hxxp://honeygain[.]com/download

Analysis

max time kernel
1800s
max time network
1805s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
20/02/2024, 20:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://honeygain.com/download

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133529356007547069"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1596	chrome.exe
1596	chrome.exe
1336	chrome.exe
1336	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe
Token: SeShutdownPrivilege	1596	chrome.exe
Token: SeCreatePagefilePrivilege	1596	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe
1596	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1596 wrote to memory of 1388	1596	chrome.exe	84
PID 1596 wrote to memory of 1388	1596	chrome.exe	84
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 2644	1596	chrome.exe	86
PID 1596 wrote to memory of 840	1596	chrome.exe	87
PID 1596 wrote to memory of 840	1596	chrome.exe	87
PID 1596 wrote to memory of 1832	1596	chrome.exe	88
PID 1596 wrote to memory of 1832	1596	chrome.exe	88
PID 1596 wrote to memory of 1832	1596	chrome.exe	88
PID 1596 wrote to memory of 1832	1596	chrome.exe	88
PID 1596 wrote to memory of 1832	1596	chrome.exe	88
PID 1596 wrote to memory of 1832	1596	chrome.exe	88
PID 1596 wrote to memory of 1832	1596	chrome.exe	88
PID 1596 wrote to memory of 1832	1596	chrome.exe	88
PID 1596 wrote to memory of 1832	1596	chrome.exe	88
PID 1596 wrote to memory of 1832	1596	chrome.exe	88
PID 1596 wrote to memory of 1832	1596	chrome.exe	88
PID 1596 wrote to memory of 1832	1596	chrome.exe	88
PID 1596 wrote to memory of 1832	1596	chrome.exe	88
PID 1596 wrote to memory of 1832	1596	chrome.exe	88
PID 1596 wrote to memory of 1832	1596	chrome.exe	88
PID 1596 wrote to memory of 1832	1596	chrome.exe	88
PID 1596 wrote to memory of 1832	1596	chrome.exe	88
PID 1596 wrote to memory of 1832	1596	chrome.exe	88
PID 1596 wrote to memory of 1832	1596	chrome.exe	88
PID 1596 wrote to memory of 1832	1596	chrome.exe	88
PID 1596 wrote to memory of 1832	1596	chrome.exe	88
PID 1596 wrote to memory of 1832	1596	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://honeygain.com/download
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9c6ae9758,0x7ff9c6ae9768,0x7ff9c6ae9778
  2⤵
  PID:1388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1668 --field-trial-handle=1916,i,14267411871328946192,2902472637606077046,131072 /prefetch:2
  2⤵
  PID:2644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2064 --field-trial-handle=1916,i,14267411871328946192,2902472637606077046,131072 /prefetch:8
  2⤵
  PID:840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2260 --field-trial-handle=1916,i,14267411871328946192,2902472637606077046,131072 /prefetch:8
  2⤵
  PID:1832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3160 --field-trial-handle=1916,i,14267411871328946192,2902472637606077046,131072 /prefetch:1
  2⤵
  PID:4088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3128 --field-trial-handle=1916,i,14267411871328946192,2902472637606077046,131072 /prefetch:1
  2⤵
  PID:4148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4764 --field-trial-handle=1916,i,14267411871328946192,2902472637606077046,131072 /prefetch:1
  2⤵
  PID:548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=5160 --field-trial-handle=1916,i,14267411871328946192,2902472637606077046,131072 /prefetch:1
  2⤵
  PID:2328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5608 --field-trial-handle=1916,i,14267411871328946192,2902472637606077046,131072 /prefetch:8
  2⤵
  PID:384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3352 --field-trial-handle=1916,i,14267411871328946192,2902472637606077046,131072 /prefetch:8
  2⤵
  PID:688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1644 --field-trial-handle=1916,i,14267411871328946192,2902472637606077046,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1336

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2576

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\061fe17a-da5e-425b-9ac1-f9d281bf17bc.tmp

Filesize
6KB

MD5
fd8dd9b70e8a4c6f14ff2b599f1a9fef

SHA1
470a25f7a6a1a295c7664b93f9c48c6b210cca61

SHA256
06c00e32b91eadb1d41d33d895f3682b90ae3d211f47c5eeb9caaceed2f6a0a7

SHA512
115f2741d503d87931e9c1c39f87fad91d1f6623b3fa96c2e48ffc4cf8c9fd12b214165a03d2693796582bb29748bf81ff4a764274f4df978691edab199cfb72

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
1755aeeca65682a4456dccb96c9d4646

SHA1
b794a660ee617d572be5b86a97ce214c8438218c

SHA256
3a11454eafc325cf6310854dd1baf5b618f619281066794e5a2c4b2759fa18ec

SHA512
11110ca86f037b6f1306b47e734dbf08c607d8800f6dbd5c3ffa3ca5be9e7442cd8cd3b69547b38aa551fa4f3207f161e32747743de884cf253542ed5a9d59a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
19885cf233ed2a70886823fa7ca186ef

SHA1
0ad330a65d5ccd9b70f2b21779c95ba8501b268b

SHA256
6f266c3c9822f672edfd40d140d16cafa207a09732799197e16618b7cb0cbdd7

SHA512
1ad9f77a449f4b56bd376cec04177e62bc8064666566cd143739c24adbc368245e2a30aab1b45f03c1b5ff60795501a9d7658c9b9f57a7f53e069bcb5b66c6a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
45dc82196cb92b9a961bda50027e1a31

SHA1
0b5078743f434770904b253326fd029bb1548770

SHA256
1edba5251d4f4df011988a051ca64094bc3518fd54ae7709fd7c955cbea69427

SHA512
78a4499ae494ab3f1791c99a7b54922e37f651bce2a1ddc9ecb1ac1cca0195b558745099eff84d8ce1d90feb51715b293acc81272189d3e09ad0c57bd9fe3bd5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
dd7f09304ca0cbb998709ed8285047af

SHA1
4a338a0881d7378aa4c7d23d89524cc4bf7cf2b3

SHA256
cd55c9cc9a398b47461b56b311d1d252bc209ed0845a1b6ab61146e4c4f40c61

SHA512
e5a55b649921bd698ae8945d777882842103774e63506582476100c4ed711f105c0b0415e3948bd8ee1dccb7b43a06db6ff3ff7538159c0c637b6006946da33f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
a8f6866e9411410f312a834b850e2350

SHA1
0297b56c02add14f6557182585dd6a19dc2b5f1e

SHA256
6b37faca9e6addccb66e1d12e46cdd97451e9d12b3373fa376e6fa6379b4c1c1

SHA512
085afb3e27b4732219b371ce15ce17d574505071452f5a866028de182f3629337884061a912d30a9e439ad771eb98b0e82f40688f98171170ac039e64b077721

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
1b9efecbb698e999ddd7c1278c345a06

SHA1
7eb80fd013f426af548baf5f4ecc08f266c964cb

SHA256
bffd100ae05cc0979e8a0f9f06adde148ac73b92a21ccd48ae67eca48caafa8f

SHA512
0049062afa59a1bafd73e7c0dd1c650534304a0bc7d19ab9a2846d7ad2fd011aaf0e4adee6a097c51227cbd0737eaaa7c73b3f139d91899bdb23da622fc8f669

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
871B

MD5
442e541ca02b59afe41807f56f4c08a4

SHA1
696436574b187f745989c07fffd3833ef1603520

SHA256
52581c48029aa43cc31cde76b8fcf8d566a876907248db0db06a03c78c97a446

SHA512
5685595af9eef1ca1bf7b98bc4c79d24e8a6bc77c4a3c619f66447c34197f2d1aec224d7905298677b2cde2f1bb500e1ef8b2265e7d7eb85319557f68831a318

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
30c1be260092bf037b123e9e4c71cef4

SHA1
27d12a3d3d9ad318963cf697fb0e8e5b1a3f1a5c

SHA256
456cc7e455f383b9c8af688b64afb9c78d629ce14712c9300c9480003f2df2ff

SHA512
fc58a64b2a21bf0bb88d81fee05296a51109503f10d35edf25a843d396cd497e1a9b65bba96eab82cd48356bfaa72737a5cebbcdd629f343d6cbe1bfcb33b4c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
92fd2b98f82adc3223158af53b77fc1e

SHA1
f01aac33f0c7678258d1ee2c1cee45b290805395

SHA256
b0050690e21f6b7b26a1bf1c875d2948aa3aa2912d6c62f3537f4c58b4001dd0

SHA512
84ca898d469534efa94240427c4010adf6ff481e281e869276b78d0bd7e1fc067549cfa284438d697630cea1f27aa4469644d35d983b2e5a960f50d621b608a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
7f033f7ce89c49f92570dce06bcd8f34

SHA1
3e77e7da5cd40b75ac9057836b445fc7fe3689b3

SHA256
9f20e49fe60bb3b51276dbf4eeecce6ce570d081c84b0b58070053dce4ec86bd

SHA512
aba90028547b757c92b582479113a14717d52d26bc351d690b993d643c221719222f1949811ecd54cdfce19e729cbef9af004dc1058cde4435dca7e86e256385

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
2338bfdc341fb727e008840667151cad

SHA1
1157959a46d610270954c77aff6c73856db9b5b6

SHA256
7cd487150383b6548a757278c2ad5403a30e534ebd9ba04978d87647dc64e671

SHA512
eeb39f878d06aefbff53cd3cbda92aa49ad31799054c158eedb2e61820e352e7d962e6389d7cffd3042592b8bb5247ab1def62a479f426dccbbc3f9081bd7030

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
9eaa312bb60c1d42f5118b81df600ecb

SHA1
2a05c4ad93de51aaa37a9632ab3c38a4126f79c5

SHA256
02bbeb734707a76a2a80be961bfbb15181ce66a73a72d1f8911521ead4b99ed2

SHA512
c06c658dcd01cf0e3cf7bdbe5fe5545991f1c592799d0a51058ad7cda887b5634c162790f201700205ea8d15e84dffa1e1e588de18b1b4e48675a2d5091c89bd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
e8474ca28f6750cbca27806ccac94b65

SHA1
c7ab5cfc7031e6ab735ea69f28a84cf0358daab4

SHA256
f42eb8663b5d53b55427ca46a2cad7c5787dee5dca31573a3dadbfe9d2082086

SHA512
684d954f80705726154fa07b215304028ec6a373fe3cad708ea2244ad5c2ca801fc958dec0ed797d8e736c862888b9d834992b50653be0da03a545ad9aebbf1f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
1d1c801abf6262419d0f886c3a4921a6

SHA1
d0f5efd418ca652120927f59d6041728afee2465

SHA256
ef693b40abab28e62416a5d70d60f08c10d54f5264c7a188e106b848c6694282

SHA512
eb6268243f8adfd1eb6c9e402b02ac4be4bf7f8a403d077f9806019ba2062fabf68b86498eaaf4a88ddf8764e0be6c82ea11c5e17b8e02c41d3ee86cc4df87e6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
a65d127d0bf89e2b254502325ecc7c7c

SHA1
8a425a35479ec109f7c6c633547b05b12f105faa

SHA256
ecba354e431eaa1495006c0491d74acec14e0c69c0d205b10dcb133447c4c737

SHA512
275f6e09aab99b3b05c07712b274d8e7b2227a8b292d4803215bb1d6c8f20cf8cabccb19d685af2c80f588e770799086d3fe1873e274b7191c4bd0a41fbf82ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
50066ccfc1ea49227246d5902d5e61b0

SHA1
16c524d2689ff2a14fd3bd73ea3e555b8dff76b7

SHA256
2189450e37ee95e276580edb9a975f7fde1e41330c3f3ee74165e42048d9737d

SHA512
9aac63fa86fc4c8f0eca31e1c98c296ee080788c9a1853f9f2e38869681b3f8806adeb6db259545553e643aebdde513e3baad97ff0e64e5f2a78766f9e7969dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ca4f6fbfa43545f068557ace7b4b3b4f

SHA1
ad9bc3a9e7be5f3dc053800f839dea255b68b331

SHA256
e2a0073d30f6472537826cb65f9696c331fe8afaf3d988bdd6af132baadbfca5

SHA512
cf04a17b122b4a243dc3a14f59703e4344286d6f7b175577bcffe735c9f33db29102017da51fb85f59d01eaab2dafe9498a8b3534a8cd1ae0aaf6cbf5a4ca213

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
bd119078cc5630d348b809c705202536

SHA1
28aa509c2fdc1296c93b6b5149a5eabc9ab55ae3

SHA256
7a30d5e039bcf49e20a23f5f427702b274633b1db490fe3999779b58dc68f3ac

SHA512
e477fa1d18c6d792329c8e16544269d25feb3fa98cb89742a79b84ffd789fda48957624c824375fcd4dad275633b17923306bf6753ec2fec3e6a8fd3678a4883

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
180be1962885617d58963c81179de092

SHA1
af3fcd69674dc2d3f0d911abcbcf029a533fda0a

SHA256
7c796bbbc8311ffbb1318a4f366294a584d77ff899d9fb6a2807921c71562b05

SHA512
e42666c2747bcabe53fc1d15cbcad06ccdec1787dde871b0437fb729069bc3e1eefc131fe15170221a45d9459629d94fdf763b7a161f41d0f8bcc28c3f7cbedb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
2fcbd3fa67f70fd83b09b69f46177ea0

SHA1
0e905a4ce6e2e052d755bc89678caaa981ef3b4e

SHA256
0a3e403d2be4c63af917bc7cc61a1b413490bb02d2cd725c2baebf7bb2f39a03

SHA512
37154fb9f430e721d3b9b1c49f6d199b98ac61f4829cc456c57173ee9a86142c3a9cf3f307a2aa8eb913681293db8830b1b1cd41ea1766b8afb77ce1a34515f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4da636022843bd0560a8f5cedc47558f

SHA1
22b81f52455feaa4b323b5d035fd7365eadd8ff2

SHA256
fef7e4f68a0836511feb8fc70316725d1c5166f50346c3281d26a2132c6b9ca6

SHA512
f51a27c4fa61697b9de364d674ac902551d87f6dbd54e714b247846ac488d5c4cbad851f1f780ca556307d8345074473e64441dbbb077c2bf98a8aa85d4b4588

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
b8bcccf9a79912a9d8335a4d1898b89c

SHA1
2f8902eee857a2b766881838c30006b2722f31b2

SHA256
16cfad6696299ed40f506669d11ca3d97717876d9af868b1c7f6e5d5699d603e

SHA512
a1a0f78569d42b27f848db951b82e554f7c86ef0db66c2c3a7d9741c02420047bb62991f77bb2cf8379ff5d375be9de75806b6fbac7ababe3caec03df1bf3f2f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
13d2567112fda112bbbeb7f344a7a07b

SHA1
19132bfd29555d8391314323dc00939973893011

SHA256
e722ab76ee9f7ff4085dc5af4aa10eacd9f9df91ee47a4776fd829ae19746e2f

SHA512
dab4e5c386607ca3a932eb8c8f73ad50cd07e9192dfcfdc810e2d4df2c63d5830643eaf3edf18d5dba2eee7abb219a8a0d77ac82edee43a48376a88e50d3c216

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ceca797266c867a1444d41aa5458eea3

SHA1
52cebd624d6fda4dc83941155c209f507b3379af

SHA256
16dee3081baaa8c68051cf95f9a1cecd79101ee8c60647a01999acb7ca204d35

SHA512
affeda0e9c9b752e684d0109a55fa2e5341b42de915dc7588e78eb6f57edb7b2a8c9efceeea04a3ff95e39221cf0b95eaa9c5fd0a64b1356f4d1db143e03a26b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
d2931ad3cb1ca911b7f04e73b6a9356b

SHA1
743b68b5a38bb31951dd5378a65a2790638845f8

SHA256
30baa384c30d6ba9176e2a9ffcd4c959a1a3de87bcb2d7f685c0303e4eb38fd5

SHA512
ed30b528d4963c20439607e7fde70d937ce4f9697b15f7be32e4d0a080e374df191e83b04f88acfcd45155ceb01091d8c170db362f2542c8900b1dff1785ebf6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4913bf2261523404da4a5a5832843687

SHA1
36e043d349deb04d24814a036a7c2902fce59e31

SHA256
f833bb6ca394429de69bd1f22361a898c14fa6dbf0765be763644a7abad2192d

SHA512
1ead34ae752516e318cde706aab5cfed988ca682557ccaeb0e671591f97138347c0a26cf77fc2eda1a0c0c69cdddbf93c4ddf8ffa4b4df9cd51cee1e9c08e95c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
fbf136d0b43ca7ec246c5b145b9e63a3

SHA1
3906a52e7abe281792b24d94cb8823df21208258

SHA256
e7975c570f8cac43f1a0aaf4ae97d4d2dd8a9f0573528e917ad0f25ed0d19926

SHA512
253ada06e469c577a9dee8e179fb6a4c98f807d61815bcf17ba83457311ede07e632bdb0b8868c814f3f6e272b18361b58ab7f7a81b2e8ee1376143489e83f30

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
6c006aea501fdff78c8c18300955cced

SHA1
d288cab67d714029ad3b68912e7602a3dc354a0d

SHA256
139ab72f8ebca8161075b33fd58f5b1fa001dd58b78bca1bf530a28902c7022e

SHA512
4b320f525df6a47247a8861b41c976591dc04969f87b9b757777ee59494bc275f2647fdab788d9415dcfcbc3eceb1bf2feb8de16a6a71290831b6cbf799e1ccb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
944685f3bcc05073b575e4fe7bbb21a7

SHA1
ce437c85f63252d086be154dcdc1ed8588eb22a8

SHA256
f67f8ac3e853ac248d524b2b6ab0c1edbf8a0d1dac711a38614d2e770edce9a3

SHA512
ec37d1560584adb3d484af3f2f315fc44947ff0e570d13f9d7a6fb513f144460ec7bce59958a8985e0bf37f337fd6b7970b8287d9ba38aaef02c43cce6dcebcd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c35a3519f4ba8306646d9f45632bd809

SHA1
11249f6bac98b41a5e863319bbb75111db90e1cd

SHA256
fe001700edc89c89daef70218be6fcafb89f067f734ca52041f2a30d54dc4012

SHA512
19c293616ecc660445a37a4a771e8b404f8107738e621ef463827abfb76f108fd662180c72b85529f7d27c859d1c72a20528a65a49306059e9c3c8864f28fd07

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
141826192cd009bdd46df51cd4c6adbb

SHA1
4e7181a985f5dea38691e88c4a7597096b63b975

SHA256
c4339df4a579dc6d9a2d8674672e1d1dfc692d680afd33d7146f770f4d66f00d

SHA512
50230a0c18d6d03d09987fbad2e3bb612c294fe45c104f62a80685e5c643aaca8cdf35c81df31817739fa4964780ce1a050bdde2b2fe7a4403fa720647f248fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4a378c4c92a0699c6d1e747ed271ff18

SHA1
7521b5482e2aa229842b2acf82d0826a56a88f25

SHA256
13774860f67aa85f8079db4ec80116b673d008a8a7402a8887c1a9f11e7a0900

SHA512
345d7361225d007971ac3a24bce039985757f149e8c0d40af2b3ef768512198b192869cc29b061852097f96c11a525a521512ed08246cbb676dcbeffaba623f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
4d88dbbd68c88ce17c92e09d6cac8c6d

SHA1
bd1dabaa35a5b3fd00b116003b932df21d5cd74e

SHA256
34e900f97f2138123914e82c84b4130009c79c415d46385cd41e9a0e7e3d1ee9

SHA512
97bdc61718e3fe0b2d3c574a24465349ffe1f4b6ab39bb7225b9cc505beec557cb0837c126af87dc5281ba283383857a514209b7ed46228aa62b24d8027bf5c6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
c4657cb074840f0c318e0acfde67c94c

SHA1
d5a6d21d73cbf26de3b6a3225ecbc7aa21594807

SHA256
f2bebf2e9df9c881936ab5b8b341abd68d99fdc1bd75412fa9e96d17986edfa8

SHA512
a9025df7652fa9dce92dffe8e951a9d988beb7401d6863d563660184e1ee2603a9a25cde0b7ddc51b10726894d812f773caee0d1a9b4c08344a108a43d1d29f4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

Filesize
36KB

MD5
e8298058e098ffd087672fa9cdfa6b71

SHA1
9c0f834f72dc7fd8b6290a37cb8161961a5ceec8

SHA256
99778b0c3483de162ff6df8b884c33ff29aa872e9531da29f7c8f958a0cff61d

SHA512
84c6ddf8a5a42c036b1f0a1f951419e7fb6109c97036975bd2f3158cb42dde6c03aa86e86dc0d7847ae3b60854079b2954a470771bc88ff2be3e5bec3939485a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1

Filesize
65KB

MD5
384d19a0135ba7acbdcb3385a252eae4

SHA1
df3c98bdf45988fb8df2a5a12fa5ba58c6f7058c

SHA256
26db7b885dc64dcc2b9a026853c26ca08ae545ff08c15fddcfe927ae427a90fe

SHA512
e4c093bb3c8ca1ec0a8bc5c08b008c0c00f004e7e33d8b629d8ac75360a2d69a834cafd8c49063640cf19c4cf89412e464185f49a9668c847a03a1e02d475aa3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
1fcb79fd6a337b1ca5f6b1659fa9cb4c

SHA1
ad64c7089113e538e07f7e0746c6ecd0299ef4cb

SHA256
a294053b2534b1f52d153f1d90a9812aaad2b6885469efd7067da0da7079e2fd

SHA512
159ef92e92ce817435f2fc3f2468f61bdbcf5fd76c07029bdfa6b36cc7fa42d6845a25ca680a87238dbf1aca74d30ee4dfbd711256e22ef12b7302b921d94b2e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe589045.TMP

Filesize
48B

MD5
f1a546d7b80c324349b1866093f8d9a7

SHA1
37ee269a6c68861ec79962d2eb6b870f8b4f06c8

SHA256
0f91c1972ede2f48be6c004cc0cf56c94c12fadac5ee48fe6f3d7a2ba467cafb

SHA512
cf69f1a46ee5768d5306b59fa1090497b8cbf7d5e69393e9840d5f91ccf336af605648f091f0dd4e847e209717dd1f9e555c99d49271d04ae2cf13dc375366c6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
d2545c855addd70ca318a38d02c031af

SHA1
f832342d14ea8b5e1912e8727ef26c722630fb56

SHA256
07cb578c6110c4575611a2830acbd555249db3660f8d27a5ea1c051718c0ce89

SHA512
4583dfd3e30718815c62aa64e8a55a81a09e75089877c0e141bb3641262c97c5b884cbbc2df04589f628930dcd9c406cb9c1fb924112f4c7e7bf218f1ed673ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit