c15572e01443396ef289ce1f8662c582cf25d9a2ef0cb1af7abd055598894144

Analysis

max time kernel
150s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
19/02/2024, 17:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Radical Red (v4.0).gba
Size

32.0MB
MD5

13b578459a321635fc5cfe77abb25cb7
SHA1

3432b97b35dc8cf183748b8696bd87b7ecaaea54
SHA256

70b0936bf25d4a90be01c8015b9d9a015d232a9aeedbd32661545f79279ee583
SHA512

a451a8944b5a3f2f0fffd44cfa2a08405f917ea04e8087c6522ae81eb8c26ad648ce328a59f0fdfa01f0b8aeefd12b1ab1d21bffcf0c466ea557ce9e0a82b62f
SSDEEP

393216:8/oqhkA9dNTUFxwlENCitwgsMQNq8lxlhOYZ0bUYJeYo:8/B9dq8QCewgsLI6ROYZ0AYJTo

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133528364942930836"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-983843758-932321429-1636175382-1000_Classes\Local Settings	cmd.exe
Key created	\REGISTRY\USER\S-1-5-21-983843758-932321429-1636175382-1000_Classes\Local Settings	OpenWith.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1044	chrome.exe
1044	chrome.exe
2972	chrome.exe
2972	chrome.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
4496	OpenWith.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe

Suspicious use of FindShellTrayWindow 53 IoCs

pid	Process
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe

Suspicious use of SendNotifyMessage 48 IoCs

pid	Process
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe
2972	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
4496	OpenWith.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1044 wrote to memory of 1680	1044	chrome.exe	93
PID 1044 wrote to memory of 1680	1044	chrome.exe	93
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3088	1044	chrome.exe	95
PID 1044 wrote to memory of 3560	1044	chrome.exe	94
PID 1044 wrote to memory of 3560	1044	chrome.exe	94
PID 1044 wrote to memory of 1616	1044	chrome.exe	96
PID 1044 wrote to memory of 1616	1044	chrome.exe	96
PID 1044 wrote to memory of 1616	1044	chrome.exe	96
PID 1044 wrote to memory of 1616	1044	chrome.exe	96
PID 1044 wrote to memory of 1616	1044	chrome.exe	96
PID 1044 wrote to memory of 1616	1044	chrome.exe	96
PID 1044 wrote to memory of 1616	1044	chrome.exe	96
PID 1044 wrote to memory of 1616	1044	chrome.exe	96
PID 1044 wrote to memory of 1616	1044	chrome.exe	96
PID 1044 wrote to memory of 1616	1044	chrome.exe	96
PID 1044 wrote to memory of 1616	1044	chrome.exe	96
PID 1044 wrote to memory of 1616	1044	chrome.exe	96
PID 1044 wrote to memory of 1616	1044	chrome.exe	96
PID 1044 wrote to memory of 1616	1044	chrome.exe	96
PID 1044 wrote to memory of 1616	1044	chrome.exe	96
PID 1044 wrote to memory of 1616	1044	chrome.exe	96
PID 1044 wrote to memory of 1616	1044	chrome.exe	96
PID 1044 wrote to memory of 1616	1044	chrome.exe	96
PID 1044 wrote to memory of 1616	1044	chrome.exe	96
PID 1044 wrote to memory of 1616	1044	chrome.exe	96
PID 1044 wrote to memory of 1616	1044	chrome.exe	96
PID 1044 wrote to memory of 1616	1044	chrome.exe	96

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\Radical Red (v4.0).gba"
1⤵
- Modifies registry class
PID:3848

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:4496

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff998229758,0x7ff998229768,0x7ff998229778
  2⤵
  PID:1680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1708 --field-trial-handle=1964,i,12778871546746801318,12520117872898984205,131072 /prefetch:8
  2⤵
  PID:3560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1708 --field-trial-handle=1964,i,12778871546746801318,12520117872898984205,131072 /prefetch:2
  2⤵
  PID:3088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2300 --field-trial-handle=1964,i,12778871546746801318,12520117872898984205,131072 /prefetch:8
  2⤵
  PID:1616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3264 --field-trial-handle=1964,i,12778871546746801318,12520117872898984205,131072 /prefetch:1
  2⤵
  PID:836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3284 --field-trial-handle=1964,i,12778871546746801318,12520117872898984205,131072 /prefetch:1
  2⤵
  PID:3980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4708 --field-trial-handle=1964,i,12778871546746801318,12520117872898984205,131072 /prefetch:1
  2⤵
  PID:1520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5152 --field-trial-handle=1964,i,12778871546746801318,12520117872898984205,131072 /prefetch:8
  2⤵
  PID:784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5252 --field-trial-handle=1964,i,12778871546746801318,12520117872898984205,131072 /prefetch:8
  2⤵
  PID:4512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5396 --field-trial-handle=1964,i,12778871546746801318,12520117872898984205,131072 /prefetch:8
  2⤵
  PID:3736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5192 --field-trial-handle=1964,i,12778871546746801318,12520117872898984205,131072 /prefetch:1
  2⤵
  PID:1872

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1036

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:2972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x104,0x108,0x10c,0xe0,0x110,0x7ff998229758,0x7ff998229768,0x7ff998229778
  2⤵
  PID:2248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1796 --field-trial-handle=1888,i,10124929213831511559,4283840722309853859,131072 /prefetch:2
  2⤵
  PID:64
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1888,i,10124929213831511559,4283840722309853859,131072 /prefetch:8
  2⤵
  PID:5040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2852 --field-trial-handle=1888,i,10124929213831511559,4283840722309853859,131072 /prefetch:1
  2⤵
  PID:4104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2860 --field-trial-handle=1888,i,10124929213831511559,4283840722309853859,131072 /prefetch:1
  2⤵
  PID:4324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2236 --field-trial-handle=1888,i,10124929213831511559,4283840722309853859,131072 /prefetch:8
  2⤵
  PID:2872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4756 --field-trial-handle=1888,i,10124929213831511559,4283840722309853859,131072 /prefetch:1
  2⤵
  PID:2376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3920 --field-trial-handle=1888,i,10124929213831511559,4283840722309853859,131072 /prefetch:1
  2⤵
  PID:2044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5128 --field-trial-handle=1888,i,10124929213831511559,4283840722309853859,131072 /prefetch:8
  2⤵
  PID:3552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5228 --field-trial-handle=1888,i,10124929213831511559,4283840722309853859,131072 /prefetch:8
  2⤵
  PID:3892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5140 --field-trial-handle=1888,i,10124929213831511559,4283840722309853859,131072 /prefetch:8
  2⤵
  PID:4128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5324 --field-trial-handle=1888,i,10124929213831511559,4283840722309853859,131072 /prefetch:8
  2⤵
  PID:4176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5380 --field-trial-handle=1888,i,10124929213831511559,4283840722309853859,131072 /prefetch:1
  2⤵
  PID:4108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=1744 --field-trial-handle=1888,i,10124929213831511559,4283840722309853859,131072 /prefetch:1
  2⤵
  PID:1472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4760 --field-trial-handle=1888,i,10124929213831511559,4283840722309853859,131072 /prefetch:1
  2⤵
  PID:2412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5924 --field-trial-handle=1888,i,10124929213831511559,4283840722309853859,131072 /prefetch:8
  2⤵
  PID:988

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4880

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x340 0x4fc
1⤵
PID:1624

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
88979a1699fde16b4c698f9cd10ee87e

SHA1
8a61fb3cde8d379bb8a461a7be8dc2e93b5ad2f4

SHA256
d147732816cd1a5a493235680728ef3dd4fb9be1713d565f63d72c0cdbf1a898

SHA512
fe0de028e0285c3dd5c4e37be64c6a5985ead36423345de1eeb6d3f5d961a3a811e14878e9d3c42de87744be3b5ed32d07a78e78ce5b0eca4edcb6d84333e3bd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
cfb83a8e233930728c44a9a9b17dc2ec

SHA1
69a2d2a1990dc0ca16728a5b60b403dc18166925

SHA256
7b3f99362f646a942bd8f141e0060a9b9b8569b02730a0c65caa85221b12640a

SHA512
e87afa580bde1289dc411c2dba0499b6137001dfffa0f8d740d8e82775ecab8b10700c6716a27d02b2750f705ef804de4cd5a021ac5c76e13f01b81c19df2d7b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
1f7ea0c846bf00061544617fcaf2ee85

SHA1
ab78b257a012887ca25c8b3484cbadd79bbd0c0b

SHA256
a81c68dd7abde1abd3aacc9690c3ea21f55be367a4ca0fa71df7ceaef7ccdad2

SHA512
4b900be523fe44a245e8ca8bdba61518033431050c72ae3e22aa5d999a5fd1c9a5c2040724165308a0ce09bd31f38eefdb5f25f58b56815cf0b5a911547116ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
0e5b5f6d1157cd0988bffc0db9f2485d

SHA1
50fc26374f8f4aa2720f796ea7093e1fe2ec9728

SHA256
a2b6dc66eb60352d22f3d8c5b792c9c336c65dec194c3db2ecccefa8654c1b69

SHA512
be22124348272be1be5c3792ad4b450ad80eca6048e3e53edf72f420832c6cec9d4ab4da1c05fa3b37713356c4098dea421c98ac3a23e181b6575672bdb585ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
3e25e18c2a567bcd7729fd27464d1fa9

SHA1
9a8de87c8ed70ee0330347625ffe27208fb5f61e

SHA256
b536887c14beaed51e493c7ed822547d5b21562586237aae26a376fbe0ef7a4e

SHA512
3f47030ddc8e6807687055d10f30daa8695c395c8aab91e0b6833640e736215527d09d0634e88a99ddb23273ba9aa83240b7dfb48dc925e70fac1bf7c3113947

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
194KB

MD5
ac84f1282f8542dee07f8a1af421f2a7

SHA1
261885284826281a99ff982428a765be30de9029

SHA256
193b8f571f3fd65b98dc39601431ff6e91ade5f90ee7790bfc1fba8f7580a4b0

SHA512
9f4f58ab43ddadad903cea3454d79b99a750f05e4d850de5f25371d5bec16fc312015a875b8f418154f1124c400ae1c82e2efd862870cd35c3f0961426c8cd82

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
24KB

MD5
b82ca47ee5d42100e589bdd94e57936e

SHA1
0dad0cd7d0472248b9b409b02122d13bab513b4c

SHA256
d3c59060e591b3839ec59cad150c0a38a2a2a6ba4cc4dc5530f68be54f14ef1d

SHA512
58840a773a3a6cb0913e6a542934daecaef9c0eeab626446a29a70cd6d063fdb012229ff2ccfa283e3c05bc2a91a7cac331293965264715bdb9020f162dc7383

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
51KB

MD5
c55de18492ebd3d4b2010d75cf6cade6

SHA1
923ea24d3f4ae1a4c910b2f317c2bac05d1378a8

SHA256
835d97f981680b03346a953c9dcf027b9c7f9a5ac34f17fe68a415659d1703a8

SHA512
8bd2c0ce761a6010ddfd4e420223ca487510b8c162dab9c1eeb85cafa1144c663d968530be3b4d66375fbe40b1b0495f7bdbca90c00f1e64fb9dd8a837d23051

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
30KB

MD5
fe19a4bd411419296ce266add0468c8b

SHA1
491eecc67026ab5331f1d5b4b8b2f200ec358668

SHA256
f9395d8386721c86c7a65b4b0785afab5815ca7ada66864c39eca86ace9a74b7

SHA512
a6e60ecef7c9ff72c126e3f37ff9e6abd884d5ce7c1da3235f3c62e7cfd0e01b572106322275917c0f7ed8dc59cbf6f3f31d7fca3c755e7157c56e4e6bf4f174

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
22KB

MD5
1a9805e3017bb4f1f7eff7f947a4d7bb

SHA1
3d83ad96dd64e5b8c788a69e22a3ae9ce19be9df

SHA256
e3a4460020157a1fa6790551d2908524a8def5bddf164b7972c5222f1f210790

SHA512
ce2d01d022a0b826a35174c46b7175b7f343e5ac9910fc54bb39695dfb551564741fd53db3f089c84735b32aac5f499d99e2aea95c052c12a6096b94b0d97b35

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
56KB

MD5
90eb790045efdd818c297384d62dfc01

SHA1
e1a43ea9e2ba6666c7804d2ee03a7ca6922ecb47

SHA256
5c20caf61cd70001c83a34d585a823bf5f8b0673d14d81989ca0061c71c87b5c

SHA512
f5138d2c735eac5eb34a41bc76965f27d9d5d3fab70c6cb948535dc61e18dfb6f8d5988630b4e7b9c345a907ca7a3495911d6eca30311108da29ac5271c7df62

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
35KB

MD5
23bcd3e1afca5785d432d313461fb052

SHA1
5302aa79b4c2461c99388a4fb719a9293ef90c86

SHA256
8f909c2a837b1deddacbdc740824d073b63a20b3e60ad746df2eeb529cbeec95

SHA512
5626e2e18d49d89fa5ffe10c254f9c8327f95f88cb152df07a5bb2507182e920ff6a4a08b62b236228c8988c14ff965417d52f271bdb225c02d94a637b833d44

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
34KB

MD5
aceaeaa1d9c9f32ba72d5b3d61c80650

SHA1
db4aba46341a8c5245ad0a5b1ddb1bb8454e6e51

SHA256
4adcc8ab4305dfc6374c05d0e24d29ce194982f418f737f141f9413304e5accf

SHA512
7148de36da1dbd1ddbfce8e939b306b1c1a49e51f6682b82a8f057cd6e481dcf79e3e4927e89682263ae9206b994aea09a860a5bb9fe27e09acee83b732c6fcb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
38KB

MD5
4063e4970487b1c9894508f2967cc8b6

SHA1
5b0c94fa8f496e659af36d2e4b22dca951bf4276

SHA256
08267821f8f226d2ee5257e596ec6bce69c062a0713c4457b12ea65ca992c39f

SHA512
56e84c26db9d4070e95ab29a78105cc1e1b3dd2517736185ca3be912887fdf7a4c4641066fe3a0637aeedb1cbd239dc4b0ec21c34b5727798d1a5d30425cd092

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
54KB

MD5
a7bdc8770ff5a919c2db7bc4a2c51478

SHA1
daf6628eab3520be04d7c3862e32403e4eaa60d4

SHA256
050825c545b62709be539f7ae4f4b26776757e9021efd3ad36ef06cfa18a6e58

SHA512
94599ffa355fce313b64141b5f6d024d92930f888cc600f1a7fab393b7ac8a764abb211298a4aa49f7dfff249b173f7ea17d93d385e39ed6f3c23befc8768cbe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
ef0f50c19bdba5e0c8a8dccc7c1efd1d

SHA1
d6a25e44c22a457fa1d1a36991b84fac48f8a729

SHA256
57592b86105951528283b49db4343785b5ed6dd1e3f2da6b5ac526608baa4cef

SHA512
5349249026c040e55523df89b79fc2484e0bc7a48efce1a85e198a4c3a39cea9fd3e5bfe77bdc291b594e71e55d8f447b3ca17eced6d32166540f159988ac307

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
c624663865265fb1385604d80eca0273

SHA1
295b47816091f0e7e5dddcb867562a25c4555d45

SHA256
93c00f6ee4a0ad08dfe9347e8dec19078e3d7969355b3fc63431200cc33bc19d

SHA512
0fb18d90c04034f383c0e5dd0c55c53633f631f0680cb06ae2545bac73a8084d6c2dfdf7a55ce82108ab795d6e0cb55c31512b9ff31fc4e201d4a4ae8a5d37b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
e8e53714bcb04305830d27d5c16420f3

SHA1
40eec03de61fe68c0239efd13c328c3f49d4e511

SHA256
5796cd37a121d9cab9b5a838ed4ef3e682b940db0f71b57f9e4e6cddbd55e16b

SHA512
8bb6363f3f03f718f5058aa37a0d202ad756959e6c8fb73bdef4c76c95b76a117f55489a0a4fded7e709a597776dd24ff04d9cdcc9cf1f2140ee9f874edff5c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
e81332095ab1076c37a9a508f7be15a8

SHA1
c8799e283f1bdb58df4853ce6a0846e459183b85

SHA256
143488e7ff89817639802d8f2150108655e3466abaef08e5069b79fadde4338b

SHA512
ec26e3ccf138badc67eb6d6416719b10a102bad3f88313119e4e3c2c10bd71702a2bb44b97f35b9bb31b54060471cba0a2e99114a884141c11056ff74a8c6ed4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

Filesize
320B

MD5
61a0d0ed58cad3f4b550c94c06b067c9

SHA1
c319af35c9cd0ca2f07194418e4be3d9b2a6da92

SHA256
b4f97a52e1205c242184762602f4c9635978c50a3a70d3a4ce994d2dcb78ca33

SHA512
952189ac07fd549ea07ddd16fcf5bc3e3f6ec539fec4ba706c1a6389c27a00a85d8fb365515b266be79ae872f2950cbc8e6cf0418d631e3bfb8883ad86250703

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

Filesize
20KB

MD5
765b938c68ba50fd54877ab5c00e5082

SHA1
51859efc49c14c5f48a511841db3cd910df6ecf0

SHA256
33729e3ed1e987967575b1561cedef0d88693dd125704071ff45277574061e4c

SHA512
1fb413e58910cf1bdd493218d708b51a1c0149986ea309191a54347f8a6f1a520c3d2b3ad8ba523af0054bcad1ea6137b1b607e6e5c601e26abb395b7593bfd2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
148KB

MD5
9a6a6901d311fd92eb99ec47b20cd933

SHA1
7a395128b691eaef583159a048022eecd85b2a68

SHA256
6bff29f7683f04085be276bc6757aba13d06bae81392095e06c7626f01c473c1

SHA512
d4f1e0ea83c3700e215c30ac50e07ea4651a8467fab593396c0dc19d6fc4873a967eb387866f704474c01e8eb13e677687aefa475101e8dc6a2b0796da2aaf53

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

Filesize
20KB

MD5
ee57c1ba8fad638fac79f41579bf13cb

SHA1
0867bf98094635e459897223f4208ff1d52ada79

SHA256
20035d039bda51ef3f33069c6fb208321b792bb68cc0f1672dc872ed887d39c8

SHA512
699bf8b4c7328d7eced8ec4da4cef2fe011ad69e14e0440ed3801eb5672a9471abcb1e30eb71cdec53ebb3b9df6ac8e255ba537a284a567a79c8e37422b3898c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
af132569d7393c81c743de0c6fc173df

SHA1
53b970322afb740f17f702ba0fa3e511e51c4101

SHA256
c2627a5184ea01d091d6cffd2e6cd4785ce51f3d4ef8b0e76d83647ff2712e4d

SHA512
93bd597b59fab300ef9e2392a0158b1554f66e40779f62eb9c73975d9fad27ee21dd1f2458fc624fd92f384715586c59aa41d3c7ca9ae71471e1d9add8814ebb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
8178d3b3ed5ed2ceebd7d5749137331f

SHA1
9b707d72b4d083f4a7b65f06583e89f37aa3297c

SHA256
d0eaf370d7b3a73a580fcbd2377e16929a62e87ed1e8694a232e28cba3f69f81

SHA512
ac08e1cd3cef27acef1229c71b9827da451adbce6264fe57ccb20771ddd02c5f2b000209514f0eb96bb2808cffc0e5a22455c29e2c25d30dfea78fc071db6359

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Reporting and NEL

Filesize
36KB

MD5
dece031d71ef2e754dd3021f43561bcb

SHA1
f238fba6b1f448b1de5e1cef5be5361a84b2bfc9

SHA256
915b6a1dcc83954e8db4e22d839c63a009a2dec4adb44e5712561f21662906bf

SHA512
970308efdbde0a163d265e3e02b6298cfa2d6d6781249cd5502a7d9fe02b2fe75e5377a2d2ebd2f2b046f9882267da5460e7d483f48520d976583a27390beced

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
bf2b5d86e4286fc4281c7b3971048195

SHA1
e0ea7b28d16e42d9466d702bf862292c96409c3d

SHA256
4007eb7b292adc38746f8066b2d836bd86ab5a3907402e292630ac5f1b1bcdbb

SHA512
7b9dd0aec50010f926e4cd65c617b622cabe25fdfb103299ec1a65d08a92e6212fb949ca071e9f28b459dc19d646be06f93c03183baf0b70729d1f9d191c9336

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
08d34e5c51f3eda80d2d92f298d41689

SHA1
927eea544d83ebf21e8ff4165ac62bf5a340a920

SHA256
411c747091282b531dfa5ab1ef2abf2b2d07ed15987102eae2f80c015fa3558e

SHA512
5cce96bbb5bc31b1881f460c9b43b172de27be7436c8dc7115ab0ad6b47220c978a33e292938b890b3a6e4ac85ba35ee7df5fd2072188ad83ebe450105971afe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
191671666540f9d3b51bcaa509d34bcc

SHA1
ee98476b1ecf0da3d1eca27c6d382df5e41d8933

SHA256
4a791c4e2171e5b3ab8d93c73d13fc1c2a3b27837a7f485e8305eb29658d2edb

SHA512
213ab59599f506f0d9ef9cdee2c33839ffab9a1021a6228f59c4af4c4b40e071a6f2169c02ae0f9778977e3722a19b7495240350e43f5d6fe2c6d32bae7b420a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ddbb7ae4094910768f160db9eb981d1a

SHA1
2349fe1a7cec4759b77328876ea9dacf1ba8c7fa

SHA256
c318b0d82a93fdda8b104f5a2b2328504ad2f527ae1e71c8c3021f1deab93656

SHA512
2cfbdd36f12c5cb9bdd730b2347932a714825cfb592159626e5cfe3fc1d2c5bc8c757a0b5aba527027b357544fc7c230e828bd6f89a5d86e0420879778ebb16a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
2df7dd2d983cb50ba13631495985f50f

SHA1
92e85fba931b7403c036c7e1cdd6bdbb4933d7a7

SHA256
643982238267fde64774cef5f8c1bc96f3a73018f12161a46ac1d122c04a3d73

SHA512
c7b5953eae0bc39967ce4ab55d2bf1ce0894078101e14c3925063d8082c41b3f0a29f49f72ee241b47ae0aef060ab70664d8ccecc3b741ad9fb4fdb999cf213e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
f4dc7dde69c929ba66d3c86f5b926403

SHA1
1ad5aa2ecd7bf3cefc09ddf5258114c0ea03467a

SHA256
cd65c94f3d40e3ae203a155e757fe4e56e2987aa3ac2abe4908597dbbfa5221c

SHA512
791146d899a3d9cfcba3873002bd2014e93a8e0952ea8c9935ddf81ae2ffda8ce40695cb1a95c90b87c0121be167c59824bd45c11f9aac430e32ed901c1c447f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
10cc215140559576eaf6fc9c557d6b04

SHA1
292cbc840673592c43c40fb437fbb4d83d909989

SHA256
fd6c5df08b732a803ec48cd13ef967cab660906f1f972eb8852f8655580e4301

SHA512
3632cff2dcdf307151f6eef3d0def26cd469a195b036386d79bffa71f6c843880e487b56eb1ba2a44b737997be13e0a76d3ca6262ab6f7910fae723d7ac47b2a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
e8378ae7e441f8541556752064337aab

SHA1
8f1565a24e3821a5d314006821695b4f5c1f0ebe

SHA256
27f04cfb6d13800410ab2bb78ba956fce3a90f41b8d3319d117100683dedc666

SHA512
54a5c689ba3aac6d4f97614d73313e30c8184b2df947d3276779881494615c68613dbaf35c075c8d03982d0af26794f93485dae9f2b50294b19db5cf461272e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
f02176937fe9be32b2a634b56d9e4141

SHA1
5e9e29eb0ea3ae3a868cdc753bfb38948eddc14f

SHA256
07063c3152b6710a98e789037694c110dd03640245b9186da3a612d0b735e4ae

SHA512
6e5d8feea029da9ca9f3c497d1290b0c580c32f7142aaa9e55dc483f80dfe6fa049132d24e3a732b6dbb3d5ee1f56b3035e9b408c8064d265ef54e468aa9a39a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
e6374c412466187ddf54a0bc9de6cf29

SHA1
3a8fba185cc87ba0e63ed6c984fbab98ba2a5ab6

SHA256
3aa5a0147949842737c253490e0fc06245aeb60336c67271e922d6727f1029e7

SHA512
bf83f7c88088189d1e3b44e5781f9f95693693207a216b301f8dcc2cf0cd3f4ac2ac59eb692a7bf43f0973804f3d9defabde0b090e62b084423a79039dc396bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13352836565510391

Filesize
3KB

MD5
a98681b39e8fda50d7a9fd1d76e1cbea

SHA1
6dcef0490d35d3817c4836514f1f207940f894a2

SHA256
2636cb202dd7bb2525591e8f613b1be7c0eb119fad793bb484b46fe23a204f4d

SHA512
7f21a5017335fe6da1379e1c09971dfb1ba6b8b97ff734b3a9a15b653c5f8d28e8f768d5e4af52245eb0b90c2559fe061a42b795a3c03f8d01a5435cc7304ab1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log

Filesize
112B

MD5
91bc9c247cef2d209ecd79f6262237b9

SHA1
8499c89f1a7ba548e0b035549cf6bfd8954f8118

SHA256
7793dff072e300ef854cbe220119188785fed7550aee59866268b903bd58dc84

SHA512
44789cce367015bda44633d36435bf07c5aad3ce68e5085710029bfaf9c10dc5068b0dfc45a132eba24ee1a2d486e6dab06e0c6b65ddcef7518fee3330e2e7d4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
345B

MD5
67ae881c73ed5fbf5a8bd21631a68e36

SHA1
47544b44a3bb9e27d1fcc94fc4c33812dba6d65f

SHA256
a69b56f1488b92d404b797b9815e844b802174e35435c48212af2c588dc37ca1

SHA512
cbe69b31f4992549873097fc8181854455b128a9aa5f4ab2600aa25d568714f306e219ccef2762fa8ef83de6d81dad1ebb9312ab07a83564963804d09914ce09

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log

Filesize
8KB

MD5
ae268c36d7c897adaa048d2cda04cfcb

SHA1
02e04b277fddf7f211a5027f2c6a78b1fdc59edb

SHA256
d996e19165e79b7a4928d12732208dfdb3053a4f341cee040e8fca03500997ef

SHA512
330ccda2b3a453fdc594a201d11c73b80df8244b97478fb8c211cd83499b579cd69f09f27fe735e119bfa4986ab62e3d80b8c27e9db2b88a9f89252c21b7fc39

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
321B

MD5
422250e6308b42240551e686b006dc13

SHA1
05751a9d98970f9345efbfff491b0e6299f7b828

SHA256
8d3daa6def63f4821aa599745f08f60b70b036c1e7f2e2e1d3d1492fccc8daa9

SHA512
c8e10b17d887dec6d5cb3e0f7b2139bf6614f157e0d98cc896c1f9c936156a936ca351fb872b94342b542db4d9fb142e767d35db80e2528dd37c0f071008bbfa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

Filesize
128KB

MD5
f989848961c0cc46818268ddfbd71b89

SHA1
19b948e1973fe098a854b2a8c540ca152cbed44e

SHA256
30717901c31d79c2f97bbe4503135dd580ad8c231191dae116f35d5aee20ff12

SHA512
9c681200799dcf24bfc7b26669404c2a18b93338c0a31e83f8bb6086f8169a52c5621e7611082ee7ac8f1555ad8bfd30f597775f85d5da76f70ea747a56e5601

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data

Filesize
92KB

MD5
331b9c6ad2491bc3a5d2a3f130d59ae4

SHA1
d4b8a249a3d0e7d9f117d2aac4a016a7023bbafc

SHA256
4556c808e0edeb208d70d40a6b4351998212c77b7858116e9414c35a8a067be5

SHA512
74bb6946afbb02615fcf65a48c3dd36efb153bfae041f3eedeeb299769036a6b98280921e37bef86ebf98be60c1c2b2b1382d29cfe33b321636fc940dfdc9905

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log

Filesize
1KB

MD5
41c60171f82f439a1fe6a0cf8fe66e2b

SHA1
e9801e139309c6f5bd7eb59dc6092e825c5ef87d

SHA256
59a83364bacf47017ebc896295e8f3c9bb300d35a5bbe4915fd5f45a3c3d249e

SHA512
a2d66a37b997a99cf8376c02b6f2176b914623fa644dd9d2e4ab7fcaf2c7f9e928ea902318b00d9e102f160a62f78649ebdd2d746e0e6b5538b8e803bfebb07d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

Filesize
320B

MD5
060d71513ea8421ac33831ce4add835d

SHA1
4a6f879c174671a4f31f85db0873fc9a3f4a3f44

SHA256
c7fb67a35f0e0a0054cf5d827188682e79474a3b7f1b488de9573dcddeed241b

SHA512
cd2c383f457c3b245e88a8c7fa24dee3b1e1345e8357bb58038d0cbe7cc559bdc58a05e796bc5030c077415c060b4f832e1b2c0aecc733d2735f0b58df075d1a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log

Filesize
918B

MD5
419f54c804a482b78cb6bae0cc5a13f2

SHA1
8218a2beeb899e81a11cc8e420718da6068ba6db

SHA256
18b9d6405354a6a6b610befdbfbc5cb687bdd57658a7b7e7d701ec4b722d9b41

SHA512
e8332c8f9eb492162999a7ac7897ebef6955dca5fb87bc8a7386e4ddcdb2f2dcbd9522f44ae6b918b753b3c1d07c1ecdd0f948c7aa2355998e3455c6691be7bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

Filesize
335B

MD5
983dd18db11346fcaf04426ac9ecdfe3

SHA1
776b0ca71faae2db9b8deba6b7267fab7f5f1c4e

SHA256
cdb1884d1b2dbed6b69e6926b46a3e8b1a956ceaf57368518598ad44eaa5b2ff

SHA512
8580a43e48e8ae676fed55c4e8d1c672371b3df78a0115e25e2c7048f2f639424b9edf77807aa93f88e4b84cf66cb9ce3f08d92589250d248862c3c562c7afbd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0

Filesize
44KB

MD5
f7285731c3804da9cbbfd3bccf117e51

SHA1
eda8c5f6920bdd6902eacb2203769c5199bf4b0c

SHA256
c404805ae066084cce732e0bd2bf262a7902943cfd5e278067100573ac6716e7

SHA512
f89e1b3de7580819ab3b248c3ffcea2f85e6bda0b0e7f7d873238fbe399ffb8846633a81dace92600bfc98c75bef97726e7fd23e1d3d407538f2097d7101ff82

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1

Filesize
264KB

MD5
c40743fb8b876b581cac31b41dc35acb

SHA1
5230ed3e1b82d7a74666ddd96a91eaee29ca4acb

SHA256
1463013a69e541a3371ed75302582ff652fb40c534469d789b531b4e96fd9b08

SHA512
112a457c55d36228c53123d75496c98cfdfc5ecd2aea1a71e39438b8bcb6f4904320ddbb9e48145a92712e8b2a1987b2c3c6fbfc82191d93b2988dd2292fb8af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_3

Filesize
4.0MB

MD5
b88da8c341415a7037628d9febead93f

SHA1
e0673ae16efb0f8ea9a33f7106bc950bcfa4f517

SHA256
7668f6c8d4d459a507c96fe30d53237d16d6ea5dd2dfe7745e28371eb755ffd3

SHA512
ce47868e78d747d01fb1ea89033aedd2f1257d2fe4779846e248dc80b53217f56b5d8b0b51e61bbb952b0a5b27cfbb0d3c990fe562d5b88f419f47da931e2484

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000004

Filesize
17KB

MD5
219e2d046941e4204c2f2862a62a370f

SHA1
6ca01878c6ee44825193fae48079eab9eae6a7b9

SHA256
cddddb2abf1de85b7a100fb0c5ab9ee6a22a275226e21789a256ce59208f5678

SHA512
2ea950e23565027f64f96c38129708bf2ebc10a8f925cb07fc60a5dc991759cad1dfd3a84e41ce2e557f5e23812747ef9c5dadd58b5e184b0fd884398e706336

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000005

Filesize
16KB

MD5
8257043e1b6a8ec4a61518c1539f10f0

SHA1
b74300a0c170428e9c20cbbdbc1d1f957adc7089

SHA256
3134234b93f92c12e368fdb69c555267e42989f807ad2972165ac2b21f6fbc30

SHA512
d0e4fd0c95da41456db1964e8f09cdf3096993f0f299ce0ee73b2b4559f9b022465d1aa6615d0b3dabfdfa1fd75352f3efcd944c029e2c1f1bbcfe4ef19627a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000006

Filesize
16KB

MD5
c8698c415ed737acd8fd8512c5821733

SHA1
2ca7990e2f16e5a8fe92722074a30336c3e40bf7

SHA256
c5ad4768807581c07c049acace5d4bd303987599c59b24b1f818b72f58db16ef

SHA512
363ed39af177aa54060abe8c49ddf11a2296b6f8e59325c9b6e0b6e945eb337b565d09d775eee80ef8e2b94646ad75e4d23a13bb93407c5fabda817b3195bdb2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
9eae63c7a967fc314dd311d9f46a45b7

SHA1
caba9c2c93acfe0b9ceb9ab19b992b0fc19c71cf

SHA256
4288925b0cf871c7458c22c46936efb0e903802feb991a0e1803be94ca6c251d

SHA512
bed924bff236bf5b6ce1df1db82e86c935e5830a20d9d24697efd82ca331e30604db8d04b0d692ec8541ec6deb2225bcc7d805b79f2db5726642198ecf6348b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
029ba9c375349aa6a2bb1963a8dd69b2

SHA1
4649a4bba32520bf9df0af95ea95e218b924e9b9

SHA256
2da6823665093e17eef67ad88a4c6ff50eea9fddd92043e261a38d910dfb7057

SHA512
0cfab15cfc6905bcc4379a742e64922e3533b0378448f081a05ccc7e76fb3527db8f01fabf9a117d0f98e3c20d22850eb7bf7d3430878ca972b8339977f8badc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
240KB

MD5
6ea332552d93de77bd34b2ddd821fa4d

SHA1
729786dab3fad4c88e480c8b3fb20757acee9bf4

SHA256
f0bac3f7167782ff440cc25d40864b37c3a467d492034844a6d0a22f43e66623

SHA512
68c617e785820be1a2c28102f53add3bfe585177131ca54cb5d30f3973990ce3cd261efbbca45d8972acd5b567ec2c4b940565aeba6698163399e414939d9af8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
240KB

MD5
c0fa4b46e52ee46fb509764b85d3dec8

SHA1
0b840958550dbe0ff3494deb7f8de783fa9b3359

SHA256
79d76f6ea9eeed3529acecce903da0203bcad9186191e478930f6aaba4337829

SHA512
ee0df82026ebd1ebe55dc6c20b48c7cb0b4afe5b742ce6059b5ac6fd70629f206419943d935e7e5370ca16c31e2085ff21682fde8c9f549b03297b129e72c5c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
98KB

MD5
57656c33094954b53fbd543f8985e79b

SHA1
c133ad034e2eafb5c434fe810967f6182f47418e

SHA256
b171250d4d3165e4865b49064fe0717604e30e41145029a1fb348c4f0e679f28

SHA512
855738d68c99c281e6436e6ee3ddc33727c9ecb1e34dd1e2789b28909f2f92d8da2997190dd3470cc54aefc565185b8ed7cb1ce09c94166d122f0b19360238c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
31cc31af271249e6c7f0ae1c8774afcc

SHA1
5bf5e814c4ba13d4e84dd1a93228596655cb63b1

SHA256
71c5b8eb366df692b964724c8a678b74b166bb47e0e03bece64c0f915898f297

SHA512
b64c49b939d43fc30d3a99e244cf1df9e056797696b6e240ecc6d0ed5e8f50e5971884fcb5871e97ed0583352a02e238f520c28304d55bfd638afe29c65fb80e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
85B

MD5
bc6142469cd7dadf107be9ad87ea4753

SHA1
72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c

SHA256
b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557

SHA512
47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit