hxxps://www[.]youtube[.]com/watch?v=-bnVGH62Yho

Analysis

max time kernel
150s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20240220-en
resource tags

arch:x64arch:x86image:win10v2004-20240220-enlocale:en-usos:windows10-2004-x64system
submitted
20-02-2024 18:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.youtube.com/watch?v=-bnVGH62Yho

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 9 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
4588	msedge.exe
4588	msedge.exe
1840	msedge.exe
1840	msedge.exe
4640	chrome.exe
4640	chrome.exe
1808	chrome.exe
1808	chrome.exe

Suspicious behavior: LoadsDriver 10 IoCs

pid	Process
4	Process not Found
4	Process not Found
4	Process not Found
4	Process not Found
4	Process not Found
668	Process not Found
4	Process not Found
4	Process not Found
4	Process not Found
4	Process not Found

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 24 IoCs

pid	Process
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
1808	chrome.exe
1808	chrome.exe
1808	chrome.exe
1808	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe
Token: SeShutdownPrivilege	4640	chrome.exe
Token: SeCreatePagefilePrivilege	4640	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
1808	chrome.exe
1808	chrome.exe
1808	chrome.exe
1808	chrome.exe
1808	chrome.exe
1808	chrome.exe
1808	chrome.exe
1808	chrome.exe
1808	chrome.exe
1808	chrome.exe
1808	chrome.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
1840	msedge.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
4640	chrome.exe
1808	chrome.exe
1808	chrome.exe
1808	chrome.exe
1808	chrome.exe
1808	chrome.exe
1808	chrome.exe
1808	chrome.exe
1808	chrome.exe
1808	chrome.exe
1808	chrome.exe
1808	chrome.exe
1808	chrome.exe
1808	chrome.exe
1808	chrome.exe
1808	chrome.exe
1808	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1840 wrote to memory of 5084	1840	msedge.exe	37
PID 1840 wrote to memory of 5084	1840	msedge.exe	37
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 636	1840	msedge.exe	86
PID 1840 wrote to memory of 4588	1840	msedge.exe	85
PID 1840 wrote to memory of 4588	1840	msedge.exe	85
PID 1840 wrote to memory of 4176	1840	msedge.exe	87
PID 1840 wrote to memory of 4176	1840	msedge.exe	87
PID 1840 wrote to memory of 4176	1840	msedge.exe	87
PID 1840 wrote to memory of 4176	1840	msedge.exe	87
PID 1840 wrote to memory of 4176	1840	msedge.exe	87
PID 1840 wrote to memory of 4176	1840	msedge.exe	87
PID 1840 wrote to memory of 4176	1840	msedge.exe	87
PID 1840 wrote to memory of 4176	1840	msedge.exe	87
PID 1840 wrote to memory of 4176	1840	msedge.exe	87
PID 1840 wrote to memory of 4176	1840	msedge.exe	87
PID 1840 wrote to memory of 4176	1840	msedge.exe	87
PID 1840 wrote to memory of 4176	1840	msedge.exe	87
PID 1840 wrote to memory of 4176	1840	msedge.exe	87
PID 1840 wrote to memory of 4176	1840	msedge.exe	87
PID 1840 wrote to memory of 4176	1840	msedge.exe	87
PID 1840 wrote to memory of 4176	1840	msedge.exe	87
PID 1840 wrote to memory of 4176	1840	msedge.exe	87
PID 1840 wrote to memory of 4176	1840	msedge.exe	87
PID 1840 wrote to memory of 4176	1840	msedge.exe	87
PID 1840 wrote to memory of 4176	1840	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=-bnVGH62Yho
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffde5f046f8,0x7ffde5f04708,0x7ffde5f04718
  2⤵
  PID:5084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,11412843702469948041,13670931291480044591,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2272 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,11412843702469948041,13670931291480044591,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2196 /prefetch:2
  2⤵
  PID:636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2156,11412843702469948041,13670931291480044591,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2816 /prefetch:8
  2⤵
  PID:4176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,11412843702469948041,13670931291480044591,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
  2⤵
  PID:4996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,11412843702469948041,13670931291480044591,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1
  2⤵
  PID:2752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,11412843702469948041,13670931291480044591,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4780 /prefetch:1
  2⤵
  PID:3556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,11412843702469948041,13670931291480044591,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3892 /prefetch:1
  2⤵
  PID:1948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,11412843702469948041,13670931291480044591,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4068 /prefetch:1
  2⤵
  PID:2408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,11412843702469948041,13670931291480044591,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:1
  2⤵
  PID:4576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,11412843702469948041,13670931291480044591,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5244 /prefetch:1
  2⤵
  PID:1868

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2416

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2524

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2520

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:4640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffdd67d9758,0x7ffdd67d9768,0x7ffdd67d9778
  2⤵
  PID:2588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1668 --field-trial-handle=1876,i,1375330758277227822,12256019073397362423,131072 /prefetch:2
  2⤵
  PID:3436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1928 --field-trial-handle=1876,i,1375330758277227822,12256019073397362423,131072 /prefetch:8
  2⤵
  PID:4796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2248 --field-trial-handle=1876,i,1375330758277227822,12256019073397362423,131072 /prefetch:8
  2⤵
  PID:64
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3116 --field-trial-handle=1876,i,1375330758277227822,12256019073397362423,131072 /prefetch:1
  2⤵
  PID:1908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3168 --field-trial-handle=1876,i,1375330758277227822,12256019073397362423,131072 /prefetch:1
  2⤵
  PID:2612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4612 --field-trial-handle=1876,i,1375330758277227822,12256019073397362423,131072 /prefetch:1
  2⤵
  PID:2288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5160 --field-trial-handle=1876,i,1375330758277227822,12256019073397362423,131072 /prefetch:8
  2⤵
  PID:1040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5232 --field-trial-handle=1876,i,1375330758277227822,12256019073397362423,131072 /prefetch:8
  2⤵
  PID:1588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5428 --field-trial-handle=1876,i,1375330758277227822,12256019073397362423,131072 /prefetch:8
  2⤵
  PID:916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5468 --field-trial-handle=1876,i,1375330758277227822,12256019073397362423,131072 /prefetch:1
  2⤵
  PID:3836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2420 --field-trial-handle=1876,i,1375330758277227822,12256019073397362423,131072 /prefetch:8
  2⤵
  PID:1284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2280 --field-trial-handle=1876,i,1375330758277227822,12256019073397362423,131072 /prefetch:1
  2⤵
  PID:4848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4972 --field-trial-handle=1876,i,1375330758277227822,12256019073397362423,131072 /prefetch:1
  2⤵
  PID:3760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4724 --field-trial-handle=1876,i,1375330758277227822,12256019073397362423,131072 /prefetch:1
  2⤵
  PID:4692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=2812 --field-trial-handle=1876,i,1375330758277227822,12256019073397362423,131072 /prefetch:1
  2⤵
  PID:3076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4784 --field-trial-handle=1876,i,1375330758277227822,12256019073397362423,131072 /prefetch:8
  2⤵
  PID:1196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4016 --field-trial-handle=1876,i,1375330758277227822,12256019073397362423,131072 /prefetch:8
  2⤵
  PID:2284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5640 --field-trial-handle=1876,i,1375330758277227822,12256019073397362423,131072 /prefetch:1
  2⤵
  PID:4424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5168 --field-trial-handle=1876,i,1375330758277227822,12256019073397362423,131072 /prefetch:1
  2⤵
  PID:2412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4984 --field-trial-handle=1876,i,1375330758277227822,12256019073397362423,131072 /prefetch:8
  2⤵
  PID:4612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=3276 --field-trial-handle=1876,i,1375330758277227822,12256019073397362423,131072 /prefetch:1
  2⤵
  PID:2284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5628 --field-trial-handle=1876,i,1375330758277227822,12256019073397362423,131072 /prefetch:1
  2⤵
  PID:4904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5760 --field-trial-handle=1876,i,1375330758277227822,12256019073397362423,131072 /prefetch:8
  2⤵
  PID:4884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5256 --field-trial-handle=1876,i,1375330758277227822,12256019073397362423,131072 /prefetch:1
  2⤵
  PID:2880

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4588

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x300 0x3d4
1⤵
PID:2596

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdd67d9758,0x7ffdd67d9768,0x7ffdd67d9778
  2⤵
  PID:4436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1732 --field-trial-handle=1912,i,10638041624779014963,9755194968693196705,131072 /prefetch:2
  2⤵
  PID:4168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1912,i,10638041624779014963,9755194968693196705,131072 /prefetch:8
  2⤵
  PID:1136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2260 --field-trial-handle=1912,i,10638041624779014963,9755194968693196705,131072 /prefetch:8
  2⤵
  PID:3028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2904 --field-trial-handle=1912,i,10638041624779014963,9755194968693196705,131072 /prefetch:1
  2⤵
  PID:2092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2896 --field-trial-handle=1912,i,10638041624779014963,9755194968693196705,131072 /prefetch:1
  2⤵
  PID:4504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4776 --field-trial-handle=1912,i,10638041624779014963,9755194968693196705,131072 /prefetch:1
  2⤵
  PID:3936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5196 --field-trial-handle=1912,i,10638041624779014963,9755194968693196705,131072 /prefetch:8
  2⤵
  PID:4536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5364 --field-trial-handle=1912,i,10638041624779014963,9755194968693196705,131072 /prefetch:8
  2⤵
  PID:4636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5388 --field-trial-handle=1912,i,10638041624779014963,9755194968693196705,131072 /prefetch:8
  2⤵
  PID:216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5376 --field-trial-handle=1912,i,10638041624779014963,9755194968693196705,131072 /prefetch:1
  2⤵
  PID:4160

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1912

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
a6781e94986d3850c8049c513d8f8979

SHA1
7ff36cbec2d1d18056017bc3ce2376be7e0eebe2

SHA256
16c96652111acd8da4f46c36430127e8eb8a1750b1c22b798e5e22ebbd5fbba1

SHA512
88f370d7d4b04945e0ee799e7b66dbd908c9be5b4cc889015ae69f1b55dfb035fbbd971af0072bb24e6d18d9f24fc83d3cf25cf0b2a4cc30ffcb5eeb8a2546a0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
70b8ca0183d479202f11d782637af7bd

SHA1
b76cd21e977e025272d35d948bbe103fddeb1581

SHA256
b4bb80d35e7c7034adedb3c0408e06d6afc0fa4e554f0433d46db3ca87d7b2c4

SHA512
1ebf8c5e556984dea19e54e64c0237ce1aa1edee2919f87885c40881ade151fd8fc66054faef9080c89a80621b4288fd87d6a3a9aecb4e74a8fab29b5d930695

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
93d75dff01cd2edba838fdcc8404aa15

SHA1
2b32aa1b80e60733efa07d2938c1b198d3c2c6ad

SHA256
ffa04498a6cc1dd08effdc1b5097fa91bbcd6f8a5ff9847e70dea4dad678d0b7

SHA512
58d58dce5e7c49974f81c16cc34496e202a621ca7e7bb7678edf814cc1d87b32a9853f47d4bbf41d02d9d21002e75fbd011142da14403a9755970965452e52d0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
eb4212a20d42eb5342bd8de010123c5f

SHA1
dbaeecddbd0a4727f8b3eb71aa6f8a0d2bc8941a

SHA256
b63b4d36ac2dff13ad61f47b1377985c50c693e7b8f1eeacbffeea3ce9efd562

SHA512
50073827b54d782cc89d697d0c2a6cdecda1777f175b806294d621e324edcc94ef2b1ab892dc67ef63202c5618b55397f32c600d17d6d4ff27c3cab7ac346fc3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
82f9f539f420ecd787355889210d8d2e

SHA1
4c6a153c3eaa0e47572a6df41cea9989b361d285

SHA256
db1ac3af5a65023074492ce0e655a6090c0d9dc8599d6ec51bc1ceab60a8f641

SHA512
10c491597298cea08c82b6aee0f256bad4deb4db457bc562006e7b490624492a4859640d24654ce7ab42ec3ccb423b7127e991ac80eac2c9f4d71a1535886a37

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
194KB

MD5
ac84f1282f8542dee07f8a1af421f2a7

SHA1
261885284826281a99ff982428a765be30de9029

SHA256
193b8f571f3fd65b98dc39601431ff6e91ade5f90ee7790bfc1fba8f7580a4b0

SHA512
9f4f58ab43ddadad903cea3454d79b99a750f05e4d850de5f25371d5bec16fc312015a875b8f418154f1124c400ae1c82e2efd862870cd35c3f0961426c8cd82

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

Filesize
24KB

MD5
b82ca47ee5d42100e589bdd94e57936e

SHA1
0dad0cd7d0472248b9b409b02122d13bab513b4c

SHA256
d3c59060e591b3839ec59cad150c0a38a2a2a6ba4cc4dc5530f68be54f14ef1d

SHA512
58840a773a3a6cb0913e6a542934daecaef9c0eeab626446a29a70cd6d063fdb012229ff2ccfa283e3c05bc2a91a7cac331293965264715bdb9020f162dc7383

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000003

Filesize
22KB

MD5
fcdb012a85888ca5c265e9f18824acd3

SHA1
a0f380fc13bfafcd2c2efc57cf558a42b8763182

SHA256
7eb50b776ecd3bd997d6e0c427970b05aa903fba6c9c7bb31f40d4779783242c

SHA512
f9776052c787d84eb95f4f9ec19329ed0fc0d97f936883c5f723c123ea351589a6031e3cefc9a7fb6d05ffd720fcc18a087abd083a69a40aa5e4c31f52bde7e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

Filesize
34KB

MD5
41d0fe7420ceb31963d20ece4ab49bc2

SHA1
41157d12b76cc19b0e9bdb4c1dbee8d2b0caea50

SHA256
c69ac29f0e21d8f54896706712a71e560dc550ac376849f12c6976fa0657cb16

SHA512
2e1abdff01e1adb1eb1828f929a56126f9ac89f6c9d65770ead016a85666daee0c2bd365de9c2d0dc41ad0db79c7bcf415c629776a76db526a910adda793ec33

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
53KB

MD5
33e7ce51d66bc53f45d6b2c17b5abdca

SHA1
e1dee1f5b07c8c6a80ecf51e238e630d5a9112ab

SHA256
8408a0dc6577cfcda7711dfa25ffc71f534a5a6d40d1a2bcfc0e8b4042f1909e

SHA512
8fba195fa01b9389c546b00ee7039fb75fdc80c8e1275537e0b6422a4d01afe23d28de4deb09f3bdeae9da86af58c38fc063982a0f9d241cbaca34ef7439e8d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
45KB

MD5
c5209f4d62014f83d846d5a5c9f09cbb

SHA1
e698de8f5f5b8c5bb67d8ddb88da2d6007283dfc

SHA256
9dcae80db22643dc13c51607380b7ee0577292b79399f6f4a3b2ebd6f83943db

SHA512
ea0a287b6daa15671104e7fbe5799ad811f423f08eddc5a7707f974fa74062062e8622d7e1a86bb5cfc0e9d3f2da7a5fe5cc907cd089d4e53094b7f09d893bf5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
49KB

MD5
089f8efa4dce901d5a52733bac838e29

SHA1
bf2297df0107d58b53917b8be358a02dd95266a5

SHA256
d9fa3bcef5e9675b36fa302a10c989fb9fd2b2ec928cf2ea9201999c6b5ff605

SHA512
c0d9535f71ae009b298194b01b83be0df213e4ed3203ecceea74a2f4e28f9d7f2c3222ca84f80b983e3468d981a57f95d1d09a50022a1f8e88a9bb4613eeef7c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
18KB

MD5
39c937d51f5efefa1ae643e8ddf26ee5

SHA1
c62eb456ec2e36407a13e5b34a602bc371fb4213

SHA256
91a11db5f156ee939debd06cb39be0893f752866d52eec95059efcb3f5927498

SHA512
e7d545e27c951c4e75bf692321e741334d6e4c622b93d66116e1de81228c09641f637c3aca2adf456fede3284acd599b99536be34f4d3f9c59a663db57aaf448

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
39KB

MD5
90c60824e7fb5290599463a159ccd9e5

SHA1
a2fef51aa4bf54feba46c6fe7f7d3cf2af23356c

SHA256
a6e2bdb8db82206dbcf2255a17cd4d8f26f7bbf1b40cce5cad5f18dfb8457402

SHA512
dd23894e6fc2f3402db9df28cc45fcdc863fd271c756f3d7111cc13f6b70ba759fd33d09b898955ef9d86a2f971c57c3c070665c5b52d8886ee698db61fd99a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
39KB

MD5
d5289155109eec00f5b7dc7947a85c84

SHA1
269bffabd4b30d043e3fa7fbc74232a612249204

SHA256
69c57c43380fe3c6393f94406de9be9e7fab144947bbb060b7ea126c7da28fb2

SHA512
bf711b79116e6f56fba1016278c258b580d60e6522ccbe39ad185fc99a4cb8dc068710b219941b81926a007a0cce7b7b701821359e0535ce25ad254d42f809ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
211KB

MD5
e0ec7a48fec296e3b41dac8fc137ad8e

SHA1
2581579b9b7eea3a0e2f1b32bed57363ab617adb

SHA256
75c5e9cc907506bdb26281a7c7809ed570462913be5c6dfabe98c57fe46f03b5

SHA512
0279786f4460ba43353ff89cf99eb0a6422814d1860c95cb7d0c5738d92d217f733e84ce8f71a342ef402019b94eca09ee6357c0a13b756efee9b2c3526d279d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
22KB

MD5
7a204d478c8dfe822bf86f9103bbd9b3

SHA1
7114b36ea1588d9372d730b2ee5dec7a3aee36d1

SHA256
d9134e3cf60db564c49cc181251c7308bc568acf060444c443a90c0f464ebfeb

SHA512
f5fb06a9808e9370a5fb3b926ffa27746ca7942eba36a2f63135168218e326abc74195453b9bcd8a045d5870a71b7f250dfc281515c7fa51857410acb316763e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
1.5MB

MD5
f0bee082c397cebb80887eda2fbdcc14

SHA1
16a944c8eade65f3751d26a47fcf0f0de0a09896

SHA256
c0c6198216f094f8bd6d749a9d482e324b99885ee3ad3fb08250d340a5227c43

SHA512
9f9cb6366e1354145f872c3782563a031e8e839fb0b3d41d54aec7428e6393a6bdf07b964045543e39e0b3c384cbd917d9c338829d230b7d4a786f760e15f0c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
94KB

MD5
a67a0732ad7a64ca7c666a68ae091431

SHA1
af0dc96a3d15b345f07f6b12c8acadac80a189c8

SHA256
bf24013c50ef3470c22df42a02f564bee234307c0efbe2200d2c97ff1642a37b

SHA512
39ae6abaa0f94a04f83d5bc5938c5ec6d9c990deac7ea2c4c7ee92741bdb2da6898d3f07a2447a1007c2b401e9ee98b4c7152f14bc913a983047d4dce5d79a07

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
31KB

MD5
81ac05c6d01d84d913a56c11909cdc7d

SHA1
55f6bd5429c5a35ed53caae2cd50d856edcb7883

SHA256
b222b23c6ee94816389506d4de8ead66181c8053242e1e1eb784ccac46bc7ee5

SHA512
0925243828f33130cb3b68a6a113f1aabd07a8b19b3b99f45e5a2b1b2473622fa997d833c1d4b7b71781f246154d3a145aea37cda5351dc851eb3f4e550677ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
47KB

MD5
709f7544bd3e74c424113e6853948595

SHA1
a8c1d9e6c8493091727f0e303e45ab92b773343a

SHA256
0f2a35c8b824d54b483d0b2ea10964bb7af8eb6b1c86d40efbac4c55e1123a2f

SHA512
c2ed4cbb5e48d04eeb63c94d7d88acec5af101c2da003a34379023d8454d810ae357d0b4265da7027af38889fe307ca597f815111295ed62520f39aabeb2020a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
888B

MD5
7d9c1878631f9d6623806ee04ea72a52

SHA1
3ac693d9299a677f1e071fefde22a992f36121d5

SHA256
875d07e3dd035752844c0fba68ca039d106042398e6f667687af4d3fdd68ed46

SHA512
4635db9238f5f23cc663d8c1861ec46ba47465c49b24d607acd08459cdc4d4b3618b63a888ea2760b889cae2283a080c222e0aab2771217325d6df82173de235

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
888B

MD5
507588e832abeb48647bc5bc12d4cc7d

SHA1
e9de6a55a61a91481795d72bac2028fdace3b57a

SHA256
a91d4f709f9955638bce617478da0de2593a372691fa012dabc95c2ef5e00b38

SHA512
c6c178b763b0e4fe1c2cb9a9c6553f1b5f9343f8976112d2c990cbf1c4f351a0259e38875925659104a031d12c30170462783f7b6934949331aefb79c278f615

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
89348bd512ab5879feb9e16a0a37ef5d

SHA1
0d4d6c2a5cab70cb46a36dcdfc97ce2ecfca56da

SHA256
3e071bf4fb5d9ae8e5bdaffc98c868d863ab9c1b4014f87df28b14f1bf90fd32

SHA512
455ce42ffd89a9d06d39f703de1b37104d790a6a5e1efa198541c77100f2d9c74e79d797725e5f80fbf783d1e7e653e73ab0a26650d41b99405c073751bf4013

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

Filesize
24KB

MD5
3b91afaf6cda6117ebe5cd8560125fed

SHA1
0a88a9c99c3e669b504b2135264b709dc93e0cd0

SHA256
e5e7989fe1332d6ff11a24c6ec17428c40ec3e52a3547ea5671781db71abeeaa

SHA512
708f8dd3473714447548e1c357477c9d7f96a92360fc9606ef0cd70f516efe22b902306b966afb1c9314659453389e91bdca0aecc414190a2bdc976d69f804ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
113eaae02ddf408b2b07cdb936c35a6a

SHA1
6d6c18ac28cda9a3852563752bb6ad5173b88464

SHA256
27766d6a8a51fd3a974fc8e58dac91c65158f6e5583b14ffeb619edd34686a72

SHA512
5117adac61f166c0d1a786a36f78b30f74e622913240d5998ceefe4bceed359c0c96ec2fe0b8c7714568bf6a22e91e1b87291c3ef6e8ed521e11ce0ab31c6799

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
148KB

MD5
96343ccfddc589f0e221ec1facf67bb8

SHA1
0cc3babab466d60530f199986ef64db491b6a20c

SHA256
19b52e02717b79fc0db9f18f1b8d08b55e207ee73bf2d109bb74778d3ce3cbf3

SHA512
881ce0aa7c694a37ee66cb9283c27330af326a58522db7d7aa02415b8d3d944374bc660164b7b42086bda3f2dadbd7fad91af469dd318b70d8cc9d0fe351c9b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
2b2c44225748fd51b0dba6e9e0ac4554

SHA1
e3ed0b909e2707444d1ff56cef205ba4ba343391

SHA256
88aa6d8fe86368e504ed614dcd429a5d7994eb6f9d55e22e92022b25cc4bd5fe

SHA512
22c30419b3507e2aaf10580ab4977e49a7e09a6426651f6325f456008477a6d624d59a973fc23a4ba4fb0f5eb9177fabcb59aec539c3e08d9f9845cd6a661320

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
e694bf7418c3e9dee8bf165b68221031

SHA1
c6c513895b17527ebb8058e58cf34528ebbe9624

SHA256
84096264d716206fbfcafcd439d700da6bfd548b52f42ad9774428c698ff3655

SHA512
4667b3fb17a159e29f52a5d546f25732c91be150a54756c40dcebabdd6585b288290cec4c4300fcabcb4e568145ac05fdcffb5b5ad4fccbcd01aee8e783338fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
a1adad57a42eeafe7a5f2bc2b6fe0b74

SHA1
1b89901aa2e0469f404ba49a6df73ade30b4ef6a

SHA256
b9d92ae86f839bd08b493a8d9f5600f8d6fe8dca59329d63a761bacbe8070d75

SHA512
9a8dedefd334e66f43546912e0f1f7ac71aa0b4ea29722f17b9ff3979a531cbcf2bc7dceaa4f6dfb4d322e34ab3db24bb4921c1ed43a953ea12c2423337977a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
ae657e7f4dae41a9bc841294a7988828

SHA1
58d46ff1090d43c8fe45a7b5848ede4826cd128e

SHA256
f166228033f0e110977d4665a7ed57bfe2c70f7ca66361d5a94f7ce2c518431f

SHA512
2df7711b857d036d36dde2a9c176f5f78a6f3408c3fc468056f991c89067e1ef7c3e382d1fbf0660747a6d77bac248b2df6cb30f0e3c819aede99762388b6857

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
06b9445472ba26b1ab98addeb8c4a3e2

SHA1
c6228e2214ffe011fb73412f982dcbf8b16a80ed

SHA256
6dbefe1b8d24209290daa409cf3c3b1e64b5620859ece44252bfe2bb391794de

SHA512
f323b2f14f215f63003c30e0075f65e676399157cf4a8db2c73e5f5a8607dd3a0bc71136ed096799f2525d991588589396f67efe2e4ed35df90969cc5c000c1b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
f4ca22a82b37fa9d7704852a68b36457

SHA1
cc6abbfbdb60141d087564d45f9c35b94a249a1c

SHA256
4b2fb9f38023e78e50c2ecdac354d7aaef48054707f7dd41505452deb7c1a5ec

SHA512
24d60716bbc4b5a86b94131b31ca2118b89e7e5709e13d34aaea157e4a6181fa28f09bc90b109e289985ae27c3d7821ec54552ff9f14464bb699cb89011e4d59

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
37af8455fb0c20f8106e41f21a09f489

SHA1
7ede8acf198fbf133931c5ff8ceaf2f549077d16

SHA256
b247e348f415a83c3a2f20057740b307e74f87aa483cacc27c827da4a99a6e21

SHA512
b827736dcf22c7750f15911675514fb6997e07b9b05c50f50526759c7b30eb6bf89aeae7cdd344a4ffc3c413894df84d7500d534c00d95643cdbf7d3fa61d74c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
377fd2c129f935bdaa8cf859a0fc3955

SHA1
faedf894a9ccc7dbfce08b94c9d44fea339a592e

SHA256
e16a4a8fa12ca0f67c0b51516ad9e19eaccd06de7991646bc8a6f536a197c4a1

SHA512
a96d176616dfbd1dfae0a11067f0ffa6157876640f7b7ad3a1d490bd71dbeafae77116176b19e49e6645bafa2390faee16fa2160e747077fd89bd69f10b0c875

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
10f53e56e187e4adcb397eb41937a024

SHA1
a17b11d6e1d8ea437c5af06762d8b8771e545dd9

SHA256
34ad4d98afd74f5243600eba15d168602afa4a5f4dc3da02536200f28be10255

SHA512
cd50f32649e4be4b1eadea264292d8fd35616d1ace0ebd4c0438e297593195a35e60bf1499588a0b4664490585e6898f0d1ace6fc60169601d348d1d46f7c17f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
348fbca4c186d4184d1dd8d8c0a0d9a1

SHA1
ddfb2708a032af5e8d39eedb7c8a60882d3c589e

SHA256
5558f75258f79d6b0e462a2c4f8b302950268fb4b771f6d454d8d6914716701c

SHA512
7b93ac1578c168bf94bb18fffe7cfb719ff8365e0b3c4564c0fee2951a2c3e6fbd1ea4d08aa470fe8ba1b5bdd5b4a9e17cc57c755645f7f7ca353e788004ed06

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
bb36157dd96d48afdd4da48b31d62231

SHA1
a4fe1cb0c5bd4a4bbb93684f9907316fb432f1fc

SHA256
43816c1614a2fb9c605d8c94514dd052e6ff12077a41359e0a811a4ede72c124

SHA512
fac1fb91d692f504918166a56a26cf3a52181a05688fd8347331a0e1856561f00da336251768d4ebfe599385feca04702e384eb98fc49120a43d6df855e0064c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
48000a8c5e3be1f665b9d78d770e390f

SHA1
fa0fa7e3211ecf1f5283dd4a020fd307cf9d82ab

SHA256
6af055aef759ac0f67a9efd8ce15478428a8f8331a802bb0b19fef6e3271d833

SHA512
7b01dd3360ca11494368088bd93de12a5299366de108ae2d3bb17065289a858cb8b9ea9e59137c09c841c8b1d2a8e955ac00109faa06806e3a0f93f7a523211b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
3903a9ff42be37313adcf19f5b348b06

SHA1
c351ae9a1915b29baa25c52945b2455259eb4e38

SHA256
8d02805b89ef0b2e4cb62589eefd64d0982891f95301cfe58c86c4864942b15e

SHA512
84fe64ba52ee111ef2cadfa03cd370c893d5485c576f0a849ec5dcaa949b5f13e9bc3360e55cfa771a08e0b18b84feb014fd19d4e5bd9afec31acc10ff0e4a17

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a9bf86d4-153e-4c79-b9ea-f67b3269b8c6\index-dir\the-real-index

Filesize
2KB

MD5
1e606fc2f4cd72ed3af0b0fbd0b1b7e1

SHA1
0d397b00dde4d01bbc0c2cf73627074210207a65

SHA256
df6c8c8bc7af523119e137115fab6af6c5f659f2f2f323f6ed1ece5478874e20

SHA512
9be0ac65467b1148f9ea3794c037d03b1c3046675ee23ec3d985eb7b8e07aec1abd055417bbc841682112c129838f11d6cc6e58e80b51974e71169bb12b2a242

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a9bf86d4-153e-4c79-b9ea-f67b3269b8c6\index-dir\the-real-index~RFe58a860.TMP

Filesize
48B

MD5
0b6da0ce465c9878043a326621dfc70f

SHA1
82fc1e85ae1570ad30204f29a3cfd70587b334d2

SHA256
d8c32febbc38fb5063a47699204fd4efadb6cb18250f820955c6b04c9647e0f1

SHA512
47b523039fee8c9c117b8079432b56f86c7c8a5c2a264e155ea2138b28a3e1339a2a273bdd5449f8de2a6c4e5d2d6162a05bc1cdbb84fa74850d0227f9d0c894

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
624c9d62cb8f79f9656ddf04a8779861

SHA1
3f6d95112f5e9ca0f7591c7d45ca9e973020b716

SHA256
1200eb3fe046b67b0afcfc878ed1d3a42501fad8a03353e856d1a7ac7c33f9a6

SHA512
d178c7a53c1d12a58395a713549eaeac12e8065d635ca916b1d4c8f154de09b4fede351b3999da10e543afc067a15b1d72078a6f5e20a5a463d011d75c62d863

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
5980fe87c83bbff45e09cd9d101c0c62

SHA1
dd665588f6adb33da545b57583044a355992ffd5

SHA256
1dcccdfc7e5bd0815e07fb1cddf304f1459bf42909854edce53bca54ec9c9631

SHA512
81a9ca85e456a27f2d6b9b400af4a49733f69d834ccdafd6f6253cdf56b38a7973955875df4803625ab9f830bf5d3cb5c5975c132ff6190629fbc9cda000f74b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
b4c71d2cb02659107ea607a81c1e7e45

SHA1
e00ad29cec34746fb65cde37447bb7a4ba7c517a

SHA256
0e544854d76735cdff4fd9c81f96f9ec4ebfbcaacdd691b567eb1126ae65b25b

SHA512
3771c13adfb7b181e8165ab95117b1395ec3da55388842700bb231ade26a7ba1f6e6640263e003db66d28b9a96f6ed7477dfa7867402b4717a4901160f9f19c0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe589a09.TMP

Filesize
119B

MD5
825a68189b2c622d0127605994b919c0

SHA1
05ce889d7e0b0e47dd9ff8b3008a174ba2a25003

SHA256
805443451e57e4fa4d59e821b075f08fb2c14e535446d1b66b2b41fe632278f9

SHA512
7be841fae1656fd2c88814604d99efe6bdceba77eedf2b7a1f93ce93a1b2cb42c66d6d6b48972c27df232e7d65cfd7a566ec935cc4f696bac90400fe0b116bf6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
48B

MD5
6d0824a7210ee2e29685ec396b1a9c77

SHA1
3f16ea50a80e24a4fdc4c2713781873ef8125212

SHA256
d4503c5f04f086a9ed4fc8c2c10fc00e5fd3e8f6085f0da2d73f76cfd05d70f1

SHA512
4bd015ad5ca0dfaaf90420f5eed46f5420419a2dfad9a47f8cb86b36e0b55cf1db49eba9c4af44e0874c6bdaf845e90ac4f2c5434809b35e3cbdbc03c40c83f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58de26.TMP

Filesize
48B

MD5
e86b0631b92de48ae89be6ae8dd7edff

SHA1
8acea1bf9c1dd82cc9aa77ef7bc4732454d0e711

SHA256
51255e8254e29644fa2a11a816c8cd2b2a09879196d98bea21785c68819f1506

SHA512
34f16a35aed1f65ec94283546b63c994c405c303a64e20a59d21f9ce71215990b088646734642a66ce0b1b1d1e42b301a675bc177c94be18c5494c638a4ba57c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\0\512.png

Filesize
2KB

MD5
12a429f9782bcff446dc1089b68d44ee

SHA1
e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

SHA256
e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

SHA512
1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4640_1769318276\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
7f57c509f12aaae2c269646db7fde6e8

SHA1
969d8c0e3d9140f843f36ccf2974b112ad7afc07

SHA256
1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

SHA512
3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4640_808996922\Icons Monochrome\16.png

Filesize
216B

MD5
a4fd4f5953721f7f3a5b4bfd58922efe

SHA1
f3abed41d764efbd26bacf84c42bd8098a14c5cb

SHA256
c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3

SHA512
7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\e7a9bbcf-3189-4d6c-81bf-84591ac09d9e.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
9eae63c7a967fc314dd311d9f46a45b7

SHA1
caba9c2c93acfe0b9ceb9ab19b992b0fc19c71cf

SHA256
4288925b0cf871c7458c22c46936efb0e903802feb991a0e1803be94ca6c251d

SHA512
bed924bff236bf5b6ce1df1db82e86c935e5830a20d9d24697efd82ca331e30604db8d04b0d692ec8541ec6deb2225bcc7d805b79f2db5726642198ecf6348b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
256KB

MD5
8ad24f6636910f96659b9593dc37af13

SHA1
6bcbb8785d580b29fd57772590b2efce21668ce8

SHA256
26ac45efcdf5b02e44054072c413fdf4adcf4594ceb4413ac2d89dbdae66f872

SHA512
b62d1531338e8bf6153cfecd0535728557f80d95988a7fcfaf393e8a4d18a752c0d5a66469627a7115e05123cdd9846addbc553e60a2532528a79465bd35c31d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
775a390750b3137a6def136011a6abbe

SHA1
21b66cd5afba71095fd105fcd2f7596b3b936b7b

SHA256
9371200384c940b984581ba108406b3c88f8d37a1a1e012e2e60dc62f0558b03

SHA512
1ead90fa77daf0e73503b43a61ffb0a9a4d482e74dcdc6b055faab4003894054e937376ec33592d2d66187e4f4ae0524512b3b1f3971b96210e46ba0748ae953

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
256KB

MD5
49f39e3baf443d7c36800f243ac423f6

SHA1
60f6c840efd2994d0c7be7c2f65ad1676c5485dd

SHA256
83139f04b29ad662551c97ea7d5890e59943c64b574a9371a4b82683aab6051b

SHA512
f0d23f0f57465b4e6b1b0f088d1fc120469da7b671af188bc637f23e129e89cf746d34a042803595a621496a6b52dd699b23234049932755235586ac4d1fa308

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
256KB

MD5
3a6b95b707ba99fca4644a3e428bb3f2

SHA1
275a58f571b4d0c12afc9399c44fd5b4a6a0c371

SHA256
f9c919d5056d9aebc4e075caf51de7946fc56c0395b5779ff85e21923921988a

SHA512
f95e3fe447fc5dedcc6f31acacb370b37d655a888e48eb78e965b33e44a25fd9b329c1c1bd181572eaa8c2e6db9f19974014d4e85de29eda2a1967def97ef16c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
4b8f907db14a75eecf7a0ef075ff4830

SHA1
244512f4a6aac1dc63bc2f9a700114eafded9e94

SHA256
49e459d86420638c8a5965a3ed25f83f797646e33a91a88d9c3f754f85076f7b

SHA512
3193d47c3a1f5f7b82b1d9fd6edd6f5d246041ce97d34ab8e7fc98b1a0d454ea049563fded6db9d7603455231e5adce7f79019d14f17a50b38e539725c021e6c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
105KB

MD5
6eb1a5159be929eae1cb190ca389fc2a

SHA1
62d8135d201bed6ef08ac32d0bea68af1ad5c8e8

SHA256
75c1074415f9a86c45edf7b51530548699b458dc3fa5966ce9ed80c9d85d13d3

SHA512
fe2b0ba4db38ee303fade203eb882e2db4d1b55d96ede3d9d42d1835cf9dd23d1f62f70ee681dba048d680cfc137d7f5da897581746e29f2f91a3b15e09a0fff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
104KB

MD5
ec8515d80b9ac349c55d9ef73182d743

SHA1
e9a4e4e2ad52ccc8d8ef76071be24bcfa6c80f64

SHA256
12469123fb2a409d897ef285a799a2f953584253476fd592c40da494ed48ceef

SHA512
e98c5dd9914eaf68167e4ac18000e6dce9862bc6628d138ef23643b1039a23e3f36597e06c16f05023caee1b64175e3476f28d455a6a2075b3e5097f84db034f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58ce19.TMP

Filesize
98KB

MD5
e553604558463d074ea0f5f5a7577db2

SHA1
ea30dcdb9e343ebcc8a7333344c372d560aebf0a

SHA256
b6356b4443e1371a7c3cd28db4a01d6fe58e2553d778a94b17ddc1fe32825264

SHA512
ae87aadd07c40dee017f6dc2d1f7abf1fa9fb60413e4b147bc6215e0e3b533194c22aa3e4e7d82a16c292f9b67db6351512c3b617522e8ab3c9f8b09805e3c8b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
fec8a62cc03e0a5a7d22c4be08690f1a

SHA1
2dcecd449241aa3ced60999e267d388d4c21e6fe

SHA256
92d7f4abe6e95ddda20344c76b1a6fab4334c471c31a96bf91d1e03adb98eaa6

SHA512
c60d9485526252e6dd24f072181e6e1903367a753133bf3a4a902f47ed2e45936fa2fd214c19dabf13c6d37a4aab496d4441bfa730be48b57c03a2a358e64f88

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
85B

MD5
bc6142469cd7dadf107be9ad87ea4753

SHA1
72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c

SHA256
b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557

SHA512
47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
fdf4a759acd43c3d54213b9de2bbe047

SHA1
81da78a0894c8742292af1057383e39588df4e95

SHA256
60ad530f2bdc411f4c0e1437b28896dc9c45a950a93cb3c2cc9e1ae70b629b7d

SHA512
4569267b06df28b47f87d666cad4cc63151ddfbe494a26a8ccbc9375fb333596c329778372d2dce5cb53037ca6b731bc9d0bec52eb18e0899e6555600bb305d3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
89cbb20cdb08953be45a7ce57ff680fe

SHA1
8dac492c4f5fdd777f4947d58cc0948664688d9d

SHA256
9b2cf9b97e1df21a5591ea406c579d3d62949a085012b136a06026ba48ce9ff4

SHA512
b32ffc555641fed2fe0afe144dd5470f6eb01fae9f891c43e5217e231ff730a0bf7239030c12e54a7f3ad2c2c43d7322bef5bc5f57e002246fff3d0d5a86a464

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
432B

MD5
54da9e8a2c9003e3e07c9c60253cadb7

SHA1
f3dc48dee887ddf14800ccacaa40555eede526b1

SHA256
7323b5825c54ed55563278f01fc772bb178a495b4422ab6fed9bce2c26d7c5a7

SHA512
cc174c093d59477befd3be6e3276a407db75c0d26c7e49adacd677c394741a644760ce6064b59d8233c3c0123433c88acda5afa8ce45ed3955b654d2e0511b07

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
df1c092d1174bab10a765b1723ff5ec2

SHA1
43d0a9d17d934599fa60dc2561f451ad729636a8

SHA256
3cf80cbf60ceb8a5582891cf02fec23b1fbb338c11ea951693035dd01cae3c36

SHA512
9604d791b814b3564944e42b55c302189efc640e3df25ab4b9f88d7244136a61a26f5b01d65e1a8e91c69df3f1f8bbdbc09bd42f62191af390f126f54eb64aad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
3f4d8fd51a87eefc8d79848a78bd8a17

SHA1
947b453e72ddd4e81f769cdbd563acf555a29559

SHA256
fca5a0e800af791f60d35aa8830f1ab5b79821855fb0d1a891d6c1fdbd8f813f

SHA512
ac51eb494ebd375e3460cec16ada88bc8b78f55ad3ba5b92a6ccda7986ef0c203a83eff2b17285f3a1da8bd0a2620470ba3529c77b55ea288ce6aa59239acf24

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a55ca10a52f1b0f55103b4bd78263dac

SHA1
f80a0c26871d0c40520ba4510e07ebc715bd4ba3

SHA256
295b7280e7fdee36ca8586261e944b4e31cd2fea2beb8ef4366f8ac13619767a

SHA512
c6f46899455b6422f089e4238fa1e5c33ee5358c113195b6fa8614af128ad5ba5d396f5570b6ff678e3aa365d5fb54a218959fc08ecbf9e7b5c3db89d8619ff5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
080bce6dfa48e24e861bcf9e51da2751

SHA1
5c86def7e1a9c266c8eb6a15ed7b8b834f373d07

SHA256
76bcd9621fd310334a68cc0060e681d1251f1c6551c9637a3679da660ee9fd25

SHA512
5e1658fc8333dc3a200b78e181077bbcbff19d7b27a54886759de211c5dc5284503d9d373eac48843baccfd0bbbd0676c4e9b9ea07fd2071f53d390139205fa2

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
9KB

MD5
3ba453f0b53a15b10384c81fa55e5feb

SHA1
4ea53b1045c53bb564d9c9587d1ed41d09a69f25

SHA256
3ad0a6d9caed69b3ed5ce31215ef2e87d8a6f19b1f3bbc2e01470ebcea9783a7

SHA512
755578f575e27add89befd3cb138413b35fd84c544acf2c7f7059c39acc6e77566973ad1d20547afe3ecdb866d4bff7266cf03d35ba07d4626b1b0634b7ea771

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
11KB

MD5
f9d97a9cd0fac94f796967f12eed27db

SHA1
53fe17a82d2ac3fc107a86ce9dc0c867a51f07d8

SHA256
f8bc58b0eebb641e3317dbceaefe981deb17f7e5fdd160c21023f045f89fd650

SHA512
b47da17bc2fe4faa02b035e352f9ebb076fd999a5383aba769d9c9f75f4cb54a153262d7eed77eb2f34133810bc8f081433cae69e4e7149ec987f0ed780ffda8

Download Submit