hxxp://youtube[.]com

Analysis

max time kernel
145s
max time network
149s
platform
windows11-21h2_x64
resource
win11-20240214-en
resource tags

arch:x64arch:x86image:win11-20240214-enlocale:en-usos:windows11-21h2-x64system
submitted
20/02/2024, 23:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://youtube.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133529464538100306"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-751003968-2436847326-2055497515-1000\{D8D53C89-2095-4DB2-BB44-72A2735A42CE}	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
920	chrome.exe
920	chrome.exe
4248	chrome.exe
4248	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: 33	4648	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	4648	AUDIODG.EXE
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe
Token: SeShutdownPrivilege	920	chrome.exe
Token: SeCreatePagefilePrivilege	920	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe
920	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 920 wrote to memory of 1224	920	chrome.exe	17
PID 920 wrote to memory of 1224	920	chrome.exe	17
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 2000	920	chrome.exe	83
PID 920 wrote to memory of 4060	920	chrome.exe	84
PID 920 wrote to memory of 4060	920	chrome.exe	84
PID 920 wrote to memory of 1856	920	chrome.exe	85
PID 920 wrote to memory of 1856	920	chrome.exe	85
PID 920 wrote to memory of 1856	920	chrome.exe	85
PID 920 wrote to memory of 1856	920	chrome.exe	85
PID 920 wrote to memory of 1856	920	chrome.exe	85
PID 920 wrote to memory of 1856	920	chrome.exe	85
PID 920 wrote to memory of 1856	920	chrome.exe	85
PID 920 wrote to memory of 1856	920	chrome.exe	85
PID 920 wrote to memory of 1856	920	chrome.exe	85
PID 920 wrote to memory of 1856	920	chrome.exe	85
PID 920 wrote to memory of 1856	920	chrome.exe	85
PID 920 wrote to memory of 1856	920	chrome.exe	85
PID 920 wrote to memory of 1856	920	chrome.exe	85
PID 920 wrote to memory of 1856	920	chrome.exe	85
PID 920 wrote to memory of 1856	920	chrome.exe	85
PID 920 wrote to memory of 1856	920	chrome.exe	85
PID 920 wrote to memory of 1856	920	chrome.exe	85
PID 920 wrote to memory of 1856	920	chrome.exe	85
PID 920 wrote to memory of 1856	920	chrome.exe	85
PID 920 wrote to memory of 1856	920	chrome.exe	85
PID 920 wrote to memory of 1856	920	chrome.exe	85
PID 920 wrote to memory of 1856	920	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://youtube.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff9dbbf9758,0x7ff9dbbf9768,0x7ff9dbbf9778
  2⤵
  PID:1224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1664 --field-trial-handle=1840,i,3094144592598557166,10721144109863739336,131072 /prefetch:2
  2⤵
  PID:2000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=1840,i,3094144592598557166,10721144109863739336,131072 /prefetch:8
  2⤵
  PID:4060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2216 --field-trial-handle=1840,i,3094144592598557166,10721144109863739336,131072 /prefetch:8
  2⤵
  PID:1856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3116 --field-trial-handle=1840,i,3094144592598557166,10721144109863739336,131072 /prefetch:1
  2⤵
  PID:3920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2936 --field-trial-handle=1840,i,3094144592598557166,10721144109863739336,131072 /prefetch:1
  2⤵
  PID:4920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4492 --field-trial-handle=1840,i,3094144592598557166,10721144109863739336,131072 /prefetch:1
  2⤵
  PID:4528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3164 --field-trial-handle=1840,i,3094144592598557166,10721144109863739336,131072 /prefetch:1
  2⤵
  PID:4004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4848 --field-trial-handle=1840,i,3094144592598557166,10721144109863739336,131072 /prefetch:8
  2⤵
  PID:1620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4768 --field-trial-handle=1840,i,3094144592598557166,10721144109863739336,131072 /prefetch:8
  2⤵
  PID:2556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5164 --field-trial-handle=1840,i,3094144592598557166,10721144109863739336,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:2836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5540 --field-trial-handle=1840,i,3094144592598557166,10721144109863739336,131072 /prefetch:8
  2⤵
  PID:3572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5200 --field-trial-handle=1840,i,3094144592598557166,10721144109863739336,131072 /prefetch:8
  2⤵
  PID:3224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4416 --field-trial-handle=1840,i,3094144592598557166,10721144109863739336,131072 /prefetch:1
  2⤵
  PID:2744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5044 --field-trial-handle=1840,i,3094144592598557166,10721144109863739336,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=1844 --field-trial-handle=1840,i,3094144592598557166,10721144109863739336,131072 /prefetch:1
  2⤵
  PID:1600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5068 --field-trial-handle=1840,i,3094144592598557166,10721144109863739336,131072 /prefetch:8
  2⤵
  PID:2532

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2720

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004F0 0x00000000000004C0
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4648

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
1⤵
PID:868

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
211KB

MD5
2b9776807df1c30ef66c45ef60237487

SHA1
17e925fab39688d0d907687da86f566e283ee63b

SHA256
58a7c2031d7dbf5bda9614b64123996aa3bfcb5a783f901145baf087066c04a8

SHA512
e67162fb491ca513627e9fcb69a5db19a15129856ea3d01c2f0b5add061811bc5a0d4b6d8e53e4d7fe155b3bdf4a786cff697df5165368616589b411f8fafcf7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
47KB

MD5
709f7544bd3e74c424113e6853948595

SHA1
a8c1d9e6c8493091727f0e303e45ab92b773343a

SHA256
0f2a35c8b824d54b483d0b2ea10964bb7af8eb6b1c86d40efbac4c55e1123a2f

SHA512
c2ed4cbb5e48d04eeb63c94d7d88acec5af101c2da003a34379023d8454d810ae357d0b4265da7027af38889fe307ca597f815111295ed62520f39aabeb2020a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
775KB

MD5
7378f426d93d2f806b536db7d5d1ef37

SHA1
3b7a025816a583f4d77e2d446666cec3d280143e

SHA256
d40eeb6f1bcee392df7288d7ebb484b3e8fc769fa52d13a41804d59573799087

SHA512
44fbb6d3b806dc28ad340c33163649a12fbae9bd70823ad39da45a36e3325efaea3e4d060702d0aa08f417592b7a512b967610e361b08101e7f981bb9cedea5d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
30KB

MD5
86eac13ae042c5838d20274274d5d82d

SHA1
a1edc2336435162d57edd8e9a4a2b7ce2d693fdf

SHA256
2c700f68f9355697fcfb8a1be428158cc2937d2e0d01c0afbaed92cb2cb0c125

SHA512
313452f845e01faa3b45d9b37dd7db8bd1f2596684762d9affd50c1479c73592f06160f459c1fb11e4f7f38d185208b9c86c373f1abf34349daa3314382e337f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
33KB

MD5
4c44a4c4705e1e7ff214516345726b38

SHA1
c50da19ec6fbd99ee4c4f305e9ece188e0d19233

SHA256
7202e097880e3d2f06bd216cc9277332b95ff8b7d3a676d3ce89b869eebed990

SHA512
58c1de9c2d940b1d6195d96320c3b15030439ab71b1bf6a0d9e67c88213a3d1d29602a3079fbe4ce9cde6e6879020c05c237e1a7517c942b6c26f9da681da979

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
744B

MD5
b41acabdb88653218ccfbc308abf1d9c

SHA1
1471eb18a1a961584620c2d16ecdf4e111192929

SHA256
8f1189950dc108a0120d9b84b70551b0b5b01b5f7e5a2a0f572b6dc86ce8b19c

SHA512
48fdd9c8237689193d4c3526746d21cc1ada22cb978f454b1301346abe7044b2b1e7433021226220aa6d0b30014296615e263d1acb3403645748ca958d371665

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
456B

MD5
7e04f68da5386693fcc0d5754bd9c158

SHA1
70e261dfed2d612be10a301af9d0613f9f55828b

SHA256
8efc0508be255186e9aad2780fa76a9b284be0e5bb99dbe5de3ab2b61b427b0b

SHA512
27b1d8e6815f3399187f2d4f7318ad54705dbae0b91132d112c611888c18d600880fc8f05563f98d55c6f3f5c8960e41db63aefacd372bba3384a1610f738c44

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
1cbade715761e1c1eadd5a9814f5154b

SHA1
7eaf5cb98929a2b3f44dc1147048c56b4de1a5ae

SHA256
42ad827bdcd77fce70e605c9e51e6bb06eaf8eeaf44aed5fef80f8d200bec835

SHA512
f63ba05903206cb1602cea4e83e8bab326329449c1973c0cd5a45474229e80f8d44e66ebb10778d6b44d593a49a9d73b7709f35b6d7e2b10758f8ea7b7a9e84c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
20651d1e46851656a2664721ab35ed3b

SHA1
464de95302d1820a8957e127b378ca0856a4fa16

SHA256
ad048fd0638d7c05304db9cc76cd1769d1186e6e8632c2bab1fefaa0580ecd42

SHA512
1c5f2431e303070f483ad51916a58e54202dbfd8b9bed920a18dca7f2ff59d76337b767e6f9222bc0fdd9e46c4a9c792fc6f5bf3cab8cdf80100973ecf4e7ac5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
1a9219ded0d733e6b088978041589f5c

SHA1
b088ef129cd331d2259f99c3d7ec57311d908c2d

SHA256
5de12b18db497dfc0b00aac5c668a27cfa5af9d19d51ea22d704bc5485229594

SHA512
5e8c466ef3ee1293080f1cbbdb455f4b18ed7f48ebb80b4072d151ea98d575b2df1d54a7f94c84feba3da34d3e464eba4e6b34b6e9859528dfe3de5ce3be4c7b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
22bf1cf14eea04667370936683c3a362

SHA1
3219d5c16a8fc44b7cb988794eb24a427cd8edc5

SHA256
1222f03b96b6b5c9d1bd0c3e953b8740efd22da3f395c15f33f6e63a53e26599

SHA512
72245a2f299198fe128e99ce02033eb3f8992372cd74d1793907f8a2ba809bd49641c26f30252c6396278cbdb9d32af950c3782cd44782c79aea850899256056

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
8df190b36a9704803b6197f9ce0ec4bc

SHA1
7ec54aae71d1e7b4749f7325ddc2f82c052f7332

SHA256
1ad928bc01ed8b2e794b0ad46f41e233faf63444c9dbf220da1965d4fd929ef2

SHA512
bb2729c011841ea42dcc74329bfe3772d7e117a7b231e79d6836addbeeb803d5b7cd222217c952a1235d33725801037cb1c9fc6481e72f64a749dc459fb9dff6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
dc36c08b9a6be0352e85fa31ae516a13

SHA1
bac9c0e5f6ec0e6e6a65d4c3eb8d0288016262d1

SHA256
7716dbfb7ba04a92e8239327152d9cb621cf8b9fe5ae41f5636a2ff40275854f

SHA512
05a8518c83afd88662fb254312be6713f3d7061a7b65a9902f68749f1707d940d8d8afddff03cffc6921619ef534b21d75ec3bad08ca57c31363cd4b5a836f44

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
5e31316b039a397e43b88908677dc4e4

SHA1
12381639e1fb292cc331ee158e9d742d0bda800a

SHA256
4a8362e8f0fe2b702b6290213ab3c4545f7fa172aaedc886e2890d777a8dae85

SHA512
bc0bf30d52363c0c467f20fac15b9dd49286a47dcf905a6eb287866f40f21e9356bd6e7c0e3a8126e7f2f7aa23215ac0aa44b692ccf8234b8687dcc839353090

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\11e4a959-61eb-4045-ba2f-8fe542c21f25\index-dir\temp-index

Filesize
2KB

MD5
e30b70061783808f4b8995e6571800c4

SHA1
b9b4548c6d007a17728bdc47d52bfe6db20638b7

SHA256
aca63c1d143b38c2af01f0eec54bab1ce045e9aceff1481b937f40ebd0e68934

SHA512
2dc5be09c4a457f316b0ebbfdbc0cbf6b02b7fdbe236b4b324e2e9a805de789c74add9fac42f6a140d17379877d96be8f2d861571274a7efed04d508a7d35394

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\11e4a959-61eb-4045-ba2f-8fe542c21f25\index-dir\the-real-index

Filesize
2KB

MD5
87e591b3eebe03cc2403df90c2903d63

SHA1
23a89bef049d83219437139cb875dce01ec3b006

SHA256
018a0f0d61d48855f67b92a7c8ea75ea3a384f7fc8f95c946a5590a84f8044c5

SHA512
f97b34840a44f4eccf85d9e33b1931a38c8cabb8bbb6e640f4b654f40052d0453d84a1d44c7a96973646c2aca7332f6bb0b77b179a332cd645864613b84b49ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\11e4a959-61eb-4045-ba2f-8fe542c21f25\index-dir\the-real-index~RFe57edcb.TMP

Filesize
48B

MD5
a4177916fda6fb419f7caf6257cba261

SHA1
cea2a79fbd51acf853e5cac2e1b700ab2c8fbc1c

SHA256
3fcb3eee16c4a3ab5caa9dfeb7cda3fabc4281a3855d4a2c747e8e0cc2d8a317

SHA512
e92bb40b5df4b5caefc27f60f1749e66648108d58b30e19ff163cc283b4f0430fade92a31a0988cfd219557cae892dc56a1de44d4826665803524375e17c4215

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\1817e261-c9c1-46a0-83ca-4b2885c808bc\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c6895d00-1a8f-4343-8267-07462403abe7\index-dir\the-real-index

Filesize
624B

MD5
3384b55166ef4fe2269ed5d3c7fb16e6

SHA1
3f5c84c3c06a3673d4e569c45ae2e79b9576786e

SHA256
6c93fa71dc73dcafa50f0073a890856715dea4949e2db86b84b04996626f8e7c

SHA512
ae91999def9c4a7165167d416266ffe3a27be4de3fbace2a62c72a7418fb4616a1bc6610f99306558742b4f1b2939ab883d8c0d726169d87d3e8a8a539a62629

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c6895d00-1a8f-4343-8267-07462403abe7\index-dir\the-real-index~RFe58a4f5.TMP

Filesize
48B

MD5
f485dc827ba562cd5d8ca6660bc4fe9e

SHA1
6d9cf9ecf37ad46ad551af48c83bbbb4f6d75a29

SHA256
7b71cc4cdab9dbc50e0ad11e4a315a8892556e0e969f3e2d2ed02d98f66b740b

SHA512
3ecc6512d5882af606baafb649d9215a33fd01c066660eebbe8db1abd1ecb403736286e1711228dc75e75dc111409e409b4b297b1b467acbfe197bd70a90e353

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
79185d9836905604db0ed4e4f350d7bd

SHA1
45a4247aa880f3a767478615c8ab8b1eb06c1e25

SHA256
787eda6ebca4a5883d64eb68722853091ae704d568beafeda461243d68863a9c

SHA512
54d09dd45cae28e32f524798e3a954f12b0ee8ef2f2c22520d99c86db972672792d491bd14d4003ba6a0382cb85b1782c2eb13d7042a4eb3155f0c51f043a740

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
187B

MD5
9deecf6ec80785fefefd02a01ce1440e

SHA1
e1e9ea8f11871370dc98694479a0112c9c145f86

SHA256
46e6dd15ca80db61583e8c1520b4e7d310b0014dd37792ca11b7d3172ba1fd0c

SHA512
ef9ab4fedb3bf6915bcb40fc341d970b63125eb12be0a7bb3dec5beabc6acfa8fe2a031cfc729c3a7298773d78f8c0a8c67b9ab6ca9a90891c2a761afb05eea5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
7e59b4421cf74c515cbbb3b70ace26ca

SHA1
81d6703ac70938bf3f4398e549b042cd79c1b379

SHA256
08af1d9e1c121f88abc04b2c5d2f188b10184ddf8ca8ca5cc0f131b328c05463

SHA512
3a1534c6daa1a4cbcfef26a0e53a5f0ffe064faa867b3d766df8011b922f1b8337a49d826489f3dc75f087c2b1e038c39febf5831cff2a053537f65b5ba004a8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
178B

MD5
9449cd1c38e7464c51fd7077cba064cd

SHA1
8612190e7e260c5cde57d38aedd55455a090e3f8

SHA256
468ca6835d0f5d9fcffffcfff9233aeeb00391995d32928ed2aeac945b22729b

SHA512
5fd8125d48d8716c4feed40181339a28b42a8029a1e6dddf53352a34012809f82d34a4b62a36b5c14dfb9bfb213c12b10375335a8c1be2cf4bdd25c044a3a2dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
183B

MD5
0228536cb87f7d52209e20591e113d37

SHA1
ebea77c087f18815bee2b4514f0fc064ff2353f7

SHA256
f13372f947e7807c5ce9cc38247a7648a6fdab19911714a075aa69f51c32f41f

SHA512
ba66054a50f2fec2fe1f256604ecc6006fd684d48204ea98cca0c02b0cfeee4f869c665679eff7cee8efa8f9ce40aebf11efe4b6516183691804a5e054a1fa10

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
db61bd6988597f4cf9682f30ce1934ac

SHA1
d9c99b5f378be353cfb813aba216bfa5d12dec71

SHA256
f2e94cee6c789f2c86954f02c563bfdc96f4fc498d8b87dcc9c41f2d3dcadfbf

SHA512
8ea3cf82f02aae8752cd583fedd5fedf8bb13de4344364cc686ffbe0567d0fba3df06dd5f83c6442629a3e5cd54fdb551408b3414d4806f47f09f6bddc21232d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57956a.TMP

Filesize
119B

MD5
f2fc3a0991040096aadfbd08008e3c11

SHA1
a7802890b5b3a858141b28fb8f78892f9777a202

SHA256
d528a2ebd970e33c9ecc2e4db9dd7f92540d143753054dec5da2986966673a11

SHA512
8bba4d8f80a1c907230f3b4267e46245a81d3e1fc6b29d57a10f7049583f84d629ed2b89303edda0e398ee21233af9067ea1eb7b63f097668db6ef925224a9cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
315a9c113a39a8e1516f9e8ec2461817

SHA1
4413bd3756d98cdb2975cf9dc1ca52f88f47dcf3

SHA256
54b4a70f22bc7c6431ed60de494ad238a51cdd27c6c6e3cb356eab3a2b0f416f

SHA512
b256aa2dc70f3d31f14f2e30684f28ddc448ced4aa7f5c3fd52215ed85da914c7e8e7ec6ff71e24f00990ad0b484350c67cbe4a8215951a663c5d3c20ece8c6b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
294de58f92f3892bc9b013b5be069f04

SHA1
8c437fb93a51cd3c2c6f57cf69f416c9dcff9796

SHA256
5e508f9b43031f45245627b1b68b287a0350c25966ba464c45d5cc9d362951fc

SHA512
f78364141632b02c20d03b30ad82a9222f8f2c5666e084731cb2bbb034b3fe40a405ce167cebb8f28445b72f7defcda32f016d662aca6c06a5d0e045838f0c7f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57e445.TMP

Filesize
48B

MD5
cdd039cca0dcf351522d0212d2793072

SHA1
813aa934b024ba15f32538e66f03b5894de7c27b

SHA256
34ec6215e15234b1225c094952e3cec9f0557c3752f54f225d5b61a60f604396

SHA512
6be2e99b425ec20c3791092fce9bfb36f1ccb591d88144f96f6c59789b89ad5f398e9fb2dd9a0616720cb90ed6e52cbdd60d59ddc2091aa1c8968512f4fe0b70

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir920_2020733324\Shortcuts Menu Icons\Monochrome\0\512.png

Filesize
2KB

MD5
12a429f9782bcff446dc1089b68d44ee

SHA1
e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

SHA256
e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

SHA512
1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir920_2020733324\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
7f57c509f12aaae2c269646db7fde6e8

SHA1
969d8c0e3d9140f843f36ccf2974b112ad7afc07

SHA256
1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

SHA512
3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir920_608693139\Icons Monochrome\16.png

Filesize
216B

MD5
a4fd4f5953721f7f3a5b4bfd58922efe

SHA1
f3abed41d764efbd26bacf84c42bd8098a14c5cb

SHA256
c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3

SHA512
7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
255KB

MD5
979fa842a0cb4b6ac9da2d360bc6e9f8

SHA1
ce0528f52c33f674751bfcce387f242dee3ce479

SHA256
ca012902166bf01ff345f5dd89d27a17ecdaad548c99f0a8db49c410cbf1d910

SHA512
910f61d9c8254a5ee6b3cc25f4499f4190eb8841298d52808191f17f217e207c668e5922a52ec1d0990c095fc2c51286cb75116d4af8fb86c501d2a433ec3022

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
90KB

MD5
8667ca0b4d6ea38dec5b4ec36b7cdeee

SHA1
0b83e0bd84b5047a4bd0fff4366ba4a873213813

SHA256
d2cd4ec42291240cedc5ac7d5afc460e5d63c650726c4e13fb25f693a39d633a

SHA512
e3ca51072c7211389bd9aab88c0eabe492e95c09db1b67e85925151b5677fd8866e7c0864f510c0ae92bfa5df8d3022987370895ad8769548a7de6ba067d589b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe59a89a.TMP

Filesize
88KB

MD5
b627d49d6275d5462e264686cd8d9828

SHA1
0540b7e44057f729e400b49090bdef4911d11258

SHA256
d3f3a05659fb3b09c96dc8aec7b4f9ec4dd42f0da2159ccf86cb3bf6a651a6b2

SHA512
ecfff3faa0f914cdf520f24b2037f9a4b705a684416959bfa98429e5464c94a4ffda97e9abc04fecd83062aa0599229fdf390b971587279b9a987ff293ff984a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit