socelars | 447aa2f5e42261abf74c0dba5a5abde2563dd63a55a92e9926749df9746fe72a

Analysis

max time kernel
150s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
27-02-2024 06:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a86d2af2833f8cc15ad5bca904660fad.exe
Size

1.4MB
MD5

a86d2af2833f8cc15ad5bca904660fad
SHA1

27ac50bc1372142e8deb22b20935f3bde102e438
SHA256

447aa2f5e42261abf74c0dba5a5abde2563dd63a55a92e9926749df9746fe72a
SHA512

fb9dbf1fa528ec32cdeed109359b4fbea6bc3a4976cf08fd2fe9bb21a804f5ecb4d3b812be46bd362257aac1e5cb3824b8df7288792f0c3a0d3f5a0275d59ede
SSDEEP

24576:u8TJtpd95n1HCEei6gFT/L+V3F+kyRejskFL/whBZhnHo4Sad5RKrE0zudrPC6ew:tJtpx1iErFrLK3F7QojUnHo4Sa0rE0Y7

Score

10^/10

socelars spyware stealer

Malware Config

Signatures

Socelars
Socelars is an infostealer targeting browser cookies and credit card credentials.
stealer socelars
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Drops Chrome extension 1 IoCs

Processes:

a86d2af2833f8cc15ad5bca904660fad.exe

description	ioc	Process
File created	C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjkfjbddnkpfcflenfcleijhgaaiapaf\8.66.88_0\manifest.json	a86d2af2833f8cc15ad5bca904660fad.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

Processes:

flow	ioc
22	iplogger.org
21	iplogger.org

Looks up geolocation information via web service
Uses a legitimate geolocation service to find the infected system's geolocation info.
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 4 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

xcopy.exechrome.exe

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\Identifier	xcopy.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Kills process with taskkill 1 IoCs

evasion

Processes:

taskkill.exe

pid	Process
4680	taskkill.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exechrome.exe

pid	Process
4336	chrome.exe
4336	chrome.exe
2356	chrome.exe
2356	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

Processes:

chrome.exe

pid	Process
4336	chrome.exe
4336	chrome.exe
4336	chrome.exe
4336	chrome.exe
4336	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

a86d2af2833f8cc15ad5bca904660fad.exetaskkill.exechrome.exe

description	pid	Process
Token: SeCreateTokenPrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeAssignPrimaryTokenPrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeLockMemoryPrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeIncreaseQuotaPrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeMachineAccountPrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeTcbPrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeSecurityPrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeTakeOwnershipPrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeLoadDriverPrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeSystemProfilePrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeSystemtimePrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeProfSingleProcessPrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeIncBasePriorityPrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeCreatePagefilePrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeCreatePermanentPrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeBackupPrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeRestorePrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeShutdownPrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeDebugPrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeAuditPrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeSystemEnvironmentPrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeChangeNotifyPrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeRemoteShutdownPrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeUndockPrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeSyncAgentPrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeEnableDelegationPrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeManageVolumePrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeImpersonatePrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeCreateGlobalPrivilege	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: 31	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: 32	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: 33	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: 34	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: 35	4460	a86d2af2833f8cc15ad5bca904660fad.exe
Token: SeDebugPrivilege	4680	taskkill.exe
Token: SeShutdownPrivilege	4336	chrome.exe
Token: SeCreatePagefilePrivilege	4336	chrome.exe
Token: SeShutdownPrivilege	4336	chrome.exe
Token: SeCreatePagefilePrivilege	4336	chrome.exe
Token: SeShutdownPrivilege	4336	chrome.exe
Token: SeCreatePagefilePrivilege	4336	chrome.exe
Token: SeShutdownPrivilege	4336	chrome.exe
Token: SeCreatePagefilePrivilege	4336	chrome.exe
Token: SeShutdownPrivilege	4336	chrome.exe
Token: SeCreatePagefilePrivilege	4336	chrome.exe
Token: SeShutdownPrivilege	4336	chrome.exe
Token: SeCreatePagefilePrivilege	4336	chrome.exe
Token: SeShutdownPrivilege	4336	chrome.exe
Token: SeCreatePagefilePrivilege	4336	chrome.exe
Token: SeShutdownPrivilege	4336	chrome.exe
Token: SeCreatePagefilePrivilege	4336	chrome.exe
Token: SeShutdownPrivilege	4336	chrome.exe
Token: SeCreatePagefilePrivilege	4336	chrome.exe
Token: SeShutdownPrivilege	4336	chrome.exe
Token: SeCreatePagefilePrivilege	4336	chrome.exe
Token: SeShutdownPrivilege	4336	chrome.exe
Token: SeCreatePagefilePrivilege	4336	chrome.exe
Token: SeShutdownPrivilege	4336	chrome.exe
Token: SeCreatePagefilePrivilege	4336	chrome.exe
Token: SeShutdownPrivilege	4336	chrome.exe
Token: SeCreatePagefilePrivilege	4336	chrome.exe
Token: SeShutdownPrivilege	4336	chrome.exe
Token: SeCreatePagefilePrivilege	4336	chrome.exe
Token: SeShutdownPrivilege	4336	chrome.exe

Suspicious use of FindShellTrayWindow 2 IoCs

Processes:

chrome.exe

pid	Process
4336	chrome.exe
4336	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

a86d2af2833f8cc15ad5bca904660fad.execmd.exechrome.exe

description	pid	Process	procid_target
PID 4460 wrote to memory of 4696	4460	a86d2af2833f8cc15ad5bca904660fad.exe	87
PID 4460 wrote to memory of 4696	4460	a86d2af2833f8cc15ad5bca904660fad.exe	87
PID 4460 wrote to memory of 4696	4460	a86d2af2833f8cc15ad5bca904660fad.exe	87
PID 4696 wrote to memory of 4680	4696	cmd.exe	89
PID 4696 wrote to memory of 4680	4696	cmd.exe	89
PID 4696 wrote to memory of 4680	4696	cmd.exe	89
PID 4460 wrote to memory of 4720	4460	a86d2af2833f8cc15ad5bca904660fad.exe	91
PID 4460 wrote to memory of 4720	4460	a86d2af2833f8cc15ad5bca904660fad.exe	91
PID 4460 wrote to memory of 4720	4460	a86d2af2833f8cc15ad5bca904660fad.exe	91
PID 4460 wrote to memory of 4336	4460	a86d2af2833f8cc15ad5bca904660fad.exe	93
PID 4460 wrote to memory of 4336	4460	a86d2af2833f8cc15ad5bca904660fad.exe	93
PID 4336 wrote to memory of 2848	4336	chrome.exe	94
PID 4336 wrote to memory of 2848	4336	chrome.exe	94
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3816	4336	chrome.exe	97
PID 4336 wrote to memory of 3504	4336	chrome.exe	95
PID 4336 wrote to memory of 3504	4336	chrome.exe	95
PID 4336 wrote to memory of 2412	4336	chrome.exe	96
PID 4336 wrote to memory of 2412	4336	chrome.exe	96
PID 4336 wrote to memory of 2412	4336	chrome.exe	96
PID 4336 wrote to memory of 2412	4336	chrome.exe	96
PID 4336 wrote to memory of 2412	4336	chrome.exe	96
PID 4336 wrote to memory of 2412	4336	chrome.exe	96
PID 4336 wrote to memory of 2412	4336	chrome.exe	96
PID 4336 wrote to memory of 2412	4336	chrome.exe	96
PID 4336 wrote to memory of 2412	4336	chrome.exe	96
PID 4336 wrote to memory of 2412	4336	chrome.exe	96
PID 4336 wrote to memory of 2412	4336	chrome.exe	96

C:\Users\Admin\AppData\Local\Temp\a86d2af2833f8cc15ad5bca904660fad.exe
"C:\Users\Admin\AppData\Local\Temp\a86d2af2833f8cc15ad5bca904660fad.exe"
1⤵
- Drops Chrome extension
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:4460
- C:\Windows\SysWOW64\cmd.exe
  cmd.exe /c taskkill /f /im chrome.exe
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:4696
- - C:\Windows\SysWOW64\taskkill.exe
    taskkill /f /im chrome.exe
    3⤵
    - Kills process with taskkill
    - Suspicious use of AdjustPrivilegeToken
    PID:4680
- C:\Windows\SysWOW64\xcopy.exe
  xcopy "C:\Users\Admin\AppData\Local\Google\Chrome\User Data" "C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\" /s /e /y
  2⤵
  - Enumerates system info in registry
  PID:4720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --window-position=-50000,-50000 --user-data-dir="C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99" https://www.facebook.com/ https://www.facebook.com/pages/ https://secure.facebook.com/ads/manager/account_settings/account_billing/
  2⤵
  - Enumerates system info in registry
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:4336
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99 /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Crashpad --metrics-dir=C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99 --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x104,0x108,0x10c,0xe4,0x110,0x7ff85af79758,0x7ff85af79768,0x7ff85af79778
    3⤵
    PID:2848
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99" --mojo-platform-channel-handle=2148 --field-trial-handle=1928,i,11580424786895944813,13560673312748237191,131072 /prefetch:8
    3⤵
    PID:3504
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --user-data-dir="C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99" --mojo-platform-channel-handle=2260 --field-trial-handle=1928,i,11580424786895944813,13560673312748237191,131072 /prefetch:8
    3⤵
    PID:2412
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1704 --field-trial-handle=1928,i,11580424786895944813,13560673312748237191,131072 /prefetch:2
    3⤵
    PID:3816
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99" --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2988 --field-trial-handle=1928,i,11580424786895944813,13560673312748237191,131072 /prefetch:1
    3⤵
    PID:2616
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99" --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2980 --field-trial-handle=1928,i,11580424786895944813,13560673312748237191,131072 /prefetch:1
    3⤵
    PID:3472
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99" --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3524 --field-trial-handle=1928,i,11580424786895944813,13560673312748237191,131072 /prefetch:1
    3⤵
    PID:4992
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99" --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3408 --field-trial-handle=1928,i,11580424786895944813,13560673312748237191,131072 /prefetch:1
    3⤵
    PID:4484
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99" --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4860 --field-trial-handle=1928,i,11580424786895944813,13560673312748237191,131072 /prefetch:1
    3⤵
    PID:1428
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99" --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=972 --field-trial-handle=1928,i,11580424786895944813,13560673312748237191,131072 /prefetch:2
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:2356

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2548

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjkfjbddnkpfcflenfcleijhgaaiapaf\8.66.88_0\background.html

Filesize
786B

MD5
9ffe618d587a0685d80e9f8bb7d89d39

SHA1
8e9cae42c911027aafae56f9b1a16eb8dd7a739c

SHA256
a1064146f622fe68b94cd65a0e8f273b583449fbacfd6fd75fec1eaaf2ec8d6e

SHA512
a4e1f53d1e3bf0ff6893f188a510c6b3da37b99b52ddd560d4c90226cb14de6c9e311ee0a93192b1a26db2d76382eb2350dc30ab9db7cbd9ca0a80a507ea1a12

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjkfjbddnkpfcflenfcleijhgaaiapaf\8.66.88_0\icon.png

Filesize
6KB

MD5
c8d8c174df68910527edabe6b5278f06

SHA1
8ac53b3605fea693b59027b9b471202d150f266f

SHA256
9434dd7008059a60d6d5ced8c8a63ab5cae407e7152da98ca4dda408510f08f5

SHA512
d439e5124399d1901934319535b7156c0ca8d76b5aa4ddf1dd0b598d43582f6d23c16f96be74d3cd5fe764396da55ca51811d08695f356f12f7a8a71bcc7e45c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjkfjbddnkpfcflenfcleijhgaaiapaf\8.66.88_0\js\aes.js

Filesize
13KB

MD5
4ff108e4584780dce15d610c142c3e62

SHA1
77e4519962e2f6a9fc93342137dbb31c33b76b04

SHA256
fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a

SHA512
d6eee0fc02205a3422c16ad120cad8d871563d8fcd4bde924654eac5a37026726328f9a47240cf89ed6c9e93ba5f89c833e84e65eee7db2b4d7d1b4240deaef2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjkfjbddnkpfcflenfcleijhgaaiapaf\8.66.88_0\js\background.js

Filesize
15KB

MD5
c8e2b7ab8a063e9ee8c26201205d7681

SHA1
dbf9b0f5a55fa7585ddd6778127219cb37d56440

SHA256
02fe309331a8b9209bad7c8ac6033b61d8f1397a3dafff5a77ab538afc5388c5

SHA512
acb37020d685b70d69a04064f2cbd6086374943b2b3779938e88e771571abb4873648b6326dd89f2e6154bd30aeb15f0be536d671f7b5352d07f973b948caed4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjkfjbddnkpfcflenfcleijhgaaiapaf\8.66.88_0\js\content.js

Filesize
14KB

MD5
dd274022b4205b0da19d427b9ac176bf

SHA1
91ee7c40b55a1525438c2b1abe166d3cb862e5cb

SHA256
41e129bb90c2ac61da7dac92a908559448c6448ba698a450b6e7add9493739c6

SHA512
8ee074da689a7d90eca3c8242f7d16b0390b8c9b133d7bbdef77f8bf7f9a912e2d60b4a16f1c934f1bd38b380d6536c23b3a2f9939e31a8ef9f9c539573387b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjkfjbddnkpfcflenfcleijhgaaiapaf\8.66.88_0\js\jquery-3.3.1.min.js

Filesize
84KB

MD5
a09e13ee94d51c524b7e2a728c7d4039

SHA1
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae

SHA256
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

SHA512
f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjkfjbddnkpfcflenfcleijhgaaiapaf\8.66.88_0\js\mode-ecb.js

Filesize
604B

MD5
23231681d1c6f85fa32e725d6d63b19b

SHA1
f69315530b49ac743b0e012652a3a5efaed94f17

SHA256
03164b1ac43853fecdbf988ce900016fb174cf65b03e41c0a9a7bf3a95e8c26a

SHA512
36860113871707a08401f29ab2828545932e57a4ae99e727d8ca2a9f85518d3db3a4e5e4d46ac2b6ba09494fa9727c033d77c36c4bdc376ae048541222724bc2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjkfjbddnkpfcflenfcleijhgaaiapaf\8.66.88_0\js\pad-nopadding.js

Filesize
268B

MD5
0f26002ee3b4b4440e5949a969ea7503

SHA1
31fc518828fe4894e8077ec5686dce7b1ed281d7

SHA256
282308ebc3702c44129438f8299839ca4d392a0a09fdf0737f08ef1e4aff937d

SHA512
4290a1aee5601fcbf1eb2beec9b4924c30cd218e94ae099b87ba72c9a4fa077e39d218fc723b8465d259028a6961cc07c0cd6896aa2f67e83f833ca023a80b11

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjkfjbddnkpfcflenfcleijhgaaiapaf\8.66.88_0\manifest.json

Filesize
1KB

MD5
f0b8f439874eade31b42dad090126c3e

SHA1
9011bca518eeeba3ef292c257ff4b65cba20f8ce

SHA256
20d39e65b119ed47afd5942d2a67e5057e34e2aef144569796a19825fea4348e

SHA512
833e3e30f091b4e50364b10fc75258e8c647ddd3f32d473d1991beda0095827d02f010bf783c22d8f8a3fa1433b6b22400ad93dc34b0eb59a78e1e18e7d9b05f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
18KB

MD5
59249d6f9caaf8092b46764e9506fb11

SHA1
8aa99351f8d7ea605193b43f503ea695e322cd49

SHA256
b9a21d1681a83164b6eff319f0d830ef2bd4917abde00fa1f856a942b787510d

SHA512
d6458eb2ffdce2c983fca41f16b0e07400a1e42b1f225f41694e3d97d096b6288d45970c54213d38170db66624576fceb74a05721a1b7ad0a346aedf2139253f

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\CrashpadMetrics-active.pma

Filesize
1024KB

MD5
03c4f648043a88675a920425d824e1b3

SHA1
b98ce64ab5f7a187d19deb8f24ca4ab5d9720a6d

SHA256
f91dbb7c64b4582f529c968c480d2dce1c8727390482f31e4355a27bb3d9b450

SHA512
2473f21cf8747ec981db18fb42726c767bbcca8dd89fd05ffd2d844206a6e86da672967462ac714e6fb43cc84ac35fffcec7ddc43a9357c1f8ed9d14105e9192

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Crashpad\settings.dat

Filesize
40B

MD5
b605879e08d2c37a89e0a7cf9cebb008

SHA1
547075286a6e5e6a304912cef29adf2a5379458d

SHA256
2a7688cdba662e4017878b44e559b7bf4889f2b32ff1c6ed70e020a2738e662a

SHA512
f18fb8e2df93b18cb2359c651e1dbbaf73225ff16912cec7dda24ef3e82d921690aa0690ca493375536159d8aa9ab660e45e2abe4cdbeaaa368f6f69bc090fe0

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Affiliation Database

Filesize
32KB

MD5
69e3a8ecda716584cbd765e6a3ab429e

SHA1
f0897f3fa98f6e4863b84f007092ab843a645803

SHA256
e0c9f1494a417f356b611ec769b975a4552c4065b0bc2181954fcbb4b3dfa487

SHA512
bb78069c17196da2ce8546046d2c9d9f3796f39b9868b749ecada89445da7a03c9b54a00fcf34a23eb0514c871e026ac368795d2891bbf37e1dc5046c29beaaa

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
b3d844cb42b72d6a77452e4ae773a8b5

SHA1
1c0a5792d5c1c9a4231889c31cb40195cc491919

SHA256
455945ac42f47db8a33346a7b71734c3bae5ac52089bb74f0738094d9f4ea375

SHA512
b172bdc46550f1f669439048396be8f0672a8180bf14e9f1584d47dae60c6ab556e01f325d3cd2071692041d443a8bfbfbfe8f408ad7e503743d33cbe48935bb

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
54059fb9295839c759050a81b07991c1

SHA1
1d03826ffc5a53b49ce03036c0657ab25e5a752a

SHA256
cbaa16dd1dfa96efc45694a549c38f30a4f005cce20e257403a9199eb5036d7f

SHA512
b921f84f2db63079a93d6a73c781c8491bb06a5cf93a491804d9c24138297fcd19c34190f8736fa44fda542887c10edb5e36317a9a1950175bf80a70e8274940

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
4837e529c157481703118da8ef44f6f0

SHA1
d06aa225113fda6a82183bbdc6b4f65f677498fe

SHA256
fd79723fbc1ee42878090b67739c446a42913bd9c5e42367e06fd668604995f5

SHA512
2821694282da0a47df5cd46ec28cfe9c7f4e87baae11bc20328bb45004f5d224525dc7d4100a9b4d6c1d73530d152cd35883af90354333c7f47d2c410a3728c7

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Cache\Cache_Data\f_000004

Filesize
21KB

MD5
3669e98b2ae9734d101d572190d0c90d

SHA1
5e36898bebc6b11d8e985173fd8b401dc1820852

SHA256
7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a

SHA512
0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Cache\Cache_Data\f_000005

Filesize
20KB

MD5
c1164ab65ff7e42adb16975e59216b06

SHA1
ac7204effb50d0b350b1e362778460515f113ecc

SHA256
d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb

SHA512
1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Cache\Cache_Data\index

Filesize
512KB

MD5
c1ddeb29a397a42d018d469e1587cc63

SHA1
8f8f140388b312302cb79c2900628f7420b8b742

SHA256
4621035bab164075810621e7dc22a00f52679dfa3fd9620393c9d22409ce6f96

SHA512
3ab5ce096693486981d11a6d58a7ab589ca82408be60da7663bc869b2d6da2d551c22765f25b46e7304fba010c8ee4dbbb2df8eb92ad16fd92bf0def61cf8b66

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Code Cache\js\index-dir\the-real-index

Filesize
768B

MD5
60a95e07a896a53a6cbbef755adac791

SHA1
9cc90721185a5d6e1a82c755318e273a47c0ad92

SHA256
af2d866366dd9702cc3ee9b2e353ef00016ccd08bfcfe929dc140052ed3ed04b

SHA512
5bd17f6f06116f5fcaa043bb7411d5c0aeac92ecc8c655b7f6ad53de3a8d4c43cbf2b53fa39d92e68c28f6ca61c0d868fbc8c407b10d5d6e72d0f933c9c9c550

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Code Cache\js\index-dir\the-real-index~RFe57ee57.TMP

Filesize
48B

MD5
9089358542921b32243862f4e660970e

SHA1
4be44ae9865a7935ec2a99eddb3f8403c290c601

SHA256
3dccdebee7d8524ea5ec1b3055e41caec9f8e0197f3677fd99088f0169aa6747

SHA512
3e60758c434831b7089ac00fe73ba83ac5645bcccc5d76753eefb3ebbb41be2a152496d91310edf2e438dcefeed117eee8fd224e30a1988c6b99bc40e9a1b670

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Code Cache\wasm\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Code Cache\wasm\index-dir\the-real-index

Filesize
48B

MD5
33c2263f7c1a80a9031cccd0cb6871b0

SHA1
c363fc2553753339dedc5392499d7326ea91b6ba

SHA256
aed6de74e972c449f0854fe3466d062200158d0f4b4fdabe520c17f282e58f59

SHA512
392d34916e81bb180dc5f39c45e7a9aeee9e1a5196bc3f2af8a68645ae32e1c5037f3e15c3a88704a7f78160a3967f20bbe49a9da63c2b13ba9cb1e6a70ad244

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\DawnCache\data_2

Filesize
8KB

MD5
0962291d6d367570bee5454721c17e11

SHA1
59d10a893ef321a706a9255176761366115bedcb

SHA256
ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

SHA512
f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Extension Scripts\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Extension Scripts\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.62.0_0\_locales\en_CA\messages.json

Filesize
851B

MD5
07ffbe5f24ca348723ff8c6c488abfb8

SHA1
6dc2851e39b2ee38f88cf5c35a90171dbea5b690

SHA256
6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

SHA512
7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.62.0_0\_metadata\computed_hashes.json

Filesize
3KB

MD5
02c8ed2627b526edc7d74eda75b9a924

SHA1
2984ed94ccacb55d86da2e38dbc3b6b7b3ae9a25

SHA256
c4d3d374611fdb6e970a2019cde28482f8b92230941cbca6ebf7699815c152a6

SHA512
16197b17c6e244c11d1804abc5a739eca5ec05858c9784f919acd634d72b8da2d4ba12b2e68f04145c5fb6d39bdfc187b9a5bc49c60a11435163445a04ba3103

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.62.0_0\_metadata\verified_contents.json

Filesize
18KB

MD5
2f0dde11ea5a53f11a1d604363dca243

SHA1
8eef7eb2f4aa207c06bcdd315342160ebacf64e8

SHA256
5a2940c7c5adba1de5e245dbff296d8abc78b078db04988815570ce53e553b1d

SHA512
f20305a42c93bcde345ba623fef8777815c8289fe49b3ec5e0f6cf97ee0d5b824687674d05827d6c846ee899da0d742407670db22ff0d70ebee5a481ab4a0ff0

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\en_GB\messages.json

Filesize
593B

MD5
91f5bc87fd478a007ec68c4e8adf11ac

SHA1
d07dd49e4ef3b36dad7d038b7e999ae850c5bef6

SHA256
92f1246c21dd5fd7266ebfd65798c61e403d01a816cc3cf780db5c8aa2e3d9c9

SHA512
fdc2a29b04e67ddbbd8fb6e8d2443e46badcb2b2fb3a850bbd6198cdccc32ee0bd8a9769d929feefe84d1015145e6664ab5fea114df5a864cf963bf98a65ffd9

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json

Filesize
10KB

MD5
90f880064a42b29ccff51fe5425bf1a3

SHA1
6a3cae3996e9fff653a1ddf731ced32b2be2acbf

SHA256
965203d541e442c107dbc6d5b395168123d0397559774beae4e5b9abc44ef268

SHA512
d9cbfcd865356f19a57954f8fd952caf3d31b354112766c41892d1ef40bd2533682d4ec3f4da0e59a5397364f67a484b45091ba94e6c69ed18ab681403dfd3f3

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\verified_contents.json

Filesize
7KB

MD5
0834821960cb5c6e9d477aef649cb2e4

SHA1
7d25f027d7cee9e94e9cbdee1f9220c8d20a1588

SHA256
52a24fa2fb3bcb18d9d8571ae385c4a830ff98ce4c18384d40a84ea7f6ba7f69

SHA512
9aeafc3ece295678242d81d71804e370900a6d4c6a618c5a81cacd869b84346feac92189e01718a7bb5c8226e9be88b063d2ece7cb0c84f17bb1af3c5b1a3fc4

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Favicons

Filesize
20KB

MD5
3eea0768ded221c9a6a17752a09c969b

SHA1
d17d8086ed76ec503f06ddd0ac03d915aec5cdc7

SHA256
6923fd51e36b8fe40d6d3dd132941c5a693b02f6ae4d4d22b32b5fedd0e7b512

SHA512
fb5c51adf5a5095a81532e3634f48f5aedb56b7724221f1bf1ccb626cab40f87a3b07a66158179e460f1d0e14eeb48f0283b5df6471dd7a6297af6e8f3efb1f9

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\GPUCache\data_0

Filesize
8KB

MD5
cf89d16bb9107c631daabf0c0ee58efb

SHA1
3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

SHA256
d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

SHA512
8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\GPUCache\data_3

Filesize
8KB

MD5
41876349cb12d6db992f1309f22df3f0

SHA1
5cf26b3420fc0302cd0a71e8d029739b8765be27

SHA256
e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

SHA512
e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\GPUCache\index

Filesize
256KB

MD5
cf0ff1017f930b810961b369d9ac2f5a

SHA1
e4718a2bf54008ea485ea4bfc7a8c2376962659d

SHA256
815b4294ef5e6bd1f72e5d608da7066e2f39e3994794f128e1268fcceb3fdef7

SHA512
78c103cb038e48ade1e1a6a53efe9fb92c76e1d96749d94f374e9dd5be2ea3622448a2d98061a10b7d7954c6ef58c5ce3f8250a5a419fe66104905c9a39d8eb3

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\History

Filesize
148KB

MD5
90a1d4b55edf36fa8b4cc6974ed7d4c4

SHA1
aba1b8d0e05421e7df5982899f626211c3c4b5c1

SHA256
7cf3e9e8619904e72ea6608cc43e9b6c9f8aa2af02476f60c2b3daf33075981c

SHA512
ea0838be754e1258c230111900c5937d2b0788f90bbf7c5f82b2ceda7868e50afb86c301f313267eaa912778da45755560b5434885521bf915967a7863922ae2

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Local Storage\leveldb\LOG

Filesize
329B

MD5
506d64ad67879fc2d206e224477735f0

SHA1
1f4dacdba07691e9b70673bcd28e190ff3e32c38

SHA256
1917db64227a7dda2086eef2a218a2f11ca2706702e5c3dd2b8e02de61c5e0df

SHA512
b644972833f0a5d87569c128ba45057616335c09044a77f27be9ccee0b43894273b876fae21f1dd61921f87ac289914cb67aeba2ec5c1dc69cfe580df067a441

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Local Storage\leveldb\LOG.old

Filesize
291B

MD5
0572cc8d2a4d3a84a553128294cefa83

SHA1
3dd4b8c98d0964794572eccef397c915016a366e

SHA256
e5e5939663b11991e48fbb125e62429381930f42b61f4a95e94431b611cdd7b5

SHA512
741902a41f09c9d8932bf2ca41aee083326e3650aaec3c01e5d9d696189d45609a1126e413814508d62db27144703442aab7dc7501ab3f3786f772324b21e6e3

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Login Data For Account

Filesize
46KB

MD5
02d2c46697e3714e49f46b680b9a6b83

SHA1
84f98b56d49f01e9b6b76a4e21accf64fd319140

SHA256
522cad95d3fa6ebb3274709b8d09bbb1ca37389d0a924cd29e934a75aa04c6c9

SHA512
60348a145bfc71b1e07cb35fa79ab5ff472a3d0a557741ea2d39b3772bc395b86e261bd616f65307ae0d997294e49b5548d32f11e86ef3e2704959ca63da8aac

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Network\8504fa90-e5c4-474f-8196-6a17fb7157da.tmp

Filesize
2KB

MD5
2cf4eb604c987d4d64c8a09208ddb73c

SHA1
b1146b74a26283b45565d20076567a67f160d67c

SHA256
ffd20f2c1cd96b1b4215b8ddf8a1ee5797261f221f2cbb8a533993720ed35eec

SHA512
cc32f95c5292a4eaad8bfa1c7b71ce0c2e48dde13b9408029b485b8cf39d64873c97c8aebbb1cf1c7311d2c899050d7e00dbf2b2cd4ba2213e98b64f6ebb5923

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Network\Network Persistent State

Filesize
1KB

MD5
ddbb5a2ce2dd11fe040d269cc27c751e

SHA1
9b777e584c1bafd4f5a47ff72c5c16fd2673893c

SHA256
b984d847a49cf1ee509f94a09422f3421542ef5a276564aec2da87a77d624134

SHA512
d60b0a37acf303508f8c6d57615b14d3e1abcd303edaaee037db7e2f7bdda13e434a942eba34d69db5134441c59670292dcd7e83d1cf1ae25aad64e0298418b8

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Network\Network Persistent State

Filesize
2KB

MD5
bc336b66f7fa7d18b3352acb226f148b

SHA1
b52d7c2b88f0b0584c838b9493a2292330122c35

SHA256
e7bd2156502ff5cba516ddc5bf25e562f663a5c6911df213c284decd620c1749

SHA512
79438907406f02da4bb77c4d7a72b59d56060ff53ab02e497de0f9554a12911ec04d4d986530cc4a0d1f5d3550cc60d791e27bbc46a62250a12038a0c5ddb8be

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Network\Reporting and NEL

Filesize
36KB

MD5
5aa11d61e28eb9cd158e66f17bbfd9ed

SHA1
51023b26c3755a890ba35b8d644af1188594154b

SHA256
71f150c919c4a9c6a79ca4772405772fe8ef79c73c067378656bd41dfd5bf6eb

SHA512
910ea9df394838bd33d19714f52584e39eb8c3177a6f5446f79cd37067bf482d7e51e8052014a0902c30e00bfc5a2ae4f8890803314f1073ffd0635d742f8f98

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Network\TransportSecurity

Filesize
371B

MD5
b74ce5dc17658961b81b2bbcb385520b

SHA1
623da4ae8de0846a6ab71d6a79caca91c36db7bf

SHA256
ba8dd80847799bf6a206171eccb909a4b3743a519eeae7cf97897fff48021538

SHA512
07812a6a0753e0fd62cc4f1446a172035a3f0cbd11fe34f8909ef8b35a2a60f4240d7904ff4fa945da828aeac2dd0f88c0dcdf7e47bc8a882e3c4e101ce347ef

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Network\TransportSecurity

Filesize
874B

MD5
476040f698615599758fc7c3b57ee771

SHA1
d75a1f8caa973012f6e3d12a9556c86f045157c7

SHA256
5e2f3ba38d09704563a138165ab05d6a31d6cb19d4bb56713463224690b3e0d5

SHA512
d11f6d0349cdcd14975c711dffaa2806c31f9d36035f6508a4525b0b50e179aabadf1079564c32e03369ef73990a8253480fbf1e5dfaf9826f137200f8f32b9b

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Network\TransportSecurity

Filesize
874B

MD5
862591266954e30f9667933318afeb36

SHA1
5483725a8e7c415ae3fcf7fc43895358ce92784c

SHA256
b84b3d09c4dab3281968c9c9df243d05d208ee8f958a18ee912428414cbed56f

SHA512
809efae2ed7d6eb76a4d6da6447957c3926f05d57e6d5f4ccd37a7d2196552c060d023b6027860919b3e6a5b5750127d3d4441892606dcec50c9ece5dda22f6b

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Network\TransportSecurity

Filesize
874B

MD5
e10b111225df5b9839d9d007328395aa

SHA1
8832da91e8d402446287ca3643873985bfa11416

SHA256
0c879408413a2f42e42b73015c9466eb7be6b1d8a357afa11855d99ab4a9f6c7

SHA512
781d2dcc7b40de0b6873a63b9bb2f817b78d1243e8694a6bbf7091a162351f8df60c5079a717f4572e350eba841d94a04ae68127ec9bdb2f077d7613d303d239

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Preferences

Filesize
6KB

MD5
902b800d8866dcf7affafc11974e0389

SHA1
271df1ab35684648c8f33e78b42b3fa28e7ba675

SHA256
fdd8aea810a09b24721bbc0cd94e035f7fdd612b4bed000bced4e59042fc1ff8

SHA512
2ccf9acbe1bc861afe762f5f497f14c2516b375be57ebf89390aa2085ec51678aa15576761ff5ae919564e2ae07395da055183e07ba08d09348b913d131d247e

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Preferences

Filesize
6KB

MD5
0c786ef50d604748a19e1474f57e5309

SHA1
aa07d3d6052ec4fcd8ada520021d426734590a39

SHA256
840244a369deb651aeffa811c331e211e514074c4466a9605d0f5f4b0b8aaad9

SHA512
db915917b2dc4b2e8da1fb6e1619d57f095565a6e75f696fdb5816a1963789f1f3fc4b3c3fc7d0e1e40ac750e2877b988364d3f30f79a54d02a1f61d7b87a892

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Safe Browsing Network\Safe Browsing Cookies

Filesize
20KB

MD5
c9ff7748d8fcef4cf84a5501e996a641

SHA1
02867e5010f62f97ebb0cfb32cb3ede9449fe0c9

SHA256
4d3f3194cb1133437aa69bb880c8cbb55ddf06ff61a88ca6c3f1bbfbfd35d988

SHA512
d36054499869a8f56ac8547ccd5455f1252c24e17d2b185955390b32da7e2a732ace4e0f30f9493fcc61425a2e31ed623465f998f41af69423ee0e3ed1483a73

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Site Characteristics Database\000003.log

Filesize
40B

MD5
148079685e25097536785f4536af014b

SHA1
c5ff5b1b69487a9dd4d244d11bbafa91708c1a41

SHA256
f096bc366a931fba656bdcd77b24af15a5f29fc53281a727c79f82c608ecfab8

SHA512
c2556034ea51abfbc172eb62ff11f5ac45c317f84f39d4b9e3ddbd0190da6ef7fa03fe63631b97ab806430442974a07f8e81b5f7dc52d9f2fcdc669adca8d91f

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Site Characteristics Database\LOG

Filesize
348B

MD5
33b177eb500dc4cf1781070ea90155aa

SHA1
3b28daa1de8ca2b32bea3965c315fc1d9379678d

SHA256
7ee218dd1703567b5a5fc005559f38d068002756aea5107479b5381b8eb6a36a

SHA512
e87d6f3c09d53db530040da94259749d6e9fab03c0e7f622c622d087a3bfc3bf69c501c7c0843c733284689ef1978ea3b20095e36848a6a8d2e2d663315d8cde

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Site Characteristics Database\LOG.old

Filesize
305B

MD5
a9545496b22f36ae4840bede2b6d06e3

SHA1
921ca8b6e7a0230aea5cd4d2e89989e578779680

SHA256
1ddb7f4a6c563fb1a38eaf8cc8bf600bacd98f74d32e8fdef48ab4e14abaa873

SHA512
85d4cb0758d0984eb01f767a1481ef82d79e70cae25ae6cdc36b701b91f0ef4a809ed415ba4d3897b00eb303384f3818eaf31cf2a5055730acfb62f0ccf9340f

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Code Cache\wasm\index-dir\the-real-index

Filesize
48B

MD5
ed8bd0a1ffa612bbdb6992beb7ad59b6

SHA1
c223e73173799e01a9e226e16be2d19be5529b1d

SHA256
d7ecbcef072b3fdd1ce0fc472533517093c6003de7eb982a48f72fd0eda0527a

SHA512
d66dfbe112c6b3353a1345e697d6cd8ee41f24b419cf52265cac025bf6098993595428464455ad8f7f79f111995259f7bf753da1269ff79e1f0f6bd09bad23e9

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\index

Filesize
256KB

MD5
539f46538ae7998558ffefc6715ba8c6

SHA1
536d8cf394a8cac679847c50581eb1c164533281

SHA256
87bbc62633afedaaa8e31cba15ba03da04e349ddf6257dd7c1eb15087a2effaf

SHA512
556102f7e79609c72be1e58bbea23bc9e6e1856bdba416091e9da505d61f97db5d61d4b0ba29d9351b2c3fefde75a533471e08df7576645b1ab041f772466632

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Sync Data\LevelDB\000003.log

Filesize
6KB

MD5
e67c0d8eb67ee44ff56e3aa2f3f04bd7

SHA1
08f4b9b66defd0fbad7ce478231b70142d244a13

SHA256
220e8ea7ac328f4223c66c74eeec5b1efe274a8df4da0d6acc1fb9860fe94788

SHA512
140ceab27b66dcfbd08298e310279ab3248aee1e1d92eb2465187cf7889b5b9e7f9623b054eda031c9703b618780f1bbb988e97279d5ebaedc11dfe805671ee6

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Sync Data\LevelDB\LOG

Filesize
321B

MD5
dd368baa347c3d61009cb3f2d90df191

SHA1
20c934688e1998c6c363e6a65ff30aa3838810c9

SHA256
46dff516b94a410fde7bf5835c0408d843545251e971c19d8b6cba285d2a1237

SHA512
ccc443fdaff49391933a55ba51d3c37ff86611887feb04855b07272862809f0a07da1a78dea891d768b64ee449edf3729be6dae912d57eb76f9908da2fec458d

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Sync Data\LevelDB\LOG.old

Filesize
283B

MD5
2febfb42878de3c5fdf0001b07a82fe9

SHA1
a6a32537a8cf8a5710029ed71d159a8b2165770e

SHA256
57bfb75c42e726699085ae9d69a7136f4103bf5c3200ddfcc705abfb66613320

SHA512
e4b29ae1cbd599ce0070ba52a11fab81d433907c137383ebcdd7d757c4b58fc59e4f8aaa19f53cd16d3fe51dbbe12a39d3fe29b8eac602dd9446d31a616e118b

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Trusted Vault

Filesize
33B

MD5
2db8da6ef9b7ffe4fb709782f610c319

SHA1
b104511bb1ae5cc8cf7fa92ccfa250078de1069e

SHA256
2acfcbffe19208280d7fb7ff79bdc9fe5f83061cbb761e9bba7c0720768e7318

SHA512
8afcc8c0fe69d577453419e8116ae3c568af8118d3dcfc8936a6491fb60500413641622699370cac59b40fe7c4f3b411edda45d82a3a4cc032d7fa84a2beba56

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Visited Links

Filesize
128KB

MD5
99ed0f9d19ae66dbfe57aed98383bb57

SHA1
cf07c0608c8423139fbef3c1650741a378e8b622

SHA256
11559f6478654f84c16f2bbe52af226ef5de8d6640212d39fb57c90448040876

SHA512
72b8aeea080fc9c17ca49044ab3203f2d4c849059804857d820ecff320742d9df5f607d53db1778d98ee0e6dfbcbad7a27b0d61d5ebc241ffc0c3ad8e83a6484

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Web Data

Filesize
92KB

MD5
202f2ef53f2db2c911585e9fc250d7b8

SHA1
eb88b73f2fbeb0994b21c08aa71d467ef12c1546

SHA256
c6f58d159d4de36d38a1b6c4ebdc89f68ee371086da8f478478d3f581ccedfee

SHA512
ec980b528288e9169862b6a7c058bf7794ec8ac68ef10a262d34aecd63d47c41874b23fed43ea85d21d3dfc707b97a549523afbb6aff1ad36ee74a25bc2a0407

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\c0cd04f1-2d60-42fc-8c69-3f9ff06c85cc.tmp

Filesize
18KB

MD5
6e8a5dd603d2bb1d43dfb350f7a40ba4

SHA1
6473503ce6d330f5c7316b67253ac456694ce0e6

SHA256
12a6b8ed600ad6571ecbc5553aa03c4578ce1a72356af1d74864b36f9b98e778

SHA512
831a3679f51eacf858fa628b02f92089a2a923b00db383b96a0b54f25a9fbe86b970d513b6bef1197370703eab3e7e25eaf253d752659b4cf26bf0c375370f8d

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Last Version

Filesize
14B

MD5
9eae63c7a967fc314dd311d9f46a45b7

SHA1
caba9c2c93acfe0b9ceb9ab19b992b0fc19c71cf

SHA256
4288925b0cf871c7458c22c46936efb0e903802feb991a0e1803be94ca6c251d

SHA512
bed924bff236bf5b6ce1df1db82e86c935e5830a20d9d24697efd82ca331e30604db8d04b0d692ec8541ec6deb2225bcc7d805b79f2db5726642198ecf6348b8

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Local State

Filesize
128KB

MD5
7fafe212636cb04c15dd2954d731955d

SHA1
baaa7e03bf798035ba2b731d7e91051f625184df

SHA256
5902be26e2a4075e5730a4f2e109da826c39dcc53ef0f662f42131b83b8fcb09

SHA512
cfa3499bab166a1e84ee3115c4805b8eac669c0def975f71d1f1cfd27467eb4de1e56b5e6c2ff56f42d7d1db2cf040913a3a8cec5a3aa95ebb15c4f5efef0678

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Local State

Filesize
253KB

MD5
efea44ed0e0a5b6e532745472a61dc4d

SHA1
5cc706e87a6e177d24fe9eb87078a0f2ba270460

SHA256
8604c1b3ae902753ef5eea35a1017be6db350ed65e2ed2cdd69fa0cbcc1c3e7b

SHA512
c7892be2933d2191f5db2ee1a611689840c87fc7cd07cf397e07bbce22a7bb1bc257a20e4033ef198e95f1fa1b29b7a71eb8d64bacaee684dc564e672fde91a9

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\ShaderCache\index

Filesize
256KB

MD5
75024996237f1249d0b8a22bac904979

SHA1
333c45beec75b259b5f4aef33de37ad84f2a1eba

SHA256
5987108d9bd099687d8363cb2d55b8d1f494b0712a679968064212993265c45e

SHA512
cc38896a78efec6036eba99ff8b1b9b8f8cdca8dbfcaa1a52b2ec5a482f7a91147fc3718f76a597cbb6a71636ed34a318a8d6231490d179bac88c4b4863d6050

Download Submit
C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
\??\pipe\crashpad_4336_NYWMEXFVDSVOPRQR

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit