hxxps://steam-gifts[.]pro/50

Analysis

max time kernel
249s
max time network
251s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
21-02-2024 03:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://steam-gifts.pro/50

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133529600679325473"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exechrome.exe

pid process

5100 chrome.exe
5100 chrome.exe
4160 chrome.exe
4160 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

Processes:

chrome.exe

pid process

5100 chrome.exe
5100 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe
Token: SeShutdownPrivilege	5100	chrome.exe
Token: SeCreatePagefilePrivilege	5100	chrome.exe

Suspicious use of FindShellTrayWindow 30 IoCs

Processes:

chrome.exe

pid	process
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 5100 wrote to memory of 4820	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 4820	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3636	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3684	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 3684	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 2236	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 2236	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 2236	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 2236	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 2236	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 2236	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 2236	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 2236	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 2236	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 2236	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 2236	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 2236	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 2236	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 2236	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 2236	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 2236	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 2236	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 2236	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 2236	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 2236	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 2236	5100	chrome.exe	chrome.exe
PID 5100 wrote to memory of 2236	5100	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://steam-gifts.pro/50
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5100

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9056b9758,0x7ff9056b9768,0x7ff9056b9778
2⤵
PID:4820

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1748 --field-trial-handle=1732,i,5421931766622835175,13825585288199891065,131072 /prefetch:2
2⤵
PID:3636

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2152 --field-trial-handle=1732,i,5421931766622835175,13825585288199891065,131072 /prefetch:8
2⤵
PID:2236

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1732,i,5421931766622835175,13825585288199891065,131072 /prefetch:8
2⤵
PID:3684

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3048 --field-trial-handle=1732,i,5421931766622835175,13825585288199891065,131072 /prefetch:1
2⤵
PID:5104

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3036 --field-trial-handle=1732,i,5421931766622835175,13825585288199891065,131072 /prefetch:1
2⤵
PID:1232

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5392 --field-trial-handle=1732,i,5421931766622835175,13825585288199891065,131072 /prefetch:8
2⤵
PID:4000

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5024 --field-trial-handle=1732,i,5421931766622835175,13825585288199891065,131072 /prefetch:8
2⤵
PID:4956

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3204 --field-trial-handle=1732,i,5421931766622835175,13825585288199891065,131072 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:4160

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5480 --field-trial-handle=1732,i,5421931766622835175,13825585288199891065,131072 /prefetch:8
2⤵
PID:1908

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3700

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
Filesize
40B

MD5
d953520eef04a7f704dfe97db53f6a7f

SHA1
55e37085e46991e0aeb58b2cc0dbc1a3c3c04e39

SHA256
7b14abffd2823cb808b20be179788d4ae316533eaeb954fb0c0fbee8f9fe0f47

SHA512
630b0cf4ba960966d41b512868e6ec54db4e270fe936a2ad8ff80ab7b7cc9b021c6b7eeda83744602edcccaeb3893f87a2b2270b8ca8ba9c409e98036d5b0b85

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
648B

MD5
e27c84bd4cc021746f780c80ce1a5e67

SHA1
55d3a9b631f626ae74a7bc9781c21e55a7220b40

SHA256
edae58b3f8f88782b8265c10462b11e471a99f1450b6e4d1f14b15ab7e49f516

SHA512
78adc680cbeaed5056e48659f7941b23851e0c4068b442775022f229ae132d42e318239bda948babf3cf47c2cec583810d2039dea1c9e0b7d53649094f136af4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
624B

MD5
a4f803ab2d84332e2fe9ec46184a8d1e

SHA1
9f9e4b5c39c5c8e6031e561aa3df202fb7e199bd

SHA256
5fae714cf0efd6524fb37932404fc7a1627486c393474dba062feb84cdb45ee2

SHA512
f36ebbb3f3c44366c9fe4738198f6c980f8ee900d1c96d36ab5bb012f69fefa4d256e06f329435dfdc2213d6045e49ccbed67d62362406845db3b5e127428749

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
2KB

MD5
aa27d7fe2cde88dc248b012209e1b197

SHA1
9e581c84a5ea63f8c561f55d3956ad1a9b1f1ed4

SHA256
6cdec056267df3213d80c38545f75c5f9c5acb68fbe32d1be04bc68863232d23

SHA512
db0accad90a0ab3ebb7518ee8e9c6d28a58425a243910da324f9574cf54c8847029b717e80079ee43c9b7b873d4c71236c0412daab589c83cd1a19aaa99d420e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
2KB

MD5
17ef694f128d2cc888379fa6fc58e65a

SHA1
9f0935a77ccfb770a6e68fc22f6bf64433b5059c

SHA256
9bb4f2eb82ee9b9cc0c3374e04b2a438213a14b81c2c53dd736aaf7274c5fa7d

SHA512
f867bf6b489dfa95248cb23c28b35392c6ac598c7604a998de18d90d114be84d3654fc8f64d6fa051be0d0a79dc92990c500a73168345db8031ad100ea1f908f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
2KB

MD5
5906154ca428c5a2629b211c4545c001

SHA1
74fcd203c980c304caa1585d5848563b4fe222d5

SHA256
497f4c1e57f9699ee08c97779872d2f97c7f777aab937311167638187ffc11e8

SHA512
10b00ed6e0739f5f7f82388c349042448d1bd5e3abff6fb28f613de6bdbbf7b5a6b517d8bdc0f1dfbad52ab5b55423a9e79068bd0e8e96a3ce239b93434c6c87

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
874B

MD5
968a0d2c1df30f5046eff35e06c5bb2a

SHA1
5d06c542a528d5a0fcd4d9d25f66803f0471b0ec

SHA256
18bdbeddead7318f0c93e5b5646dc70efb50f7ed282cc66739b71ac16d519f32

SHA512
cb3c277d36a50a1365b25f9c176d894cc2b3635550bd003d0ba5469355844a8b74e1c9894d98eeca2148a3104bdd401009664abdb33c74c4e9916c3975b88462

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
71181d198e72860e8161a209b8a7309f

SHA1
6a065a66e27ecf5325a4c1a1ec06d1fdf2fa76e9

SHA256
7040d3c5f0004a855fb87c58dea47244b12efbc49c42a20dee437e6aac0df868

SHA512
81569bc8758fb72c000151caca981cccc4eaf5ed7cbf3a8b74f8bac21cf750d985b2a99171d554387422c982b21d13651c58eb23b2c8f5402cdfaf5e95652589

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
815b379a92107ce855d373da537567a5

SHA1
0ac2063a92bb0ad304fe99bceafaacde61850b35

SHA256
b53d790a1837424bd9c69bb0c69b6c11f3151bf406e2952ee489b8e300df0953

SHA512
6d38c7d6afccd7faafad2e897167b103f680eb55a1de4ae80257c67ec3232708829eb040bffd002c0c5fdbde280098760aeb377b33d257f7c07ad153742ad7c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
78c8d2f1f875cf4dd9160ca7f0aa975e

SHA1
302d58dd2b01f27ddd4ef82d912fd498e23e4188

SHA256
c46a3c17cb829103b4caae36d5a7b185f9f78e0bd1ec3b16f7c8d4eba294ac08

SHA512
cac43524e89b720752842b75b1fb096eba92def3ef7233b0580d36fccdba3385bb2c8bf7f8894dbf98d42bdf82b2e6afaf805080369ab2c19c317986c89bc6e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
5c8fdcf3572afa3815ba1a01abde8785

SHA1
03daa0ace53040db559398e9e69f1baa7de971cf

SHA256
692b55508e481a04733d11a0c2f926ade13d2927171df5fa69cb848ff7abebc5

SHA512
d175e1553692c3a0ad162c86243aadfc49fa5dab2e2d34a159c8af168fab864b6887ffb4c8a61de206e6112fc58c5f02378463f99e9fafbf38151d480c57a89e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
7f7c9bab5e8e8aa3c19866a4b14c45c8

SHA1
facc2d9696f389eb2eb311167c0f10d1d8451293

SHA256
d1362cc5dbe73493a59510c01cf99f86906a2ddfca7446f10d056e34de518f93

SHA512
699643d70f8c12b26ec3cc273b6f871ac96ead08a531ad256e29bdc8df95c325365df2ed3c339d713b418d7165c31bdc0638cd6632a4c8fcd9613597d42d836f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
114KB

MD5
3fab6d3e04e76a243da0a4fba373b0b8

SHA1
3f6a17f541f5c47475b14d88d4fb7ef8a2275e20

SHA256
7a2ff555e28f6acdb346819f0c1ac227d989e82fe9ad54e666b789d553aff39a

SHA512
50f16f145ded7a46b4aabe2501f050c2947b50a7f8c5e6f696a648774498698d850b569986e8a662168365cd8a3259c486a6ad4bcb1db6d0cdb0a58182cc01fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
114KB

MD5
674ae9e75e43c96933e6c7d092f5f756

SHA1
0d30f6a8fd5848f11577e52035bfd237573b191d

SHA256
ed297c2e257b1fe605d5aa97b2057aba561034449147928f07cc349cf3dcc235

SHA512
b64f6ccdbd548082057377c6847eceeaabcbb4c792dc4b0f8af2753b46eb5e393e0d84b6853269f56dec96ed55d90f7164ae0b6cfefa2bb75f97fc02eba8fc8f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
114KB

MD5
0a0e9f269f4c274c9987837f11d94652

SHA1
eff0e2b77f2dbdc44546c317dcf0af312995072f

SHA256
60cde281c77dab1010571492319d3dc8ace7bb240cf7b68023690c0a517a83f0

SHA512
08082ab7791479e69930dfc36acbefe71521f167597d44896038624773671464ebd8a8380702150603f57c8136e09bcd50b7e08f3639928b5ff585e1060df766

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
Filesize
102KB

MD5
dc5bf041ef0ef12576fead7d86f6c148

SHA1
b3607d5bbfab031b5ecee85fc6d876fc092e9dfb

SHA256
34eb5a92c80cc8301ea12eadc521de8481f48220bce162ed4b411c243d830f0c

SHA512
ee98d13b0d310ff319d276f4b37a6b18f61dc814d6d1f289d63b31c1180f92666e03cf787eddb3ca19871bf8673e0c68387bfe0e90c7f77849c139fc6493c7aa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5a1adc.TMP
Filesize
101KB

MD5
9aa6f58d4de556671138f69696ad29d4

SHA1
03b854f8435691c74d218cadc6fd415eb5558b63

SHA256
daa8abba8477e2859f7bc515f2a7e09fa489a6b184b40b0a0f1b24cf28f44305

SHA512
328d0a69e4817187d260932eec2303e4a795a1c1161301f605cb3ae96b1005eea963c9a79b7038c2cb97d4964bbb0c141b9f7fd23504cbbc0d725b6c81634b60

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
Filesize
264KB

MD5
b9a59502b4f4013aa6442fa09847a3ad

SHA1
928a7530c6f7488916632f6ef1be702ec59e1b8b

SHA256
cb02f68c9373dbd003fc88ad4c28978e5d318f0953ff8ddf25baa8aeacf75fee

SHA512
6b07c0a8294e1b082d8cffe80626d24e0e953240e6f889cddb55ead2fdf67fdb6c56d2bb758961df041f5851124310ec83842fbb761abd6e20efafdfeff7e3a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
\??\pipe\crashpad_5100_GWZXGDCQYQAKGRYU
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit