hxxps://vww-roblox[.]com/users/3795469963/profile

Analysis

max time kernel
150s
max time network
156s
platform
windows11-21h2_x64
resource
win11-20240214-en
resource tags

arch:x64arch:x86image:win11-20240214-enlocale:en-usos:windows11-21h2-x64system
submitted
19/02/2024, 16:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://vww-roblox.com/users/3795469963/profile

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133528345493684736"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2924404578-3852090450-4074565938-1000_Classes\Local Settings\MuiCache	MiniSearchHost.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3764	chrome.exe
3764	chrome.exe
3384	chrome.exe
3384	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe
Token: SeShutdownPrivilege	3764	chrome.exe
Token: SeCreatePagefilePrivilege	3764	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe
3764	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1352	MiniSearchHost.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3764 wrote to memory of 776	3764	chrome.exe	71
PID 3764 wrote to memory of 776	3764	chrome.exe	71
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 1092	3764	chrome.exe	80
PID 3764 wrote to memory of 3304	3764	chrome.exe	79
PID 3764 wrote to memory of 3304	3764	chrome.exe	79
PID 3764 wrote to memory of 4804	3764	chrome.exe	83
PID 3764 wrote to memory of 4804	3764	chrome.exe	83
PID 3764 wrote to memory of 4804	3764	chrome.exe	83
PID 3764 wrote to memory of 4804	3764	chrome.exe	83
PID 3764 wrote to memory of 4804	3764	chrome.exe	83
PID 3764 wrote to memory of 4804	3764	chrome.exe	83
PID 3764 wrote to memory of 4804	3764	chrome.exe	83
PID 3764 wrote to memory of 4804	3764	chrome.exe	83
PID 3764 wrote to memory of 4804	3764	chrome.exe	83
PID 3764 wrote to memory of 4804	3764	chrome.exe	83
PID 3764 wrote to memory of 4804	3764	chrome.exe	83
PID 3764 wrote to memory of 4804	3764	chrome.exe	83
PID 3764 wrote to memory of 4804	3764	chrome.exe	83
PID 3764 wrote to memory of 4804	3764	chrome.exe	83
PID 3764 wrote to memory of 4804	3764	chrome.exe	83
PID 3764 wrote to memory of 4804	3764	chrome.exe	83
PID 3764 wrote to memory of 4804	3764	chrome.exe	83
PID 3764 wrote to memory of 4804	3764	chrome.exe	83
PID 3764 wrote to memory of 4804	3764	chrome.exe	83
PID 3764 wrote to memory of 4804	3764	chrome.exe	83
PID 3764 wrote to memory of 4804	3764	chrome.exe	83
PID 3764 wrote to memory of 4804	3764	chrome.exe	83

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://vww-roblox.com/users/3795469963/profile
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fff4b259758,0x7fff4b259768,0x7fff4b259778
  2⤵
  PID:776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=1812,i,8557319158360230728,15497283273995940101,131072 /prefetch:8
  2⤵
  PID:3304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1588 --field-trial-handle=1812,i,8557319158360230728,15497283273995940101,131072 /prefetch:2
  2⤵
  PID:1092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2944 --field-trial-handle=1812,i,8557319158360230728,15497283273995940101,131072 /prefetch:1
  2⤵
  PID:4696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2928 --field-trial-handle=1812,i,8557319158360230728,15497283273995940101,131072 /prefetch:1
  2⤵
  PID:4592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1784 --field-trial-handle=1812,i,8557319158360230728,15497283273995940101,131072 /prefetch:8
  2⤵
  PID:4804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=5088 --field-trial-handle=1812,i,8557319158360230728,15497283273995940101,131072 /prefetch:1
  2⤵
  PID:3168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=5228 --field-trial-handle=1812,i,8557319158360230728,15497283273995940101,131072 /prefetch:1
  2⤵
  PID:1180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5240 --field-trial-handle=1812,i,8557319158360230728,15497283273995940101,131072 /prefetch:1
  2⤵
  PID:796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5696 --field-trial-handle=1812,i,8557319158360230728,15497283273995940101,131072 /prefetch:8
  2⤵
  PID:4172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5180 --field-trial-handle=1812,i,8557319158360230728,15497283273995940101,131072 /prefetch:8
  2⤵
  PID:3740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3660 --field-trial-handle=1812,i,8557319158360230728,15497283273995940101,131072 /prefetch:1
  2⤵
  PID:2488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3240 --field-trial-handle=1812,i,8557319158360230728,15497283273995940101,131072 /prefetch:8
  2⤵
  PID:4632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4948 --field-trial-handle=1812,i,8557319158360230728,15497283273995940101,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3384

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4180

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:1352

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
b5d9f9cec50acd45d878a2fbdd8eff69

SHA1
b4f721dd58e5d3bc7fc540b984451af5f0cae8e6

SHA256
548aa1497eb2ac1c52d6487284841cfa4e8c0eddaad207657ce166002963c746

SHA512
4bff26530944e94e5981f00ea1d065552a062fa823ebd156254325b41c03181d8444963a683f1b0bdb077114c42d6fd8710abaaac2ef1c8ff9f45c41c0cec29e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
6f9c8c37aba61d6629eabf159b1f3675

SHA1
8392e418a060fb7e0eb5789bde975c4c5744f600

SHA256
fb1ef13f91d1d3d3a183bb4437a80eb7332ab99dcaf05939a6aa651470fed753

SHA512
3ef7cf6a1a9451156e7f82d3b41fc60765951a71e9de61fc94feedcd0d4a70ed6bf5103c55f5c06e291caf52df8eced53e0567dbadfd848f7096472c9b7fe553

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\1e357bcc-3a6b-4beb-9276-09216f49a1d4.tmp

Filesize
1KB

MD5
cf10d49a20d3bc319dc5c09eb0135bb6

SHA1
e421de900cda25e73a197773b4516c7831616692

SHA256
98ac8a5db29cb34826145f287f3802abf20d06a9a625fb785f8573c8525155b1

SHA512
d9ac44e5398817de3b95063d7981698cab29384a095075d08ee15830e327c01a182ce8b76d504dc7ab51779b11181d675ab1da3c1132f11c0f79e32ba328fb54

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
ce14bac5028eb32c07efe3f150c8dc62

SHA1
75a026dc26a951826f7eccc91e0f1c3f51fa5a40

SHA256
e5d85aa8b435d7b974eca0f96206b9a96d6ec5e3b370858e8f21a7a0c341c454

SHA512
7dd770e1a9a7fa58e66eb49129313d79eb117d418f7c1b799389aa89df67bd886613669223bd020952330d76be19cb7a5fa29b796034354dddb2b2a7b07ad446

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
10a0b2bb424c8d9eb1471e9028a6d635

SHA1
7b2d11ed10c9a1c6ff9ae6102ff453e655c07e6e

SHA256
e76e242316444fe815e070bb7ad65043011fe1507215325e56d258b94c03fb9a

SHA512
b8fa12fd68c96846b14b34b434cefa2c5d339ea1b22f8a2ec2d18d555b52ac55704ea5f6476078d7699bd0231e0aa182f20d3baf500f932bd71580f25b2666c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
61a320d3591f0bf7871b6ab3a98ddb68

SHA1
998feaa53b1ebdb6c7e2bdadacb29dab3d535345

SHA256
83ed0a747cb1058bf2c0853a47f2a47addf62b5061a3cdc1e2d43c0d2cba9588

SHA512
3ab0e028946c71bbd376a61ff329dbcf00f0d1fbc0a86cfdf40b1441eb8412b11c5dc60a7707f2a1fcb47d6a8744d34c15165be1005164ae18198c7cc518ded3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
6b107e0698af990e066d63741a94c0f7

SHA1
0203924022313b09704d688a4128ec0534ee8f34

SHA256
4eb877836d3ee0c0df615ecc33b538605bb2a512f74c6bf28f49c86ecabe09e3

SHA512
b2689294ae7226456efac2becbbe095c62700bb783ba915070ec3ce734b71c07d23de3fa83076950079b3359f30935d2932e5b40ea5fcd54a75996cd5a073013

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
a08092dc647d6a24fd8e2088e7523691

SHA1
a4512f1cda35890a383660d4e37336731d5db065

SHA256
84b6a6337431408cc7ba2ac03fc351179fccc37bd18e7bff4624e6574c8b4fda

SHA512
a2d8b00b4ac802ea9a72faa3e8f4d3724db1e09511d700eb0be6ed8e2b9e801220a4fdb1c0b09fb3fecf5d47b0664ab833ac92969df6c78090049abc04718e87

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
0ef421c301ad97c2a40bb51510cd0b56

SHA1
f104e5e857fe55eb4e66637ae382d1d6c97f4a0b

SHA256
c4c84117dece856fc0ac18507e27dfa805b2e37a1cc29891344addcfe2042aab

SHA512
76bd44674ee3af03cb4bd7a49c2a5760adbe1091fc0afb25971b58493de64fb2cf30809b379c4e2a2f020e862264fea68658aa0e3f747dd2b1e1d693ad78d2a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
3875a39941a46ccfe82e2ed935cf4428

SHA1
3d2731c140709106fcacbb49af29078f4cdc321a

SHA256
07264ffae3d0e66e0e6b5cb662766f6c6ed70ac7af06a3faa6088b43c616da7c

SHA512
1a5d08229d0fa52cc56d98ea84da39b9b1e5c0ed180ef1d913316df542e90778fb44de947030cf50893fa58a573dbff5a536807e1c1d6142f89051e2c8a2057f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
02df560f8b6d83bf494eb125c336bc30

SHA1
130e4d2f02aa302c233183cddfbd9c0e5a80e212

SHA256
b203e954977fd0f3247df288a1919315aa53c8b5521100ccfa6840b5f3c32420

SHA512
7bd26e951c2a3bdb7e25e1e56d20a45e7f2ffe4abcd99b278fb2a9482f08ac00e857e44ddd4906e1495495224126848dd236c03dd8327ac69b71a1dcec834cfa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ce1510d46d8486553b480ddc3c32988f

SHA1
c8334cf6c6918e06e3faf78d10c35e5159fe4cad

SHA256
2073d29a9447101227ead7dea8c102d93e005ef6612fe32396c174efbd613107

SHA512
dda37f26b8a91b79cd15c19e2d9cf56b14aee082e5b2ad4faf33d7c5297d203f958f994d25a1bff260c3a4e99a3d38a5be80556a98cc3eba6e79b9d805eb6966

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
e331566f8ec2f8b7abb42d2f0dae0460

SHA1
9e2094b8e42253e45077fa2555dd6b3fd81248d6

SHA256
4c7a7216dc16880747cf4fbcdfe27bbf44e424c99fb65f13fe0d0b1e8f3be6bb

SHA512
9964fb4ee89fa117bedc7e0b9fc82e7db00d688ba6f74e3069695ab6f7f8605710f2f5ce5b7c8073215c2dcff0788e21ac44592e27b0702576ba810ffc5fb76b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
129KB

MD5
93851eba46e44dee7f3308f568151a0e

SHA1
68b9a863adb2b6474469db627c43d36958daad43

SHA256
6b1e84261ef8fc59b248b5c38c729d24d0fe8aad0856fa943897fe0fb372b2b4

SHA512
ec45a6a27dd57de588dee080f8ec522a17b8adb6f88d6f7a8510f853aca419de0b6d65388ce35265ca3aab71b4ac6adb37c8fbc005a91e3e406130a3941aa5e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
94KB

MD5
87c736b90611aaeece55e04058edadcc

SHA1
04a76605c2ea2bf85bb3e1ad2bdf98020481e3d3

SHA256
bf618a36e8a2532a8044977c4af72589d2389dada5193e56dafa0d2cb887c706

SHA512
b08adee3f09730121fb652b8974fd309a3a36d4dc63372c299e3709d4e6f77c8fca042f207170404401a72cd01f75b492105210e55751fc19d714421a6917a11

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe596865.TMP

Filesize
92KB

MD5
d4fec419494a826ad211783222ff48d0

SHA1
9b0d8b4043cfe63ec8cd4a3e768e253a2f488487

SHA256
f4133fccc6c28cd87be3b4a71d038b3af1fc0ede9330eca70251a09a56394c0a

SHA512
d3a4180d0f644ba88ee18e7172a616866083655b424f286a31795ab8e68c20f16dbb0f546cf942594a02ee7ccd3c579f613c53cb68d8f685c95e3bdbddd04aa2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit