hxxps://cdn[.]discordapp[.]com/attachments/1144743418849939456/1211309816832729108/iniuriacrack_hackvshack[.]net[.]zip?ex=65edbb2d&is=65db462d&hm=faf57ca32ea98995a3bd2b3cb2ec04b373254d944136c108befde64058d40467&

Analysis

max time kernel
1803s
max time network
1700s
platform
windows11-21h2_x64
resource
win11-20240221-en
resource tags

arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
submitted
25/02/2024, 13:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://cdn.discordapp.com/attachments/1144743418849939456/1211309816832729108/iniuriacrack_hackvshack.net.zip?ex=65edbb2d&is=65db462d&hm=faf57ca32ea98995a3bd2b3cb2ec04b373254d944136c108befde64058d40467&

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133533444812802006"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1784	chrome.exe
1784	chrome.exe
3456	chrome.exe
3456	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe
Token: SeShutdownPrivilege	1784	chrome.exe
Token: SeCreatePagefilePrivilege	1784	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe
1784	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1784 wrote to memory of 2060	1784	chrome.exe	57
PID 1784 wrote to memory of 2060	1784	chrome.exe	57
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 4148	1784	chrome.exe	82
PID 1784 wrote to memory of 1152	1784	chrome.exe	83
PID 1784 wrote to memory of 1152	1784	chrome.exe	83
PID 1784 wrote to memory of 3620	1784	chrome.exe	84
PID 1784 wrote to memory of 3620	1784	chrome.exe	84
PID 1784 wrote to memory of 3620	1784	chrome.exe	84
PID 1784 wrote to memory of 3620	1784	chrome.exe	84
PID 1784 wrote to memory of 3620	1784	chrome.exe	84
PID 1784 wrote to memory of 3620	1784	chrome.exe	84
PID 1784 wrote to memory of 3620	1784	chrome.exe	84
PID 1784 wrote to memory of 3620	1784	chrome.exe	84
PID 1784 wrote to memory of 3620	1784	chrome.exe	84
PID 1784 wrote to memory of 3620	1784	chrome.exe	84
PID 1784 wrote to memory of 3620	1784	chrome.exe	84
PID 1784 wrote to memory of 3620	1784	chrome.exe	84
PID 1784 wrote to memory of 3620	1784	chrome.exe	84
PID 1784 wrote to memory of 3620	1784	chrome.exe	84
PID 1784 wrote to memory of 3620	1784	chrome.exe	84
PID 1784 wrote to memory of 3620	1784	chrome.exe	84
PID 1784 wrote to memory of 3620	1784	chrome.exe	84
PID 1784 wrote to memory of 3620	1784	chrome.exe	84
PID 1784 wrote to memory of 3620	1784	chrome.exe	84
PID 1784 wrote to memory of 3620	1784	chrome.exe	84
PID 1784 wrote to memory of 3620	1784	chrome.exe	84
PID 1784 wrote to memory of 3620	1784	chrome.exe	84

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://cdn.discordapp.com/attachments/1144743418849939456/1211309816832729108/iniuriacrack_hackvshack.net.zip?ex=65edbb2d&is=65db462d&hm=faf57ca32ea98995a3bd2b3cb2ec04b373254d944136c108befde64058d40467&
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff8c5c29758,0x7ff8c5c29768,0x7ff8c5c29778
  2⤵
  PID:2060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1664 --field-trial-handle=1780,i,2417734784851513072,10655988738644561130,131072 /prefetch:2
  2⤵
  PID:4148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1992 --field-trial-handle=1780,i,2417734784851513072,10655988738644561130,131072 /prefetch:8
  2⤵
  PID:1152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2156 --field-trial-handle=1780,i,2417734784851513072,10655988738644561130,131072 /prefetch:8
  2⤵
  PID:3620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2880 --field-trial-handle=1780,i,2417734784851513072,10655988738644561130,131072 /prefetch:1
  2⤵
  PID:792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2852 --field-trial-handle=1780,i,2417734784851513072,10655988738644561130,131072 /prefetch:1
  2⤵
  PID:4200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4532 --field-trial-handle=1780,i,2417734784851513072,10655988738644561130,131072 /prefetch:1
  2⤵
  PID:1580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3308 --field-trial-handle=1780,i,2417734784851513072,10655988738644561130,131072 /prefetch:1
  2⤵
  PID:2592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5044 --field-trial-handle=1780,i,2417734784851513072,10655988738644561130,131072 /prefetch:8
  2⤵
  PID:880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4668 --field-trial-handle=1780,i,2417734784851513072,10655988738644561130,131072 /prefetch:8
  2⤵
  PID:4064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4596 --field-trial-handle=1780,i,2417734784851513072,10655988738644561130,131072 /prefetch:1
  2⤵
  PID:1624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2260 --field-trial-handle=1780,i,2417734784851513072,10655988738644561130,131072 /prefetch:1
  2⤵
  PID:4016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2028 --field-trial-handle=1780,i,2417734784851513072,10655988738644561130,131072 /prefetch:1
  2⤵
  PID:2332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3064 --field-trial-handle=1780,i,2417734784851513072,10655988738644561130,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4692 --field-trial-handle=1780,i,2417734784851513072,10655988738644561130,131072 /prefetch:1
  2⤵
  PID:1468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4984 --field-trial-handle=1780,i,2417734784851513072,10655988738644561130,131072 /prefetch:1
  2⤵
  PID:3564

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2020

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
b8b706ee25442a9926206cdafcbd4f03

SHA1
89bb78fceeedafde670dfcd5dff791644af9b9ff

SHA256
24e3c4d4020677d2313a86883c962716bb93acb0b6fc21fb1ad2987e1c70eb8a

SHA512
f8f3882942d83d8b10afc2f2e52b53e358c5347726245213c09035659e8c5ff77607689a22ca648d019f688e7ce2d73975261db521a1636d4ceb8bf3e27391ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
d26a72af55d9d7e091728a382ba43590

SHA1
67bd1152d2803989195719cee9245d7e3e41262b

SHA256
73c08af23e04d13aa19d6ca3b167f1e975df3aecf4e73e04e1c2c0ba83068bbb

SHA512
bed8c37f7fb1124d5a03597863c703b3b374c1dd687cf9f2208b26a81b9713b49d7c18a182574aee9069f1e6fcef5111f89a140748e39319cbf46ab0e3e577e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
89a3972287b6b53dcfe1df5dd020f046

SHA1
794c9422f38a7f48daa14226df725e8dbf103bb1

SHA256
e181c3661ca6fff461593812c718cf5e1760ed208a3048c570060459d969cf8a

SHA512
3f50d3c7388b16884abd8ce1c20119d532b97f42f0112cb4f706acf8892acff6ed4bdbded47de7055b0e107e42376fda3f5c06f00c2359fb6fab62c425b4a7ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
012be91c4d31ce02220ad3ada7eed87d

SHA1
626458ce369b1f6743865c886822669853574416

SHA256
b84bbf0d0b859955da5c77c9c65abcf5693126a5502ac78ee3cc7f98f351fb5b

SHA512
e40cb2dc7081acc2163bc5b5584e2ad47cf326fc06117e2d8a4d075a7b332c608668a393f7ac81dd2e10f8d34f2aee170dd86f24ade5a80ba0e7043ed3cdc11b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
7cbaa2f2d8b52bb7f46b03639a4a378a

SHA1
4a3d50e66b0ceb39d1a7bd62b0314b5f46da8a34

SHA256
c2644010d7c30ac39db45fabfb809ece51e6eebb7e71e5933a59b6c9d03ba362

SHA512
426b5a0affc6096538906ce7bec9626f74d8a9a4c1ad747655b4c8c27146c53430741f6d5cad155119a3d4b282ccaba7ca26d1b2b077627ddfa1bcd193adb628

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
3c80ff0e0ffe10eed70fce598613191a

SHA1
e694a759caac1504c47b2e059c2cf042ce639668

SHA256
5ed0d88a629da5523fa17d30d6ac0c754cc0c5326e77317a65a1f6810f849ba0

SHA512
d2e8d269aa8fc0f7c6c62ee4b7e436d43debfcd19cbb4e10a9121b0e63cd63d475d8d257b61765e50ac3506e77af1d564b75b6e96d464285e144634f28a51461

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
85b0ccdb552a24ea965c4b19fc0d81a6

SHA1
26fdd90f1fcd6cc96781e316743463c49a4ddf98

SHA256
a4438aa2048bcc33c9010a67408871f65c4629e01ec372b0ba4def1540ad9533

SHA512
81fc950c1301b8cc6d2ae8b8d383d8304f6e2102787c849cff631c7f02f10af6bb2c30f360c655fac4aa23b23a1f4d67fa3b9400fd3d1e8fc1ff58deeb03b731

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
803435bce9785f1a8f315a66c252e0b5

SHA1
5393c71d221b86f1b2daff463ab3e7b448847914

SHA256
5bb58f602a7022c88c35c4a05769842e2f476581290d0f08b158907b9c1cd275

SHA512
cea6414353fae40f9b1d7853dd2be4746af16a24e2d8dc61765d0cfc5ef4aeb5c301bb9d40722ccf4ccd40c5ec370b9a34634e8ec0b8f9df29bd9277d340d97f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
943f351eb074f4979b49ca0eaaf61f90

SHA1
684f706dc896d6ac550c3f3a1540614b71ad9ad6

SHA256
888647e3b6fd6a7d64515fb8077e388a4820d41b05636b771e8371914dea7513

SHA512
5df9fa90db1b8dad58233df100824ce4569249fe6777001f1be09caae8b83476f41327d7f4402b979f1fa8f46a9e30c47e60d5f6a38dbcabe14da1e861e89ae9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit