hxxp://www[.]msn[.]com

Analysis

max time kernel
149s
max time network
144s
platform
windows10-1703_x64
resource
win10-20240214-en
resource tags

arch:x64arch:x86image:win10-20240214-enlocale:en-usos:windows10-1703-x64system
submitted
22-02-2024 12:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://www.msn.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133530779814994342"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
4840	chrome.exe
4840	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1716 wrote to memory of 1352	1716	chrome.exe	71
PID 1716 wrote to memory of 1352	1716	chrome.exe	71
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 3556	1716	chrome.exe	76
PID 1716 wrote to memory of 4564	1716	chrome.exe	75
PID 1716 wrote to memory of 4564	1716	chrome.exe	75
PID 1716 wrote to memory of 1292	1716	chrome.exe	79
PID 1716 wrote to memory of 1292	1716	chrome.exe	79
PID 1716 wrote to memory of 1292	1716	chrome.exe	79
PID 1716 wrote to memory of 1292	1716	chrome.exe	79
PID 1716 wrote to memory of 1292	1716	chrome.exe	79
PID 1716 wrote to memory of 1292	1716	chrome.exe	79
PID 1716 wrote to memory of 1292	1716	chrome.exe	79
PID 1716 wrote to memory of 1292	1716	chrome.exe	79
PID 1716 wrote to memory of 1292	1716	chrome.exe	79
PID 1716 wrote to memory of 1292	1716	chrome.exe	79
PID 1716 wrote to memory of 1292	1716	chrome.exe	79
PID 1716 wrote to memory of 1292	1716	chrome.exe	79
PID 1716 wrote to memory of 1292	1716	chrome.exe	79
PID 1716 wrote to memory of 1292	1716	chrome.exe	79
PID 1716 wrote to memory of 1292	1716	chrome.exe	79
PID 1716 wrote to memory of 1292	1716	chrome.exe	79
PID 1716 wrote to memory of 1292	1716	chrome.exe	79
PID 1716 wrote to memory of 1292	1716	chrome.exe	79
PID 1716 wrote to memory of 1292	1716	chrome.exe	79
PID 1716 wrote to memory of 1292	1716	chrome.exe	79
PID 1716 wrote to memory of 1292	1716	chrome.exe	79
PID 1716 wrote to memory of 1292	1716	chrome.exe	79

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://www.msn.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ff85dde9758,0x7ff85dde9768,0x7ff85dde9778
  2⤵
  PID:1352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1824 --field-trial-handle=1792,i,2956675294745471166,9025101663046980893,131072 /prefetch:8
  2⤵
  PID:4564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1580 --field-trial-handle=1792,i,2956675294745471166,9025101663046980893,131072 /prefetch:2
  2⤵
  PID:3556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2664 --field-trial-handle=1792,i,2956675294745471166,9025101663046980893,131072 /prefetch:1
  2⤵
  PID:2488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2644 --field-trial-handle=1792,i,2956675294745471166,9025101663046980893,131072 /prefetch:1
  2⤵
  PID:696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1956 --field-trial-handle=1792,i,2956675294745471166,9025101663046980893,131072 /prefetch:8
  2⤵
  PID:1292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4388 --field-trial-handle=1792,i,2956675294745471166,9025101663046980893,131072 /prefetch:1
  2⤵
  PID:2496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=5012 --field-trial-handle=1792,i,2956675294745471166,9025101663046980893,131072 /prefetch:1
  2⤵
  PID:2836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5076 --field-trial-handle=1792,i,2956675294745471166,9025101663046980893,131072 /prefetch:1
  2⤵
  PID:2068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4420 --field-trial-handle=1792,i,2956675294745471166,9025101663046980893,131072 /prefetch:1
  2⤵
  PID:1872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4916 --field-trial-handle=1792,i,2956675294745471166,9025101663046980893,131072 /prefetch:8
  2⤵
  PID:2020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5356 --field-trial-handle=1792,i,2956675294745471166,9025101663046980893,131072 /prefetch:8
  2⤵
  PID:4804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5432 --field-trial-handle=1792,i,2956675294745471166,9025101663046980893,131072 /prefetch:8
  2⤵
  PID:4596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4716 --field-trial-handle=1792,i,2956675294745471166,9025101663046980893,131072 /prefetch:1
  2⤵
  PID:1712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5432 --field-trial-handle=1792,i,2956675294745471166,9025101663046980893,131072 /prefetch:8
  2⤵
  PID:2836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5372 --field-trial-handle=1792,i,2956675294745471166,9025101663046980893,131072 /prefetch:8
  2⤵
  PID:980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3648 --field-trial-handle=1792,i,2956675294745471166,9025101663046980893,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4840

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3080

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x3c4
1⤵
PID:4040

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
ae858e2f2f1ce8801ef774abe3ec980d

SHA1
888502e3c2864a015cbb8dba8acceafac5f513bf

SHA256
c516fff08b6af987bd03dda2729cf30082030a4472cf62b6fb1db7c9e27dfb6a

SHA512
0d9e05927d515f9807a5bea02ea6bacc74c97f29f5871baf470266d139eaa0712034cc06515279b49663b30b0892d9878c928570c0c99144dbe2b013ecc013af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
8de5b36bb794375ff0a00c5be8d6f05f

SHA1
e369a53a912eecbda5a72f562b797ab85e2ac710

SHA256
98c56f949f972354e6cce407d93cbef7171175f323f179224a107b2172f23c97

SHA512
310daa665d9cbf5fd344abf69daedfdbf674badf61f466882cd017998f09acd544b25efaecf1425a3d50dbdbaf91f8cf8fa8a6bfe7e7462817f019076c666b29

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
270b7d8521b57328ce6911e88a7195c7

SHA1
706a5e3b0ae06343e8d33d6ce57e4a4e6baf7b70

SHA256
ee2730e2a1e56c04b160a5e0fd9a169bb8c206ea3509760da7c2e84df2ea790c

SHA512
62fc50ddb8ae18a426d86b39d2f334d3634c369af790c70508022e0759cfd6eeba951951e1f1036b55ed5fc6f633cda95ec9b60a01357ce0bc8c65617e31aacf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
2072740a24fb7783d4c90ded600e4d99

SHA1
f7f5475bfdbdb5c13252cda2269e481d12d02037

SHA256
7554b684e2245bfac9a743abc21030a673d3c5be0b271fa6df429604373bbef7

SHA512
36169879de6667f37b9a9c4080520083b19b6ffbd40bef541a73eadec60771f22c1f45feeaff1b8047a2f175a51b8ef157e758ab706b579e7a61ceb198d8d09f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ad6097a30311c64fc6a02ba801d56e41

SHA1
f52214e749e829729b6cc9019d11c983c824fbfa

SHA256
c1bec9bbda9c463ba3172edae30fa565a31b3889d83bfaeeb32a78f0fe7a65be

SHA512
3b6143c95f41d3c87c1ac12043fcfbabc1cbc02b0e0f929d54e7b216c6b9bd0a97695a05909f75e9b510cbe3e5fe39605bdcaea0b3a325dfcca0a5e81104858f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
4bf06208edb50b3d576a8fdb61e8c64e

SHA1
496d36c5b660484d7b82bedd4fdfbc988e71f121

SHA256
50fece125198ba9da15ec29a3e3566808994e3607603dbe3de44c949a343d9e8

SHA512
b62a1ddbe396e9fe9aa37502af30c88a1a3f9f82eca17630b180242a6bbcef7aad60ebebce391e6ac0e9fafd697066aa40c6676a675dd99810b9ad47eba0e434

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
e65dcd8319c6d9ea15c0421d356347c5

SHA1
3a71f8ada3fb1374b6628b256ff3f30f200b5b89

SHA256
a82e67b9d21204f113b9d64eb1112f7134d034c1dd0cf87ccc9b0f26973f482b

SHA512
2e1a70cd76ac629e5e19ae589b1225e3415abffedd9c8f85fc0e6f96dca8b83692225a92089ca50508842b5cf1fda4a3d2a054f420c85b0c86a3d42b34c1e8bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
1cff55bf2922615751d5866d5c860bca

SHA1
12214c868c832bc887b8dea05155b65e80186ea9

SHA256
01ea1fc1044e54726ce76623feff2eef820e8949f2b51821412cb3994caac1dd

SHA512
3ab2f14f96583fd80e47140782ac582d542ffe3c467a84b501f112690e389846ba89f1c4d33e575bfc1fe1424b96ceb283fa6edc205aa1920179c934c336883d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c1eb0cde2406b6af565f825dcd492589d40ab644\cc1d0a16-328b-4498-ab35-5e7172258835\index-dir\the-real-index

Filesize
5KB

MD5
085c669d01f22406b98f423e013306c4

SHA1
6869eabb80fc51ac860d60ea93a576cf0c4485ad

SHA256
b38a4ad4d2cb2c189a13af83874a789577fcebab3871e7ff33cc067a6fa6eba6

SHA512
878f99c705be2128fdd82b1572ceb5a836979bef3b286f3640915eeb25ce5fad6aa6840ff660a97e81e84af655d83b1260b264f32229678915520c218a6e5cf3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c1eb0cde2406b6af565f825dcd492589d40ab644\cc1d0a16-328b-4498-ab35-5e7172258835\index-dir\the-real-index~RFe58877b.TMP

Filesize
48B

MD5
fff761c2d0b16f1f11bdfa83f0127d4b

SHA1
c5b2714d51851abba80981addaeb38716edde9b1

SHA256
c0dedf2882fda9c086898c2f957faeb69ee5399697b53938fc16648822ff548f

SHA512
930de886f296a8791f39dd6e37d8b0f51d31d65bf06f1e3c4473d217bec300d3259bbfbe3bd412faa7f0f32e950242daa413c28e345e51211ed93a080f95dfcc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c1eb0cde2406b6af565f825dcd492589d40ab644\index.txt

Filesize
115B

MD5
0fc9945535616c13abe8c1bf95cdeeba

SHA1
664e8a540c8f8a34783fa03d0d44b06b4ab6b39d

SHA256
9e7f8b22f73b05ed940ffba0c06cfb255cfed0b0736e8c96a1eb2b456ef1675b

SHA512
31ba046f9298cdac3d258f803e143ee19f7306980a78e0c3bf3baa73cb0a42c397f2c7808727b19df465cbc5a048513687b4b7c684f6edc9bfe83169512c3ea0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c1eb0cde2406b6af565f825dcd492589d40ab644\index.txt~RFe5887a9.TMP

Filesize
119B

MD5
87fe45745fb678a0a81207657c936b72

SHA1
da1c4061017bc0363dedc976165f7ca711c05a7d

SHA256
fd5289576c1c1d3b5e08fd538a5ceedf7896bcf903de662490240d013eb2f8a6

SHA512
be01f4b967bfcbe9decc9c94171b5dc721e4c637b7db36790d23684085db9abba2fd441bc5f217b1b7ba161265e3e8ee5fc5e9c3fe4e00365c02e5dcf6a6e19c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
87f299b1226dd217fe702b50f3862238

SHA1
958cb890cfd889f678423260e42bf2cd8acf79ab

SHA256
e8d5e055bc3ebd196f843540bdb6e0503b7bc4b15d31162148da0b40e5da2c33

SHA512
e81d683c55fea2690243233bef76395454ee3897d09ea59252bf642acbefe20a10c7db0071804111a428111ac0ba519ff1287e41334177710e13daf2c5b28e04

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57ed8c.TMP

Filesize
48B

MD5
434c304f34a828b708e80fae936c3ce5

SHA1
4af8c1b21271c1f8636b02ad1e06de6921b3f76c

SHA256
0bd7054e3a7b9acf96937581b81915b7e6d47f47ae82fc920611b7954e7cb1b0

SHA512
07c5618b1ce259b99648a8a96472b0bef9dd2dc604565a953e84237e515d9c32968a95f072add9298cfbe1e1ff147663dddfe226501a5038c7e915cb57395dca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
1250753351241d3cf6ff6bfbeaa79829

SHA1
30359dc9d626fd6124b5a90b500d19e27bac7582

SHA256
fff2452db18c204b18d4ead49cb91c1b90f61854f63ac33e40cd10906f9445cc

SHA512
3fc372b9703d497c92e3b4fd762086ab9cd39dc8a9be86e889b46f49808897b27a5dd35a068ad29a61aad66c46156dadcb7634b6d285612bd0b78f20892d4c6b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
150KB

MD5
50bacb0c927c4855f26a69cefd00f18c

SHA1
0b4bdcd436b825081ba019c48d77cf1308d0c531

SHA256
c89a4343dc36c18313688000fbf4743747c508fffd0299d16633ae96d74765d2

SHA512
d6f62011bf412658800b030ccf258a026865956e5c654be36436f397188add3b51bf4355e103b30311f68a0d29693daf6210bf9ddac143e978ae23e9aaaefaf4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
131KB

MD5
b941209e801096498beedc6837e7a375

SHA1
826496604d14aaca2522c0345dabf82068ffd06b

SHA256
e46297940e6497b2f80e42e7264c9156caf3b14b011e382681233f983015043d

SHA512
459c8b222e3cb113c18ca4c0e9cf4c5461c675b2b28390939ad8338170c9891039db349246e84ea6e07a1e7cedcd4f978dc7e2939315c1b921cf412ddd8aab21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
131KB

MD5
83df67a66f62597eecd94608f1ee4470

SHA1
45d554aab7360b24e51f9912adb2850f0bfcd904

SHA256
b6c57a2407b3f319767a785304035df5ba93592e2d0f1e2b9bb48ad7efffac7b

SHA512
bffdb6de57db0a3a277e6d74fb9b8bcd571f3066bf1d888caffbd4c3b3eb0f67dfc5ecdfe1dc599aa2b155bba8f0af907c5f0ebdb11005a0e8963c35410c173c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit