2572fce89744f84948c341665a7310fba39089d08d2782ce492e2cccbf48a7b9

Analysis

max time kernel
109s
max time network
304s
platform
windows7_x64
resource
win7-20240221-es
resource tags

arch:x64arch:x86image:win7-20240221-eslocale:es-esos:windows7-x64systemwindows
submitted
24/02/2024, 03:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Ultimate.Chicken.Horse.v1.8.22/UltimateChickenHorse.exe
Size

638KB
MD5

631b9c0a6fe13d2abb1da6161b377f3c
SHA1

479a4292ec49d0658daa88c68f7986561e877b51
SHA256

39f0f137f1556a948ce436474186c76869e10b7674d431447e0ca9cd6b254abb
SHA512

917fc450260f865608e40b892c227f234cc6b56cb505ac53d167c5d250eb961db0cd949f67e046d8c28b75440bc2e6d54bb8386f4363a83f63c6e7f6390423f0
SSDEEP

6144:SpC62lkCMaZKKKKKKKKKKKpYn1u1hApmIK5gpOwOwfA9h9O:S4eCiYUA0zkO9/O

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2072	chrome.exe
2072	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2072 wrote to memory of 2728	2072	chrome.exe	30
PID 2072 wrote to memory of 2728	2072	chrome.exe	30
PID 2072 wrote to memory of 2728	2072	chrome.exe	30
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1824	2072	chrome.exe	32
PID 2072 wrote to memory of 1592	2072	chrome.exe	33
PID 2072 wrote to memory of 1592	2072	chrome.exe	33
PID 2072 wrote to memory of 1592	2072	chrome.exe	33
PID 2072 wrote to memory of 268	2072	chrome.exe	34
PID 2072 wrote to memory of 268	2072	chrome.exe	34
PID 2072 wrote to memory of 268	2072	chrome.exe	34
PID 2072 wrote to memory of 268	2072	chrome.exe	34
PID 2072 wrote to memory of 268	2072	chrome.exe	34
PID 2072 wrote to memory of 268	2072	chrome.exe	34
PID 2072 wrote to memory of 268	2072	chrome.exe	34
PID 2072 wrote to memory of 268	2072	chrome.exe	34
PID 2072 wrote to memory of 268	2072	chrome.exe	34
PID 2072 wrote to memory of 268	2072	chrome.exe	34
PID 2072 wrote to memory of 268	2072	chrome.exe	34
PID 2072 wrote to memory of 268	2072	chrome.exe	34
PID 2072 wrote to memory of 268	2072	chrome.exe	34
PID 2072 wrote to memory of 268	2072	chrome.exe	34
PID 2072 wrote to memory of 268	2072	chrome.exe	34
PID 2072 wrote to memory of 268	2072	chrome.exe	34
PID 2072 wrote to memory of 268	2072	chrome.exe	34
PID 2072 wrote to memory of 268	2072	chrome.exe	34
PID 2072 wrote to memory of 268	2072	chrome.exe	34

C:\Users\Admin\AppData\Local\Temp\Ultimate.Chicken.Horse.v1.8.22\UltimateChickenHorse.exe
"C:\Users\Admin\AppData\Local\Temp\Ultimate.Chicken.Horse.v1.8.22\UltimateChickenHorse.exe"
1⤵
PID:2288

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7639758,0x7fef7639768,0x7fef7639778
  2⤵
  PID:2728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1112 --field-trial-handle=1352,i,6470430136995489458,13534079038704199742,131072 /prefetch:2
  2⤵
  PID:1824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1496 --field-trial-handle=1352,i,6470430136995489458,13534079038704199742,131072 /prefetch:8
  2⤵
  PID:1592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1624 --field-trial-handle=1352,i,6470430136995489458,13534079038704199742,131072 /prefetch:8
  2⤵
  PID:268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2140 --field-trial-handle=1352,i,6470430136995489458,13534079038704199742,131072 /prefetch:1
  2⤵
  PID:1692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2148 --field-trial-handle=1352,i,6470430136995489458,13534079038704199742,131072 /prefetch:1
  2⤵
  PID:1868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1396 --field-trial-handle=1352,i,6470430136995489458,13534079038704199742,131072 /prefetch:2
  2⤵
  PID:2064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1296 --field-trial-handle=1352,i,6470430136995489458,13534079038704199742,131072 /prefetch:2
  2⤵
  PID:1628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3300 --field-trial-handle=1352,i,6470430136995489458,13534079038704199742,131072 /prefetch:1
  2⤵
  PID:956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3916 --field-trial-handle=1352,i,6470430136995489458,13534079038704199742,131072 /prefetch:8
  2⤵
  PID:1584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3940 --field-trial-handle=1352,i,6470430136995489458,13534079038704199742,131072 /prefetch:1
  2⤵
  PID:2832

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2032

C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
1⤵
PID:632

C:\Windows\System32\rundll32.exe
"C:\Windows\System32\rundll32.exe" C:\Windows\System32\shell32.dll,Control_RunDLL C:\Windows\System32\main.cpl
1⤵
PID:1720

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
PID:1704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7639758,0x7fef7639768,0x7fef7639778
  2⤵
  PID:1544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1196 --field-trial-handle=1228,i,17745115980880747870,13236365029199077624,131072 /prefetch:2
  2⤵
  PID:1808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1524 --field-trial-handle=1228,i,17745115980880747870,13236365029199077624,131072 /prefetch:8
  2⤵
  PID:2312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1632 --field-trial-handle=1228,i,17745115980880747870,13236365029199077624,131072 /prefetch:8
  2⤵
  PID:2904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2264 --field-trial-handle=1228,i,17745115980880747870,13236365029199077624,131072 /prefetch:1
  2⤵
  PID:3064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2272 --field-trial-handle=1228,i,17745115980880747870,13236365029199077624,131072 /prefetch:1
  2⤵
  PID:572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1424 --field-trial-handle=1228,i,17745115980880747870,13236365029199077624,131072 /prefetch:2
  2⤵
  PID:2472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1280 --field-trial-handle=1228,i,17745115980880747870,13236365029199077624,131072 /prefetch:1
  2⤵
  PID:2092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3728 --field-trial-handle=1228,i,17745115980880747870,13236365029199077624,131072 /prefetch:1
  2⤵
  PID:2488

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1800

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\39c830fd-d337-4237-9bad-63a1c26b70c7.tmp

Filesize
257KB

MD5
df291532a935dacbcc49f461b3fe664e

SHA1
88dd407b9639383b75ad5d1e67333db6ea1fd188

SHA256
301d21816bca7bda47b28f609915b2d0c68ac413f167ae7d116d9cd44ab27fc4

SHA512
e8f149d46315eb8875eeed31ede22a66f166bb39addfd2c569acc412106c50ed18697c9e9d43dabe9286ae128b301ae591dd03eaae3391bb902fe4717c6c64c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
09ea9498251180a41e49a4f594da5470

SHA1
d4709c8b4142135ef2dcf5fecdaac7923c7b699e

SHA256
ded856db5e621b82345672d4a6f578d4af29ed548e2964e8d7aef1dd7c3f0fed

SHA512
6e8adb3706e9703c92583aaf1d26041213989fe0ab33c13bf10044ca82f38b221fd42b39286eeefefe7739d4b1d66eb249eca3746fc50baa72a0e9f811097043

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
05383d9c111e21db5bdc6ccb5ae602e9

SHA1
9674648a0d8f70df26a76d6b7c6af13716d2eb78

SHA256
7f127beb3941f0ff45c60669cbcf0cabc81f892cafb47869784f9538b07ddded

SHA512
0b9dc5df615889a20e3b419be76cdb45447f4e3f64d1b7edcf31f3f7faab4f15cb319eda79eb401c7e7c01422d395a1b8e84a650312fee5490aef5823a7da3fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
a50b2c05e4eba11251fb7d933a906436

SHA1
d3acb349489152a92385f5b2cb2cd9682b527dc6

SHA256
1bc30e854d68c0a1195c2cc421387daacee9c84bcf26ac2686fc2d6f5ee83abf

SHA512
e2c12109c5d943d8818ff02571be26da01c9655968fd6c93c46f6681ccec913b36942ec4e47da2cea9cc0c3cc415ddfb0617f6239debfd3f250605ed387d6376

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
55c1dd8240457c56907255cd086a7bf3

SHA1
4cec7f24361ac554e8a521bb3b067973c68986f0

SHA256
f290f03028d8897ed18c6bcf59699a8d682706ffdcb617c10697872e7282c617

SHA512
9c2470a458b8ddd2e04a0ff0626e47dcd1baf3212538f5dcc4d7640d04707fc29f5e9ac91db5bb6622a5c50138930e3a80cfcb3cbd82a703232b603de61eedd1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
3.3MB

MD5
873e72b5ca768ddd8c5eecfd46e805f1

SHA1
0e175de48b068eacc12da2a78b41c434d89f7679

SHA256
3ff05ad3c3b5b94eb80dce228ff4f89a60b460200e0e8da8e4295c6c4344b864

SHA512
5433a679ff8a9fcc96d709ce18f225d10904e9275de7fa22303ffcdb78bbead6929bd734b2a13bd0785710996c6571e14472e51b0dff63a18ea9d5e4200a6cde

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
195KB

MD5
873734b55d4c7d35a177c8318b0caec7

SHA1
469b913b09ea5b55e60098c95120cc9b935ddb28

SHA256
4ee3aa3dc43cb3ef3f6bfb91ed8214659e9c2600a45bee9728ebbcb6f33b088d

SHA512
24f05ed981e994475879ca2221b6948418c4412063b9c07f46b8de581047ddd5d73401562fa9ee54d4ce5f97a6288c54eac5de0ca29b1bb5797bdac5a1b30308

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
90ee92a92137545cf29a92656a91e421

SHA1
696f0974aa23dccb0a3648af4e4ddb5fa348cae2

SHA256
b972f96cd6ced00d66a8a2358a90fed21838c3ddc01cbfb5199d1b35276c61bc

SHA512
88d1efb93ad71f4304987402788e0e383566685398102111094be7777f14036822fb2fc4a585c94a2fa1d592246836e42e5764ff9b562fda2691443619505a8e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
fca4bd15a446e61ddf1106875c5ff1db

SHA1
3cf101009b61be2de3fa89c54a0bb1ce78fe0006

SHA256
a0065c6c3121f3440a50cb77168767c9868d2332f0432e8b2e2e761bf1bb37e0

SHA512
c1e6dc8f441fef915c5a076d7dd6544c2145537fdb5df7d5c39f5fd08e5be2801dde8ba95826854d6880e0bb9c3ec00ae58b9198eca8d7599b2b0d6d7aa5145d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
dd2679dc820056887bceb7b0350aef7d

SHA1
4f90e62a4d4c1ea9b17cfefd577baa0240cce456

SHA256
a22239571607853a73aa5f2b05c8e09e86dc5e46de431bf7da84d0c9e16def68

SHA512
4350e0951fc5505a7bcbef8a67b7172cdf3f5ddedb8aa423248a0cb411fc1c660e7d819c6a9a939a1820bf27f8e9b774ebcfe77cef9a50ca7dd0449e17bd981c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
bae0770abe63aae6d4187a00aabf7958

SHA1
03ef5afde350619ec9449860a7db1981f13271a6

SHA256
78235b74ee192c66be55687c3c9e379558b8d17aca84672e46cb2ebb4f91c53b

SHA512
55723dba183293ac2fb95afdc1320c729afff22fa0a2d9e8b10e713c7626d30f89fd0e5e0044f467e3d4a9f8c4bf8be29b792da8594a36d5afae7bc74a0ccf6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
56ecbf1ffe23280ab037fb9acbf38fb6

SHA1
df2d7f1cb25eda245c2dfcd8b18d9aa976eaf2c6

SHA256
7697a64bf41de8b5442d20ad03f31d5de132bc3c12afe749f1b804b6dc6cff2e

SHA512
2f89b048c28bd3510cd7edc52643576b72e9ed94070244a2d48fc1b10c830a1fd03a070a37ae06cccbb2c831ce25daa4cb15474c2e4fe603512a38b88fa49438

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\000009.dbtmp

Filesize
16B

MD5
979c29c2917bed63ccf520ece1d18cda

SHA1
65cd81cdce0be04c74222b54d0881d3fdfe4736c

SHA256
b3524365a633ee6d1fa9953638d2867946c515218c497a5ec2dbef7dc44a7c53

SHA512
e38f694fd6ab9f678ae156528230d7a8bfb7b59a13b227f59f9c38ab5617db11ebb6be1276323a905d09c4066a3fe820cf58077ab48bf201f3c467a98516ee7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

Filesize
136B

MD5
6ce90ea77802e4b3d927f2c07be5c427

SHA1
898c5742ce831499de9107b2e639573648e5dec0

SHA256
103291e2517074f98b7e91c793b64a960cd35b2c4158e06e57cefa825e5b6095

SHA512
f480a3e7ef97600cef946e61cdb1f7212da6c8628578660f842c6d4a915d60f0868d848dee2fe9cf4459569a026dca4d007418c7390e238e7e3f1702d5a359c6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-000007

Filesize
50B

MD5
1be22f40a06c4e7348f4e7eaf40634a9

SHA1
8205ec74cd32ef63b1cc274181a74b95eedf86df

SHA256
45a28788cde0d2a0232d19c391eae45777fe640790ac0674d6daa5672c444691

SHA512
b8f6f42d375e3ad8015d744fa2814994fa6e588b41cce0131fca48194dd40146b08169a8ce0da350525ff32a59a16edb503c72e0f07254955c82a0d38074856e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

Filesize
20KB

MD5
7490e697bfef73914a1551c9ff896c86

SHA1
3dcad990e6295107cdd4ab58a539e0082deaf285

SHA256
415b818011e714c115440aac9e444ba8e911d01d0add87a03561dd7a5ce96110

SHA512
ac88865059af28edba4dea8ce3c2f5f6c9634af6e6fd6d91109bd09c5b62f0bc94f254ced09d16ca019ab6db5cb3adefe048bdc491c02f425af2abf6469f4780

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
351e4ab0598f60caa24ff359e20900bc

SHA1
facdef535aa2d5904f1a01d5f4300a725c4e39e3

SHA256
91bd8d5cfebc56b6bc73dbe0bd01a50b808c1e5e42cbed8964a228551082e449

SHA512
f74ff7056373cca7894d554b083ff9124cae5edb28e3214995a79077bbd32e00eb5d7e4a8cd0364e6dde7162d68f4972d74dca6a8ef65a69fb040cefdbf4e06d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
148KB

MD5
479fff9704dcbd76b86bfd33e2c838ff

SHA1
ab68a1c0f56cd9ed83348fae1817802a04304f32

SHA256
132ca9aeea22aa7e0e84c23575cfa3682ad67087265cf6caabd4f6ab291b0eaa

SHA512
53ddbc038f6f876d0aba768cb38565bd34257440d768a934c0e24e3e2c7f0d5bb090872b08a871bab5ef6f932616405bca54b7449b803054376d3f8e41b04413

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000007.log

Filesize
278B

MD5
1505631f4d60598cba7b4c94fe4cffea

SHA1
e18c8fc73e3649156dac36e82b44d5e55910b7fc

SHA256
626d4e231673958b35f62c7fbef79a270ac681a8eecf42a2f6c76eff1433f94b

SHA512
e6ec84698d07c40b0d81fe400bd88db5291ffdf4175200aebdfb597d5761382cf6fee760357212ab1cbbd5e33722dcedcfa8e2f35fbb47613d787f4624d0dba8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\CURRENT

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

Filesize
136B

MD5
57bbe9df7a643723b550e6a1b595d23e

SHA1
c8e4af8f3184ad734d54f8f04d71328b11967db9

SHA256
d4bf14b2e49c6b346a93fb7a777295dfc60e55f938c76509652896914632b13e

SHA512
f94d414181fab2d7391acc66d226400eb2fa87ffb566e6207fd101eb11294504c4ce17b59e730e92b81bed380e062353f762c1bc06c2a7f0299753330ecd2c7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\MANIFEST-000006

Filesize
50B

MD5
78c55e45e9d1dc2e44283cf45c66728a

SHA1
88e234d9f7a513c4806845ce5c07e0016cf13352

SHA256
7b69a2bee12703825dc20e7d07292125180b86685d2d1b9fd097df76fc6791ec

SHA512
f2ad4594024871286b98a94223b8e7155c7934ef4ebb55f25a4a485a059f75b572d21bc96e9b48ed394be8a41fe0208f7bfb6e28a79d75640c5b684f0c848fe3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

Filesize
20KB

MD5
818f97242d2016925668185f59092534

SHA1
5841b5bc34de479b53d86aa333fdcb603ca498b7

SHA256
142bc3185cce141a683e2f8e08d8c010544ca4ff2741177f0056ef0fc3519a5e

SHA512
9fc13ec592148c4f7931a21097fac5ed97b0deb018bff50e3dd500d056354d2a46196d8039fac3e376d57b3d71b626bb6e7affddce8f20436f78c518ddfdf74a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
20a6afd3fb4e0bd5ca5522c9d3c3ebb5

SHA1
275fb1f7206646c0173c8dc5e962cf3ef1f2b7e1

SHA256
77ad01bf4b060fad4a0534531aa97349546b315269b4ce2653ed4de6ece4b01c

SHA512
ab1540ce01657bc03e06319517ee6bada53140179a0ddf48d7bb3ff9a1891f31bc61453b1580365e2db1e3822f89e1a2165c14457f47121f70b0ce46b8ecd69e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
363B

MD5
29e0bcc4a45e0e7ae39260aec9aca470

SHA1
f4a1a1658d87819691ef1a64d08fa178692aa1ac

SHA256
51c37d96a86035ccdea664b31ad4e44edcd1ef70c265b0e95309b1f15bab11e0

SHA512
4764f8fc0a05e02553d2598ac5da1ca9c1c109faa6f59f599d88f8ddb35e2f4ab3bc5788b8e71e789d340ebfaad48246d741c1aa76aa76a523a5d060d08ce596

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
5368104a10a2b1edb233e9320ba74e29

SHA1
a4af89873f4310b125d314d8ba2f2d23edc8a727

SHA256
facacc5ee81d0830f5226d92978321e4ae138207faa359e17ecfbfd90e70496c

SHA512
74dc1baf4f4e07b6b27310bf06967eb1991829388b0523b3486a7138885e7ec8c20ac11c28469146dbb1949ec41a44ddbaa8b644909adf0cc66bf1439cb6baff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
a89705fefc7efc56638cbb14ebb1d1ee

SHA1
8b413769e182d06ea52ff9e3d70b351818fa56b7

SHA256
2f9181743a6a2a973875b51e29f99a14dca7a85aa554097a8c1c8eda0cf8615e

SHA512
86b2861521002bcbd94dccf719aa353f22d1113f40c0df999405a693df0d3dae774531a5aa7ea069c266924b3949f8be5e2527a82678f89634d2606aa7a79df5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
af30cbcb7e10d3012ffce708e9f89972

SHA1
f0c176e730d4243fbb57d4e600dd5932280b8478

SHA256
28bdb6324547af5bd8f2bd2f5bc12543343f55b7a6febd16e3a5c785acca929f

SHA512
093efda6ee1c6063ec4420621e7de6dc53fc0296315d8a19358785b5d20f623ab1d1324569c485181f7ab392074b53942b9b3c35890ca92eda8eaf83f4c0dc31

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
6d453e766b09cbe0e613a41c375fe285

SHA1
d5b9efec2acd873757ec5941a10b5a043abc3f0e

SHA256
bd00fcdc407ed88c2e29ed7473124dc95bd1d19ee78b4b3fb7292f6e88af6351

SHA512
dabd97a85864e9cb47e2f142813d26e537cb11a8c533f93c255ca2a57e36d6446725e96c04076cd4a13a0cff071d9ab03d46af37ffb15a5666472cec92770536

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
08e2dc666b96399e95eb6443d7007223

SHA1
a2609152e636b602e5437ca7f3a50b8a7fae941e

SHA256
0964c631b24a7acdc84a9f68ed0bbc5e38c893531d2fb722afdba666a04fa0d0

SHA512
5139af2ed8d6ac2da1bcf47bf00faf5723346c6dd0d92c3572e3934261c49c7a5c5ecc813fe78b96b7849767ea9b60b2be705f080152805819deaa2b28c0967f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
18a964f1d3a8f91708895fa9085aa51a

SHA1
f4b5b7501f68250dd20daf584515dbbbf5500940

SHA256
4a7032b0bb16d064187d2d4a3844bf21c48d4027a124f857966ed0bcb918075c

SHA512
7ae4e0eeab7160b4a42e9f323155f4a5a8b3e6da5e1b09087b2129c180afe155af62b53b81a98d8a98b74c7f410aaee0d85d1731bc6c95a0a82e04188fd9def3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000009.log

Filesize
973B

MD5
3ed58c481107ac0eb0ce2b08acfcda64

SHA1
8a6e27e6e3ecbbc8d419cf40cfb52c45eb8740f4

SHA256
6909088d088c93b282507eea011871bad19d6fbddf049a8cfa01ef919464f6ca

SHA512
c7aec1eb3fee203d1522e268ea63b28c75fea8ad7322c76798bd67a72242fb58a136d1c59cc59f10186df06f8b52517043233004d64e709d6650663504d36b21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

Filesize
247B

MD5
6b67367abb5922c649b47846fe0214c5

SHA1
12f7037994730cd24f1ad3232c0ced1c8f5c27ad

SHA256
0ee2c0ab8d57a9d954b3da1899180193b699c9b4fceba2ed44209ac2c58ee06c

SHA512
c82e7944f96208096e45eec335882c3ee4083904d47993e64947231a2a9462a9c9adce07a054a60a1ce22273cba957792fe0976af665b65f82afd40e84e98f55

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000007

Filesize
90B

MD5
b6d5d86412551e2d21c97af6f00d20c3

SHA1
543302ae0c758954e222399987bb5e364be89029

SHA256
e0b2fdc217d9c571a35f41c21ed2596309f3f00a7297a8d1ded05f54f0e68191

SHA512
5b56ae73a61add9e26f77d95c9b823f82a7fcdc75eed64b388fb4967f5c6c42cb0796b0b99dc25c89f38952786176c10d173dec7862a8a5ce5f820280f72d665

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13353220796187400

Filesize
3KB

MD5
38acb059ef4548edb9defb88f8c04fa7

SHA1
f4cc1dbaff58a27355cf6a7e6275e6aaf5b3a0cf

SHA256
f7bc95671bc7a64d6b1cc83465c06b680d8452fef1289277ac57b5a7d50ab77b

SHA512
cc86ee37d32617595df22efb36a60b9a75b101a88ec01561b2ca7e9ab8edbf32062636075a1808042cd190e24f1428c8a5580485e8255689f2aa591c141b7271

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000008.log

Filesize
72B

MD5
efe32c915630cd26de85993752b0c55c

SHA1
3b4dcd141fad38f3fac6b1d0173d121f786b5caa

SHA256
a392c05b0fa9a19355671ea78e109cfc8f5acb1155e81cc27dc7adaf70ace764

SHA512
9749a4792d03c66cc9ebde6ff11d826cae1e82c7fbd4250dfa0b1ef0052de8836af699dd994413ca36c1d655e55175d2546f86f81acf60a4e7cd164f85555d2d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
136B

MD5
9d9e51ede883138e6f355d95e59b59f7

SHA1
2c806c8a7a0acc71bd22fb8dec9be53c5b8cb637

SHA256
73e4b9dcf6b4f0118a3d84afef38d41d409f12b5b6aa20b43a7c2b5065970058

SHA512
dce2c3055006cb774a9b443cc1d967ba14855f9e025186b5240b2c86dea94bada9ffc3fbeeccd858b5b93880cc05b15a5c20bfa01d1e0a9d7f9309f9ea4879a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\MANIFEST-000007

Filesize
107B

MD5
22b937965712bdbc90f3c4e5cd2a8950

SHA1
25a5df32156e12134996410c5f7d9e59b1d6c155

SHA256
cad3bbec41899ea5205612fc1494fa7ba88847fb75437a2def22211a4003e2eb

SHA512
931427ad4609ab4ca12b2ee852d4965680f58602b00c182a2d340acf3163d888be6cfad87ca089f2b47929ddfa66be03ab13a6d24922397334d6997d4c8ede3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
136B

MD5
3d5a2eb1197d84957911649ae45e3493

SHA1
8b852ce64789b8b8a4f8cf9fcdbb2f61c6b14861

SHA256
c274c82062d5a05f0106df034390aa95d95c66dcb99c30d16e9bb89a40311e37

SHA512
56374332c2f5edfd05dd5bdaf2c55a1a9194ddf43451127376870b7350acb0943a121f0bed13f570e3b8e13c3c4f1e761a5095a00b1f4a579f5d3b304d957f88

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000007

Filesize
117B

MD5
2ac0494b5c4c6d605281ee87339a0cc7

SHA1
6ea0fd5480bd086ed4110d0622388574f0222666

SHA256
53161ecf97484ce07e22fbed3f642f3c1daec51a22b84be407522e5d38d2afbd

SHA512
77c6a0422b17b90dcc84094e184020613bfc7f71f07bb6fe15a68f48330e7b374c5228d65606341248983e3ec17c9b30a61e31ebdfac73f7e6abeb9d2b5f8f7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

Filesize
128KB

MD5
a93d5f8e873741f09643c43002d20759

SHA1
5b40f210c6960c22ad1d3ab532009168d98c7f8e

SHA256
2292ce5c7aa665ddc08815b53cd378dc181ba483eff797897491348a4d543bd9

SHA512
41fef78e29cd5e0d85c68142b28ecfab705e03f4b5151a8d296928159291b937866efcfcfdfc016b2b09a8574ea3d84797800857fcc0e41479a8c5d286b5ca95

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data

Filesize
92KB

MD5
dc92c84006a2b4cb933c62d16f349df7

SHA1
38671197983192240e6a153c1ea18b48fe1f26dc

SHA256
edc9fff4da4298e7c81fd13b1d83a04237fc18c8bb09b5c6bd5d9b92ff4170d0

SHA512
828c4623e261c3efd5cf3ddb28b9c267c80b3ebfee7c55602ca1c9d6541a15c41e14140567f6df0c5cf9d5cef59542bf9dbfa7d4d28c40af2d899cacf4cb3047

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000008.ldb

Filesize
485B

MD5
ab8326d481c9a99c917beeab3b8c5fd4

SHA1
030c32f25acd780ae8925702d2da2c6f723a3d15

SHA256
a257be95a137220f9328837d33af95b04abf702a75d372df185cf9429fb9d91f

SHA512
fd78d21e984305197475c459e3c3d73cb1bfe42aa984aa321fb8854bfddafb04c86b786cf752c274ca44eb0d3ac638cedf07444083734592d2ff917af1705705

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000009.log

Filesize
123B

MD5
73d8c07dd283c83c6cd59900fc3eb7a6

SHA1
fb92a2db4dfa7da66c1d32ef2c0e494da127dd09

SHA256
8b876d41e1ac6385d98ba8a3b4aeef9ce045fdde2018a223c41e681cc6badd19

SHA512
e8323b16b1a0bf1c0f73684f1762f81e0b0899cde75cd12fbe3e1c8a31acd953c5da8e07ce0611933eb4922d76d3deb4b0d514a1309341c36246da612c775550

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000010.dbtmp

Filesize
16B

MD5
60e3f691077715586b918375dd23c6b0

SHA1
476d3eab15649c40c6aebfb6ac2366db50283d1b

SHA256
e91d13722e31f9b06c5df3582cad1ea5b73547ce3dc08b12ed461f095aad48ee

SHA512
d1c146d27bbf19362d6571e2865bb472ce4fe43dc535305615d92d6a2366f98533747a8a70a578d1f00199f716a61ce39fac5cab9dd67e9c044bc49e7343130e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

Filesize
249B

MD5
5ce529d8088f31c1587d2bb497c35365

SHA1
67e31194719c765616e317a86abd2eabb97e492d

SHA256
028419a2cbbbb01cb520a1fda5d4a7a84f61a44f9787b39ed7d641510e128f0a

SHA512
4dbe356653124a0a03c3319624d3714856d286c6109b727c9da9e33b5be6b065460ec9500ad71465854e523878dd19f82138e63cf1f2b0cb688da55736cc5a8d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\MANIFEST-000007

Filesize
98B

MD5
1c0c23649f958fa25b0407c289db12da

SHA1
5f6b10cd5a39fe8c30353bcf4cd4e4a60ef35574

SHA256
d5134b804a775cfb79c6166d15b5721d38ffc2da11948a6c1263595d6c2941cf

SHA512
b691e882018833a108bd286bc76c55a140d00d5a266617a3a381af1ceff01aefaef17acef29d14dec931d7051455726cde8974cd04cc07302f1c3cc452fe2f52

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000008.ldb

Filesize
318B

MD5
071bffafe8a725296d88cc7690ce1519

SHA1
c13f9cfacf53e63c1552031e1ad27d8d589bbf15

SHA256
d5ce65b7d9dba19620c5c7cc6451c29ab059f8306d2581953345562f89ab220c

SHA512
be24f31f1581a48143cb591000a9c83549eb6d61a1117f962f192c697d12dec6de6acf120182b7c3c3105412882308924e52ba64063a9a4a3388891e85b5fe42

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000009.log

Filesize
34B

MD5
fe62c64b5b3d092170445d5f5230524e

SHA1
0e27b930da78fce26933c18129430816827b66d3

SHA256
1e1a9ca70503efd8c607f9bc7131f08aba0476d75f2586dadb4da5485a5315d4

SHA512
924daccfbfb0c0464b4c5fd769e01a8f2e96fe28b635aa27ab4cd91766b05b03bbf941af14c017436107673f01bad815ce1fac2a649e745c76b3c736994b4fd2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

Filesize
249B

MD5
0b1f73c6d871e7a429b241c893986559

SHA1
c48b8a9333494b05cae663be2a9d6a30064ec071

SHA256
d193ac590aaac32ea91fb120d3024277d184397d4cd2a8dcdc4cb8bdf12e4ed2

SHA512
c6e2e61d74a086c3311baaf9475f62b53c1f0dea927ffa5d5c54719842d3d3fdbfe20de06f4dfc9f7c93b2f1edf1bc02d0cc50aacd6f3d905a66167e81d066b7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\MANIFEST-000007

Filesize
118B

MD5
93c1b99a4b241cf35d8f30e5bae1df5b

SHA1
1abf5139d1ec1a99dedfdeec784e21d1ab91cbee

SHA256
71d685a0815d4448ed04900527d79e826049eb8d16d3ec6937905e4d29c2c310

SHA512
346563e4f19941faf9345b64069449527c023c6a11f9ba3bbdb62649dd050801e98b1170dfd897ac1c87bbbd1fe042f19a86c26c16ef2bc0acd88e1c5655d8df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
9eae63c7a967fc314dd311d9f46a45b7

SHA1
caba9c2c93acfe0b9ceb9ab19b992b0fc19c71cf

SHA256
4288925b0cf871c7458c22c46936efb0e903802feb991a0e1803be94ca6c251d

SHA512
bed924bff236bf5b6ce1df1db82e86c935e5830a20d9d24697efd82ca331e30604db8d04b0d692ec8541ec6deb2225bcc7d805b79f2db5726642198ecf6348b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
257KB

MD5
87f0e144ac494631a44144796df2f61f

SHA1
43dde3a6bf492bf38e052a863d3a9e2dfc0e35be

SHA256
f83b9a7ae6ce66cb97dff98917526273686899258e9af503916abc95c53c6688

SHA512
f7b3ff50be5ee141db7dde5db074543b8fbd7e94d38d8ff74de5eafd03ea2d15c97ce61399df7fe40994e41ab46d0d584c71454d1f5a0b6581144e1478f5e53e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
131KB

MD5
7c29645a8c1cde433670af771fe36699

SHA1
a79ad9ef153b0e559da176b650345c80ac4ead6e

SHA256
f29553b1316b48dc9f1df50db11e7ddba665094244a4b1667960a407b84105aa

SHA512
e441799bfbd9b75e6d945ea15c7138a2907f5b2ccec867f8c38e06b58ea15acf11575cc7a7f371baa23770452652abeb64060c1475507eed6228c23019644921

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
2aa38779d94273e654ec9a3bf4386200

SHA1
f7cbaf5cd139cd9da9a762a6daf20d899f6aa1a5

SHA256
acc2c5366f78cf0a8e0bd6372943a7eabb702212e5698fc0e16f81da366f675a

SHA512
db2add504ad9f0bd5ba6d34c1dd85277e871262dcc79a3e27470d014d1e45163bea878911822ba8ac690e042ff74ad959b269f2c621934abe1841d35a055b610

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
85B

MD5
bc6142469cd7dadf107be9ad87ea4753

SHA1
72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c

SHA256
b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557

SHA512
47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\df9ec071-ed32-4a4c-9056-17c575fb262d.tmp

Filesize
131KB

MD5
64feb2b9dd4edfa848067594f64d5342

SHA1
64726d039d0d5f5db36e6ab9b1252b0da5f79b33

SHA256
a577b6ccab96f7b102545635bdef0ece1b96ae31f861ece82ae3754627629733

SHA512
5a48691da4cb9dc7aae805c7f8b4ae85ba7b8252f291f821a0522fbbbaf51c59f7ff9b29d728c3621ed51fb565b1f9bbeee7792b16d0a938cb5734181ac7e528

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit