hxxps://steamcommujity[.]com/gift/906353439838

Analysis

max time kernel
242s
max time network
243s
platform
windows10-2004_x64
resource
win10v2004-20240226-de
resource tags

arch:x64arch:x86image:win10v2004-20240226-delocale:de-deos:windows10-2004-x64systemwindows
submitted
28-02-2024 20:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://steamcommujity.com/gift/906353439838

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133536273649530444"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exechrome.exe

pid process

4240 chrome.exe
4240 chrome.exe
4072 chrome.exe
4072 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

Processes:

chrome.exe

pid process

4240 chrome.exe
4240 chrome.exe
4240 chrome.exe
4240 chrome.exe
4240 chrome.exe
4240 chrome.exe
4240 chrome.exe
4240 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe
Token: SeShutdownPrivilege	4240	chrome.exe
Token: SeCreatePagefilePrivilege	4240	chrome.exe

Suspicious use of FindShellTrayWindow 51 IoCs

Processes:

chrome.exe

pid	process
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe

Suspicious use of SendNotifyMessage 48 IoCs

Processes:

chrome.exe

pid	process
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe
4240	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 4240 wrote to memory of 224	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 224	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4004	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 3436	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 3436	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4616	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4616	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4616	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4616	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4616	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4616	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4616	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4616	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4616	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4616	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4616	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4616	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4616	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4616	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4616	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4616	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4616	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4616	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4616	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4616	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4616	4240	chrome.exe	chrome.exe
PID 4240 wrote to memory of 4616	4240	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://steamcommujity.com/gift/906353439838
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4240

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff978849758,0x7ff978849768,0x7ff978849778
2⤵
PID:224

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1696 --field-trial-handle=1880,i,12680250351125939883,586763703826828017,131072 /prefetch:2
2⤵
PID:4004

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2180 --field-trial-handle=1880,i,12680250351125939883,586763703826828017,131072 /prefetch:8
2⤵
PID:4616

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1880,i,12680250351125939883,586763703826828017,131072 /prefetch:8
2⤵
PID:3436

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3108 --field-trial-handle=1880,i,12680250351125939883,586763703826828017,131072 /prefetch:1
2⤵
PID:4860

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3092 --field-trial-handle=1880,i,12680250351125939883,586763703826828017,131072 /prefetch:1
2⤵
PID:2748

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5384 --field-trial-handle=1880,i,12680250351125939883,586763703826828017,131072 /prefetch:8
2⤵
PID:2952

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4784 --field-trial-handle=1880,i,12680250351125939883,586763703826828017,131072 /prefetch:8
2⤵
PID:4900

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4952 --field-trial-handle=1880,i,12680250351125939883,586763703826828017,131072 /prefetch:1
2⤵
PID:2952

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4000 --field-trial-handle=1880,i,12680250351125939883,586763703826828017,131072 /prefetch:1
2⤵
PID:3604

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2252 --field-trial-handle=1880,i,12680250351125939883,586763703826828017,131072 /prefetch:1
2⤵
PID:2804

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=824 --field-trial-handle=1880,i,12680250351125939883,586763703826828017,131072 /prefetch:1
2⤵
PID:4352

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4788 --field-trial-handle=1880,i,12680250351125939883,586763703826828017,131072 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:4072

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4988 --field-trial-handle=1880,i,12680250351125939883,586763703826828017,131072 /prefetch:1
2⤵
PID:1032

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5140 --field-trial-handle=1880,i,12680250351125939883,586763703826828017,131072 /prefetch:1
2⤵
PID:2840

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3304

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a
Filesize
37KB

MD5
231913fdebabcbe65f4b0052372bde56

SHA1
553909d080e4f210b64dc73292f3a111d5a0781f

SHA256
9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad

SHA512
7b11b709968c5a52b9b60189fb534f5df56912417243820e9d1c00c97f4bd6d0835f2cdf574d0c36ecb32dbbf5fc397324df54f7fdf9e1b062b5dbda2c02e919

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
672B

MD5
2281c2db471f768270ddc9b4d6293794

SHA1
fd55644621430a08b9d0bb1295e7e114004d168b

SHA256
cfc5bc82391d6d43301fd25d4e004c620269e6642625a013bcd55281d228b477

SHA512
b0926787a94362ba99fcdffd13716a4a18789cfc045f4955cdf5084a0971fa9014cf044662cb731c9d838036c213cd7f885d2084319dff9f8004951f8c6a8d08

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
648B

MD5
7465d4d7d4abafa3f190f16e19df78b9

SHA1
b4f055a198f2f9ee7c1e050f34a8b8ca2e2643a6

SHA256
2eff40ab7c3bb689c114e99c61f964db926b393a0c6a8f7d9c5662d4f85fe717

SHA512
c82f7e7faa9784edefea32c854002ac15a388f5603c2fdafa1876f784964d08d2dbc933b977e7814b455202b4c220cda73621fef5eef2e84852879e75a962a44

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
2KB

MD5
06e5fabac93071801d2f1390ea8dddf4

SHA1
297441e5b1688241ec39b369c526039ba7f86e27

SHA256
5963760d31e6cd933e880bfd1a8a036c2893b1073a06b389aa6605f3953d173e

SHA512
bb3f1213c1ee772ebe2b12bad22a7c65598f0c0995acf56d4c5292ca5c33ba767ce34fe52956b7d97751756543b486e1d0aba4d4d2296e48e1cb46234cb9dfbd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
2KB

MD5
02b71d85034091b79174d5462f45a429

SHA1
1af334d6b2b273f431001b92357ce88f9c838a4c

SHA256
e4963fc733cf2f4411c8c451aae77c3f0d135903d2d9b7585a58bffd38ff624b

SHA512
1c22d33c6f5dbb3023c28d6e360e814e9fbcb5f966e30d2353f347fe1a1a76cc6a5f04ba84db0753e82a58cbdf20ae75be5c2525d9fb36f45a7974ddff6ed5df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
2KB

MD5
d553e9e30e8f53b91d892cc57d042a97

SHA1
0f4499ee6067d1ce944f58cddbb248079c9b96db

SHA256
8cee21af891f6ab1c785718bdd14612e010dbf6e9c24c98cdc2eb3c1aa25eab7

SHA512
5dcb78ec67ae76ab36f203a58c86c41ae6ebd6eded8ced9a928baf4d7f3b2c8b36d0a33cd6c3c3c11a3e3ccf5fada854a083f982ba3e31cd0d91d90dcb3b421e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
874B

MD5
cb493ff61d1909e8d358bf30ff87279c

SHA1
3e66d1762fded1c13c1f4f02c31fe0c2aa42ad76

SHA256
72e208732e5e368fa1fb01847ae193cf1bd42d16c227880065fc027c5211391e

SHA512
80d7e41d22bfad2fdcbb35195d8504decff26daa474555933cb7bb28c2b329bcbf0810cc4fcf4b020f8ebad304b5572b19525b1518d03a1ba46ba0cdcc90ef73

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
b870fb1449c8aa91f74041356a0187c9

SHA1
e3f84ae40200f0aa17076f92576cc78e266be190

SHA256
2aa281b75691804696ce30ee1d97ca7a33fcdf659eb73ddc7815972eb2d9e08b

SHA512
55235c5f9aae6047ae86118c1228565796901d6fc8f89abd41b636530a88c906507f289a5637c9d4eb8d67e3c4964b3ca0e32c329896ab47801a2c31cd820fe2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
9KB

MD5
067eeae0362e4549032319e5854b0e20

SHA1
300502a1ee2fa074f91641d439fb167bea58df5f

SHA256
f898a53b8281e5fe7defa6eecd3ebe157fd271b3e4130817c8969aad2ff846f3

SHA512
28f1bc128cbaa977d3b1f155f5c08bc08d3f86b0300eb11d10923525c0b2dcb21adb852a961ccae9346d7231188197a6c413c1e9934e3285f591b66ffd293953

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
9KB

MD5
a33a9492019a84f6529bd5586f7a2cfd

SHA1
ebede6338aba1966f2e29065cc7aefd8761aaff3

SHA256
5f846deea75b6206f5ffab35b5c38600aa7d62103a14112d129beefdbbc1d3b5

SHA512
c1739642d54b41fed3baefee11725e13507e7a805102e2b394e41a53358d63867a378e7c6800f3ab647e9c2cb887120994d89882d97a997a6a8573aec5871da7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
9KB

MD5
34385771a085c86c7517b36c37533deb

SHA1
bb559d44cfd183f810896881c3726f9938f37b4b

SHA256
e94e1f8cbc18330237498ca0333ab8313d9c55899c995d983cddf1c623d29dd0

SHA512
d9da0f20422c8213f4527dcbb361707a712260cad05646a7f2ad96a096a1cdcf0f734f04fcdcc15175ec975d9d46cd3c89b787dbebe8449f96a802654b4ec108

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
98a71a913dc0107e4d712f684408c006

SHA1
3a9b25ce139ff43cee210e50cf735d352133b100

SHA256
e7d0b91fe397f9f3cbdf745b648dce50e7253dcb1c076c07a002b089c34a9281

SHA512
5980960a2fbc5e2f9fbea19ce4f276ebb8d583eee169d23baacb2d03527282a067584eb7bcdd2a7217f820db77b78fa1da016a554ed103bd4232b4f63f8c1d0d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
17f980fea959c344f47b580047e83d7b

SHA1
f8f01c0c53dfd29ba432b2f25391669f760b4bc1

SHA256
2bac5b11388b76f665de204333763579a9a259bbe1791f0d381f75683ece6d17

SHA512
a83611b53e4f9a8ac70d7e4c6d26dc6ede6f3a38e9b3c6e48a35f50ee3f7b967df933241accbf9e329e5436c88bc06673dbc3aa5bf7783e796966be38335ea14

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
253KB

MD5
63e153de7b26a1673743e121054e2e63

SHA1
d8b4b50fc5d904eb418fef1e77243289f19a5bf6

SHA256
0f129934e911128e61b530c56d6f578424d61430b888a52883a1680a660ae98d

SHA512
2958b8a99ed7bb1b1f9d3ef29e251681315cce118639b50ef594606a425b73b71eb0acf7a2781f98a6db16afb0e6d348cfc31493bbcd896f8adb05914ad687cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
\??\pipe\crashpad_4240_IZKRXDFTYVFDWMZF
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit