hxxps://padlet[.]com/thomasrau1/shared-contract-proposals-from-busch-ag-for-review-2an4dfzvfk4xu3qh

Analysis

max time kernel
79s
max time network
81s
platform
windows11-21h2_x64
resource
win11-20240221-en
resource tags

arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
submitted
29/02/2024, 07:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://padlet.com/thomasrau1/shared-contract-proposals-from-busch-ag-for-review-2an4dfzvfk4xu3qh

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133536659611075807"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1136	chrome.exe
1136	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe
Token: SeShutdownPrivilege	1136	chrome.exe
Token: SeCreatePagefilePrivilege	1136	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe
1136	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1136 wrote to memory of 1096	1136	chrome.exe	77
PID 1136 wrote to memory of 1096	1136	chrome.exe	77
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 4592	1136	chrome.exe	80
PID 1136 wrote to memory of 1976	1136	chrome.exe	79
PID 1136 wrote to memory of 1976	1136	chrome.exe	79
PID 1136 wrote to memory of 772	1136	chrome.exe	83
PID 1136 wrote to memory of 772	1136	chrome.exe	83
PID 1136 wrote to memory of 772	1136	chrome.exe	83
PID 1136 wrote to memory of 772	1136	chrome.exe	83
PID 1136 wrote to memory of 772	1136	chrome.exe	83
PID 1136 wrote to memory of 772	1136	chrome.exe	83
PID 1136 wrote to memory of 772	1136	chrome.exe	83
PID 1136 wrote to memory of 772	1136	chrome.exe	83
PID 1136 wrote to memory of 772	1136	chrome.exe	83
PID 1136 wrote to memory of 772	1136	chrome.exe	83
PID 1136 wrote to memory of 772	1136	chrome.exe	83
PID 1136 wrote to memory of 772	1136	chrome.exe	83
PID 1136 wrote to memory of 772	1136	chrome.exe	83
PID 1136 wrote to memory of 772	1136	chrome.exe	83
PID 1136 wrote to memory of 772	1136	chrome.exe	83
PID 1136 wrote to memory of 772	1136	chrome.exe	83
PID 1136 wrote to memory of 772	1136	chrome.exe	83
PID 1136 wrote to memory of 772	1136	chrome.exe	83
PID 1136 wrote to memory of 772	1136	chrome.exe	83
PID 1136 wrote to memory of 772	1136	chrome.exe	83
PID 1136 wrote to memory of 772	1136	chrome.exe	83
PID 1136 wrote to memory of 772	1136	chrome.exe	83

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://padlet.com/thomasrau1/shared-contract-proposals-from-busch-ag-for-review-2an4dfzvfk4xu3qh
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffeeeab9758,0x7ffeeeab9768,0x7ffeeeab9778
  2⤵
  PID:1096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1852,i,1721569250201889355,2668043637257840335,131072 /prefetch:8
  2⤵
  PID:1976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1688 --field-trial-handle=1852,i,1721569250201889355,2668043637257840335,131072 /prefetch:2
  2⤵
  PID:4592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2968 --field-trial-handle=1852,i,1721569250201889355,2668043637257840335,131072 /prefetch:1
  2⤵
  PID:4852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2956 --field-trial-handle=1852,i,1721569250201889355,2668043637257840335,131072 /prefetch:1
  2⤵
  PID:380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2184 --field-trial-handle=1852,i,1721569250201889355,2668043637257840335,131072 /prefetch:8
  2⤵
  PID:772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5140 --field-trial-handle=1852,i,1721569250201889355,2668043637257840335,131072 /prefetch:8
  2⤵
  PID:3588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5240 --field-trial-handle=1852,i,1721569250201889355,2668043637257840335,131072 /prefetch:8
  2⤵
  PID:1972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4916 --field-trial-handle=1852,i,1721569250201889355,2668043637257840335,131072 /prefetch:1
  2⤵
  PID:2828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5312 --field-trial-handle=1852,i,1721569250201889355,2668043637257840335,131072 /prefetch:1
  2⤵
  PID:3344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3724 --field-trial-handle=1852,i,1721569250201889355,2668043637257840335,131072 /prefetch:1
  2⤵
  PID:3500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5848 --field-trial-handle=1852,i,1721569250201889355,2668043637257840335,131072 /prefetch:1
  2⤵
  PID:4732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=6044 --field-trial-handle=1852,i,1721569250201889355,2668043637257840335,131072 /prefetch:1
  2⤵
  PID:1980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5916 --field-trial-handle=1852,i,1721569250201889355,2668043637257840335,131072 /prefetch:1
  2⤵
  PID:2784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5572 --field-trial-handle=1852,i,1721569250201889355,2668043637257840335,131072 /prefetch:1
  2⤵
  PID:3636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=2240 --field-trial-handle=1852,i,1721569250201889355,2668043637257840335,131072 /prefetch:1
  2⤵
  PID:3372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5816 --field-trial-handle=1852,i,1721569250201889355,2668043637257840335,131072 /prefetch:8
  2⤵
  PID:4548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6004 --field-trial-handle=1852,i,1721569250201889355,2668043637257840335,131072 /prefetch:8
  2⤵
  PID:3412

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2008

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

Filesize
195KB

MD5
873734b55d4c7d35a177c8318b0caec7

SHA1
469b913b09ea5b55e60098c95120cc9b935ddb28

SHA256
4ee3aa3dc43cb3ef3f6bfb91ed8214659e9c2600a45bee9728ebbcb6f33b088d

SHA512
24f05ed981e994475879ca2221b6948418c4412063b9c07f46b8de581047ddd5d73401562fa9ee54d4ce5f97a6288c54eac5de0ca29b1bb5797bdac5a1b30308

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
6ff268be4eecfb37bdbab5b25145900a

SHA1
a40e97fcc7fca98370900dcb2f60b14f7e443b36

SHA256
9508e09be583e2eac5342dc3ce53f6f907316f6c413de77dada2949ccf22cfdc

SHA512
94286bdc7f6e6e92f0845fb8abb61d07fd001b83c687265b6090e625f8bb11b54e93558b247a60d33ee82ed085d4a553b1b95580599db8a1b086eed70d9e5bed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
9ddfba420bc201dbfa860b7efa694865

SHA1
2cea731526e1814e44492696571efd18eafb497c

SHA256
00a4e1e1f061eebe68290a7b76695fc6d05f6e5508ce5c2940abccbf1f9c286a

SHA512
aa6e4e66b959a645dd54cdb232b8299de031798ef68d8088702c23adaee7d5af83479e5f305b52a3e894d7537ee1c35e90f34ee5efcf10e8aaaaa613adf23027

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
df25022ab33c22d02145ba1769058772

SHA1
0d06d942243b0c4a37c33d5f7b62973225c50adf

SHA256
897c9b8478cba6c403380242db3381b0108003dbb4bac6ca05ef86a3771fe0ad

SHA512
71bc9f2d4b8c21971e6fd379a5800a6a9d729f233933a4113f8a595f80078f3becda79bfdc2ea69c173deac9f6db0e081b89b39db3cb65fe92ea4a035977d34a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
d24e6d6885038055db110552842a1751

SHA1
c72e1c07d40c3c690489a715c6fe2d34e564ce55

SHA256
9d2b99c7410f04e61224e132149b2d3042aa9cd8378558a616f874f120cd7060

SHA512
08c6ba15d9970b306cc4d927139dae49a1f3a00d93e3c6e53fa9de1b8b8f31a04e3f8c843d42bef3bc0db94a22905352b73a370e3601d527c70a005b159a7aa3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
83ad08a32fdebcaf2bf90b2defec353c

SHA1
0ab3128065852e437f75324e183b0eed1a13c75b

SHA256
87794ee7095089330a38c238176acfe6170b72c55dba33179b061198f2abeb96

SHA512
a917ad4c754dd702fbb86f9b7c590e393becb1f7174be30aab068ee9c4daf4067cf6af80a95710e20341d9b3fc7aa820eb9d30c0dc2cacbb59d0b4b8f5515a86

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
61eec89723d8a1541b22e3088e55b80c

SHA1
2755c1089cf11b988236c14c0ef9c22102d2706b

SHA256
982760a6bfc20f9290fedce15bd56c1dbe642a2fbd9d05678bb1c69a775e33a4

SHA512
574e22502e8a2f00f1fd58cdf03017c6af62c98425d6948d35dddb2c826c87862ddb3c0aec6bd3f2824a1e36805e4d0f22ce7dd240a8a2868cc54cc6929d4cf4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
cd0c1760fb9e176a7697540044e6befb

SHA1
a7f7910fc8180543b51a73b2c6cd661579b83adf

SHA256
66686b376ac9f1ed565295fe1a9fc6fbf86dd1a27dd8e1d8c2f840f0b7f4afc8

SHA512
ba27151571f29ad0aaf2a9fdde24b97dd776482f6e978148f167d1ecc39cb230172daae102642b389a9ee427e6158dc574249f69419a37164926368f98e6c2c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\11cf67ed8a99b1f7c507807344374751b409497d\6465855e-1120-46e7-b1bb-6bfb48e7f756\index-dir\the-real-index

Filesize
144B

MD5
dbb65e260514b28d77904f95fc769125

SHA1
fa82ad65fcf6df42cb611ad5f29892f97b9c5f29

SHA256
c818ae66cdb4f141c0056f1c8adb55d78695a591310543dd87522443ce1f2841

SHA512
35c455121ca5346051d657daab1662b4fe00bdaea5f4353fcf544e5186969a2ee3c7a18314c3e582c7b69d8e5070359fcb4494ec57e0e2c2733ff15c40475846

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\11cf67ed8a99b1f7c507807344374751b409497d\6465855e-1120-46e7-b1bb-6bfb48e7f756\index-dir\the-real-index~RFe579d0b.TMP

Filesize
48B

MD5
613a649ea6df93a74f4e73858086cc7c

SHA1
78156c79fb2968bef40fde428f176e5992a31aec

SHA256
8c0a8c908db5800fa79f20019ab3009c56de18689b1b978c3cdb0db06102a565

SHA512
c1d1703227c2b9c11f39dd9a9b148fdc45c8b55cf67c80b3fa6dbc0a6cfe8025fd3037cae776937308dbd48f103e49893e729688c7f0457b0bae53501486a26f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\11cf67ed8a99b1f7c507807344374751b409497d\index.txt

Filesize
115B

MD5
7ccb221f7bb913a05dbd067356d5ebfc

SHA1
6b57dd78675213d0cd552fbf26b61f2b6142080d

SHA256
9408c7026844a54f504ef2aff4db26e12b8fc9720c61738fe49deb176c9a471f

SHA512
8698fc160e5678ceabb3ead73bdd3a104eb632c2a0db3ee77406b4cecf861d88c8f84edabe896604fe43e08e88ffd0734aad023360eeec82746745b7ef145051

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\11cf67ed8a99b1f7c507807344374751b409497d\index.txt~RFe579d3a.TMP

Filesize
120B

MD5
71339f4aa354e066553d8c6697a1a515

SHA1
9525c6f643614e6b1b2ee7482cf26f5a461c525e

SHA256
917c163651bb27ce4e242ff0c0d10e2a7be81e04947d66ad531ba1771cba3f09

SHA512
61ff3da9b1a2b8ad005cd435d7a5db61014d937202840d86d10a8e3294f42f0063287dcfd0d4a2f730197bea4ae39246953db2b1f74cc464979c93c17f63a75e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
168B

MD5
87fcf395ed0915634bcc750c079998df

SHA1
96b100db1c255db957b910f24bc46fbcfd08b4e7

SHA256
333612fddaf2c8a1523dac465e61dd26e5c7f636cf222a585d41a11b4ccb5a7f

SHA512
1b22005d96942f5d9b62a78486e0bc0d4c72070054f681fdf4b12b8349374decc5b5f3f9da18808f4622e1c552d5ed1f51c6dff1ce9185bc75035f82fcc0c992

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
192B

MD5
0db47cad844f0711045b5f463a6b2b7b

SHA1
b054aacc965d0ff027a0cf4e2df42d61dc966fda

SHA256
c73c2e8599b2f8399387a2147a1eae9abc17cd59f9dfb36587d67a5de4a5f955

SHA512
0ed35eef468bf51d90ae5f08d9a70aa7ae747813299898a34263393fc13f6d63d44648704f55fbdfce321a295382530ec0b28156e86f7c7e6d10d82967a477f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe579c01.TMP

Filesize
48B

MD5
a484fc243e9cd08592c63fc41b5c254e

SHA1
29a49de20d21187e61f6c1f79ca2b1ad9d0f90ce

SHA256
11f4e870bd34ff9ad0879ba8e01b3dbdf89d7248360a93a8168d182147624739

SHA512
836a65ef930b98c503def36dfe597446387612f73450c6f48f62101bdc4a8a4f6417f06c34bcf198246c4f13d021fa9898bd5dc8e0cf312c8f7640bfe4d98c72

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
258aefc2d1405fe74f09c89e2a9788ae

SHA1
3d943fdb738a260099684edf15f36b76acecd0b9

SHA256
c843ef356d68c168e0d9a6713a29782bcf318fcceaed72e0c7935034f90638f7

SHA512
434f8852c3a33394b5c43130191cf116f5546a3b62f3da80dbe8fe12937803819dd9b6abf9d973981f9e31ee196214224cc37f269670a448aa4b0e204e609941

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
2b1628401e3961c99457a89dacda4a6f

SHA1
a38469a4be65647990cdcb75a07f7f1053b12a0e

SHA256
be07cce83d026858b2645817db014765ceb1af237cd1258bb2f34a1c4ca32437

SHA512
042c4fd17b2d5f621b080cb6d64df1255da7e6b15b7b32b378014950ad1367764efabef72ee41b8f8edc680fccaaaf00889c246f365950dab8aa934654fada7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58147d.TMP

Filesize
93KB

MD5
4a4f964216bb3e50667f8bf707230fe1

SHA1
a787877bbeeb136ad5c08d86b9bd9de63f217b38

SHA256
6059dfaae8bdd1d062d352af1c585e6cc37152434bc7e1f8f8e8882e00cb5b18

SHA512
dca7a0a6883d8b98243d6a20635a185d0dab3c85ab52be4db6974438c0c4e31c0b29d4f56b6989ccfbb670c1209ea305ed0303d24b276289a391587a824705b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\c4cee8a1-1d24-4e04-9b02-efe714c92e5e.tmp

Filesize
94KB

MD5
84af00886b4ac872542b78a45ebd4a82

SHA1
7a8a299cb89c674e734bbd7ee01febae89555a13

SHA256
f679ad688d794f1fd1ac2d50fd8a77a75923797868d9010104e10aa8518565e2

SHA512
6cbffb85cac6c5d4a2563e347d1108ce29dc7ccadfe8483a7d4f6b2b275d51637677f8281888888e738ca658e9d22986c0f3ed37d6f391a44c8a1bf490b8d6e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit