hxxps://youtu[.]be/4oATWyMMH4A?si=-jJ2StW4sF6twse5

Analysis

max time kernel
1800s
max time network
1685s
platform
windows10-2004_x64
resource
win10v2004-20240221-en
resource tags

arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
submitted
24/02/2024, 17:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://youtu.be/4oATWyMMH4A?si=-jJ2StW4sF6twse5

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133532695070817486"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-910440534-423636034-2318342392-1000\{E6A0CFC6-F97A-4B90-968B-BAD815E63458}	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2132	chrome.exe
2132	chrome.exe
4264	chrome.exe
4264	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: 33	4728	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	4728	AUDIODG.EXE
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe
Token: SeShutdownPrivilege	2132	chrome.exe
Token: SeCreatePagefilePrivilege	2132	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe
2132	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2132 wrote to memory of 3564	2132	chrome.exe	47
PID 2132 wrote to memory of 3564	2132	chrome.exe	47
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 220	2132	chrome.exe	89
PID 2132 wrote to memory of 4840	2132	chrome.exe	90
PID 2132 wrote to memory of 4840	2132	chrome.exe	90
PID 2132 wrote to memory of 804	2132	chrome.exe	91
PID 2132 wrote to memory of 804	2132	chrome.exe	91
PID 2132 wrote to memory of 804	2132	chrome.exe	91
PID 2132 wrote to memory of 804	2132	chrome.exe	91
PID 2132 wrote to memory of 804	2132	chrome.exe	91
PID 2132 wrote to memory of 804	2132	chrome.exe	91
PID 2132 wrote to memory of 804	2132	chrome.exe	91
PID 2132 wrote to memory of 804	2132	chrome.exe	91
PID 2132 wrote to memory of 804	2132	chrome.exe	91
PID 2132 wrote to memory of 804	2132	chrome.exe	91
PID 2132 wrote to memory of 804	2132	chrome.exe	91
PID 2132 wrote to memory of 804	2132	chrome.exe	91
PID 2132 wrote to memory of 804	2132	chrome.exe	91
PID 2132 wrote to memory of 804	2132	chrome.exe	91
PID 2132 wrote to memory of 804	2132	chrome.exe	91
PID 2132 wrote to memory of 804	2132	chrome.exe	91
PID 2132 wrote to memory of 804	2132	chrome.exe	91
PID 2132 wrote to memory of 804	2132	chrome.exe	91
PID 2132 wrote to memory of 804	2132	chrome.exe	91
PID 2132 wrote to memory of 804	2132	chrome.exe	91
PID 2132 wrote to memory of 804	2132	chrome.exe	91
PID 2132 wrote to memory of 804	2132	chrome.exe	91

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://youtu.be/4oATWyMMH4A?si=-jJ2StW4sF6twse5
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc08f19758,0x7ffc08f19768,0x7ffc08f19778
  2⤵
  PID:3564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1780 --field-trial-handle=1652,i,6632684109067055006,4171684925158436008,131072 /prefetch:2
  2⤵
  PID:220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=1652,i,6632684109067055006,4171684925158436008,131072 /prefetch:8
  2⤵
  PID:4840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2196 --field-trial-handle=1652,i,6632684109067055006,4171684925158436008,131072 /prefetch:8
  2⤵
  PID:804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3016 --field-trial-handle=1652,i,6632684109067055006,4171684925158436008,131072 /prefetch:1
  2⤵
  PID:4564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3032 --field-trial-handle=1652,i,6632684109067055006,4171684925158436008,131072 /prefetch:1
  2⤵
  PID:2952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4588 --field-trial-handle=1652,i,6632684109067055006,4171684925158436008,131072 /prefetch:1
  2⤵
  PID:3388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3436 --field-trial-handle=1652,i,6632684109067055006,4171684925158436008,131072 /prefetch:1
  2⤵
  PID:2532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4808 --field-trial-handle=1652,i,6632684109067055006,4171684925158436008,131072 /prefetch:8
  2⤵
  PID:4324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5172 --field-trial-handle=1652,i,6632684109067055006,4171684925158436008,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:2220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5748 --field-trial-handle=1652,i,6632684109067055006,4171684925158436008,131072 /prefetch:8
  2⤵
  PID:1828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5492 --field-trial-handle=1652,i,6632684109067055006,4171684925158436008,131072 /prefetch:8
  2⤵
  PID:4120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2372 --field-trial-handle=1652,i,6632684109067055006,4171684925158436008,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4264

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:5056

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4c8 0x514
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4728

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
528B

MD5
8c0e9d5872c9febf8a6a9f74ba7481d3

SHA1
7483cbac5823cae815c2e74972b503d524de0438

SHA256
ee05e3ff20f1e8f77473d726c0de3db0591c33322c7177edad663b5f0abe75ff

SHA512
c394d0a2b679f891509ef95d6d199c2578000f74e2e3c63b923751d4adda5e758e1c2e1d3c04b0568760a2b38bb056ba625a7b0a72fc799d6d01673dace0b695

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
abdc905b822564a17ab5c90a243d167d

SHA1
36f5ff862ddd61d7271cf4f8ce8021cef9d8345a

SHA256
b60458dab3968318e905271044a4c6e65202e3f39185b13bd77d998ac3b04c12

SHA512
52f5f262eda13e7bdbe27db857e0ce73c17cfd6fcc58a8f0a26b374df682cf5ebc7d7c7b498bb440fd81af3928a113e4159d750272c09985051415cacde52b30

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
646ec277337f9cecb1ec892322490535

SHA1
b67ac0fbc39925cb347401aa28055660b985ce03

SHA256
7cf89c3ffc270e40b1961c06a11d831cc6aa4948ca647a912a98531d81262bc8

SHA512
dc06512ba671763606653060c121c9e74dcd5d12a483fd7e2612c935631372fc8b7d736338f011885bf3886a770a663340a24f47260ca8eabedd179952c7e336

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
ab8e537dbefee1c2cc1c006d52e8e684

SHA1
3aa7038cf946fe57e26ffdffdbb87c39a6825e07

SHA256
656c195a0c666023b14c39175c0ebdaddcd3ea243c73180cc470e055131d3948

SHA512
aa00ed8a34eb0a6a4c59c6d7e4f64b9ef246ee9d4d34b3b5d4be96f87ccca80a4a7dec3ae4913f13840b367017f13f5780b8521bede33a0a1061f8b34eb9e52d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
e3917fbc6b3ca36e5073608dfb19bacd

SHA1
5b44beb3385be054a46cd08c7e1d4aec80afeb42

SHA256
f6e65d10d0fdd5d7122b87c97119a5f445766d50154f8650daab8bd629589652

SHA512
a626eb798c5dd21971433788ac6392dece3f5216b1a8fcacc809379034cdc67d96beccc1c21dddcf63e4a2d12befcada1f34b59e067529c28f0814798daf3a3f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
018fc5268b8f1af81a334df0b6be62bf

SHA1
5495117092aa7766732a5741855151a39de91f38

SHA256
e060f5d5c8adf4c1a75cdd5e50669492fa51c1e054d9997ba7722579553430c8

SHA512
1c8fcb38f09724c66b70aa26123dfa7321ebf847a8fe6390d67f7798eb5d741577d751ea709e41fa43de5f33ffc9a69c019cb881b6905d5487ad976c0884b3fc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
7941396ea45d46c04538359921b492c0

SHA1
30749d9b8efc44a420c49cecfbfca6737cbcecae

SHA256
f44a5722ca6b70844a7f8e3f71b5ae955b7ad99778b20301c59f7adf25884af1

SHA512
8e8e0b1036a594ec14556ae5f88025e60bbc08eea79ccee124e8ce9a4593c038e9a4b5c11d2ff030af9383de163e9983e9d78fc207b16c7ebf5960fc50b6fe8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
d7b3a1993bb68d26392ca378af260eec

SHA1
7347d947f593daa6a60496691435e422b26c223b

SHA256
752c02a7602bc4e26467809292338d6e20036be3f93f609cc21f7fad4a78698b

SHA512
161ea946b2d84dff63f94d323ff05f8002f675c2c6d1ca190f43122723a1593657bd9626ad22c3069f7504e20942a7d04020d7fa9c2fda21b2c4ac969be5ef9c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
cdd160bab116825e113b1cb4bb047b1f

SHA1
a5696635256c4056ba9d6c5e325950a515d27c7e

SHA256
5165bbba30c930071a581b113690f87d4bbe7eba600d2122f3b5fc2821251509

SHA512
92c1c5216f6868c6859c51e9d05deb07da9497eb8fcbd7bb239954f39fa91f290c3fafe93be3efd9c7b5e757230130c3920312bbd2339df9f0b553d3c2a8ce03

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ad5bb2b9bb83bb9ceb064f94c1db2880

SHA1
69a5ac7761f89c7edc48568022a4b664b04e8124

SHA256
de0dec2aa927345b1564bc5df561fa58402d70dc1bfe01431f3cd32c96b19f3e

SHA512
7b00c513dd968f6b19712ce43f03a4144cb596e82c19ab4c8c55c289d9b6b35700bd425dca8eccbfd3ca5e54a20dd2c683c964ed73533f6b8a16c4a39f4118df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
736ba0fb17bdddd34041d257835b26f3

SHA1
ece3eb969c45602fb55efd21271833b6177cd889

SHA256
e7fe4e17c918a54550201ebea6014cd844343c5c125c7bf770b0d500a2f4aa4a

SHA512
c96c2c4a2299778109019f45828dcb462e9d84036ebe9f1ffbc2bf1cad8fdcd5a267e846d5fd9848aae2df14da9f8f213a9f2f320e7d302bb40027ac2014aa4a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e2cbac47-5eb5-483b-889b-26c97d6bdac2\index-dir\the-real-index

Filesize
2KB

MD5
a43bfdac68e67c1e990469a0a53c5df1

SHA1
8ebb5c37c4a5774b0dbe286354ecb7dd141379f4

SHA256
4252df7c0c35ece5933bf64e55bd67659ff4ecb8169f3496f49f94024ecd449c

SHA512
fcd0855ea14c4c97db99d9235b7966278d7293ffec4719b59cce54d90bb530220867ed565a430f1398cabcf82f7a3fcad46480b6da5303237ef633476f6e335d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e2cbac47-5eb5-483b-889b-26c97d6bdac2\index-dir\the-real-index~RFe57a73c.TMP

Filesize
48B

MD5
52c5ed5832005375339afdbf42448685

SHA1
3520fc8a57d1bc2a9b7b1d8dde6eff1198c6bcfc

SHA256
9acbe10788e3323f450315403fe8502f53add5063f7ea7c21dc8393e3d9bdef3

SHA512
cd319f5d347d4f348798f0e1e84e2ac18ebc9790a5e45e5b4f9aeda7d4ca72a08192f8f1f3c70feb619f394881a7d9b625cd276f50273ece7a6e4de830de5b08

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
584886ef460ee4abfe8d4d8dc075bfdd

SHA1
61c3438a07febec0b7be3bcc85af426d59924dc5

SHA256
f8d1301820590fa7a7e4aadcba034f68d812f434822e2c77948ad9db6bc69414

SHA512
68651c95bf55c1d8a51956aae74f12fd410eedf53f0d19e72907729aa0b68f9fe8ffd487612bcfa5ee1276ddfdef18d10939b629fafa1542bf0e3d86a81af972

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
9a6aa173a40f0975aa546631676753b0

SHA1
4c60eb5ae0b07e483dc40548942089d733ee00ec

SHA256
bbdd7954a450c1c4d92cfa1363637361f8d703d719bbc0d11407fc8ff537fadb

SHA512
e8d5aac31acbf430166c0e2b820582282fde1d5d5eb8654b531da4e5f40c254890463c737154fe95a6a2e6bf48a80303d77adcc36792c2eb7ec49d4aa34cdfbc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
5713f3b1fe88c7af1ba49588fe0435be

SHA1
b223dd70ad8d62bc6be7bb6f65e894e8af0432d7

SHA256
6d2dc15d381b8efcebbcece59abde2a7276999c35cd94a7305eca1858042dd96

SHA512
96688f335c334ca7608c0fee76dd9c3577666546293404ad8950a25b44e3e11e67b60e653869753a5686f09325cada942f1b3aae919c0b47f85111b5a65e8d53

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe574d16.TMP

Filesize
119B

MD5
368598b36c803227fe2d1e63b678ab9a

SHA1
5a07302cbbc2f9d562bdf3dc4b574165ba31dc6e

SHA256
6d4c8fe8daa4d28014685f9161f815a18b6190648aad1d6420161b1873c55c6d

SHA512
1ea9e8f6273461c06f29df2822d39d1b9b1677d57223ce67fa55a3a5541388cf947f050177aa51dff3c51b04dfb01170b0baf5c9eebe20f5050dc9ff69616ccc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
55c91a1dd4e137f23ea8d2ea13f4b6e6

SHA1
1bf6db2930995f4c8fd91f4d911ff3203ef64ef9

SHA256
060c1b40e921a61c091930dcbb8d0ea9e418aa664fa143fa48b606b713f91a09

SHA512
ed84358d68b219393615b02d42175c21d97f522bac1337effecc71b07ca9dd808876458b4b0016809cf457e02d4a2980b94819c3166b8169b199f35f02ae410f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe579ba4.TMP

Filesize
48B

MD5
befa04c00d3742b3d966dc498af3900b

SHA1
4342eb1d2fd241dee8556c28928da61e208f0c40

SHA256
6076419bc17c7100383a0718bd22f11bdf196a16413980161d5d851730f9bc2a

SHA512
006708e26fed9750af68e8d5907c1e2cf223dd9035fa8488eb08b40c645ce3b73fb308ac00a71705216724e9d76e1d5e02dc02ad7def85e26115f2209d525b9d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
7f57c509f12aaae2c269646db7fde6e8

SHA1
969d8c0e3d9140f843f36ccf2974b112ad7afc07

SHA256
1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

SHA512
3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir2132_560156460\Shortcuts Menu Icons\0\512.png

Filesize
2KB

MD5
12a429f9782bcff446dc1089b68d44ee

SHA1
e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

SHA256
e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

SHA512
1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
f1f795213f5ea91f5f49e9117b1464dc

SHA1
4d9e75306cfff2f6d46c90242c9828613cde6bf1

SHA256
45fd1379f1a0ea95c287ad810a6a54edd17bc720700de69b3032bb3714e8e2d1

SHA512
06f433c4751d8778d86846d91a03280e4fd267df85d59aeb00e31e47f402b8f25646c7d34c9412f64bba836598239dd90ac676f06e31f2ff1dca4c9b55836a09

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit