hxxp://brooklynalam[.]mom/9iO8ReAKah

Analysis

max time kernel
2700s
max time network
2694s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
29/02/2024, 01:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://brooklynalam.mom/9iO8ReAKah

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133536420631287120"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4584	chrome.exe
4584	chrome.exe
4344	chrome.exe
4344	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe
Token: SeShutdownPrivilege	4584	chrome.exe
Token: SeCreatePagefilePrivilege	4584	chrome.exe

Suspicious use of FindShellTrayWindow 31 IoCs

pid	Process
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe

Suspicious use of SendNotifyMessage 26 IoCs

pid	Process
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe
4584	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4584 wrote to memory of 1600	4584	chrome.exe	87
PID 4584 wrote to memory of 1600	4584	chrome.exe	87
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 3292	4584	chrome.exe	89
PID 4584 wrote to memory of 2904	4584	chrome.exe	90
PID 4584 wrote to memory of 2904	4584	chrome.exe	90
PID 4584 wrote to memory of 2808	4584	chrome.exe	91
PID 4584 wrote to memory of 2808	4584	chrome.exe	91
PID 4584 wrote to memory of 2808	4584	chrome.exe	91
PID 4584 wrote to memory of 2808	4584	chrome.exe	91
PID 4584 wrote to memory of 2808	4584	chrome.exe	91
PID 4584 wrote to memory of 2808	4584	chrome.exe	91
PID 4584 wrote to memory of 2808	4584	chrome.exe	91
PID 4584 wrote to memory of 2808	4584	chrome.exe	91
PID 4584 wrote to memory of 2808	4584	chrome.exe	91
PID 4584 wrote to memory of 2808	4584	chrome.exe	91
PID 4584 wrote to memory of 2808	4584	chrome.exe	91
PID 4584 wrote to memory of 2808	4584	chrome.exe	91
PID 4584 wrote to memory of 2808	4584	chrome.exe	91
PID 4584 wrote to memory of 2808	4584	chrome.exe	91
PID 4584 wrote to memory of 2808	4584	chrome.exe	91
PID 4584 wrote to memory of 2808	4584	chrome.exe	91
PID 4584 wrote to memory of 2808	4584	chrome.exe	91
PID 4584 wrote to memory of 2808	4584	chrome.exe	91
PID 4584 wrote to memory of 2808	4584	chrome.exe	91
PID 4584 wrote to memory of 2808	4584	chrome.exe	91
PID 4584 wrote to memory of 2808	4584	chrome.exe	91
PID 4584 wrote to memory of 2808	4584	chrome.exe	91

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://brooklynalam.mom/9iO8ReAKah
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffb1099758,0x7fffb1099768,0x7fffb1099778
  2⤵
  PID:1600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1664 --field-trial-handle=1768,i,4815584218702518567,8954334935415697498,131072 /prefetch:2
  2⤵
  PID:3292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1768,i,4815584218702518567,8954334935415697498,131072 /prefetch:8
  2⤵
  PID:2904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2260 --field-trial-handle=1768,i,4815584218702518567,8954334935415697498,131072 /prefetch:8
  2⤵
  PID:2808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2968 --field-trial-handle=1768,i,4815584218702518567,8954334935415697498,131072 /prefetch:1
  2⤵
  PID:4004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2960 --field-trial-handle=1768,i,4815584218702518567,8954334935415697498,131072 /prefetch:1
  2⤵
  PID:4624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4956 --field-trial-handle=1768,i,4815584218702518567,8954334935415697498,131072 /prefetch:8
  2⤵
  PID:1056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5044 --field-trial-handle=1768,i,4815584218702518567,8954334935415697498,131072 /prefetch:8
  2⤵
  PID:1420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5132 --field-trial-handle=1768,i,4815584218702518567,8954334935415697498,131072 /prefetch:1
  2⤵
  PID:4928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5564 --field-trial-handle=1768,i,4815584218702518567,8954334935415697498,131072 /prefetch:1
  2⤵
  PID:564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5200 --field-trial-handle=1768,i,4815584218702518567,8954334935415697498,131072 /prefetch:1
  2⤵
  PID:1056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5320 --field-trial-handle=1768,i,4815584218702518567,8954334935415697498,131072 /prefetch:1
  2⤵
  PID:4640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3280 --field-trial-handle=1768,i,4815584218702518567,8954334935415697498,131072 /prefetch:8
  2⤵
  PID:564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5440 --field-trial-handle=1768,i,4815584218702518567,8954334935415697498,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4344

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4548

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
b605879e08d2c37a89e0a7cf9cebb008

SHA1
547075286a6e5e6a304912cef29adf2a5379458d

SHA256
2a7688cdba662e4017878b44e559b7bf4889f2b32ff1c6ed70e020a2738e662a

SHA512
f18fb8e2df93b18cb2359c651e1dbbaf73225ff16912cec7dda24ef3e82d921690aa0690ca493375536159d8aa9ab660e45e2abe4cdbeaaa368f6f69bc090fe0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
528B

MD5
cbd89e20fa747e48134723fdff502981

SHA1
c70973531291b67493311583cf5af409dacef221

SHA256
2ab5d218f463377309dce2fb6483adaf8101d6c9f25ebd97b1a1dc23c438e2b9

SHA512
8f125ee026183dfdd1b579f1e11d0153cf1440045c86a65eb63e44162492860de45a2232a2ec2f8c3c5da9f1be322fd6d0e020b16d27a6006d63ddffb9ec92bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
4ac3e412e837df90b70c118c20c25ca1

SHA1
d7322e09ce88f978d64284a24ede05eada5e0899

SHA256
43266a08ef5b77cf6fc0b0365837649a85316c43f977b948524c457777ab6afe

SHA512
550a2932f871abdb4444ee2957424bc7b61dd5324ff23aa53bb1377d5cb1ef2d98dea20d312d8cfd2ad99b548d276215ba1e6eba6cf0f8a6d301221b65df951a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
dc42756e2c5b5cb9579ab0e8e912c215

SHA1
4843f219ec3d6517e04b30fe3323bee0933c7c50

SHA256
24533521c9bf472bffa72f37a9d6d254812d8d0ae10bc7e80630199623ca957a

SHA512
491a31b1fd5baacb7118cacb7245174a1d92299c9a310717e504fb0a50e1e2712997edc7fc7d9f80faecc226bf376eb410053626c7e8a32629b81c3e5c0a0423

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
73a022039356d6ce3a10eaf3c31ea658

SHA1
485e9a1f2acee870caebc2a64fa06124a3352769

SHA256
e1e263bef715f094d7dcda0b870e130d37bdeb5b7b461d7c1d443a500e75f7fe

SHA512
0614880cbcc48b06715d1a82e2ea46334e834500a2792d6a25055a5b39cff06374fed73844f4a86a49c7adeff8fd811d73e616bf0011d4bf2df211ebd68c3760

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
71eae9f48eba777f425fa54e1dd43cb9

SHA1
40e9f3a85e0295fe03dceaf74accf805fcd482f4

SHA256
79379a62a762dea59dabf451998874f3c05d9f2fc213e362aad2e18543e9f03e

SHA512
fdd98d5cc8c962bf2fd4fb5be557af9be9375c19c701ca891ca2ae8e263a85f983e37036e6c0eb46a55ddb74bf2bc2b72eb9711a590d2471ee7f59399ec8dd75

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
51e90bdc98cd1a69868a2a8b141a7e6b

SHA1
518487f9f7a3beea54506a50008ff763ead2569d

SHA256
25686ee95c5ddda9fe8e011361a120ae888e85c65f651e1983e8a1e2671a066f

SHA512
5155b74c6a6bd7ac59fb88e6b8bffa8c2504cdf7f3f9e68a504e8c831ae3fefd6b50cda0e060c12d67d6c8644fee3b086428d5ead29330ace80b12d1adfc0b72

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
907144c1b23c0dd7f36be89c9de5d149

SHA1
9aac084f02692b2858731407cfa7478c6cde9a3d

SHA256
6291cff9d46ed2e98e8f80d39a1743009023a9e146abfcac4fb457a73d15600c

SHA512
2d43eea84eaa50e93f36bf399954a93cbc9617d9a8688b75208c04710829b468923f4308a35e285bf7f086db4a3e69dc43b8a9b8af7f6d7ae39c845cf029d746

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
aacdeddb2cceb226ff944a55865858cc

SHA1
8c9ac17d60b707c9da1ac06be2d24fb7633b2b71

SHA256
30ddea30d46225e1f9183ebeeac62dd60200401cbb5e5f5e9aee7f196e2db437

SHA512
1f6288ea1c340894733604965f3d5fb7058fbca6a19927fbd4b813b2684e4bc865b93c932fbb1ddec6b277b29f889d325d34af43b45d4796366bba19d3b4014c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe582769.TMP

Filesize
48B

MD5
4d33a9f0d5a2e3dceb0c5546f018515a

SHA1
8010da712bd1af711b538644e8e7d04ddefe7c9e

SHA256
c160b67024592848c4f86cb21e3cd902a6595a2435e5a0c96b7154ab3e87b7e1

SHA512
8789350c7e59582a27d11c62bda3452be20d669b42e10c695e9edcddbf5772e3f531c6c2ff534bb160614a4868e8f8f354afeef4e4351849aaa1f00570acbc13

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
914760105d442bd739a5aa3ed56a0a2b

SHA1
8187e8b85b0d36ef1ddc54389f16e471541adda6

SHA256
ceba8f729b8ab77416902cf80ecf086de99a194cfb86c60cb79544773f853f9b

SHA512
458efc0c3b5773bceaeb0b06dc0bfef41bcd5ab9d46b896425d47fa7fc05a06700b05ea74207ec5e254899abbdff64d0d575e352130fd165af6ec15d22adec6b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
fd63978ec3bc812aa3656865a15ac050

SHA1
7834a5dbb5f63926a382be3869bd96c726602036

SHA256
73c031d99302258f94dbe939b15109a31e8f94bf5bff1bbf64c2c3dc743d3570

SHA512
59ca3c238730306477047755e8dc980cca33358b7986eb8540a8733cac524859deaf98348ee50dab25230cf2f548d23310ba019bd7814341c34d42b8036179d4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
105KB

MD5
e959c5554bbd24cc67e1e36d83ad4ceb

SHA1
31029db5312b27ed5853112182b0af8d25c3b456

SHA256
7f7add1db66902e42a1fdf45e272dafc1b002d132e9db74c75399cd1860150c0

SHA512
20f8e46c525ed394b945cd0be9c92d7ac6edf4f28f3e99022bb3a90f6fb49ba46854e323b69c9b507e012c966a4fc33969c90aaacbf6f4c5ed9213db03902b6d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58391c.TMP

Filesize
103KB

MD5
85b45dfc6685e9d6f43f339ec1f1410c

SHA1
0bfd139fee455f01a5cafec071ad8c31b3e06564

SHA256
068d07bffecb55d8845eb4a8d497c944c447d20e22825d803d9e9770f8b4b8e3

SHA512
259f57b56bc560d9311115d2ce4818bb9e7cdc101e172554b0b0eabde65c434292ab405d4f4fe0e0c8d7afdc4af495995127c63b18233e0b1a3727289d7d70f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit