e79735e48a7cdaaf0f91cffda247eea8a4bbebaf39aebccad54f4cf23b5e7f8a

Resubmissions

24-02-2024 22:11

240224-138lnagd71 7

24-02-2024 22:08

21-02-2024 02:15

21-02-2024 01:57

21-02-2024 01:53

Analysis

max time kernel
131s
max time network
99s
platform
windows10-1703_x64
resource
win10-20240221-en
resource tags

arch:x64arch:x86image:win10-20240221-enlocale:en-usos:windows10-1703-x64system
submitted
24-02-2024 22:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Myau-240105-cracked (1).jar
Size

1.6MB
MD5

9115e3db16b63fb1a254f3bd57ad5893
SHA1

9c32dfffb1582ad8df15f4464b0a246d81b06f48
SHA256

e79735e48a7cdaaf0f91cffda247eea8a4bbebaf39aebccad54f4cf23b5e7f8a
SHA512

9b6481c30f5a58cdfca9d1702e059a46dfcdcb5773f1f6ef7d324050f287bd503159f316e7b0cedc2fe396326fd9e57685627c8257f4248e5057c0bbac78f77d
SSDEEP

24576:V96G/x8Z/QUTbjvgizYcftFdGmDAhQW3ZV2gDSGuGqZBXOYS8flT6lqYI:V9xxOBPrgGfDfDAKW3ZV2FLbZBeNYB

Score

7^/10

discovery

Malware Config

Signatures

Modifies file permissions 1 TTPs 1 IoCs

discovery

File and Directory Permissions Modification

T1222

pid	Process
2092	icacls.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133532861759454533"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1888	chrome.exe
1888	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1504 wrote to memory of 2092	1504	java.exe	74
PID 1504 wrote to memory of 2092	1504	java.exe	74
PID 1888 wrote to memory of 2884	1888	chrome.exe	78
PID 1888 wrote to memory of 2884	1888	chrome.exe	78
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 1760	1888	chrome.exe	80
PID 1888 wrote to memory of 2212	1888	chrome.exe	84
PID 1888 wrote to memory of 2212	1888	chrome.exe	84
PID 1888 wrote to memory of 4484	1888	chrome.exe	81
PID 1888 wrote to memory of 4484	1888	chrome.exe	81
PID 1888 wrote to memory of 4484	1888	chrome.exe	81
PID 1888 wrote to memory of 4484	1888	chrome.exe	81
PID 1888 wrote to memory of 4484	1888	chrome.exe	81
PID 1888 wrote to memory of 4484	1888	chrome.exe	81
PID 1888 wrote to memory of 4484	1888	chrome.exe	81
PID 1888 wrote to memory of 4484	1888	chrome.exe	81
PID 1888 wrote to memory of 4484	1888	chrome.exe	81
PID 1888 wrote to memory of 4484	1888	chrome.exe	81
PID 1888 wrote to memory of 4484	1888	chrome.exe	81
PID 1888 wrote to memory of 4484	1888	chrome.exe	81
PID 1888 wrote to memory of 4484	1888	chrome.exe	81
PID 1888 wrote to memory of 4484	1888	chrome.exe	81
PID 1888 wrote to memory of 4484	1888	chrome.exe	81
PID 1888 wrote to memory of 4484	1888	chrome.exe	81
PID 1888 wrote to memory of 4484	1888	chrome.exe	81
PID 1888 wrote to memory of 4484	1888	chrome.exe	81
PID 1888 wrote to memory of 4484	1888	chrome.exe	81
PID 1888 wrote to memory of 4484	1888	chrome.exe	81

C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar "C:\Users\Admin\AppData\Local\Temp\Myau-240105-cracked (1).jar"
1⤵
- Suspicious use of WriteProcessMemory
PID:1504
- C:\Windows\system32\icacls.exe
  C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
  2⤵
  - Modifies file permissions
  PID:2092

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffca2529758,0x7ffca2529768,0x7ffca2529778
  2⤵
  PID:2884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1520 --field-trial-handle=1784,i,2813077583669382220,17882240581515818207,131072 /prefetch:2
  2⤵
  PID:1760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2096 --field-trial-handle=1784,i,2813077583669382220,17882240581515818207,131072 /prefetch:8
  2⤵
  PID:4484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2876 --field-trial-handle=1784,i,2813077583669382220,17882240581515818207,131072 /prefetch:1
  2⤵
  PID:4548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2868 --field-trial-handle=1784,i,2813077583669382220,17882240581515818207,131072 /prefetch:1
  2⤵
  PID:4408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1928 --field-trial-handle=1784,i,2813077583669382220,17882240581515818207,131072 /prefetch:8
  2⤵
  PID:2212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4492 --field-trial-handle=1784,i,2813077583669382220,17882240581515818207,131072 /prefetch:1
  2⤵
  PID:1528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4864 --field-trial-handle=1784,i,2813077583669382220,17882240581515818207,131072 /prefetch:8
  2⤵
  PID:416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5036 --field-trial-handle=1784,i,2813077583669382220,17882240581515818207,131072 /prefetch:8
  2⤵
  PID:4524
- C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
  "C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --reenable-autoupdates --system-level
  2⤵
  PID:2084
- - C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
    "C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff7881e7688,0x7ff7881e7698,0x7ff7881e76a8
    3⤵
    PID:2680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5176 --field-trial-handle=1784,i,2813077583669382220,17882240581515818207,131072 /prefetch:1
  2⤵
  PID:2964

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:5112

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

T1222

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp

Filesize
46B

MD5
28a43ed51375d948401cca8f3b29b7c6

SHA1
49783813537eb6aefc7e01c44b1459df154665a4

SHA256
d359a3e40bf551870aa749dc60f3b6b052b7e5f2a861ffe5756449a16207a8eb

SHA512
2bec9a16ee86c020df02207951d19b7fe8ce8b3486f9cefa6419c8a895194f5d5bc7f8c8c6ec8579d838e1b37b478eb1f5b026ae1a3e19e2475fd414c5f58625

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\56d7d33a-35b1-4a63-bae8-b74f58e86ba5.tmp

Filesize
5KB

MD5
c1c45aa60b2d1f1453fa134b1cee2165

SHA1
ef7bb058c843728158cd3e7c1fc9e15e8abe36db

SHA256
6b6dbe0c25334cbdce52f745d01de2cab2c078106c0f8521eda7ebae5d785c3b

SHA512
240debded74e63cc508d982aabcffe0423f17faf46a3ee6085a1ef82c69f9f77de0ac778a6f4e01aae72e4bab85575cffcd85c45c0a2475ed35e3c9b13b79644

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
195KB

MD5
873734b55d4c7d35a177c8318b0caec7

SHA1
469b913b09ea5b55e60098c95120cc9b935ddb28

SHA256
4ee3aa3dc43cb3ef3f6bfb91ed8214659e9c2600a45bee9728ebbcb6f33b088d

SHA512
24f05ed981e994475879ca2221b6948418c4412063b9c07f46b8de581047ddd5d73401562fa9ee54d4ce5f97a6288c54eac5de0ca29b1bb5797bdac5a1b30308

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
9270ca3f26e2a7334e181554267bf933

SHA1
0edaa6a24a77f14fb946118c06ef5803677d6726

SHA256
23fe0f169e91efb94173a60c7296a5e9098a3173a83641877d114f3141d41982

SHA512
796154c420009ba3679257ecc7d673d9d348ce2df6341a968c11e670c465348d43db931fdcaafb23e675373223d6b7050ad04017e06d4ee8a1598d5b53fa4712

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
b0c8654032922fcfcff22879a054460c

SHA1
200627b125fd3226eed39db42271a0beee7898ff

SHA256
8574c4a306dab651bb0b76fc5b6df523ac8fbc97f80b8ebbe01277377d810d54

SHA512
a6c1fe1fa9cb234e8e9d409854751d4ccd312f9f2270bbeb448a0cd9937cc586beccddd249be734c492d072d8525f5b5dd38d1a9491b4666e105d48d1a9ed510

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
2a2102c2f5dbe4be96d758518ace55ac

SHA1
800d113ae83e6a8f975f1a16d8f65482160abcf9

SHA256
1103da9b00c4319118b3a01fc85a1db21ad717ce40dfda90d639a80058ad661c

SHA512
6aa20b29acb646b29414e8fcd30008ae177c64cfcb85927b5ccc827f47327a4783a24aab36ccf9009544a0099341f5277e3535b753229808bfa87fb59c2d0b96

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
d0c1e3004f8d5223a4289536cc289bdd

SHA1
5c69728b11f193e29fe8089efb2fa922dfea5fee

SHA256
5ce04868431bf6b1021279bf6a3c42dbf5ba02579443f3d90c9b6e425ae585c3

SHA512
520091b2b3f55edd19d95aff4b43bac73d1a792c681b812bee3cb4f7e098bf6397d6f797d977e5c063bb14da42ee037b2fa68a4530ea56c4062bae2b263790f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
365B

MD5
f36d593f68e36002b8301f2229121452

SHA1
693e6e3053de9662ffd15ed07545b04dac367af7

SHA256
7175a9d5d943841334c490b0b0f5bb203743e558d59a73c7bf82d45f051185b1

SHA512
8bdcbc41ec0fbad302a06114ac765f913a9dc94c987bbae7e9c5e186c002a9d8aef0209302353685eb9e5605faf3153aeea68a2f1f7bbc26599a57d1a6094364

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
365B

MD5
5f6c3f5714f86fb30d93ba0263f3219f

SHA1
4064e88b7fb4b32c3656d2ea18143c7d7bf44221

SHA256
d2fe84401069cfa31052b205a21a5c231c76a8ed244106759704c1c33a155f93

SHA512
cf6917ecb9557ad530df841160670696faf7795b64f03749064716ff2147f60b7aaf513aa95da56ec6c097cc2cc53d06441a25e3f1766d7aa5a82fe1408c057c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
99269823a06f60a3718b1d979e6202d6

SHA1
b28ee0f33075c075e2c0dc03bc45cd23d2fa751a

SHA256
78322f932e9959c51b5f3450fcbbe1556a79471d3bf3e1f5176745be5d8ce5a3

SHA512
dfac899c2f34aa8b000131f8614c8f35a2d3860e7091475328ec4daa059816b1b085f87a3a74c4d24a96e7279acef0aeb6772e490b5bfe1559fbf310326fc9b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
be9ef198877e6e606d7147bf91be1d6f

SHA1
7d867f1627b46b89701f1a45289d3ab32300cc31

SHA256
51a8d712939b1e2817f934dc275e54fc06ec28495add1890029820065613374d

SHA512
994e516df98e305ae1157e23b2d54edbe19fbb3f4a5ef27e92eaad619b92da0e2fdca7f5ff629c5f5f17048cce1d494581135acac5675e55dd4ef1cd9e409ea9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
9c4916483fb16e9caf12e3669aac54b9

SHA1
b2cef2fb1346c78d0c3b734da2b455af337e2a68

SHA256
b2840635640704900b0981d3233be624177a16d5d9ffac78916b4bb728d38bdb

SHA512
1f5bae635e5ec8c1c494c0020b0867cd402c29fc6e1e7772bad4c222c2dd7baa1fe5295492a9662d9bf9feaea630eb202bb6600dec13817aec2cf1c7c5d8541a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
bce69b19da08f76e5c33867eb2db9e46

SHA1
a18c2e9fb6272cd645655a05310d30fb7b206fe5

SHA256
3bb3c633a27dd2a8d71af1d1a0d32b52576a500262660d2e9947b648a7d80482

SHA512
c40622bf52709a7101e6755e851f5234322650aa5b0209738e6bef01256fb83c82297f6f295bdfded9196e67277e7f399c789befb21b7f9d1bc3d67d037cf1b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
257KB

MD5
f6ed5677fa8134d781d4758c6b70ed2d

SHA1
d75bacf5af41dfed87524baffd5457a313770b96

SHA256
8b3ef6aab6de208af59ec11a27795c142f3136997770eab4ab61cb4f0a721504

SHA512
671c149000f87c3e91f50b09359089972de9ae1793eb080f21376c8717e68e3687f0e011adcd941bb662eb79570d4e2690aa3a99162542bb8fb925c1009bf513

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
257KB

MD5
38b8875e67b333cd7e9ad2c4e873c73c

SHA1
4bbb9d38a077a91cbbe007d08fbd1000183d5228

SHA256
0188092a112291a21f0dd108ddf3e182f5dc063fe2b124498f8389820e06965b

SHA512
70a932a37b69540cdcf700ff1e7b374aa20e67402963cf7040b5fd536776254d9e51ab6de1c141b6ec34227b051f91ff3aa6843ba04a4e098843d36c8c3063dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
de1342219abc9ea6e233e48fa626a5f9

SHA1
87766b324e00f070974fe784bbf8abeae814624f

SHA256
a6c0b0e0602c8d8efa4afcc5f7900ea621d07f3297d645658eb1fe921216dd8a

SHA512
38a54df89ff8ec6003c5e18a6d9189b82cf260f43734ec72dc6f05bfb2cc39dcea7fc06d8b83a948d85dcd39d278e4b37334720d2229317d45ae56fe32f27703

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
memory/1504-5-0x000002B300000000-0x000002B301000000-memory.dmp

Filesize
16.0MB

Download
memory/1504-43-0x000002B300000000-0x000002B301000000-memory.dmp

Filesize
16.0MB

Download
memory/1504-11-0x000002B37B430000-0x000002B37B431000-memory.dmp

Filesize
4KB

Download