072 /prefetch:8
  2⤵
  PID:3244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4988 --field-trial-handle=1920,i,17730280560926022709,16951859320940949185,131072 /prefetch:1
  2⤵
  PID:2380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4024 --field-trial-handle=1920,i,17730280560926022709,16951859320940949185,131072 /prefetch:1
  2⤵
  PID:652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5656 --field-trial-handle=1920,i,17730280560926022709,16951859320940949185,131072 /prefetch:8
  2⤵
  PID:2684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5964 --field-trial-handle=1920,i,17730280560926022709,16951859320940949185,131072 /prefetch:8
  2⤵
  PID:3660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3276 --field-trial-handle=1920,i,17730280560926022709,16951859320940949185,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:1924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5272 --field-trial-handle=1920,i,17730280560926022709,16951859320940949185,131072 /prefetch:1
  2⤵
  PID:1824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5976 --field-trial-handle=1920,i,17730280560926022709,16951859320940949185,131072 /prefetch:8
  2⤵
  PID:4348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5992 --field-trial-handle=1920,i,17730280560926022709,16951859320940949185,131072 /prefetch:8
  2⤵
  PID:1480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5604 --field-trial-handle=1920,i,17730280560926022709,16951859320940949185,131072 /prefetch:1
  2⤵
  PID:1952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=6120 --field-trial-handle=1920,i,17730280560926022709,16951859320940949185,131072 /prefetch:1
  2⤵
  PID:4916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=6276 --field-trial-handle=1920,i,17730280560926022709,16951859320940949185,131072 /prefetch:1
  2⤵
  PID:1840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=6528 --field-trial-handle=1920,i,17730280560926022709,16951859320940949185,131072 /prefetch:1
  2⤵
  PID:1852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5160 --field-trial-handle=1920,i,17730280560926022709,16951859320940949185,131072 /prefetch:1
  2⤵
  PID:4692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=6556 --field-trial-handle=1920,i,17730280560926022709,16951859320940949185,131072 /prefetch:1
  2⤵
  PID:4456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=4964 --field-trial-handle=1920,i,17730280560926022709,16951859320940949185,131072 /prefetch:1
  2⤵
  PID:3452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4084 --field-trial-handle=1920,i,17730280560926022709,16951859320940949185,131072 /prefetch:8
  2⤵
  PID:3028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6004 --field-trial-handle=1920,i,17730280560926022709,16951859320940949185,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2776

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4992

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x3f4 0x3f0
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3688

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
211KB

MD5
2b9776807df1c30ef66c45ef60237487

SHA1
17e925fab39688d0d907687da86f566e283ee63b

SHA256
58a7c2031d7dbf5bda9614b64123996aa3bfcb5a783f901145baf087066c04a8

SHA512
e67162fb491ca513627e9fcb69a5db19a15129856ea3d01c2f0b5add061811bc5a0d4b6d8e53e4d7fe155b3bdf4a786cff697df5165368616589b411f8fafcf7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
94KB

MD5
a67a0732ad7a64ca7c666a68ae091431

SHA1
af0dc96a3d15b345f07f6b12c8acadac80a189c8

SHA256
bf24013c50ef3470c22df42a02f564bee234307c0efbe2200d2c97ff1642a37b

SHA512
39ae6abaa0f94a04f83d5bc5938c5ec6d9c990deac7ea2c4c7ee92741bdb2da6898d3f07a2447a1007c2b401e9ee98b4c7152f14bc913a983047d4dce5d79a07

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
47KB

MD5
709f7544bd3e74c424113e6853948595

SHA1
a8c1d9e6c8493091727f0e303e45ab92b773343a

SHA256
0f2a35c8b824d54b483d0b2ea10964bb7af8eb6b1c86d40efbac4c55e1123a2f

SHA512
c2ed4cbb5e48d04eeb63c94d7d88acec5af101c2da003a34379023d8454d810ae357d0b4265da7027af38889fe307ca597f815111295ed62520f39aabeb2020a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
775KB

MD5
7378f426d93d2f806b536db7d5d1ef37

SHA1
3b7a025816a583f4d77e2d446666cec3d280143e

SHA256
d40eeb6f1bcee392df7288d7ebb484b3e8fc769fa52d13a41804d59573799087

SHA512
44fbb6d3b806dc28ad340c33163649a12fbae9bd70823ad39da45a36e3325efaea3e4d060702d0aa08f417592b7a512b967610e361b08101e7f981bb9cedea5d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
30KB

MD5
86eac13ae042c5838d20274274d5d82d

SHA1
a1edc2336435162d57edd8e9a4a2b7ce2d693fdf

SHA256
2c700f68f9355697fcfb8a1be428158cc2937d2e0d01c0afbaed92cb2cb0c125

SHA512
313452f845e01faa3b45d9b37dd7db8bd1f2596684762d9affd50c1479c73592f06160f459c1fb11e4f7f38d185208b9c86c373f1abf34349daa3314382e337f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
33KB

MD5
4c44a4c4705e1e7ff214516345726b38

SHA1
c50da19ec6fbd99ee4c4f305e9ece188e0d19233

SHA256
7202e097880e3d2f06bd216cc9277332b95ff8b7d3a676d3ce89b869eebed990

SHA512
58c1de9c2d940b1d6195d96320c3b15030439ab71b1bf6a0d9e67c88213a3d1d29602a3079fbe4ce9cde6e6879020c05c237e1a7517c942b6c26f9da681da979

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
55KB

MD5
241ff52234682b729ef10aba06c484eb

SHA1
fcaede4d4086d3e986740871e1219e92682d87e4

SHA256
1058d2e09acfd1f3bf132795abdfed0ee7388464086fbd8a5df085bd538399bd

SHA512
de7d126f256dfc6035f664671b7db89d03e9a280a1a4526ace0cb7ce10e9c0d920d6650c1a7b56ea4c7140ef680117c4b0eb41376eb912ab2bf6cf09146c7427

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
a75a63e883c01d199171aef53689889b

SHA1
6751243d6749ce6c60127e5bcef4711c82cb4585

SHA256
cb924b68a485a98d192c836ad1cef1ef8d7ad3f9ec5f8322ae37a6089182da5e

SHA512
da6fcf924f3c436b85eeb4ccf2d1c9cb12c47effcb5bdd93ce72d3d8919ed2769c7cf15d485645325e287765088c044a40474f373308a517bc2994c9b0b364b7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
23139c79b4f11218867c09b19588e42b

SHA1
ce8fd77a6a99bbdf8458aaebcaa1ef00b53bae55

SHA256
ad04d91b63fedac9c54543db2acb1f0ae9458b9beb906345e99c5ada46696cc8

SHA512
29eaa94e2051e33f2f5457284ff2721a01be588f18bd18716847ff2c5b5e6817c4444f8a88c782a8f101ac9ed5c6db2c2667f2bbdf17f37eddc599d8edd0cadb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
864B

MD5
45a6ba765ae5584453f18d0bcec7bbd4

SHA1
e54627a086d4d29fbf1a180edab73ba2ff9da834

SHA256
4f6782ff8e99f2d9ff8a8ecb07e60adf7484cc831786f0c27e61fc54fe7c0dea

SHA512
a7939f069cd8794625541956f2ea5f482393c8f5f54bb044aa987ae47f083c1233771edce5ec64807081ab485e314f571725c48aacd62e883ed26533b89d7a0a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
1b112b2299ebf656a1a3c94c42a8e8c3

SHA1
4ff543dc7e4d145fffa8c310eda85632e8130e09

SHA256
ba65a9319561908ec828ed7ea813427677fc5047c5f7f399dfdcfd128dfbf743

SHA512
129764b021657f0aac81206e41b982ea58d8194e3ef4809fabeffc3a8dbafbfd695377c9b933f1336ef04ed171ed0c51fb2dc93ae188bb160bde63d6b70bb1ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
864B

MD5
7eaf6d876aa0179f1717f017ff7281de

SHA1
653f439d78f5171eea7363c3c41d92c80a58591a

SHA256
1cc0602f42cd01532e2a3e7af519823c4259c66b48a058558f454b60fff2f770

SHA512
fdc4932e1f384095f34db2f38ef1ed8d75ed194a89b0571cb488dd41096f95fefb3e336e3514b6bd94910ec0d64a21582826fcff538223de28803413437cf087

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
2f912fba56aa9a194bfc797a92e9f20f

SHA1
040ea58baedd34f104457e406d69762c1d8865e7

SHA256
39e145e1fd60174bca7f5ffe1cfaa8463cd5123d14f755fd2d131b45b86f30d3

SHA512
995bbdb3b75eaf14ba6882a243d055db11be18e93c2e18732525424f95850cfa422734abe6c1e18144a532a9eda38a4df90d1d3232b8ee987f0d3db995ce2660

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
864B

MD5
24e9b251b36a69a7c8198d40b5000b7d

SHA1
30553c4e5a1d3bc91c8887f1c25a4fd605f01add

SHA256
c496434da46cce621867dbbd148352979d1b9c3389ae3f401d66d39bd39b4ee6

SHA512
93dc5c57f5baf8ea568375b5cab91a37da167da402fd58de4c355912bf53d7808d35041a64d259e661129b8dfea765913f440a0b61799985a3cb2b57056337dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
369B

MD5
cb8cfa9172fdfbed5e2e6e503a94efc3

SHA1
cdb0abeb9d22b5880b4a7377730efece18c28fec

SHA256
30faf8f78105b4c0c94c74867b50ff56777622448c269271098f4cade42ffaa4

SHA512
087bb0244930a4cb2442e43368d79506837e46b173bedb9e9e851f4facf14d6918aeac5fd05c2e6119781f0116beff14ceca5e17b3e8507a8c40b8a51c68cdc8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
1cf01e3689604ef145ac6ec2f086078c

SHA1
e2120a5f7d0bcce7ea19322c978ca3ac0c4acecd

SHA256
9d1b2ca8c779857da3670dd431d2d33dbfa4404848d6c680b14b23d7f46a46a6

SHA512
7c4d6a5693b943ed07829624f25bf13cc0a54ffa40f301becaa89aeb3fbd708c359efc90e98e72153582865d8c62cd18844583c2eac8c798ac8a4232227b569e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
e0e59a48109d7dae9311cacd9275d25b

SHA1
93f62988a6f6feb5316896c4a38add1ddf309c4b

SHA256
e6c395513fc2b7b570c48a2d5204c5f75bcb08d633f85883098108920475b8e7

SHA512
3f515e6c1c19f951971bfc0f48140dcdce4b5073cbbfd791e719da618a5d8e62d90ad9ed74d1e9fd334f3943638bb6ba5a313b990ea163575a40182834598e40

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
afcf9ffaa4a97ea28b9db0d1514a9ad5

SHA1
45295b6cddd7405693e47dcf4ab151e38cd506fa

SHA256
3e95c91b76fc15bcf834f26d4dae2e29fc85ef25792edda135ec577104cea0b6

SHA512
89d687b11a25456ff5a98f6705a9f06d3fdcf8c764653153e5c56d58f84640b8e5a945f8a5d154f4b96b048b4eeda1914850b2d4e121b159144e54287dd17c2a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
e50d94991094f4a04979c8d0dce8b7c9

SHA1
db3e8857ed40da3073a9aa22d2a4a5396b045971

SHA256
f0aa993d2114bb37a2531c82c4df2125f41d41784070a4b2c09b2df117d6cae9

SHA512
127e9b5a582da66a74b21f25d0275e03152d605c69f76aac1c2b64bb83113a467144dfaeac5c5819cdab4a1a2cd42b7b9b690aa2753f794eff9c9af0eb64f7a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
4c9af7c05f57ab5b6281fe41fa681c53

SHA1
474e370ff163ab93eb1de195126819785f96510d

SHA256
bdf2d7f182110c7d80954d59da02799647f0485eae44b5f70c571331cacc90c7

SHA512
e1de579b7939ce35a13e1e59a143a631d1ce190f3b0ac3ed8010aee94f052d63493578c41c9dbd688bcd21949b9a0dc1a0e6001800697dc278c62bc83e054a65

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
6dab6ff1471e81a9bdb99125ada071f4

SHA1
7b446a747ae984474d44ee4cc9c7ec7820f6aff6

SHA256
2e8e707230b6b54d8f5f090117268e785b320be409e2a25a7b4193d4db85559d

SHA512
b000abf009d185d1dc9d27159a2b74d7de05a105ad283ce36d60eec3547219cbc8678545e07c2ba20d8f767a695aa1a7675c9c35f3e756ef4ee0a327fb68b0f1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
91d53e4da741ba254699165aa5954e72

SHA1
dcfe576ffe883853018f74a3fc2c41a93a59a5ab

SHA256
4ff3bfe2a6c435b22c518f819c44d84ecb37a9510667a1d9ef16cb83cd987416

SHA512
32fabba8ad96f00a9801df01e3fd42cf3dba891227396bd1466e47b53bb15826fdc79af8bab9cd07961f0d34fa7879c9397e887bc87237f2c8ac2af247e47511

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\18e4f234-dac2-43ca-a01d-e0e1497fd72e\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c68b789c-5111-4a4d-ac22-996db5b9273b\index-dir\the-real-index

Filesize
2KB

MD5
c5458c28b235dcea42da6b53cc746e9c

SHA1
7eae9b0fe35e31c26ccbee68f3a7e01389adc2bb

SHA256
3a924bab0b9039520387eae408b970ee4b46485e3335fc717c9a35a0b24d9986

SHA512
c1fa560802057367a537e264afba2044ea6ecdf1011eeff5a1d57fa3a15bd697fe654bb31f2bfe7b7d3ac2972009672338409425b8bff82293d127e1069ad6b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c68b789c-5111-4a4d-ac22-996db5b9273b\index-dir\the-real-index

Filesize
2KB

MD5
55cd1108a4ddfb9cd74bc4f5360319b4

SHA1
661ddac6c0251828437c4439a074c641326a635b

SHA256
76fe254c40dc4f10ee77d04610ad76c4f0cf1c045ee18cd2fef1f115cf423ad0

SHA512
f161bba9c744b7ebda40cfe213dfcc64d87b311a1e074fee2b2fd3ad47f05a9095ead8cae62f07ab77e2266a62638c8454a74aac385b47c33cdf68da237384c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c68b789c-5111-4a4d-ac22-996db5b9273b\index-dir\the-real-index

Filesize
2KB

MD5
0af4e338822d756fd0b50b85d6226d94

SHA1
570c17871ac0b888afe288467bb3eb2ef34ea73b

SHA256
44a07a74b16dd5345ef593a23a3475c63de1e3db902c82b0d379b6552d52f42e

SHA512
9315ce48ba87546f9939f62a76274c63c7c5025c3756e1d64797c368b07b3b1c6adcb3061d217dc1ea5a234f92531d7dbaa9cc7e7f740a29a0f0ee930af130b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c68b789c-5111-4a4d-ac22-996db5b9273b\index-dir\the-real-index~RFe580fab.TMP

Filesize
48B

MD5
95901a1fc8eebef2eba88ddde3d26e04

SHA1
05079876b6cbcc53f2a92748911cd48a693f1017

SHA256
c6a9a48f99dc38e6e6e4aab337e428cdbe8dd88d5dd2b6a291af2f88cc9f5a33

SHA512
709f5837de0d4baace36fef2fee3141d164f46f4a6bf37130a4b82c6e1d5537b1faa59a932c0fe4c7fe0776e8dca09595f08121891abb08d69ee6ac96798def4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\fc58b624-f234-4e7b-ad81-4448d1e28caf\index-dir\the-real-index

Filesize
624B

MD5
fc68b45297d36a7ba46d4735211f5cb7

SHA1
a25e28c9509b94db2a3487523aaed10d2f62fe60

SHA256
fe1f18a975b284d35284d52075d2ebccefa256e54df49d8d18b3bc1b95cadf0c

SHA512
d79a83c96bd44583708b541a714390aa81df0ffa54aa51babdab0f7072892838afcd41d91b5d27f953ef4741b96a915aea4b231a576088faf5208fda130d61e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\fc58b624-f234-4e7b-ad81-4448d1e28caf\index-dir\the-real-index~RFe587bb3.TMP

Filesize
48B

MD5
dbb029898b79746870c7d6212209648c

SHA1
61331745e9772994f9cf1a82e8b14029c4217f3d

SHA256
c0ceb732b16212afe859f7d06c6d9c29e517ea18782fd280294accb9c849ba80

SHA512
499e4ae060b87a2b76d6522b50cd2d7839706b76f49120889811db339ae7aff39ceca09cad44c0048e7529a59ae5013e76254b593c64ba9aa4e81668b47a727b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
183B

MD5
6b4318a27125fe4f48aa5d10d76aceb8

SHA1
2235ba1bee085b41ac9e64fcc5020b26a86ab095

SHA256
162e6a8128e9718ed8e2d1c5c64bb9a67e87d50dfb027fc067f6ad912f766773

SHA512
2f7520eb7a71c0275284add6e25a2fb9ff58c72353349e5bc7b261ccfb62cddbdc072b4c7321f81448858cc2e49882118c6210ec501523afaa8ef16e93208eb6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
183B

MD5
47d30c466195ee648229e088887ce526

SHA1
6d46dfa68e34c9a1437cfbd324996eddc9ad039f

SHA256
93c303e90bf9cef030879f469c096c92cf2bfb47c073d7347e5c3b751587de75

SHA512
7f5440f8c00b57545aa51d58b1a2abcd4de7fa8dbecd097f3cdffbde63b31a5a3376d57f796ba2417228bee731a09dc65ecda419f0498e30572223d46951b64a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
c1b7e8426dcb8dc0f61e4bdca6fccd36

SHA1
5049ba2a0a21153dc11d3ba3c72b1453e10af3ef

SHA256
36484d06ec6a92d1c49a91e75f917ddf01ea94f0a7f0270c17b66cf438d4ef7d

SHA512
3f9304ba2486b6e13e4b1724b0a911f0ac5ff19545e674f528893086dd03598fd87c7762a37cb2cd7f703ab2f91bf0f09c76fd326918c14afa423955fbca6fef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
b156acce8d856e95a7e2fac1d292fa45

SHA1
950e01807ee4e9f430dc9a74730a7a79f31227f9

SHA256
ac3c82348fa9cd87a0c004140e962d6ebb4fd5b0d423b9ce8c06f459aa9e1a65

SHA512
0247029121a1c812d74cd5bea9f8e1069e14c18a5bb2bd644323aa5d9be10c7ca5677892b31366a5e8794f93f071c933e70fcd98dcb0c6524b57fac554beae4f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
178B

MD5
d58566afd336b541f071b07b9bdc95bf

SHA1
34bd769638ba5487e4960fd5c7f54cc2f7b6ce03

SHA256
91f118feace823cb78bffa923bfbd98aa427d7c78069c3af0f7031f178838b1a

SHA512
13b9e43f4989571ab782d9a22cac9bff5f22958be7a19b7189b998a3f3a85caa2fd140296a364589a44e037baaaaa038f46cf62462097b53111c7ca9a3097a4f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
187B

MD5
311a3a7047da65118441d0101705a645

SHA1
9d806ec870c820f3410b4bc8eb8d1274f82e834e

SHA256
a89f267a864dee5c000711d7db373c16c82fc1974ac08643ff63e464b659c952

SHA512
2d154630f38f54c437038a0ab72fdd9b4bf57a26b76dfe4d5ac162cd2bafa97c3a2346c1d04a0091a2f290cc07318c5a734be3ecadc072ba3a8bd53722333a22

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
c48f0d54e48a28c38d2ea3a511cda3de

SHA1
20dcb490ace4bea1d30f6a0a67c7c3953be7c2f4

SHA256
255c6e73d3030a3908cd557381d4ee1f2d87178136a3d269f7e4eeebc36b6fb8

SHA512
3c2957c231108c6dc37556359c9664628216f24b87cc86d6836f4cbc1d81c402c70c87bd1421876a7c24a29647a8f3fe7a4a3132e1dfc5c9e524910814fad79f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57fd0d.TMP

Filesize
119B

MD5
ed1e5896e63d674cc2c90be14c30bcd4

SHA1
0fe7c5179eb120fa612fce7b61e2ea1a8d834dc3

SHA256
54a0037aa8ea63409ceea8fdfc734f54e2f391449a72cdf2eb61177a716cbd81

SHA512
171527f1f2a226c1ba96b49f1ff514d091c480b6dfab68c0c4ec5f01b45d6492e356c02e32ee5a1f1bdabe92c680d772f926b1a0256f5e784ab2cd8845398b72

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
d8050c8fbe21c67b0acec0dc4486b809

SHA1
e056b08ccf1d62ed58fed4ba020d250fb91ecda0

SHA256
a1e5efff5a45f9a4157b127566e2c8bb174ffdba8a62d11f94bd9662286311c6

SHA512
84d1ba7053d7ef2205440c67063ecc386205014a5325684690285633df22e35be78083cda8a718a9437844515cf8e9b120a077f60341078e69b423eda9eb158e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5869b2.TMP

Filesize
48B

MD5
b50f11e7efe6985507bee7265d9f7d61

SHA1
ab99e6f56a852d70f50812d5d076705e064230ef

SHA256
d6bc0c005d5118efa78a05749063c9c5494bd72a19fded27168495fe99d34a87

SHA512
4a0b92e997be757e5b5ebbe85d5d655aafaf955bd1d583750f35f4a126cb5fbe19d41be94806a73685eae05936a08e2e4a48db10d08fbb830b006ee715f2b867

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
240KB

MD5
3c66413477e24dd941dd64eba264d35b

SHA1
90f8345cc2b5fee95623d7b9cee8d1d55189929f

SHA256
0d52b7050a1fbe63a2ab482afb7a104bc7067a16e4af42ccfe68946250c823e0

SHA512
f98aad3a588d60c70ddf5967195358cecb1fd127ef1554630eaa3a00ce86e4c668d4d16ac89d73a09fceef6d5ed892fc0aee7d95eb473192ee138c53fc45954f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
240KB

MD5
1d676346f8cb43b9d2daa031e401fafd

SHA1
36c561d130724d0caef2c4a8bd0008358e1ea576

SHA256
f782e3f4183d1ec2939dc004d2d45dc0a2926459deaa9f468dfcbfc75666a39a

SHA512
17cd31ac6a277f174775b852c204149331ab90c7d4580f3d6807c23a6d660f2218be2e390c5f2e53655a2b737dbd90a6fef771790806eaf0ce871ec7d9c3ca3c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
240KB

MD5
abb9d01e705569863949c7cfa61cb5aa

SHA1
58727a366e60fff773cda6c50334a5eea90d2923

SHA256
a455031d80ada787fda8ab1328045b7791bf5e35c72486bc47400b33aebad58f

SHA512
225b20a5280130f90a089792688307941e8f0a615dadc0839e2e21a9f3c1bcbd3e9b0ca2d2d1a4b945e97acac5924c7feee0bd47ca24ec735bd124a5dd6dab8e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
108KB

MD5
070efa5d422de6b5903984df50051321

SHA1
50eafcd329a99a951b91e94e26654ebb592d2be6

SHA256
48059af275f518a928b6f0eca3afe62e704bbf3eaa3e12a5c5ea875425e09f01

SHA512
07be41a00cf541b09dd3d675583e9c7e83df87ced25d2457f2b6be0db2a1da39530297c6e00190fb769d8188779c04802af1e46d185f080d2a02eb1fa63e8d0e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
102KB

MD5
c2a1362ea37c8a2fde9d901dfb839861

SHA1
dc4a6df1459803db8ddb723c3c637164c49e35fb

SHA256
7b5e32f9d50a667c0a45394b5af0445f50e7a1d2306a95ccedd46aa0e2960443

SHA512
14c90fea1047e1f336beb5f0484106533fcc8abc13efcb8289d36d3cc69ebdfe63cbeda5a7be2e6b2e7e1a8666834757b62b0f24d5d3090b6a0cd45f5daf5238

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58de65.TMP

Filesize
97KB

MD5
503e28d9a47ad6ad8b45320956b7c169

SHA1
ef00418c647a38bffd36b8aa9a3332b92e056bc7

SHA256
75f52b3f6a5724a177b1adc20f36e33f649beddaaf5d2e9a138b50d1e8616658

SHA512
4bcedbe4ec07d25d07aee0bec57f2aeb8d703a9c1f56f0c9c5f3c9f0ffb0656300034d1603f79dcf67e588450ccd9e943913cd6bcddb7be81fe07bd3f2d165d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
84381d71cf667d9a138ea03b3283aea5

SHA1
33dfc8a32806beaaafaec25850b217c856ce6c7b

SHA256
32dd52cc3142b6e758bd60adead81925515b31581437472d1f61bdeda24d5424

SHA512
469bfac06152c8b0a82de28e01f7ed36dc27427205830100b1416b7cd8d481f5c4369e2ba89ef1fdd932aaf17289a8e4ede303393feab25afc1158cb931d23a3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
816B

MD5
eda3b22d90ca5e4aa186917b4c2e6807

SHA1
af83183bb5170b44bbc4f05038572b75bb2501ab

SHA256
d27103e31bd6a5c3d64dbb230ef67fd2c7bcd5512eeb913cea6f34387600e0f5

SHA512
8f03a3edcb637fd937be4b1c847870a9f8e55452dbe8b1cd4d6507311fcd598d3cbb6df8aea51d42966d37f832503022cd0c0dea3eeccf38a61e788141d8e031

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
d14db4f663ab2cf6a683c1e9a4e367fd

SHA1
b12de01e3c126f9695375240492b38bd0bdf92cf

SHA256
a21990c6f366aa032493cabe26a4786168e90b5da0bf66d7a7a76fbc3d394e03

SHA512
ad9dd8b6f99e925d083da878f42342b1adccef460003ba6bf5a8e1ff4e6199c766bed81d14c23adcf742dbdafb1771792cadd0f8186e4ae1921cc80350bb8962

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
4d58ee83515b4d7d73d9606273b66ee3

SHA1
5b344d6bcba9d0996949d3be5936f3ac77f2bd94

SHA256
033e3ff8f875d9b15e657ef242abdeafa81f0a7f985590d6ee2c022e59f6a715

SHA512
b6a0ac830406871d28142845e65651a6902440a2e373699b1136fb7a0c07e0b0da85df384c54578b83898a7e2cac093b5b2e1df14e387d4d3339b5709ff2e6d3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2a833ea735e995a5faf283a1eb7c702d

SHA1
eb46b7fdd43de2c7bdeda3091348aa06022ed11e

SHA256
f923ff056cd18cb6bcf9f8466ae337f7424427cb377698f71136f7d90420b809

SHA512
267c7e7921528e4167a25a2d65fd5d93ad803b0aa7e2791fd39dd8e13959bb875bc0ff92192f96bbcd170a6eab9b792535a3023589a23f36a79ea87dff330d1c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
40fa7251d2db35c0d6b13dc13d10336d

SHA1
c0eca8be448c76af8da31057fe2b89cfcdac60ef

SHA256
603909780f38404de1cc9ba45e608e13af8db6d7572c7366f70c3d1991b72822

SHA512
884113817e275eb49a8692a68987125beb3d14de70f98c9aeecf445c15795ebecb4efffda53ce1dc3bf686a60b19ac66c2fbf7f98d1bd64dcd4d1f84ba296bda

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
35f77ec6332f541cd8469e0d77af0959

SHA1
abaec73284cee460025c6fcbe3b4d9b6c00f628c

SHA256
f0be4c5c99b216083bd9ee878f355e1aa508f94feb14aeebcfba4648d85563a7

SHA512
e0497dbe48503ebbf6a3c9d188b9637f80bccf9611a9e663d9e4493912d398c6b2a9eab3f506e5b524b3dabbca7bb5a88f882a117b03a3b39f43f291b59870c8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
5f34750d3cca41631b5b81ae98c7fe0e

SHA1
c8b74de576ddc132e8a28859d56461f60a18265c

SHA256
2b9e04dd44b821a64964625adafb39b1410af84e696e23d38215512d24b88391

SHA512
f94d5e6bc6f66b7cc2db21d278beee28cfaaa3765154a3e81995f8e1c8bc1455660de9185a5fdbf8a98f328af6fe4aa86b577998de40de5ec479c9f32e8440d2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57abef.TMP

Filesize
1KB

MD5
2122c086c3a3e7536aede05be2308c15

SHA1
b87f1631692497c39cdd2497b01ff04575da041f

SHA256
37e49c02c36a8cf64b4c4f6c2e906024ab0f2b4c640eedc95ea6fdb97a7aff7d

SHA512
9e67d249753cc7b6898dc34232d383d81c196d5a6f9c7b47fee76f7d8892f83a32cda4989bdad3cf4ade7e04c64d879e5ca91a873ef8d2d9f0149babc7b6a16b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
bc396d4225564663c3c5d7cbc7933f73

SHA1
2186f629e3add3b35d3345c1c7fe6652ef80d84f

SHA256
1d9310bb80b96f87485cd6618ee47ed1109c5c6ebda9c27ce367ad0e60fba1bf

SHA512
c5d21a10bb517257fed28c3af57f548c3ae172966b6a06781605a1b17cca71d0106cfee58f613cc16ddceb50ee259d1087d4332bb2e8e56619b3145e44808892

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
07578b69ffded3ee57f19f473ccd0f63

SHA1
35ce7ed9f331f9f075b6729d07da5fa0bb573cf7

SHA256
de0f27db5f5b9b04d46466399780d1189b9ef7d730046433ac5db005749ba265

SHA512
d3497a11328935e5dc1e085709903adfa39e08e7412b865d015173001d9d7d93af160cffb72c23db4ed69499f9e6495902fa0880546a81f41f845f6dc7622812

Download Submit