hxxps://youtu[.]be/ScJi7J4LK1k

Analysis

max time kernel
299s
max time network
270s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
28/02/2024, 23:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://youtu.be/ScJi7J4LK1k

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133536355270613758"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3270530367-132075249-2153716227-1000\{AA86D68D-A085-4DC4-85EB-888C8CF13E42}	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4064	chrome.exe
4064	chrome.exe
2708	chrome.exe
2708	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: 33	996	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	996	AUDIODG.EXE
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe
Token: SeShutdownPrivilege	4064	chrome.exe
Token: SeCreatePagefilePrivilege	4064	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe
4064	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4064 wrote to memory of 3888	4064	chrome.exe	43
PID 4064 wrote to memory of 3888	4064	chrome.exe	43
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 3180	4064	chrome.exe	94
PID 4064 wrote to memory of 672	4064	chrome.exe	93
PID 4064 wrote to memory of 672	4064	chrome.exe	93
PID 4064 wrote to memory of 3976	4064	chrome.exe	95
PID 4064 wrote to memory of 3976	4064	chrome.exe	95
PID 4064 wrote to memory of 3976	4064	chrome.exe	95
PID 4064 wrote to memory of 3976	4064	chrome.exe	95
PID 4064 wrote to memory of 3976	4064	chrome.exe	95
PID 4064 wrote to memory of 3976	4064	chrome.exe	95
PID 4064 wrote to memory of 3976	4064	chrome.exe	95
PID 4064 wrote to memory of 3976	4064	chrome.exe	95
PID 4064 wrote to memory of 3976	4064	chrome.exe	95
PID 4064 wrote to memory of 3976	4064	chrome.exe	95
PID 4064 wrote to memory of 3976	4064	chrome.exe	95
PID 4064 wrote to memory of 3976	4064	chrome.exe	95
PID 4064 wrote to memory of 3976	4064	chrome.exe	95
PID 4064 wrote to memory of 3976	4064	chrome.exe	95
PID 4064 wrote to memory of 3976	4064	chrome.exe	95
PID 4064 wrote to memory of 3976	4064	chrome.exe	95
PID 4064 wrote to memory of 3976	4064	chrome.exe	95
PID 4064 wrote to memory of 3976	4064	chrome.exe	95
PID 4064 wrote to memory of 3976	4064	chrome.exe	95
PID 4064 wrote to memory of 3976	4064	chrome.exe	95
PID 4064 wrote to memory of 3976	4064	chrome.exe	95
PID 4064 wrote to memory of 3976	4064	chrome.exe	95

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://youtu.be/ScJi7J4LK1k
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb2a339758,0x7ffb2a339768,0x7ffb2a339778
  2⤵
  PID:3888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1896,i,6714407207228931607,3360440923394698218,131072 /prefetch:8
  2⤵
  PID:672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1732 --field-trial-handle=1896,i,6714407207228931607,3360440923394698218,131072 /prefetch:2
  2⤵
  PID:3180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2204 --field-trial-handle=1896,i,6714407207228931607,3360440923394698218,131072 /prefetch:8
  2⤵
  PID:3976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3064 --field-trial-handle=1896,i,6714407207228931607,3360440923394698218,131072 /prefetch:1
  2⤵
  PID:4160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3056 --field-trial-handle=1896,i,6714407207228931607,3360440923394698218,131072 /prefetch:1
  2⤵
  PID:4280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4612 --field-trial-handle=1896,i,6714407207228931607,3360440923394698218,131072 /prefetch:1
  2⤵
  PID:1592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4824 --field-trial-handle=1896,i,6714407207228931607,3360440923394698218,131072 /prefetch:1
  2⤵
  PID:4428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5016 --field-trial-handle=1896,i,6714407207228931607,3360440923394698218,131072 /prefetch:8
  2⤵
  PID:4532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5228 --field-trial-handle=1896,i,6714407207228931607,3360440923394698218,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:2180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5604 --field-trial-handle=1896,i,6714407207228931607,3360440923394698218,131072 /prefetch:8
  2⤵
  PID:3684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5080 --field-trial-handle=1896,i,6714407207228931607,3360440923394698218,131072 /prefetch:8
  2⤵
  PID:2396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3896 --field-trial-handle=1896,i,6714407207228931607,3360440923394698218,131072 /prefetch:1
  2⤵
  PID:1388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3112 --field-trial-handle=1896,i,6714407207228931607,3360440923394698218,131072 /prefetch:8
  2⤵
  PID:3912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3140 --field-trial-handle=1896,i,6714407207228931607,3360440923394698218,131072 /prefetch:1
  2⤵
  PID:1012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5436 --field-trial-handle=1896,i,6714407207228931607,3360440923394698218,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2708

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4596

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x45c 0x4c4
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:996

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
744B

MD5
fc119030d8aa194748e5851e22a5e89d

SHA1
db9bf55a1592ec533ac97e8743db42e86c7e251d

SHA256
34e83dd6fe1ef83c8a224f1ee764f2d5ff65742d800176ef586c10603adcdaf6

SHA512
b4930295eb6cec0c29e736fb43472c423db344f127381cf1d7c91b7ede02664f2c4648387cc28f76e05b49f44dc58a1d2d78b18e4f92bc33a9053a1d257721ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
432B

MD5
56f3902ed6a88782532481b47b60d9d8

SHA1
867ce9012f7403a97acd6998fa84637738f5b15f

SHA256
c22aa619c126bebc16febd57afaee978d9919e206a02adcb6a2e57c016c5cd71

SHA512
57665dc6209a5fd6a6b4d4734a94b11faaf0f631c8c186f438efd6633a74603e04e324b82df787826f6e42c4f73b9adbe1fbb6f0ee258f759561bd559ccafe05

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
212e5900edd85ba6239ec892afbb2d16

SHA1
e97271b066b729b59b8212ac9f7c70cca0561298

SHA256
90a379ba95374297f59393ef959b87caa2b95b78edf6891b48b7e0ba6ef63a28

SHA512
dfa6d2a0e58c4def17de3e8c9bb5865054e76e0ffdcae179adfd590650dbb15377d061134ef892493eeca9d358130f1356dc023a2fc93e5ecad3994959cbd6ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
013135f3a75acf6eb629c453a475fa1a

SHA1
82917da3918dad0bea02814a04a204a332784631

SHA256
fdad9cf47a712f6e247168e1e0f8b960d3fc83c9fe324f6b9bea5faefdf3e668

SHA512
1c16b9e8411e93ca89f526ebc7448db6cdf5c7699b8d003e4d4d88ac8314dea57fe239ff0cb3c632c4ecfcf2550c9becc588fdc18cd47ec1bb22217ef4b12c47

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
2b62336ca0855f62011694e16b81a610

SHA1
969eef0ce146372edc9c4a00f2a7ddf60cd1aad6

SHA256
585e1fc0b25bc8ef6c7a882dadd9d2438ca2f5ee6fe4400ee4668a3c6d155af1

SHA512
b260a943d4cce469f6080a461853e2a54f92f33a7291eec97101a50227d3629030d717bf8bdbd4019445c4088adf1073fe2d10f606a4309e6d7293066f3dd91d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ce0471d6156485c1d070d21269654b2e

SHA1
22f51fa76412abe23d6e064d30a03fd44136712d

SHA256
1310657412f79b6168cdf3dfc0ea03d53b4e22ad2be25d283777da9eba759a56

SHA512
db3a47247fe8b64c201356e2d21058f7770d9e5dcdce8a1df9c1bf8d81960b461ecce2a1775524c22960df63c9ce1f0a1318266ea2a457ef078ba94f66ff4ad2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
f78deeb1c966b6ead03f984393794ce7

SHA1
910080f06aa6bde4be39ab5310c18587237563b8

SHA256
b50bcc3f40c4ec2df8a2adf2175f5588c453afd669beee2106fa9f028308a05a

SHA512
4fd7ec14daa32c624739872bd38748152f0b52533a701c45b81c623e1de54eef9febac5600f627850e67f9a4fedb85dee85d5daba25f51c4296b0fb7f90555da

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
38245416ac5565988ad1711a10399ade

SHA1
900571d8266e6862691b5150fd4b6da12093e454

SHA256
7fd7780f1aa709553458e9bc612bc72e9c399549d53bf35bb0e25496545bc54a

SHA512
acf2b37aa9c4b0ee7d786ab091ecc80003ab1eaa4c14aa5495a055ac7ddb9a1fc2b4fe00a71f6f93c6a1d7850276f360510f8d77690eb9d78cd7037d2db31593

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
e7d8cea5339158655e5147de963cbaac

SHA1
f3af8dcd3abddec65030466913e77f7a03fbb745

SHA256
d31c69d8953e8daf74ce1af6c4bcfd4743bb187045187382803c737f08fbadd6

SHA512
55b3f9f915ac1f0673f0a080d970e5db4ad78a1ae3909964f3c54d158315f808cb71750f9ed200f50f9f9846f74f417933a3114ebbcc04e2f8c4402015337f2c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
1ca063f1b63d7d291cdb8a26994d40c1

SHA1
8b61a58d68cd982ea2fe7f9392c5f15191ad4e4f

SHA256
fd99205f3ad21d7d80c3366151965a628abfc1592cd950c8ab68c16428ffccac

SHA512
7e69bbf4ce6e337f3a697682c5eca77c1008e727ee8ead671c1864cc098c5f0c5283524f5ca5931a8d4daeeb53cfae7657f67099953ef66b459f6deddeafb859

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\621a58ab-6b13-4b31-ab04-ea07260fba67\index-dir\the-real-index

Filesize
2KB

MD5
f80ef9283dd8496542662b4ddf05971c

SHA1
0a3201a270660517cacd67dbc2453e023eab42c1

SHA256
fa0a3cf44e4dfe99e9410c68e63a394a5e458b6f20b14e34184765ba7683c111

SHA512
82c98a4d5823e1c0b8f2c38ca6cb1d34d938f10ced8b6d365d636e13bfed33d9603de320a1b498039cd22561ebb0ba8936a9a90bcb55c3c7459902aa0f1397f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\621a58ab-6b13-4b31-ab04-ea07260fba67\index-dir\the-real-index~RFe579c21.TMP

Filesize
48B

MD5
fd2fcc981abf6d8e645eb43d002b9799

SHA1
47ddc3db130c94e2b21a91d8d86d1ba695244f14

SHA256
0b6d7961ada9e2c9958eeb388da32d28596478c11010cde742c5bfb52f8dc3fc

SHA512
a8a264d44cabdc33e2609752395bd85da04957199314d7d53f45840dfa913153c3cbf31ea3085a3c367788da28c4c17214400d4c6ff299afedefed9f1110e637

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
a191a06fca22de3966e1f52b1e3e0160

SHA1
ab1627f521003bfe84bd5c5ce5aa5d8d0123fb9c

SHA256
a0d5474abda9d38513071ab1f387bb0936088b28bb564a7ba97a52ca08cac3b1

SHA512
1fcbfd9d8459b035dddfa252a5a1af474214b0222f3024b42b16327ca09490156448faa271e931cf6eb6f482957d97a47db3e5d0c19300d74ca3bd2da8fc2e5e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
6a3435908765e5b12bcc13a5d2edce1e

SHA1
aaccf407880ecab3837459bf37e293a95cd12002

SHA256
6fda2f30f91f0f087bc9e713432d6275414307b4c8f6043425710f680b62b12d

SHA512
cdafcf104fc869762dbdec027a4c5b8f9ed4d43fdbe9380b8b9acf5a1c26be29c0675b0ee0fc7aa4d72cb07632024be42ffd5df4f02b4570a17caf4dfa021e5b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
a6da4b74d8121e9835bac2cc59cef135

SHA1
4dac2a98198eb3ef14d48a36c7b1142a9d9f16b8

SHA256
39abb5125defb35ad96c5768e3b9d9acd95f8add943ebcc1c9dd3ca9cbe8da94

SHA512
48b640c5cc2ff746b62cb4f4201410b88829317521177b4177c12cf0c9f60362c8afc410cbd1c6581f4c1638c67204f3f6e2232d67c850f0fa8d3abcae093548

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57474a.TMP

Filesize
119B

MD5
c83b06252df2065f9921c71bb84616f9

SHA1
dd690570c5f866aa94ac772f212a0dcbe3c699e3

SHA256
d69f1bb4a5bb1949632f7a1b2fa487b4598406f2c0ca450f9c50fd21dccc342e

SHA512
b68351046d6812839a03b66923dd616fb1b9ea9630f50d25077f433e337b8eb31faf886500e136b2123ab686286bc7a7997799efa4937f353b369b459a911db9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
703e5e10774669a55893a0cdd84fd824

SHA1
b23fceaba2fb4ea764d88429510e3037e1b87a2e

SHA256
1f75f19f6ba159179e9f7a4625da400c16042ab9b80fec402f57076c6ac4b661

SHA512
f33b1a4f140122135e5260fa5e3c5d1051d89cc82f00e92a57303dab904f9c10faf9960341a47db9699f019447d573e8e00cc0811a8ae68e2b76edfed1d1daad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
48B

MD5
69adc6de161399725858f0ffe4ba515f

SHA1
5e68ba9a65d6c4d814aac1ab61180d77d70dece1

SHA256
31f69b937875f84dde0c7dd60211c4612454d267dc8761e390d37cc4765c7eb2

SHA512
9ee748100581287b38662b5219ff2ac1d85b0ca99c6f3e77713b712bf3b6ebb48690883961ef2decd2d617da748ad523e11e248245f26c20f9cfb4067f3adc3f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe579693.TMP

Filesize
48B

MD5
8a922e3b90238b3d477f2e0fad6c596a

SHA1
6814c54418620c4960990187a3a9bd7bc4628f06

SHA256
f7c51b30c15366588aa0e892fe2c2f26d8f8762736c59c923807f1d46d438bbf

SHA512
2e1d6bb4aa442bf0cb8b82c54e8134130c0ea4bcb712605c386fb3de4b7a49d90417005790db878f1ef4d0553986a4d6d0764bc5d2958f1912c6ead94710a0c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\0\512.png

Filesize
2KB

MD5
12a429f9782bcff446dc1089b68d44ee

SHA1
e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

SHA256
e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

SHA512
1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
7f57c509f12aaae2c269646db7fde6e8

SHA1
969d8c0e3d9140f843f36ccf2974b112ad7afc07

SHA256
1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

SHA512
3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
86e51493b9d1ee364fd38e9ad69c4e45

SHA1
a127795d1ca4cba6858877c68d3988ae48e1feb6

SHA256
d6bc2ec404a827b8cd6a195df8d4751f343234fe4d07e3ade52ea69d2652f086

SHA512
cf563f8e6e0d5291c1fa296f8092609b6316b59263c04cab0735c95c8eafcb9c5f64352cb15bf50645d50d3f1e0ad4825e7db0fe313868bc5f68436794ec885f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
98KB

MD5
2bc66e55b13874c8db28bc7e25aec513

SHA1
2275f50a67b6f925146cddf61371c584805a8276

SHA256
c0fa0bff10d51908a27e82cffeb95c0d5fb7a2307761b838d32ec88793aae30f

SHA512
bf8beb5c32fb0ef9986eb04cd2f48977b1653e4d90b34cdcd6941677b4d45eb4db2e140776389e64903227f64d210f10696c1e595b9c29f0281a36aae2c85788

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57c93b.TMP

Filesize
97KB

MD5
e143e489efd45290659c6622a313a15a

SHA1
c6c147a8428dce598828012bf95d314e5fd6a069

SHA256
7ac75c037292b7c736a3f6db632f86750d2e27a3bfc2e5d11d8e2e9e87ff4ac0

SHA512
02cfda35c3ef2a9fa9e4380654ef9623891785292111e187d400fec126ade58d28e38c6be90c8af3e46bc5a1eadf67d70acdd4b04a00f0cf6d29b46cdb9464c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit