Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27-02-2024 20:57

General

  • Target

    https://ufile.io/m7otwev2

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 52 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://ufile.io/m7otwev2
    1⤵
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4764
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa53d29758,0x7ffa53d29768,0x7ffa53d29778
      2⤵
        PID:2588
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1644 --field-trial-handle=1812,i,6440712643622763213,8267671952895825577,131072 /prefetch:2
        2⤵
          PID:3940
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2192 --field-trial-handle=1812,i,6440712643622763213,8267671952895825577,131072 /prefetch:8
          2⤵
            PID:4872
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 --field-trial-handle=1812,i,6440712643622763213,8267671952895825577,131072 /prefetch:8
            2⤵
              PID:404
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2876 --field-trial-handle=1812,i,6440712643622763213,8267671952895825577,131072 /prefetch:1
              2⤵
                PID:2896
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2868 --field-trial-handle=1812,i,6440712643622763213,8267671952895825577,131072 /prefetch:1
                2⤵
                  PID:1056
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4748 --field-trial-handle=1812,i,6440712643622763213,8267671952895825577,131072 /prefetch:1
                  2⤵
                    PID:4040
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4148 --field-trial-handle=1812,i,6440712643622763213,8267671952895825577,131072 /prefetch:8
                    2⤵
                    • Modifies registry class
                    PID:3028
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5264 --field-trial-handle=1812,i,6440712643622763213,8267671952895825577,131072 /prefetch:8
                    2⤵
                      PID:3080
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5572 --field-trial-handle=1812,i,6440712643622763213,8267671952895825577,131072 /prefetch:8
                      2⤵
                        PID:4332
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5660 --field-trial-handle=1812,i,6440712643622763213,8267671952895825577,131072 /prefetch:8
                        2⤵
                          PID:4812
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4160 --field-trial-handle=1812,i,6440712643622763213,8267671952895825577,131072 /prefetch:1
                          2⤵
                            PID:4048
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5108 --field-trial-handle=1812,i,6440712643622763213,8267671952895825577,131072 /prefetch:1
                            2⤵
                              PID:4840
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5300 --field-trial-handle=1812,i,6440712643622763213,8267671952895825577,131072 /prefetch:1
                              2⤵
                                PID:372
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4716 --field-trial-handle=1812,i,6440712643622763213,8267671952895825577,131072 /prefetch:1
                                2⤵
                                  PID:2288
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4796 --field-trial-handle=1812,i,6440712643622763213,8267671952895825577,131072 /prefetch:8
                                  2⤵
                                    PID:1400
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1756 --field-trial-handle=1812,i,6440712643622763213,8267671952895825577,131072 /prefetch:8
                                    2⤵
                                      PID:1852
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5772 --field-trial-handle=1812,i,6440712643622763213,8267671952895825577,131072 /prefetch:8
                                      2⤵
                                        PID:3540
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4736 --field-trial-handle=1812,i,6440712643622763213,8267671952895825577,131072 /prefetch:2
                                        2⤵
                                        • Suspicious behavior: EnumeratesProcesses
                                        PID:3056
                                    • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
                                      "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
                                      1⤵
                                        PID:1936
                                      • C:\Windows\System32\rundll32.exe
                                        C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                        1⤵
                                          PID:3824

                                        Network

                                        MITRE ATT&CK Enterprise v15

                                        Replay Monitor

                                        Loading Replay Monitor...

                                        Downloads

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

                                          Filesize

                                          24KB

                                          MD5

                                          b82ca47ee5d42100e589bdd94e57936e

                                          SHA1

                                          0dad0cd7d0472248b9b409b02122d13bab513b4c

                                          SHA256

                                          d3c59060e591b3839ec59cad150c0a38a2a2a6ba4cc4dc5530f68be54f14ef1d

                                          SHA512

                                          58840a773a3a6cb0913e6a542934daecaef9c0eeab626446a29a70cd6d063fdb012229ff2ccfa283e3c05bc2a91a7cac331293965264715bdb9020f162dc7383

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

                                          Filesize

                                          195KB

                                          MD5

                                          873734b55d4c7d35a177c8318b0caec7

                                          SHA1

                                          469b913b09ea5b55e60098c95120cc9b935ddb28

                                          SHA256

                                          4ee3aa3dc43cb3ef3f6bfb91ed8214659e9c2600a45bee9728ebbcb6f33b088d

                                          SHA512

                                          24f05ed981e994475879ca2221b6948418c4412063b9c07f46b8de581047ddd5d73401562fa9ee54d4ce5f97a6288c54eac5de0ca29b1bb5797bdac5a1b30308

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                          Filesize

                                          528B

                                          MD5

                                          798c66f5c8e03463a1cfdc90c20b25fe

                                          SHA1

                                          e82adedd7bd5fd00a5ed9f6bd7a925f8248c5892

                                          SHA256

                                          449109315d1c970d440333d3cba264473c7b5454e726d4fa2112ace18985375b

                                          SHA512

                                          892f0bc3df04345e0919a8a3a53c0a1d2c0f5bd470043757172f1e1e8db5a9e3c5f4c8b0f1ff6b3b561a664aa4f3835541c37fe65180fd83848d128c34a2b801

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                          Filesize

                                          528B

                                          MD5

                                          ba7862a91b4b382d57efaf06c60581df

                                          SHA1

                                          41201fe838391c5a0c6c0953f85791cf7cc81749

                                          SHA256

                                          bfffb275d1ba913bb623b1fda928e4aafe9aea17ed76774fabf16b486ddf56e3

                                          SHA512

                                          cbe64b48dd94fc486c8f8fd1941391648180de18daeebda33c895ce48e9e592bd059c70331ed2525f8aaf6d6be1e9e4289e95a4b6a42dfcba24d9f492ac22d95

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\MANIFEST-000001

                                          Filesize

                                          41B

                                          MD5

                                          5af87dfd673ba2115e2fcf5cfdb727ab

                                          SHA1

                                          d5b5bbf396dc291274584ef71f444f420b6056f1

                                          SHA256

                                          f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                          SHA512

                                          de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                          Filesize

                                          4KB

                                          MD5

                                          5bc935ebb1d3a45d64d2750e9f5d484f

                                          SHA1

                                          20a9b4a3681fb635c353e189ba43e8e74b8d2958

                                          SHA256

                                          4e70efd1f86461b96c3201ce6ef77f89ddd74e47ec1d436cf8bf2a7632e554b1

                                          SHA512

                                          afc3fa1ff615860a2e349da2ca602387eba2cffa5ffd3a7319b63a047e28e3d074936246a49945e71456a649d5571537d9403967b255292061a8487749e1f4a8

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                          Filesize

                                          3KB

                                          MD5

                                          14da103221c35be3a933d43e0beab289

                                          SHA1

                                          d90681c90b6add5d8824d3f8fc86eba068d837dd

                                          SHA256

                                          a1d19fe6678ed549922742a661bf249d337abf829137b2539baf967eb0cf843b

                                          SHA512

                                          15a295e6d787bab24a66b5c3a911d58eeb5881619a84e2cb27c8a9fc576503b8d61ce4719d8eace365685e6135f855da142a7cece23570437cad2b61e6c81d22

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                          Filesize

                                          1020B

                                          MD5

                                          aa49679682703de5783673bd7fbe5d82

                                          SHA1

                                          6b74f5add6b021d278943ee2ee3422afe48e8cbd

                                          SHA256

                                          f9408c51fb0ed29e350dc03bdf34ca1c1ca764b2a8236a3e3272a35e1358b525

                                          SHA512

                                          121011741b3cdb2d490837084e6f16d7a68de07ae1606afadc6d6e9eab955450ba3bf27d49880fe883d0988489b9e38b1723c180d7538edb860c9e7ff1f55389

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                          Filesize

                                          1020B

                                          MD5

                                          e6fd4767ecae5b7efd33929410807545

                                          SHA1

                                          a59081e54805e1a5772131d2422d436f0d9d5d9d

                                          SHA256

                                          1c0dc90e834cdf0d205441047a64611b1d872084bc693e9c1ce98b6949002898

                                          SHA512

                                          3b544a7d4dde4587f44c05a97b36c93aa7312f2ecb026ed437d90e822f22772eb8fc65843c19aea50a823142016d3caad27d59cbc921d06bd4eccc3c6db7d68a

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                          Filesize

                                          1020B

                                          MD5

                                          f3c21fbbab124f00430e9295fa201528

                                          SHA1

                                          ca3081a24d3ae76826569fe0f0296d78747aa934

                                          SHA256

                                          f8babe0e27ab5485d0c9faa23e882e89e9e128dd35917b4a0004778327f3c838

                                          SHA512

                                          7654d25e45ab69d64e16043756e4c9296411f9dcee39e05ce15eb827fe6f499aea2d60e3e0a09457d6814c7315d5a93a825561f3b79e24f2b21e9dfc164a4d8c

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                          Filesize

                                          7KB

                                          MD5

                                          a4275d19aa39fded6cc182721829d4d0

                                          SHA1

                                          e4c7fe540e7280a1ba5389aeb276758a67797f16

                                          SHA256

                                          e30b68f584f6a7988a886b4c58ff2eb9ac10cf42733aeef734c9bdade35b5ca3

                                          SHA512

                                          de51baa0c31c19e3a4ceccda2f663bc62c9f7b11563b69ee0c400c3653748ea72702d0e5359cfdf5be2a3f13ff44a383b017624cea2c31ad8cab43dc2d7f33cc

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                          Filesize

                                          7KB

                                          MD5

                                          7ced27b1380d405e04bba07f179f179e

                                          SHA1

                                          3427016e65a1f8d5feccf35b57a684f8bfda7c5d

                                          SHA256

                                          c830fd51429e5f2bb370bc380cd0791776d9e2f1c27632455a0e52a49c554345

                                          SHA512

                                          8c1b5a24c2da59ef1450748de3ad26988a96b8568cbe566c1275e27fce465843fd9a3d94abd6ff6468893d0096cec5b46b384e110d703a409ac7c358a54d01d1

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                          Filesize

                                          7KB

                                          MD5

                                          e5d09f41a5dcfd1d64971705dd6b8944

                                          SHA1

                                          8bb1b1bfd007f8b801e6b9dcc3db1e0b23cc8440

                                          SHA256

                                          da73292c418e6245486a5952f4c878a5f4bce10efb5ce4fb68ad75aa1114a9d9

                                          SHA512

                                          d959b580d2f47e01af255d97a4846d5d9fbc22f86fde0ba94fd5c61ef1a1f4212c79a5e27278d088cac681e3414c0e3d87f95962dad6e516872719eb6ad992b8

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                          Filesize

                                          6KB

                                          MD5

                                          6cb11c25543248f1cadde98bcd1c9933

                                          SHA1

                                          a7eef0201a77d490e78e1d427324c28043c9167d

                                          SHA256

                                          1aa570073efce573e8a043eaf831f3ec244b4a56f18b37b1d85680cdb54e9516

                                          SHA512

                                          9af4d70b455f87051000b3412bd9675723b5948d32c689dc563dfb719b2709e973db5d4a9452fc04746de778705932439c6acf8c9c7843c146f90d3d62048978

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

                                          Filesize

                                          16B

                                          MD5

                                          46295cac801e5d4857d09837238a6394

                                          SHA1

                                          44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                          SHA256

                                          0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                          SHA512

                                          8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                          Filesize

                                          72B

                                          MD5

                                          1d1aa4bf4d6884ecbd9d36fd4fb68f72

                                          SHA1

                                          d6f06276f417a3153a29b4e38a7ad82fa495f564

                                          SHA256

                                          f965865bd77c38925f4bda362db42d51c3be1814f12249b1571efea5b0fc8fd6

                                          SHA512

                                          804b7762c731f540c1e6bfd6c3b54e239ce4b99841a8364fc421c0b2b7e74a45ad442ef546dc9f1b4f575ebbe7af64ae392d8de33003d1068df04109da305852

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57b5f2.TMP

                                          Filesize

                                          48B

                                          MD5

                                          78d48f3bea86f053c3f0ce678675a950

                                          SHA1

                                          a4e682019bbc0052699d52cb33c4ee0927c55e72

                                          SHA256

                                          17632d0393a9c506011719e24796c6df7c3cc46faf99f789dcc8ec1693d8c6db

                                          SHA512

                                          ce2d02be74a4a51e63acd2d86b97d6145902862450a820e0a9c7252c34894c7cf916f21e63c86c931546217f3c9e8d7dc107cef24259eabbdac78c6218e9891c

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                          Filesize

                                          128KB

                                          MD5

                                          a8d9513ff64f01d2b99a1f93e9eedb5a

                                          SHA1

                                          6304da93ee5fc32ee8621082944b9e262cfa0ded

                                          SHA256

                                          f604997a552e8a62bb73d9511900cf84ec980f69c355573591e7b71804b19443

                                          SHA512

                                          88a228186f293441ad6ac95427ee69bf3b725add30bd017b32f04bc807904bc6d69b869774dc0a23b7135dfa78010f737278ae999faf1462eca67498474e9d01

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                          Filesize

                                          128KB

                                          MD5

                                          0aa501176f73b1948a2f22a381f8fb56

                                          SHA1

                                          6eae37f4ccc945cf7c867ca53dcde9da64bf80cc

                                          SHA256

                                          515e85b3d763166bec6c4c3d49b805401fc0eef1810fca9a128c62329ae2f572

                                          SHA512

                                          37bb513d9278bc10f38cb9c4690d455c7ae355380c94d73aa1b19c63029dab432988cda20e75afec1b29d9e4632314263f2fd190403311bfdf5c0acf4b3844a9

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                          Filesize

                                          113KB

                                          MD5

                                          981cdc69521aeb4fe67aa88b4cf52cfe

                                          SHA1

                                          4d0b224881812aedd52e87d18aa5f96aef906a94

                                          SHA256

                                          3418ee056fb1b1a4f834aca84761d96d6937f57174b59eda29afdb02f65cf1f7

                                          SHA512

                                          7579d3f55d17ceb3bbfa7da543ee2383304c0a35eb9a8c4459dc3f52b8ebbd9a94b8f01cadb2b7c668ed702315da5059cef30fef31cd0e5fe47b3f5365d98f4f

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                          Filesize

                                          109KB

                                          MD5

                                          403c5d8d34544d95dd12818acfd27246

                                          SHA1

                                          107de0fe7caa8f1c3d0f42be0aceba04b2ee3a50

                                          SHA256

                                          3dc8a4de907fd85fb01e384d7cdd0aba1628715e93d6d82c08ec68077def0570

                                          SHA512

                                          3b4263d0ee4187eb736592f9f053b5f275263319a7b52c601377318b5ed393b1d8ffcc6e3515179620ffc94ef33bf2c4c79147e5afe2a57c07c4b814ddb43f88

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe584801.TMP

                                          Filesize

                                          103KB

                                          MD5

                                          6f22fc68f959ca77d331c1c34eeffcd3

                                          SHA1

                                          768b53f3c6c2cce53d2ac93bba0e24138db1cb66

                                          SHA256

                                          2a9cdf8220ec8abbe42c04bda1175b804dce2c880c93895015a913a49d4e0398

                                          SHA512

                                          3b716f6b86421cbdff37388fbc7dc443a42722f8234dc55802621e9c27c9224438aeab1d2e586a16f8fdbf627d1e2792edf0e5fff7e69dea1d4a1c6c32c9be61

                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

                                          Filesize

                                          2B

                                          MD5

                                          99914b932bd37a50b983c5e7c90ae93b

                                          SHA1

                                          bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                          SHA256

                                          44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                          SHA512

                                          27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                                        • C:\Users\Admin\Downloads\Pirates shit.zip.crdownload

                                          Filesize

                                          4.3MB

                                          MD5

                                          0e34dcaf42d1418db8d1d5d2f50f4b46

                                          SHA1

                                          a6a4b1c9db0dcea00820d00ae3f19461edc5422b

                                          SHA256

                                          41e8fa4a20030a0d151f2a49b9bf63959417a70b4908ba58c6ec41d868310ca1

                                          SHA512

                                          355a9563b4f2cdd5c9fb810c4bc7789c6433fd9ed9b59253bfee819ce287aae76ad6529e53b51e080e592a57061ebb4695c25c75230a1a4166d7366b33477ddf