hxxps://youtube[.]com

Analysis

max time kernel
1800s
max time network
1694s
platform
windows10-2004_x64
resource
win10v2004-20240221-en
resource tags

arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
submitted
21/02/2024, 16:56

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://youtube.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3844919115-497234255-166257750-1000\{A1EE029E-4EA2-4632-90EA-FA5146DD1F33}	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
232	chrome.exe
232	chrome.exe
1712	chrome.exe
1712	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: 33	1900	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1900	AUDIODG.EXE
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe
Token: SeShutdownPrivilege	232	chrome.exe
Token: SeCreatePagefilePrivilege	232	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe
232	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 232 wrote to memory of 220	232	chrome.exe	82
PID 232 wrote to memory of 220	232	chrome.exe	82
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 3820	232	chrome.exe	84
PID 232 wrote to memory of 844	232	chrome.exe	85
PID 232 wrote to memory of 844	232	chrome.exe	85
PID 232 wrote to memory of 944	232	chrome.exe	86
PID 232 wrote to memory of 944	232	chrome.exe	86
PID 232 wrote to memory of 944	232	chrome.exe	86
PID 232 wrote to memory of 944	232	chrome.exe	86
PID 232 wrote to memory of 944	232	chrome.exe	86
PID 232 wrote to memory of 944	232	chrome.exe	86
PID 232 wrote to memory of 944	232	chrome.exe	86
PID 232 wrote to memory of 944	232	chrome.exe	86
PID 232 wrote to memory of 944	232	chrome.exe	86
PID 232 wrote to memory of 944	232	chrome.exe	86
PID 232 wrote to memory of 944	232	chrome.exe	86
PID 232 wrote to memory of 944	232	chrome.exe	86
PID 232 wrote to memory of 944	232	chrome.exe	86
PID 232 wrote to memory of 944	232	chrome.exe	86
PID 232 wrote to memory of 944	232	chrome.exe	86
PID 232 wrote to memory of 944	232	chrome.exe	86
PID 232 wrote to memory of 944	232	chrome.exe	86
PID 232 wrote to memory of 944	232	chrome.exe	86
PID 232 wrote to memory of 944	232	chrome.exe	86
PID 232 wrote to memory of 944	232	chrome.exe	86
PID 232 wrote to memory of 944	232	chrome.exe	86
PID 232 wrote to memory of 944	232	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://youtube.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0x40,0x108,0x7ffcbf169758,0x7ffcbf169768,0x7ffcbf169778
  2⤵
  PID:220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1772 --field-trial-handle=1744,i,6811685521026336017,5383337120080440422,131072 /prefetch:2
  2⤵
  PID:3820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1744,i,6811685521026336017,5383337120080440422,131072 /prefetch:8
  2⤵
  PID:844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2264 --field-trial-handle=1744,i,6811685521026336017,5383337120080440422,131072 /prefetch:8
  2⤵
  PID:944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3212 --field-trial-handle=1744,i,6811685521026336017,5383337120080440422,131072 /prefetch:1
  2⤵
  PID:1404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3244 --field-trial-handle=1744,i,6811685521026336017,5383337120080440422,131072 /prefetch:1
  2⤵
  PID:3396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4424 --field-trial-handle=1744,i,6811685521026336017,5383337120080440422,131072 /prefetch:1
  2⤵
  PID:4444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3392 --field-trial-handle=1744,i,6811685521026336017,5383337120080440422,131072 /prefetch:1
  2⤵
  PID:3316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4812 --field-trial-handle=1744,i,6811685521026336017,5383337120080440422,131072 /prefetch:8
  2⤵
  PID:2252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5272 --field-trial-handle=1744,i,6811685521026336017,5383337120080440422,131072 /prefetch:8
  2⤵
  PID:5036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5340 --field-trial-handle=1744,i,6811685521026336017,5383337120080440422,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:5068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5964 --field-trial-handle=1744,i,6811685521026336017,5383337120080440422,131072 /prefetch:8
  2⤵
  PID:3200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5472 --field-trial-handle=1744,i,6811685521026336017,5383337120080440422,131072 /prefetch:8
  2⤵
  PID:1396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5908 --field-trial-handle=1744,i,6811685521026336017,5383337120080440422,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1712

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2680

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2ec 0x50c
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1900

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
456B

MD5
5e2f0fa867c3510c5d5900925f1f174c

SHA1
309f846c7e4e8139c8f07e000c9e71824dfabfa5

SHA256
6819ade3f1db1df646953a1a6b6a7fdec988ac3ca13d482b173e6c1137f2b274

SHA512
ee749af7dd78ba02af1b08ced7322abcb54009c1cfd26d68c43769f8e2a75214f7716ac13e9d64289845a2049fa2c36b03f709b666af5f922f1002ed8ec6a0da

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
c9d9873d6594e6cb068d64747bd38f3a

SHA1
f4bc141ef30581b46157993dc7c798261d74d2d7

SHA256
d4d8334cd1e84fea65996f52d8b4ec15b03c37ca0ddc1f773c86c544fbb3e413

SHA512
71d9609df5ce726181e61be183eda2300fc2a0cf04ab2082cbd863ee26f286b37807d8306275980268ed9ac1ac71f3483707b1e37561fcd522db66bc8468abfa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
635701bd19d74238065d44f2d63f93c9

SHA1
00191f9df350282250c7de839e2652903508a64b

SHA256
dfaf10d6b908723247267512fd3b5f546159c795f0255be5ec28a7bafc7f6f0d

SHA512
1855ad2c2fb0d5beeeaffd0ec44a913e04826c1ac0235165605b5d884b4f31755cf36719e5451cb9da7086548c9fe160550adfee6dfee8be6a21e95d3048649b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
cb87c8ddb2e68dc1fa2858d2c1352ad0

SHA1
4c38d0de8ac1fe67766ff1bf5ba4c02671773578

SHA256
503950c970e3234b7a0591997354d147dd86168455e28b6c465b3781611aba00

SHA512
e97ec0d7a7a4827f13585148db5bff5b9f8134a900ff284b9663e1d1c41bc0b7fa9bb3b04a8619dce0aa86028d3c37b7552fd62ebf41ebd63ae1b9beb2c91a4e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
385ad264a85b5ee8d002d29ab70ba008

SHA1
e1ea5cbd002f0d7c97be6afe201d31b1406068e0

SHA256
f4b852f6b6221b2c4b2cc190422b1075f7a2c3a5ad101d7a854bba34fd346bb4

SHA512
46cc288f1104ee7201adbcb76dfb55e5fa024f710f747f682a41d643e1cbb2fc4724e6dbcb19add4d9e93e54f214bd7827883492ff1f580076001f08e3ef8f52

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
9111025f2ac38a2743e5c1ce9fc5f889

SHA1
7b81026af8b6ab7c7484c35f5a2df23658d530b2

SHA256
6222cf1a00622f7272c8a3f3dd43ce036066f1e0eae045999b4f45574b1fff3b

SHA512
0608d3f1c07176adcf90b8a40214ad605dd428d1378cfaedea4852b00f6d64fd83856ce4c1ae0069546158c325a9bd451648f4797bf326d5dc450cadc52a8ae4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
74e0ce3d1c61ba8fbd8436c1d13e8f6a

SHA1
0cfeb26c67ba34e9e56c70afcb4048be8ab4e207

SHA256
6fb5a912c46318b22a6f50cff151f55ee661bd54991ed2bf5d41b07072bb2af7

SHA512
4c45c4fa031752cd3a8eb55368e5f1b00080a6a5d0d04239f68f7a32320a327723907ce23f95eb52cecc511e0d9cc7798a6c2550f935cd8a22e575694c2102a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
2ccb96fff6509c433dc3e9fe85ad4c46

SHA1
ceff835a6d48f566e3356dd0b33d898503751ab1

SHA256
519a3738ff787a05a2c56f975ea000bde4ee08a5b2bd99bb3db28a732d72ff7a

SHA512
87619aeb41637060c0c5b592890f7f4d5718ff32c743cc50b258cccd8825cf0a89c686b2a46dbe6c3e4e5775a49cd694abda6f14421a730fe1916a6e1c96f421

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
8ff1f7855ddb6e946f6745d84aa778d1

SHA1
625cd7dde6abea45f6fdf841bcc9e425c24f24d7

SHA256
74867b37eba1a43abadec953037feb89642a63272626624ea483bfa463aa6a9d

SHA512
a81390360bf14b157c95252d0b4895724b0a4ea95eb01b0943d7ddd56b484c58efee5ac2f81ab9b232384185eebf3977e537d2a0c8094af46c481fbade4798e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
1ca3c58b65e1402f6a54f7716ca9aa9a

SHA1
ab6cb5269769524279ef8b649e8f32cfb5f8154a

SHA256
cefb34cc06fdf1537e5f1d3b2315682aabcc033da902591b26a4017afc9e7aa7

SHA512
8a3a91be67ba474a73255ba8e75fc7d7f37e981d2a89d74799f706c6d756e111d752747402533193131593749a846810431f79f9bdcb2c9a9ec15863741d5fe3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
e387d7d6ec9ff493cb0657d5981b728e

SHA1
dbe3980e4e6a60f8799c6f5cbc2038c21206ee25

SHA256
40bc20c88f200047769fa6e2ba96af0c81652d9c7aed6210f5713174754a1013

SHA512
4e0dae4848f4133f9c95ff832cb94d84a4487ecba9d6ce518bd292e5abae1f871a73003ff4351495d49f408abc64766d0cac4506b8f4a8957ed8580b2d534e3f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
af6be9e9e612564bacc3a049d5ee852b

SHA1
0fa2db378299893f442ae9b9266709062680dabd

SHA256
3c4af14c90837b751ad990d45dbdd0609c7c14012b8010f6e4339ecea4540164

SHA512
0d52e1f05113606f3aac63a99281401c8937421feb5ad8b79d166cb933e1f075b590fd3c2141eae520c8f80ef88c15181577d286d1bcba40803f85d179b44a3a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
979e792f1abeef27dc7ddb740818166c

SHA1
8a113ea1a89b148da4c1d056eaf382493b4f0ca7

SHA256
5c8f21f7cbbc475eb650940b18568c56cbf5ddcd7ae5454403806d5793bfe81d

SHA512
b5d7e24d95c07c28f47ef5daa2880d7efd069006770a4fd1c6ff1c48d5b06e9a3e3c16f222cbddbfa1bec034dce65ae952e8ef15b2ea7427aec7b08d920ed08f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\71b0bbbd-60cd-48f3-b43a-dcbbb898f0dc\index-dir\the-real-index

Filesize
2KB

MD5
84a94e8fd8bb1a81067cbeb703af84f8

SHA1
aac3a09cb6acbc473fc94d876c045d70788d2bd6

SHA256
850981f643da0bb9fc6e5b48fa31444af9e1a57471c3bcf67c2ba2aa2f718c78

SHA512
b9c7b144065b9af835941ed7509b9dbf80bf9ee74174b952efe034f6f3ab56e08d3bf0d13a0ea554ebcceed14740ada25e459e11f49657ee7fcb77011bc3ca82

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\71b0bbbd-60cd-48f3-b43a-dcbbb898f0dc\index-dir\the-real-index~RFe584bd9.TMP

Filesize
48B

MD5
39d7c93fb6f3b10c74f8675f6c569244

SHA1
001046497cfea28120be172218db99041892c650

SHA256
35deed0b27d53110f07762261f70eeff6bfacecca22b1e6d336bd7ecde7d0174

SHA512
560f4076592e77214a2f11ff1fd12cfbdf405af915fbb24133c346314619d6e141c9cd2b1ab5c86a0656b41c6af26424ba3530767f5cc261a48c0619f89fb68f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
249fc2503b4cf43e8fe530216dfcba43

SHA1
0d7920d8d7b2e0a896575b0be6c72336ef381c79

SHA256
0c0d3a0bce5718c8a59df54b2c905cbfe801b3f0374d78c554b9f813f3c6c0dc

SHA512
086efe52157185b719f4d02b61ddea0bb11e571b7544ef81754b7457714243f89645bbb51e8eef0ba5ed2ed25cb30c41dd6990366c4cceedd3d44ba408b32f66

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
046a9a5092023f772fc49e6052d1e0d3

SHA1
98b90815819d74ced7b240148110c7ae7f192907

SHA256
696b8a22c7235a69b28dc6ab5a0dd007818f97a882f534748305807532e07bb0

SHA512
79d514785880838daa6f1bcb87052da18d9b311de3c47bf34f5810931198159c119c1232edb62313cf3df1ec4d59e6ee3904144eaa220b5fa2a8e80d25c50b77

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
c6d303951f7fe268d08bef144ac84721

SHA1
ed64f37f29b2adba57022dc7dc59c60a3edc1e13

SHA256
ac2ac39665ac50e66d8a988fd0ee13e0bd82c4a0f132ec467d77b00f23e8a7d2

SHA512
67d2ebdd9017f342e27f901af7e5ea8a213eb384d534e03721aa3318c4ac22c2e0f660adf0ffa5ec7073ef729a85cec3fb90d1d04e3b352b77bdddfeb2a78054

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57d11b.TMP

Filesize
119B

MD5
7ab9c05b31dde562fd6264c9ae5355e6

SHA1
4249523cfa02dd871b1c45aaffae58869787739d

SHA256
32cc92f01104d77058bfb59d59eefcc755f71da8a0e7c5a9adacd285661431f0

SHA512
ec9b24ae90d88e1cfa477fd1afd42f74bcfe6722cfcd6082bc3ae371078016d16931c9237a27113e4b890c73bdc593eeacafe9469d7fc984158891a8849d92b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
7939315a606c29257c78030a890760c7

SHA1
72506a91d22a803c4cf44653ae66e26d37ef0ae7

SHA256
eb0edc86e35609e80e21c4d10ee5db38b600713b163a5d117a6c9bf39eeca322

SHA512
5217aff33b40baba2e4b378fa81d322634f24c0624272b0e72e4decf60122f7855fe75d4f0902c4f4109a6f926dec0c5f578e66bbc71be3c1cfa2f8576d0dfcc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe583553.TMP

Filesize
48B

MD5
0f4ac4ba5c7a1dca325a91cc653e048d

SHA1
a2d550fd66ff113bafa21ed737c28095e6d7b4d2

SHA256
83bd65daf149716a9526a35ac5048d4581090acef5839dfaad81edb61b24e4f9

SHA512
9054d396ca6dfc9519ccac8870f6089f3a568525d7150684c1e93de598eac579903e469baa77bd0dc3f14249beb0de1603a865d9f0d63d3c54a6befd9a87323b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\0\512.png

Filesize
2KB

MD5
12a429f9782bcff446dc1089b68d44ee

SHA1
e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

SHA256
e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

SHA512
1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
7f57c509f12aaae2c269646db7fde6e8

SHA1
969d8c0e3d9140f843f36ccf2974b112ad7afc07

SHA256
1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

SHA512
3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
603f60ae5d2a6a02eefab0701e64604f

SHA1
7678162d5815e0cc3816dfcf34647abe8d5bf7d0

SHA256
800dae6a8f6be4020303afe70197c9684e7019c15e50f4c583c7621dc02ae6db

SHA512
f6634feae511ff251617be81bbedc643af12f1325100d08e65da15055ca9b902a4a1b482c47a1df0cd8932c365c80ced3b5321e9ca4b8b22cd33f875dcd2e321

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit