hxxp://chop-zaslon[.]com

Analysis

max time kernel
149s
max time network
151s
platform
windows10-1703_x64
resource
win10-20240221-en
resource tags

arch:x64arch:x86image:win10-20240221-enlocale:en-usos:windows10-1703-x64system
submitted
28/02/2024, 10:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://chop-zaslon.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133535902152138942"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4540	chrome.exe
4540	chrome.exe
3972	chrome.exe
3972	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe
Token: SeShutdownPrivilege	4540	chrome.exe
Token: SeCreatePagefilePrivilege	4540	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe
4540	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4540 wrote to memory of 2544	4540	chrome.exe	46
PID 4540 wrote to memory of 2544	4540	chrome.exe	46
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4564	4540	chrome.exe	79
PID 4540 wrote to memory of 4036	4540	chrome.exe	78
PID 4540 wrote to memory of 4036	4540	chrome.exe	78
PID 4540 wrote to memory of 4468	4540	chrome.exe	77
PID 4540 wrote to memory of 4468	4540	chrome.exe	77
PID 4540 wrote to memory of 4468	4540	chrome.exe	77
PID 4540 wrote to memory of 4468	4540	chrome.exe	77
PID 4540 wrote to memory of 4468	4540	chrome.exe	77
PID 4540 wrote to memory of 4468	4540	chrome.exe	77
PID 4540 wrote to memory of 4468	4540	chrome.exe	77
PID 4540 wrote to memory of 4468	4540	chrome.exe	77
PID 4540 wrote to memory of 4468	4540	chrome.exe	77
PID 4540 wrote to memory of 4468	4540	chrome.exe	77
PID 4540 wrote to memory of 4468	4540	chrome.exe	77
PID 4540 wrote to memory of 4468	4540	chrome.exe	77
PID 4540 wrote to memory of 4468	4540	chrome.exe	77
PID 4540 wrote to memory of 4468	4540	chrome.exe	77
PID 4540 wrote to memory of 4468	4540	chrome.exe	77
PID 4540 wrote to memory of 4468	4540	chrome.exe	77
PID 4540 wrote to memory of 4468	4540	chrome.exe	77
PID 4540 wrote to memory of 4468	4540	chrome.exe	77
PID 4540 wrote to memory of 4468	4540	chrome.exe	77
PID 4540 wrote to memory of 4468	4540	chrome.exe	77
PID 4540 wrote to memory of 4468	4540	chrome.exe	77
PID 4540 wrote to memory of 4468	4540	chrome.exe	77

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://chop-zaslon.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffad9d09758,0x7ffad9d09768,0x7ffad9d09778
  2⤵
  PID:2544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1892 --field-trial-handle=1832,i,16594168256622463407,5360735161635882644,131072 /prefetch:8
  2⤵
  PID:4468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1776 --field-trial-handle=1832,i,16594168256622463407,5360735161635882644,131072 /prefetch:8
  2⤵
  PID:4036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1596 --field-trial-handle=1832,i,16594168256622463407,5360735161635882644,131072 /prefetch:2
  2⤵
  PID:4564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2644 --field-trial-handle=1832,i,16594168256622463407,5360735161635882644,131072 /prefetch:1
  2⤵
  PID:3992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2636 --field-trial-handle=1832,i,16594168256622463407,5360735161635882644,131072 /prefetch:1
  2⤵
  PID:1432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4296 --field-trial-handle=1832,i,16594168256622463407,5360735161635882644,131072 /prefetch:1
  2⤵
  PID:4076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4548 --field-trial-handle=1832,i,16594168256622463407,5360735161635882644,131072 /prefetch:8
  2⤵
  PID:4364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4644 --field-trial-handle=1832,i,16594168256622463407,5360735161635882644,131072 /prefetch:8
  2⤵
  PID:4788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4576 --field-trial-handle=1832,i,16594168256622463407,5360735161635882644,131072 /prefetch:1
  2⤵
  PID:3832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=164 --field-trial-handle=1832,i,16594168256622463407,5360735161635882644,131072 /prefetch:1
  2⤵
  PID:3308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4648 --field-trial-handle=1832,i,16594168256622463407,5360735161635882644,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4340 --field-trial-handle=1832,i,16594168256622463407,5360735161635882644,131072 /prefetch:1
  2⤵
  PID:4664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=932 --field-trial-handle=1832,i,16594168256622463407,5360735161635882644,131072 /prefetch:1
  2⤵
  PID:1592

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4228

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
195KB

MD5
873734b55d4c7d35a177c8318b0caec7

SHA1
469b913b09ea5b55e60098c95120cc9b935ddb28

SHA256
4ee3aa3dc43cb3ef3f6bfb91ed8214659e9c2600a45bee9728ebbcb6f33b088d

SHA512
24f05ed981e994475879ca2221b6948418c4412063b9c07f46b8de581047ddd5d73401562fa9ee54d4ce5f97a6288c54eac5de0ca29b1bb5797bdac5a1b30308

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
40KB

MD5
d2d0c427f1d093c36a9fd6751a9a9d61

SHA1
dbd596ab1f2256ed3e3816be5eeb75d34f38f821

SHA256
b37bce0e0f504a7b54d3a01007169d4126c2a401be8f93afe35f665e62c3e34f

SHA512
b8418e074df9619ae62461b5c42fcc42d2ffb8b099e09ec0271bb481f8e1ad8d7655fd5149d8abdbce1d35226029f200623574946d6223df1c9c14c7824d63ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
74KB

MD5
8df64f08312fc0ee3a80b8358ff94c4e

SHA1
55688d2fb73a0125518c0ccabeddfff6d3c4ef25

SHA256
3feaa14533284f5713f8e2d85145f453186a16574ac7e47bec897c72eb2f7096

SHA512
36ae9ee70558e1f94579905532f646277bace1ba80a1f292b5a284099296031588c2bcf62e7515538ebcfc84db9af7b9e90a3c615cf2f4a8bd59c2b5a8c2ce65

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
a4938869753af39e738230fd8820bffd

SHA1
a13b4ba8cb8c3f60eac681f5030c505fbabe6c9d

SHA256
11b3689a5cf6614f7d82bf995fe5324e2f4510b56e9b051fc80d321fbe791fbe

SHA512
42dbf62b7df45e95344510ad2bb1085cea3da162d06393b8d58dffbab52239b4f8d74bbfc9b4ac8f0c519d93a4ccdfd9f5570e6c423707e92dd74446ae9d3375

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
79d6151017d591d1c1cc1215783dd926

SHA1
df638582bebf9da1aca5d5c2ad5916290c688bf8

SHA256
cab51f9689b9024af841512812703dbaad36928261834de63808f18cb2256d2a

SHA512
ae3bc33be83d78e0cd09cc25f3f910aceb978d23a10c04d2fbfe4db9138aa64b747a2b8818d95adf2082ea885fa8d6629fac43035b36e35bf62517e2695bc979

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
43d9c05617ee49b833da48bfa43bc248

SHA1
a84c628e3bfb9436697091d70e6681c29a412cb3

SHA256
10cde3cee9d9e07ebfaa93aabf7ca644158fa1e884eceeee1c3eac61b526f7e1

SHA512
2364c81cf6757ef1203ff03efc437e99302ad4073ea984acbce205591c610d3245b3e3bf733be5dab3c6901e59eb822b78c20880a67ac0ba1d396de861f59419

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
abc5207905485fc0e16b753f29df7805

SHA1
bfdd6ad2764a3dc27406b512b40d143de3fe6ef3

SHA256
2ef5f7c223aee1afee04c06d4dd6c075ea226abfea602ec1de631814d374d224

SHA512
682cd9a1ef0eb56cef3ad9a9a2b0a95fcd3bf9c74047c2031252594712486573ec233f64f5001efaacbe0dd68fbb2480de257a5cfa9c3e818644538daea37f69

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
3e71561455aff7a603361a7663a0d574

SHA1
5ae8ccb9449c6671c57b77799c9b87f434faa268

SHA256
a9193a9107c002a711bef1db818c11cbbda362156f349f4d57410ae63244394b

SHA512
90fe4faed25f7eeeea12fa61e000c0ec16150df622f525a7ae1f5920d7ed23154a7ac875e7a8e394ec9964d355efd90601613a7de5d8d9c00294024b4eb44281

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
c4b1b69591278a07739a323337638851

SHA1
077599723d190dda90adf4966a2a7200d93818f2

SHA256
0ea5bf153be0ea264488577a83ba849e7d9a534e8c868d7f55a1deac47bc152b

SHA512
b81a196623a200f8d77c4e23199e1a8eafdf9c576016efa3de223de3b9a045ac8e3da3bfd282abd094b629334409d855885f01abd7942296dc55b118044e76af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
e1e36097d4ac45525431ef03d2460e68

SHA1
4df8fa94f56b6804c540f08bc5644934fb99f514

SHA256
c87d877ccee0338bc56f7efbcfb08919e0d5f1a118adcf6e343dbe7eda0b1f06

SHA512
178422a3f667d420705277c52b814a300923f8241bf9293be4936aee29bfac11d5464bfef99567fd8403cf815aff7c364cb13d4a608458b18b2a645353274af6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
49dcb37d12d7b14a52670fbc5fc20439

SHA1
6a6293ac3cf66a53836e201814c38bd9e00df953

SHA256
3ddf76ffb96a681532125da60bcbedae98540c1c92718b1f2746a4edd0041092

SHA512
e8c1a8b578236456e53ad3783edb6ede8336295ed06b9f56f092f4e552bf1419d03555f418273de771e796a81ddf7fc22b0df83775a2d61f19d43c3a60e5a2bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
6163c6134c217dd834b9847ef187ab39

SHA1
bbdd86993fbb2dbe65cae0873567767e109902d8

SHA256
1f266dc5653ab746d64e5c3a4808ce2b5b050c5cbce0b7cb763c93012799d739

SHA512
d39e8b49a260b0870bb88a14bd44eee1c51f88e0f0d215b9828abb1c532b99263219d35cfb7bb04c91e3adb50493c7032fae9ae62df434565108fb121feedd2e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
74f12d39743c136bc80b691758c2bdf8

SHA1
e4b2b2d8dc8a622d1407662492435304bea80f64

SHA256
483b2d67ab76503a4497db45ccb91032c1c14a549542426fbdfd68fb7f1a2594

SHA512
b7496e913a4f95ce43b53a2a4f2ac0c5361a80d2e003ff4db510059d62ebb60c747a235f4d3b5bad4bd32884b4cf9d6b0d38694ec8066e63e3cad3ff491b8092

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
254KB

MD5
ca7012d09b04de589435cd15974c4cb7

SHA1
28dee33998f35b9d8c1e87bab679524d92c1f023

SHA256
0e6f3337b6c9d7e9d4fd076cca93137e7a19bd56db52c7dca61477bb3e8f832d

SHA512
88bc5a9a7ad997eae764fd8a285caf4c0ddc1320f097d116f06ebd7fa880c6d22206cd6c3b2e585a88799905bf5e66e0033d5bb4c9676660dc41a86d107c8ddb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit