hxxp://newcp[.]net

Analysis

max time kernel
150s
max time network
165s
platform
windows11-21h2_x64
resource
win11-20240221-en
resource tags

arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
submitted
21/02/2024, 13:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://newcp.net

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1528	chrome.exe
1528	chrome.exe
4616	chrome.exe
4616	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe
Token: SeShutdownPrivilege	1528	chrome.exe
Token: SeCreatePagefilePrivilege	1528	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe
1528	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1528 wrote to memory of 3640	1528	chrome.exe	45
PID 1528 wrote to memory of 3640	1528	chrome.exe	45
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4044	1528	chrome.exe	82
PID 1528 wrote to memory of 4000	1528	chrome.exe	84
PID 1528 wrote to memory of 4000	1528	chrome.exe	84
PID 1528 wrote to memory of 4788	1528	chrome.exe	83
PID 1528 wrote to memory of 4788	1528	chrome.exe	83
PID 1528 wrote to memory of 4788	1528	chrome.exe	83
PID 1528 wrote to memory of 4788	1528	chrome.exe	83
PID 1528 wrote to memory of 4788	1528	chrome.exe	83
PID 1528 wrote to memory of 4788	1528	chrome.exe	83
PID 1528 wrote to memory of 4788	1528	chrome.exe	83
PID 1528 wrote to memory of 4788	1528	chrome.exe	83
PID 1528 wrote to memory of 4788	1528	chrome.exe	83
PID 1528 wrote to memory of 4788	1528	chrome.exe	83
PID 1528 wrote to memory of 4788	1528	chrome.exe	83
PID 1528 wrote to memory of 4788	1528	chrome.exe	83
PID 1528 wrote to memory of 4788	1528	chrome.exe	83
PID 1528 wrote to memory of 4788	1528	chrome.exe	83
PID 1528 wrote to memory of 4788	1528	chrome.exe	83
PID 1528 wrote to memory of 4788	1528	chrome.exe	83
PID 1528 wrote to memory of 4788	1528	chrome.exe	83
PID 1528 wrote to memory of 4788	1528	chrome.exe	83
PID 1528 wrote to memory of 4788	1528	chrome.exe	83
PID 1528 wrote to memory of 4788	1528	chrome.exe	83
PID 1528 wrote to memory of 4788	1528	chrome.exe	83
PID 1528 wrote to memory of 4788	1528	chrome.exe	83

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://newcp.net
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc84069758,0x7ffc84069768,0x7ffc84069778
  2⤵
  PID:3640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1668 --field-trial-handle=1624,i,7705108249205385458,7805354978009651186,131072 /prefetch:2
  2⤵
  PID:4044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2160 --field-trial-handle=1624,i,7705108249205385458,7805354978009651186,131072 /prefetch:8
  2⤵
  PID:4788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=1624,i,7705108249205385458,7805354978009651186,131072 /prefetch:8
  2⤵
  PID:4000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3048 --field-trial-handle=1624,i,7705108249205385458,7805354978009651186,131072 /prefetch:1
  2⤵
  PID:3116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2924 --field-trial-handle=1624,i,7705108249205385458,7805354978009651186,131072 /prefetch:1
  2⤵
  PID:3388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4424 --field-trial-handle=1624,i,7705108249205385458,7805354978009651186,131072 /prefetch:1
  2⤵
  PID:3732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5192 --field-trial-handle=1624,i,7705108249205385458,7805354978009651186,131072 /prefetch:8
  2⤵
  PID:4368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4684 --field-trial-handle=1624,i,7705108249205385458,7805354978009651186,131072 /prefetch:8
  2⤵
  PID:2144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3088 --field-trial-handle=1624,i,7705108249205385458,7805354978009651186,131072 /prefetch:1
  2⤵
  PID:2280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3916 --field-trial-handle=1624,i,7705108249205385458,7805354978009651186,131072 /prefetch:1
  2⤵
  PID:4112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2124 --field-trial-handle=1624,i,7705108249205385458,7805354978009651186,131072 /prefetch:1
  2⤵
  PID:3156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=1744 --field-trial-handle=1624,i,7705108249205385458,7805354978009651186,131072 /prefetch:1
  2⤵
  PID:1332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4804 --field-trial-handle=1624,i,7705108249205385458,7805354978009651186,131072 /prefetch:8
  2⤵
  PID:4464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5896 --field-trial-handle=1624,i,7705108249205385458,7805354978009651186,131072 /prefetch:8
  2⤵
  PID:4248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5416 --field-trial-handle=1624,i,7705108249205385458,7805354978009651186,131072 /prefetch:8
  2⤵
  PID:3880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5932 --field-trial-handle=1624,i,7705108249205385458,7805354978009651186,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4616

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4232

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

Filesize
194KB

MD5
ac84f1282f8542dee07f8a1af421f2a7

SHA1
261885284826281a99ff982428a765be30de9029

SHA256
193b8f571f3fd65b98dc39601431ff6e91ade5f90ee7790bfc1fba8f7580a4b0

SHA512
9f4f58ab43ddadad903cea3454d79b99a750f05e4d850de5f25371d5bec16fc312015a875b8f418154f1124c400ae1c82e2efd862870cd35c3f0961426c8cd82

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
864B

MD5
ded063c1fc9c47f971a2f95c985955af

SHA1
ae815765879ec74ed2b38237dd525821ccaa1f93

SHA256
eea0797b4f08c82c42d96e65285c99869e0c852ff5257104a96dce9b063bcb73

SHA512
3aad3a17719f2ddaf53e009016ff4ccbeeb3541dea8584240675ebf7cc75f9d24cab1a900097d24d217385ac4d6717d50908e3a1e54ec902fb1d0579eed5bfa9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
432B

MD5
63805aeb1e2c3e9dd767d022a4cf8a61

SHA1
d1c6489a930d2109b374baf84122321a9ab7e482

SHA256
60b74a45ecd93bb47fb89e833d14ef048a59ef287f524ca5c91ef11bb97fadbf

SHA512
50ca3725a68fd73969b652554cc94972030b427561c59144f34e6c4cb0ae1ace4bebbea588780415ac014935abe34996549c07bf55b2a3f7f6c88787bbb88bb4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
9e75707a83b85573c5710dac7f838ce4

SHA1
f604af663e1ab75543ffcd2ac153743be2a8a5b3

SHA256
d8df162674b3172524924559959c457fe248d10a460eaa194cd873f60e5ad84c

SHA512
ad1b4ae5eef2014f48935ec0ced49c7349863ca5e5cc0f2d9d257b284819fa6bd92ac2c4ef067882cce65d045bb475023e912b6b5f920d74b0e9ba68ce4b4704

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
1948a31a627dfa03b80eb527863eca1b

SHA1
239dd90c71997c9bb2c27de959098896f12c4daa

SHA256
63b17400173338c956f488763aaaa0f22cf1ba06497033cb597f47fd3b1af2c9

SHA512
aa524355f03d127944966ae8bb6ddf9e4426c968373b2913ea09d6f917a30ae4beabedda443ddd52cf617f01890a1c9abb98ab0fa276e4a01fa35986077483e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
705B

MD5
5522d9e56b8ac3dd5152d52933bf83fd

SHA1
332b9610da41849a728ef01c069f2f38c8ed4121

SHA256
ea6646906935112015687919d6c75e2d37a04681bf78f649cfbd242ac942d95e

SHA512
fd17fc5fffb7d4c021e70f5f613cea30f327db5c14b12ca30134747ad239885a954586c038696cfa40308989183f81bfb7a91c6955b1dc9807d4a0ae040f0c8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
538B

MD5
92ee1fad40fc5585cae47621c8ce75c1

SHA1
bb21d2088fe998276c23a99b31886e68507e10b3

SHA256
908d688d7052d18f3aab6dfca34578e883e0668a76177ada70d9da245a7d5fbf

SHA512
b66ee4eab8ad0da5c69a3bbeec6399a27d0bf8521e5275a925f5ea886d187d7b5ae909057fab4a56957a8a2dfdc13f6c7d879c29711ab1453cd6de106addb337

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
fd4450a8432abfd58958ffe649cfaa6c

SHA1
090d3ea71a1cde75bfc0e89d522ed448a08648e4

SHA256
b12088b98b6820268ecf1558c4ff73f0a799dd16483b7ff0bd68a24fb221c19a

SHA512
1e9e060f4b3a0450a1724abd7cd654acfc8359a99bd8fce0ff1c61844ff986e84fb31d7f9e9315a73d351d52dd46d68b7a6f9b9ce501144f285f7017728d7828

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
4e3b518df9a725e21a86262eb2974637

SHA1
2e3f32f41035fa96a4227bd6120de67f57eb0dcd

SHA256
d4af9998d972659d113c1a99f95048b9cc05a875239bc58397a014e21fc32704

SHA512
87c4184512badefbc52e6bedf1bab3fcf4b50450f93fced2c596a155f83a4a25a8307945006da44153db0dacb02de4ea3e99f8df277ca46de6de35d0e33f393b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\d8cebe8e-c310-424a-919d-3cf5dc29026a.tmp

Filesize
6KB

MD5
67deb9f639e122d4913226c645cf828d

SHA1
3389b86f0d379f4a14e19d759625af42738d33a9

SHA256
4afab4c3c9d0c1896596102f13ae4a88eb84698781107c4923f549f041d29e58

SHA512
c02729c0e17b5be7f72f58b0305c6fbe0928cb006c88fd8b2fb34212faaa13747e8412bdad679be5f231b7048cfed98fab78a62c8d9664afa4e3242ab52a7e8b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
00c1a50a2b6a3829190002c16dd8823a

SHA1
a0e5a903980b3d898e746511fcb76aa58194fc06

SHA256
c17d04d5b21befefad085d5a90fc488a66c553656c1bbbdd0b62491a7943ff81

SHA512
558f8fe187298803bfeac6a6b1d7ffacfb8169f571793810990672c0dae1751e035b5996c0c3d1912003f8ecbf615af54442233b24fe1c881a76021bd50b96be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
9d8597e27e7815bef47d13f555471340

SHA1
45f9540f75089f73cf08766bd7912a92c67e401d

SHA256
09b74b9236c3ae3d4d9b90bcf237e7f6be60bd21f1f0c57f5a86e991bf8846a8

SHA512
004ecba91c47e7b421ea69263fc9895db62e0f547b3af4e7bee8d4432142a46fea5be48875d1d69d72ec1ce2fa0a31209baaf5b23def8a17940bc27b9eb57a3a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
b0df5d5af819454dec98cb26749c21a5

SHA1
407a8a9d2a754a856fc175a4bba7ac84911ebfae

SHA256
b5f3c51a8880971866d99344de6ae06fb5c2641117e3954bfac77ad36f50e1da

SHA512
cb90f9d37d1a7c86eab34ae2f1624f28a9e4f1255064a81a683e45ecf78e1194590d0dbb62e960a1a7cafc62c4c9077eab1223a0b350ca702f644d4f699be93e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
97KB

MD5
8df6eee7645b402d7d7900341f0c37ae

SHA1
c658a3edef8aa6dd4d695761f149d51caebc0fe3

SHA256
f879a726983abbbc1ba9bcec274711688276fdd30a2654dac92ce8177eacf67f

SHA512
869787489029ca6003a181683f6836f2f50dba92443ed667c4658ecf4acdbaec7468700261bb716329f118481f5e787e213485cddd08925ea3c1a00a3bc5edec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe596121.TMP

Filesize
92KB

MD5
a4ae2bfcaf6ac92ebc26dee53b3c4ca4

SHA1
9c2010c13969530f19bc634f3432a15d4d62e029

SHA256
15d89dcd609eb6d14ee79678117b264cc6926232eae122916d59d4964f528529

SHA512
5832dd29eadc0578bf8a597430d1bddee330a30cbde14e514be03770f0fb9464bfcd360a5ebef6b4f6a2d43d69a13af6715bed990d2d4cbe72b87e13886d9c8d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit