fb106bdcc87af611308e809356192c7bb934a8621a07d7dc7e1876e0cea5eb1f

Resubmissions

01/03/2024, 15:25

240301-stvz7sha8w 6

01/03/2024, 13:53

240301-q7da7sgg62 3

Analysis

max time kernel
1799s
max time network
1711s
platform
windows11-21h2_x64
resource
win11-20240221-en
resource tags

arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
submitted
01/03/2024, 13:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

destroy-securly-main.zip
Size

1KB
MD5

f21cb50f02c17639a0cba452ec59ac71
SHA1

6144a9847955a414cdb4479d77b0da6d0777df2c
SHA256

fb106bdcc87af611308e809356192c7bb934a8621a07d7dc7e1876e0cea5eb1f
SHA512

8102ec1acd4429134a29e298b4c0c827c081f3e1f5142b05f175c6813ea1b52b9f5ed4494de89d76f397b72df54bef38c4730026c13493a5c673089d37dae29b

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133537749113712722"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-4280069375-290121026-380765049-1000_Classes\Local Settings\MuiCache	MiniSearchHost.exe

Suspicious behavior: EnumeratesProcesses 5 IoCs

pid	Process
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
3064	chrome.exe
3064	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe
Token: SeShutdownPrivilege	2648	chrome.exe
Token: SeCreatePagefilePrivilege	2648	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe
2648	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
4756	MiniSearchHost.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2648 wrote to memory of 1192	2648	chrome.exe	82
PID 2648 wrote to memory of 1192	2648	chrome.exe	82
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3248	2648	chrome.exe	84
PID 2648 wrote to memory of 3596	2648	chrome.exe	85
PID 2648 wrote to memory of 3596	2648	chrome.exe	85
PID 2648 wrote to memory of 1468	2648	chrome.exe	86
PID 2648 wrote to memory of 1468	2648	chrome.exe	86
PID 2648 wrote to memory of 1468	2648	chrome.exe	86
PID 2648 wrote to memory of 1468	2648	chrome.exe	86
PID 2648 wrote to memory of 1468	2648	chrome.exe	86
PID 2648 wrote to memory of 1468	2648	chrome.exe	86
PID 2648 wrote to memory of 1468	2648	chrome.exe	86
PID 2648 wrote to memory of 1468	2648	chrome.exe	86
PID 2648 wrote to memory of 1468	2648	chrome.exe	86
PID 2648 wrote to memory of 1468	2648	chrome.exe	86
PID 2648 wrote to memory of 1468	2648	chrome.exe	86
PID 2648 wrote to memory of 1468	2648	chrome.exe	86
PID 2648 wrote to memory of 1468	2648	chrome.exe	86
PID 2648 wrote to memory of 1468	2648	chrome.exe	86
PID 2648 wrote to memory of 1468	2648	chrome.exe	86
PID 2648 wrote to memory of 1468	2648	chrome.exe	86
PID 2648 wrote to memory of 1468	2648	chrome.exe	86
PID 2648 wrote to memory of 1468	2648	chrome.exe	86
PID 2648 wrote to memory of 1468	2648	chrome.exe	86
PID 2648 wrote to memory of 1468	2648	chrome.exe	86
PID 2648 wrote to memory of 1468	2648	chrome.exe	86
PID 2648 wrote to memory of 1468	2648	chrome.exe	86

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\destroy-securly-main.zip
1⤵
PID:1548

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:4756

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffed9e99758,0x7ffed9e99768,0x7ffed9e99778
  2⤵
  PID:1192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1672 --field-trial-handle=1836,i,5274421737667177314,7485989167421949234,131072 /prefetch:2
  2⤵
  PID:3248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1836,i,5274421737667177314,7485989167421949234,131072 /prefetch:8
  2⤵
  PID:3596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2220 --field-trial-handle=1836,i,5274421737667177314,7485989167421949234,131072 /prefetch:8
  2⤵
  PID:1468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3224 --field-trial-handle=1836,i,5274421737667177314,7485989167421949234,131072 /prefetch:1
  2⤵
  PID:2848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3244 --field-trial-handle=1836,i,5274421737667177314,7485989167421949234,131072 /prefetch:1
  2⤵
  PID:1196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3696 --field-trial-handle=1836,i,5274421737667177314,7485989167421949234,131072 /prefetch:1
  2⤵
  PID:1380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4956 --field-trial-handle=1836,i,5274421737667177314,7485989167421949234,131072 /prefetch:8
  2⤵
  PID:4220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5052 --field-trial-handle=1836,i,5274421737667177314,7485989167421949234,131072 /prefetch:8
  2⤵
  PID:1076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4956 --field-trial-handle=1836,i,5274421737667177314,7485989167421949234,131072 /prefetch:8
  2⤵
  PID:1624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=2756 --field-trial-handle=1836,i,5274421737667177314,7485989167421949234,131072 /prefetch:1
  2⤵
  PID:5008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3504 --field-trial-handle=1836,i,5274421737667177314,7485989167421949234,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3520 --field-trial-handle=1836,i,5274421737667177314,7485989167421949234,131072 /prefetch:1
  2⤵
  PID:3940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4556 --field-trial-handle=1836,i,5274421737667177314,7485989167421949234,131072 /prefetch:1
  2⤵
  PID:4336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4752 --field-trial-handle=1836,i,5274421737667177314,7485989167421949234,131072 /prefetch:8
  2⤵
  PID:1988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4660 --field-trial-handle=1836,i,5274421737667177314,7485989167421949234,131072 /prefetch:1
  2⤵
  PID:3532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=1508 --field-trial-handle=1836,i,5274421737667177314,7485989167421949234,131072 /prefetch:1
  2⤵
  PID:3524

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4884

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
195KB

MD5
89d79dbf26a3c2e22ddd95766fe3173d

SHA1
f38fd066eef4cf4e72a934548eafb5f6abb00b53

SHA256
367ef9ec8dc07f84fed51cac5c75dc1ac87688bbf8f5da8e17655e7917bd7b69

SHA512
ab7ce168e6f59e2250b82ec62857c2f2b08e5a548de85ac82177ac550729287ead40382a7c8a92fbce7f53b106d199b1c8adbb770e47287fc70ea0ea858faba6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
2ac1f37baed196ebfc3b063d5e910202

SHA1
cc71d9798473285c558bf2ce11d8c41cebdb7852

SHA256
7a56afd4f42a16c621accc2eab9db1f57918e8ebf3cb9eccafdff893ec961aa7

SHA512
89c20d61aae96e5304a1938626ad6286a912b71524f07be131a3f463dc55807748b9ff125f1236d163180921e8e436457a10c416d37092ad4240a6faeb4e9606

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
3801e26ef6ee10b3ebc678a2c12836fd

SHA1
f9044f96eda3522d755bbff8f9d8f043228b3bd2

SHA256
48d45329672f73d04ab8a2baf7724cfc9fff66df2cfb5974e408aab34018af11

SHA512
64b351f2a76dc07888505a09a5f6826b181f4623629d0249f51a6ca99f0cd7d1da0b8cac6b10cebe931fe2494a1e8c103a3454a91cdbcdb338af39eb9a7d746c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
7eb0f67363dd92679b5da18f5cbd0fe6

SHA1
004dfd242d3d59581438fe46c6bf3c9868dd2e13

SHA256
e4d5b20082cc2054faeba664101276a8e85c04c25a99ca1149df6d30218bca53

SHA512
8f75d71a85e0860c18c1aba48a7e2fbc779203819c73f979fb0b2174177c671f5e925600e1a628246a205807be42c7d09430ef35aff1da53d0eaf851e9ea9e2d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
88209d10b553953993b01110af063102

SHA1
f9d5591cf7b54249d61b74e81c8c7b1de18a2fc1

SHA256
e7fb48260009ee79c0142533006b743935dc769168cf5278373b8677889ffd6c

SHA512
fbfa8e7247a0eef9efa856ce1c7ed746af6809f4e46559ee8913cf6fbbe60cff17ddca2abb156f0f4e51e5650fa81a71ccd347910a802e8d21e237f31dccea36

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
6a421cacac00fd28079a2e9f49385663

SHA1
30e862cb6d280a23185f4dd8c5ce80a6747b353c

SHA256
0c2a975b5f627810e9197c2bb78a49e4795bafd44d416f7721cd9df05a2bafef

SHA512
be127c569cd64af1117d023279d8ccdaf87b7c47466186987a5b0f21799e04edf779dd5d6bd78384d51fc668cbc377651da0366d58bec8aca81a0fae84103710

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
c8cc62c6c5c1b4e11926ce6194799a26

SHA1
a672cbb54023c50d54c9ae1e9cf02d9d1cb83f21

SHA256
a3664e2b42c84e105b5a34d38d43feadb68fb1cf2370f4f61961bd190cc5776e

SHA512
285449edaf55334681cba1bb3eb7b34158370c073de14e6bf419b691a795cec7568f8d7c4a031e70cbf4df559d4f6fed1e06798a5f17eba3a6817872d635c67c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
c50d30c0706ce44f3149914981fe13fc

SHA1
7a033196a253cf875fe2b10c2975ba6a0391450a

SHA256
d3f6065d6f80a8f3f3992e399a004c3575ac26ff2aeb0caddd667e0ab14ce811

SHA512
b89c643ad28a920feaf107d3a4a77bbbdcec69ecfb7eb64646ac16c3f8c91f3b94b89c79558c18012cb886f40e04385c1ec3b19aefc30b3ca86d7f11a7da7a84

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
63d543e1d99967ec548063a073101b8f

SHA1
930698d14c99a7debdf100d1fb508f2891a9bbbb

SHA256
f24fa5232966973ff16a0110ac20860611d48df64fb92bac7c1d308a664776e3

SHA512
b0a1527ffab3827a27dd0a00cc5d01389690fdf38707ae5ba70978c67228d62b7d9ce3cbb8753464e94100c9a81f76ad0b6b1e36dda4f621389a1076ba89b2ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
806ef1ce0560b4335d44f51226632c3d

SHA1
493c5c5e0ec92e594396c005bf3de0e6f74c60a2

SHA256
1d6c196c1eee359eb2defc4cd8a739cd62d4bcb7d46cdbf813d461561cfaad27

SHA512
695e555092737b8f25b1878a5d8eab312f7712b161f4555487ff49e216fe32771c6049c53a325857b0ac1d6ef6af5b8c95eb082c60e9906c9cd6a6818cb3039e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
369B

MD5
34ad0ce64ab66bca5201fc5a4d710111

SHA1
fce578a1a9aacf610d807c93240c4e5eb09aa82f

SHA256
5d44d77eae7fba011f8f99b8e860f402982ee1c4980e0c455631132c02ad7412

SHA512
779edd061b1beadbfc457772d7c0e876639d0882757e6f2cba592dc823859214d90ce6e448241859d78e455ebea6f20f0ac15fe9b4691f85face57ca87651885

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
81b4cf39d273ad6128f3787271bc4ee8

SHA1
f2bdaffe2999a26628a3d420adf4d67d51403cf9

SHA256
1fa848b9eb80d55d8b9cbd5cc54855e8a74a61616051e85ddba7eef5e7d86c80

SHA512
ad7a401fcb8b6b9238caa0f4f86a7a1a807d80a1a29e332e01480095ed5d62a9805850f1bf6f114720157cf0a1e9ab57d4f891daee3d34217482eeed5780d0a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
60699b83cfe07d7865440a1c1de8be41

SHA1
809134ae4bd66a217245184e416a23c34e4b91ed

SHA256
2b1283c5497e3fa25a780a047c426c9a05b25656eecf2e36924ccc2d7cb22ad7

SHA512
dd409a12578fb9c1c6301b9b63938d45b83013a3197f974ed8b3620face5f734d42d789a689c009850f68af88e8cf0e14f5c751aecc5bb1fb766f9fcefbdb89a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
369B

MD5
7e03d71b106f7ee01f8e7ba47d0bb572

SHA1
f328f086f740546e5d26fbbda6fd72239fba7355

SHA256
e51cb0dcee2bc5285196f38225ec9d0d67be98930ca5e07eb907d8e28c69c861

SHA512
a4fd3fbb732c8ef4be760b060004b487cb326896ecd0c29b502dc545942241cca28aefe3fa8a00751749e85ff6221a8ee3ad6067cf0361b8f724fd50d42b6187

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
e9aa2e456a1dea5a838ae12876598f7e

SHA1
f6a4d87c16faa4717096448a9bbb1b6e2d40b77f

SHA256
e67f9ef54a67a4ff402a4fe2a27bd21d400994a44f913635e0ab5c29f1778d42

SHA512
93c5dc9ff5052554759e8d04ad9771b0c7631e3418f864b4645a3f080ddd6cac3172d0623442f10546a5d9e431535ccdd41924302beaeef9bed25560c641acba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
d973c8b560f97d3f376cebd9d48b3a13

SHA1
83a92cdda0084028eafe60ace75e5ff93e7d212e

SHA256
e638a6ca332a40de2fc238425b9fb4e56a9c0d779241bb485958e0466afda297

SHA512
2ac3878bc526eab2c531f9122eb0eab69c01eaff2919048eedf743ede16e3f472a34ed2b06f39eaa764adedffacb4c723455068fee237f880871a6c732d36e79

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
5c3c0f2a8b7097b95ab8ccb7336602ce

SHA1
f9545d47b8d0a4d01bf47e5bcbe138ecb1c41adf

SHA256
989a54edd84984a9b6930a906071be758ce068d5632411e68e7c33994aa7000c

SHA512
d0893a769b5116c2dc67a3d2aab109fc039253a93cbfd073f98f7ae7659fdc01e47de7c6baea586082fbb51c31a1d5b97b41397503fd54c4f85bf7e9a6115915

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
3038e18aa89146d125954130140d08de

SHA1
fb78fabcfcf058a4e35fb0d430ef5579a075acb1

SHA256
24c1eb41359a48bf2f36fd1d293dda0169548d92d92025ef3c86de7e9d18753f

SHA512
41847638a9e3547c467ff21758c8eff3e2336b3e4db855d5929e26a581f2a066c7e004dd7cb98f209a7f94bf7640816916bafa9ba47157965cee58c4d2b22402

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\d614ca08-96b2-4c45-b35e-3240c6aceae8.tmp

Filesize
1KB

MD5
8e99cf0a4521e2ef4577b85cdb07bd13

SHA1
53e2b635689ed3021f948a4c93cdc2d453e1f1bd

SHA256
a06f6fd52b857049bb49d8040409b044d9a524a9df50fa28632e3e7e34e187e6

SHA512
91d009761f083789bd13bf41f837a3f5a5644b3d1f22c123b9d8310d805f99266c3c36cf832bb611836c1862258c40a6dea58b0f7a1932e558e9f7282c506a71

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
7bd914c86dfc8d4f03d77211576f0978

SHA1
ce3dc256938094d6fe8181f813bb94ac25fb62cc

SHA256
352438a9674e1635826bce211f66ce8540c98edab7c83688d18d6af5ddaf36fd

SHA512
1a5b91c08c855539a91f58d78722ee2b360fb8c83dd7f8e275f62c973fcad540eb19a1e946d38ce5860384fd113223ba3da41e4834e1b7a07697d423f941ef90

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
e52c330fb58aee7372bc61caa7e3f688

SHA1
492ee0d995000060f2177b0b1d20024eae4e2b43

SHA256
7c4261c7ae58cd5cb984a5d4d7da9400ca5b781833908d25898e6c0d8488a55b

SHA512
eec3fb4ffb35039b6ea04b362d47c7da2c41de82045206f99830b0191167ba55fb68ec50ed523c34788bceeb970004d607f134f4c25693dcc4ee4c48bdf55b97

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a0123927a66f4980b357c273372a14d0

SHA1
82186f4cd67e6524ab9c485fb90cbf0ad87b3efa

SHA256
ae71baf08e58509b0f86a9317fcfc628af70f06b9b39352640b5a1c37a064b14

SHA512
188d853bca005bb67c0dfa4e2b213b493c9ce479c3e30e1ac54ef9549fbd44aabd570d51f95efb8f468e523d6d87b83d05437e3d896a75627d444bbab869fc2d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
544446162f9f66766344eb3ef23c9dea

SHA1
dfd71be2b8a666eddce90a9f05026a8f360b3cf9

SHA256
cd519d68716fc24df56dfc17f332b9e7c49b0b7851eb2981ed4c2bab5b1750d7

SHA512
4704aeccd4e03f58a2dca3c5927369dc155cfe138a6c424795e4088bb4243cb4517e4a3ff1d98a6f4b81d8057f4035793b0fcc81c74b5ecb7cd33e5a526f19b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
9599fde20e7ceccffb841f7638163ee8

SHA1
86d0a01c8788fa5c02f32f4a77832c967c4cbd70

SHA256
6319d65b20377dcd4976b2d2619383b2333aa4fa824c1e0ed4be9740695321f1

SHA512
6de7321efda4500780ab21de1ee4dd68c36bdf5ec6a787183f34c82638f87d75f3f1c2baafcd6c98e0ba1165ed37597fdddefcf67852474a5fb7797587e06557

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
d26ea3b9a7ed92df46f76ed21a70bff9

SHA1
08ae05a71ec6cf85cf638935cecfbc228f432e68

SHA256
84052755441958040f7a45162b1e9911bbe686eefbdd1558e155c25ba20505f0

SHA512
062eba43c3a841be118d55b478fd346ac3f7f4eff9b97bdf0e55fb96480319ee56651fa150b23e7e9963c26a583b1be60d974ba7637f9aa8ae37643c5b04ff17

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
b77e2b70668773055b9aec2dded2db53

SHA1
4a1079c956b6ddc2fb3fc874141556a0a641eb00

SHA256
f3397219abdec023d5482495976b1f30de685065aa066d8ee0ee95285cb17238

SHA512
97a0437de52ff751ff59ce9173402e5021c361dea7baabe63a56027dd7826eb1f84652c1bbf7088c2f131891d08082837dca2b3071268f1e7745b9ce070091b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
256KB

MD5
6cbf1587d3d318fe25f6f29045ae17c0

SHA1
c6182573626d154c0a0631adcb063c86f8ddcc89

SHA256
f54eb0f012a50614e0ddfaed4e1c5d43bd3d03080ab22b61e5b1c9bbe0fb9634

SHA512
5be497087dac72ee7b73865c75696a4a6647614f932bcc84bdd5d9dcf0d484643392373bee1fca8a58194dc0ee094cbf97db27cbde59c6c1566736629193d81b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
256KB

MD5
1fdbd8d8fe504a98b7f8191edd472b9f

SHA1
e9bfc703f136f68347fbaa8e2d56d04791926285

SHA256
f9b4a61b57f41159bdab6fd252625e2a75482639aaec751d48eb130e747edc34

SHA512
1af1f8e2c33704e161c588e1feed46e992fe1070de5c77ab189345ebb7f9d881bcdaa6702dba86287b583b06530f962ada9db92d5ff8c02cfca5da2069f90850

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
92KB

MD5
6277c7c44711a6a84b7458cd5c36c757

SHA1
4515f60d01e350737d93f55ac27a29ea91e53f39

SHA256
6915f5a6f6846517c375c48fc5012b2e5f01278bd59d4b9b3d582807f944ac42

SHA512
ae69165802c311298286add88c6eb55560673cb380470886a51f08935a233ef11527e8dae299e33f25759335aa11babd718fdf020e3444eae3a7f25067101730

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5a62a3.TMP

Filesize
88KB

MD5
7d23513a980969604cc5c1165c5ea2ab

SHA1
a5f51341fa4c5ba9f60fbd4ddd0577be628fa61a

SHA256
025e088892e5c3fbb4030f68249aa354da4dea6583a29f034d9e8b0a1f73953f

SHA512
59027744069ba1cb8b4ecc3cde7c14e3d1fddd2d7a28b72a702569dae3464e3fe60335b2885be0593fb0335cc799a04d6e1b110b09bc8583de103bc2545ca2df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

Filesize
11KB

MD5
f2de638a4259125fdc63c3e174803714

SHA1
c2dc76d32dbc368e8b576a5dd9e0a2a7a5d6fa66

SHA256
c76921cb128864fa1ede8f5f96285a688474149a4d0ef6f15ae131250649a297

SHA512
625a76f433d1b50172950eea73425706e5be7547d589f0b660d7ffab6440f9f1542acc1944d20d64ba493c15c420593b12b53e6ad8fe181c0134001581aa7b19

Download Submit