hxxps://u[.]to/irFuIA

Analysis

max time kernel
599s
max time network
603s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
03-03-2024 14:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://u.to/irFuIA

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133539504163373451"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exechrome.exe

pid process

3292 chrome.exe
3292 chrome.exe
4352 chrome.exe
4352 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

Processes:

chrome.exe

pid process

3292 chrome.exe
3292 chrome.exe
3292 chrome.exe
3292 chrome.exe
3292 chrome.exe
3292 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe
Token: SeShutdownPrivilege	3292	chrome.exe
Token: SeCreatePagefilePrivilege	3292	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

Processes:

chrome.exe

pid	process
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe
3292	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 3292 wrote to memory of 3824	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 3824	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 452	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 2036	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 2036	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 4700	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 4700	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 4700	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 4700	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 4700	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 4700	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 4700	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 4700	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 4700	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 4700	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 4700	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 4700	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 4700	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 4700	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 4700	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 4700	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 4700	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 4700	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 4700	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 4700	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 4700	3292	chrome.exe	chrome.exe
PID 3292 wrote to memory of 4700	3292	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://u.to/irFuIA
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3292

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff15f79758,0x7fff15f79768,0x7fff15f79778
2⤵
PID:3824

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1616 --field-trial-handle=1864,i,15230182673762400301,10901943834999833633,131072 /prefetch:2
2⤵
PID:452

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1864,i,15230182673762400301,10901943834999833633,131072 /prefetch:8
2⤵
PID:2036

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2200 --field-trial-handle=1864,i,15230182673762400301,10901943834999833633,131072 /prefetch:8
2⤵
PID:4700

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2856 --field-trial-handle=1864,i,15230182673762400301,10901943834999833633,131072 /prefetch:1
2⤵
PID:1716

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2864 --field-trial-handle=1864,i,15230182673762400301,10901943834999833633,131072 /prefetch:1
2⤵
PID:3184

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4660 --field-trial-handle=1864,i,15230182673762400301,10901943834999833633,131072 /prefetch:1
2⤵
PID:2896

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5196 --field-trial-handle=1864,i,15230182673762400301,10901943834999833633,131072 /prefetch:8
2⤵
PID:5004

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4992 --field-trial-handle=1864,i,15230182673762400301,10901943834999833633,131072 /prefetch:8
2⤵
PID:2364

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3112 --field-trial-handle=1864,i,15230182673762400301,10901943834999833633,131072 /prefetch:1
2⤵
PID:3224

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5080 --field-trial-handle=1864,i,15230182673762400301,10901943834999833633,131072 /prefetch:1
2⤵
PID:3136

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4796 --field-trial-handle=1864,i,15230182673762400301,10901943834999833633,131072 /prefetch:1
2⤵
PID:232

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3936 --field-trial-handle=1864,i,15230182673762400301,10901943834999833633,131072 /prefetch:8
2⤵
PID:1796

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2060 --field-trial-handle=1864,i,15230182673762400301,10901943834999833633,131072 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:4352

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4680

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4260 --field-trial-handle=3488,i,1267426273081718772,6254127258555406296,262144 --variations-seed-version /prefetch:8
1⤵
PID:1588

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1032 --field-trial-handle=3488,i,1267426273081718772,6254127258555406296,262144 --variations-seed-version /prefetch:8
1⤵
PID:1428

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f
Filesize
121KB

MD5
2d64caa5ecbf5e42cbb766ca4d85e90e

SHA1
147420abceb4a7fd7e486dddcfe68cda7ebb3a18

SHA256
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f

SHA512
c96556ec57dac504919e806c7df536c4f86892b8525739289b2f2dbbf475de883a4824069dbdd4bb1770dd484f321563a00892e6c79d48818a4b95406bf1af96

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010
Filesize
119KB

MD5
57613e143ff3dae10f282e84a066de28

SHA1
88756cc8c6db645b5f20aa17b14feefb4411c25f

SHA256
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

SHA512
94f045e71b9276944609ca69fc4b8704e4447f9b0fc2b80789cc012235895c50ef9ecb781a3ed901a0c989bed26caa37d4d4a9baffcce2cb19606dbb16a17176

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011
Filesize
115KB

MD5
ce6bda6643b662a41b9fb570bdf72f83

SHA1
87bcf1d2820b476aaeaea91dc7f6dbedd73c1cb8

SHA256
0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6

SHA512
8023da9f9619d34d4e5f7c819a96356485f73fddcb8adb452f3ceefa8c969c16ca78a8c8d02d8e7a213eb9c5bbe5c50745ba7602e0ee2fe36d2742fb3e979c86

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017
Filesize
37KB

MD5
231913fdebabcbe65f4b0052372bde56

SHA1
553909d080e4f210b64dc73292f3a111d5a0781f

SHA256
9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad

SHA512
7b11b709968c5a52b9b60189fb534f5df56912417243820e9d1c00c97f4bd6d0835f2cdf574d0c36ecb32dbbf5fc397324df54f7fdf9e1b062b5dbda2c02e919

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021
Filesize
20KB

MD5
1cd9f819fae888ce4860b7f6093347f1

SHA1
04f78da120741f1198d595af811b2c42ca9d5406

SHA256
d90bde2cee49d26d93cc149da64ebfe3b57b6f391c1fe84c696a2d5e3f33b3ad

SHA512
2f7e22a0b36ed64c6be176f48f91663bbaca60d7a4ea862a6a81678fadc1d8df31c59a3266d1097654fb52345e0d2e292b8bf48e9497be9c3e3be89cf43bf90b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024
Filesize
32KB

MD5
e13edde4a25e96e573f37bdd11e020aa

SHA1
84a0c3cc6cd74b149cc27de2b0fe48bc2acb70d2

SHA256
45b526e6aa5356b278aa37e67593a25d09c9653e8a0e71fb8e155111d3b7a515

SHA512
9ba4cce47994f949731e594538f56f423ee46a8e602fe922ab6e1d173b87831ae5a80d967d695fc45a08b25aef5c494518b43cde6b4709db690e904b2cc1c053

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000026
Filesize
36KB

MD5
47d88f0e30322831ac51429e321af624

SHA1
0a3a50ae8c9d61a6d96b872f91b4694187be0bcb

SHA256
ff066f3e1ab3028b7bf326825772da1a50d4c9bfe92ec0abcb52f17ed996482c

SHA512
416fa132223c396c6ec4ba581383ff0859ee02a7e73acca4836df0e8154600cc9cfa4249832d0370fc7c45232e0114994e7da36d094cd459a6f3c77be539cece

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b
Filesize
195KB

MD5
89d79dbf26a3c2e22ddd95766fe3173d

SHA1
f38fd066eef4cf4e72a934548eafb5f6abb00b53

SHA256
367ef9ec8dc07f84fed51cac5c75dc1ac87688bbf8f5da8e17655e7917bd7b69

SHA512
ab7ce168e6f59e2250b82ec62857c2f2b08e5a548de85ac82177ac550729287ead40382a7c8a92fbce7f53b106d199b1c8adbb770e47287fc70ea0ea858faba6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
504B

MD5
33abba8a6562b4784b0c7be5dc09a2fb

SHA1
a09a989ad864424a3e7093fa9b4f0cf78295ff2b

SHA256
5f956a5a64875329ddf8f4cff63a64debfd8444b7dfc22824c00b12dc6c9e85e

SHA512
4be9edaccf42239576132b877548f3e58955214e9b9ca194d43ac1167de00d4562b2cbe283bf854e2a90313e7842c8f2f8770b22059b6a12fa089944d95c9403

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
1KB

MD5
a19f1e361f3cf2acbc5cd74967a74359

SHA1
4608a02d52bed16c3806eeb29903fab599029f0a

SHA256
59db2caf6cf39dee225c67b48b03d26d7ca79fec8c21b1ddafd445d8f1f9a527

SHA512
f9c61cdafde4e2200e4d598b11dc322c1403bcdf5503e87c79741045963d3d9d5728778c933e1120d3bf80ee777e277fe1c1eeaaf4fe7378eb94729741c8a50a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
1KB

MD5
4ba1bca6a1fe1ee03cb06f8180d49c21

SHA1
cf73a03fd00c152e7b3a09d73e6a7c585c934152

SHA256
a9aa742489a0ca11020eae0207a423860f211dd708c26ba7a62295f7202958b0

SHA512
5e97cebba596743068361f7397d0c5fe2b79b43dd674f75563b05676af025ed2d214c72471243381ff005277a0b8abe3c3919b5f920b434c62959f5b59e43e44

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
1KB

MD5
4bf6886c08b02895e9af156c8d7ac170

SHA1
55013c46bcf843b7e744965a545a35dea83469d7

SHA256
489ae5dc1dc60b0a68e1c2da4b1c1f034d0ae78cb396e3891eaaa0fa38d45431

SHA512
d6c85cc3bd999c26a26a0045003d85c3623247fda12a7d002ca5de6745e30acec9d831ca6139b95b59f5fba796bf6338c8bcaede0fef1b55c4550f309bd4d360

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
672B

MD5
1d867890b87e88bd9d9c7f1dfad82f5d

SHA1
cffcc4dba7155c8b1ac53d0d4d6b3a69e2a9312c

SHA256
117ec5bf71c9d0bb5d34d045325e203954f99b27fcce279a8ea45f4b67f4e223

SHA512
17601a2f64f331949192a4dd4570522b6ebc0dee32ce5fa43649a88ac9c5bbc8932c8a78c32899018b95f10a4116622b2d5a7ea201e23718e8be7cce745cbb2a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
3KB

MD5
fc8c679e15f5c2a97edc5038ed1dd2fa

SHA1
0ab93f982550b5a511d66206c1d7c190063bd111

SHA256
a9476cb9084b0a53b5c4c78be38ae3639991452de5621084453049f98cd5daf5

SHA512
5eb8c670c5f7d5b43b58092721ad03d1a6a4c051e1a9bce0da26f32a313f7d126c1144d3b7637dc07e05024b98441d5dc97c431216f45aa7acce3a97d0712194

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
3KB

MD5
a5ca60913b0cfbc439b2eb07d83aaf46

SHA1
13601c8bb196c17b1f57dbf5ce839ed81c1ec329

SHA256
a3d6803dd46d69ac931f8d261673e2f5e16acbaad78078f54e11b8a79c396961

SHA512
9ace5c6f488dad4d529c5e839ad933f44751b23ef1a67637d991911da17dc4adcab91ab1db1615fa7f71f09cfb8a1aa236b312227c4e4bb5484a76aff6912aaf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
3KB

MD5
06a712443144736b0e872abb5388989c

SHA1
9f9c078657d586c9a02c9948b4f46d274b3cba15

SHA256
b8355a98f2ecaa49fe7dd0a2830af8c31088ff44a265599d8e0686a4274f7529

SHA512
1cc2520b0b969a0d977bfe9ed68f3cdb9eea6c1fbef150a26e9075369162433fe09fa0ad02830ea74f051b82d1b70e8a51988125ba680f6598e4082b3a8f952b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
3KB

MD5
90cb840ebf72373dd00e00752c1e67e8

SHA1
9f0cd8b359fb6bcdf17b221f514f3ef986e6256d

SHA256
64304f09898296200774081ffdcfa5c69eb8f5b60a5551084f029858cf052220

SHA512
ceb3d10a1590aa0c25adae5037b91093a51d57c8dab76a8a4824b7c2964688e0c2f1858eab2bad29ed6316bd1090b12bb319e10e4c7002ccdc393fe7e590b90f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
2KB

MD5
4916bbce831cc27ab1526469e7b9796e

SHA1
c9542b971e56e530bceeeb71516d32aabab06364

SHA256
bfce09e08c7a8b5f8e20ead65a9ef1346e443dc802e32efccc26b65be00fbcde

SHA512
eaf99dbd89e4af773fe75233e7debd574ef6ad59df0ef5236c328ad955610a1d548fb30236cecfe89af502643056f7dc51c072768941d97758a860a1bf7ed0da

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
873B

MD5
ac4cb4e902b159087b9b344e9ef7f7ae

SHA1
d2bca2ebc175e6936f153c5fd9870e349c07f63c

SHA256
4293d72b76f85c1ff1ccac3b64ae32094e390ded2c360d9dda4cc59da54095d5

SHA512
699220d5235e3d6783a5f0f4f2efc7a5e51568117be73cd30600ad3f245de415747df87cc364e8b29c5a7eb605e5d770716b8d231671d25663ab2b0286215dbb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
873B

MD5
ebde0a753b32a7101f9efbb9e90c1c18

SHA1
49f987cc5cb9eb39e70de55282b22e9e24407b91

SHA256
20aa27977cb52c7ff1e77b8f6c77bed92eca3d7d6f0f790c5a872cd8fe9e76f5

SHA512
449a2bfd4acee604ca6f040146082cc054f6b455a212f30d301a203aa46feeae13642eb68e0c128dcc71480ff1fedcad8feb108e4b782aee3a4fa4b27c28aceb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
716fbb46cd602bcb30d55ab8a1d46e52

SHA1
dcc222adeef42ba28a39ed6ca483703ea6b87a68

SHA256
44bccb14bd52ec1ec72f3c61ff7b12fa3f0f855714370d184af5908f2bc41c57

SHA512
369ffb65f68057a84be29a52af3f1a86ca9de77957fe62666ae7220b523503083a9afdd5d6bd0fa0e3ef8b9de3f8525e1a8b4e43de273f44b89450007b27be1e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
a03304125fa991571e25c1f4d9be9fd6

SHA1
739671b4e490a3e50b633f0d2ccfcd8dfc9a525a

SHA256
a38487ae51f73407ebd5b36c64c8a58405c0c97ca71ed9d346427e296a2270aa

SHA512
f8fc81cbe1e33aa7442a89ac9b9a293d2adf7a34c90f538b607c2b709ad6019e04ec807b0ece6267b1029dbac6456cb314f058635af7811a0a3f7aa928c3c438

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
bc61d971081c23a419b81461f04cfd3f

SHA1
44e586713f2d0442a19eae4030912e613c68e917

SHA256
d005c56f98ad9ced644f8041ad11800ef3b5400cc24a6bcd0bd79d921ddd297d

SHA512
f08711ff220b81b579bcfe6fa98780fede8cc9c97202e932bb652ec29bb90ecb27b194ad322774f10d84fd87602b408ab1b5a5095691298f6e383fac6a0f6204

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
4e992a77f4f663c4c643232e6ef695b4

SHA1
ead4c76a06f342321b27091525798c150ae62cc2

SHA256
21ba0456fd205edfec687abe8d874e2f982977a6375cd7a60bff90086c28f679

SHA512
2dbf7c4fe9d18f0ce9f54071f4d1cdd4a98e71d7f468d99b1e6359f7d172b9ffe7f7792bafc4a5f9c080f2a58ec988b2a8e112b28b3109816fd367501ca72c17

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
d2b22ae119958cfd135e7f101fd64a6e

SHA1
460f00a5dc87911d6cb8004dcaca8f823a6f25c1

SHA256
bccfabd53f52173b28505ca68842bb83ffd11fd945a744fa4f793ebffc21cafd

SHA512
6c6c5ce5ce68a2a533705f956d9d3afd8635b2d76dad646698e35ed7017637f4f45ec60891e1a653e756a741e5f26190f90e90a43e4d104628f7eef25c930803

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
9ccf79848ee02b926bc6e0ae5368ab9e

SHA1
0fc32a16906862c968026eeff00809a753f5a165

SHA256
4d4dfa6d9ff9d48621900b1d8e52599ebc76f504c6485e8ff179d04fc342fc85

SHA512
c9c7dc37d295cb0949e533ff54a33e15d2fbae816f93a109bcbfbc9bb1ace47c411477933240959e48e9c1f6fc07b080f2e2a162fa1ddd43cf516712abfe1042

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
f1d06dc54a5d37bcba4736f0763f9f1e

SHA1
169bd68bf1a5d23182f7681779d63ebbfd618184

SHA256
b9f42cc31c18e5a5aec169d455c023f9480306b6e15012d45c34ae5bd13dc52d

SHA512
20c4bedfd5082bbc5ec6b30259cf20dd0d6648a36617aeb2ffa513d0a5b4900b54dc4097e643eea4753da35f9d49f0caf3abe96c84cd26804da11fffbde96a46

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
f364d8899d4798e5b361f74ad7a0301a

SHA1
82c81a25a42cdf0bdc49f24b1cae1c996ce948f2

SHA256
224a361467e219b99060ac14cdc588231e645917222db048d11b9d39e648a23e

SHA512
2b859bf2378a7264ce2920aa57033736d0607e8e6ccef63f5482a253ce966cd2be50fc22ea3b24780db41af76adca8d67477dfb11023b576a77277260f90b755

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
253KB

MD5
1df6cd0d4a80c4fdd88e5b44e2481cd3

SHA1
8659a43419d8e4f56b5e9f8c42fa6ded163980d1

SHA256
ebb2ff72daee1642c4bb161bd91215715cba9bf0c8697bd4777d28f78dd82020

SHA512
9b3902880a817f3c1a634e578f98209aaedd976256718e29b84a1332294799ee04e3afe997d0216f5142726492ba1ef6466093a88d8e7455b421e5c6423fcd31

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
253KB

MD5
537e6bf34cec23dbe47cc5cd87e2c7f8

SHA1
e93cfbab91e583fd7278b37eea4ddfb7609febdf

SHA256
719ba41e21033f5c9088022c166e43415a9f723b73f58f650ed2d0712d59dab2

SHA512
e4c5c31eaf411ddcd7675f56e29447afe1c16d42236dc3e3da975dfb69acc07962b2e2851b3aee37ade3e2344edd94de07b7e855f73ea2494ce05308528d0162

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
253KB

MD5
6c484cc7da0f41382336cea251047ef5

SHA1
5f59a1390893e7912a33871fa8fe196683de5e17

SHA256
1bda7632bea94dfa52020c146eb435bc35de08c4844c0c413c8674fd3a9c8944

SHA512
010e38279bb707c9d7926570b78d31b2c09a3e69013815d737d5b0d1be901d0126a891d5900103464fa419d25fbd3ed53530377423f2bc92061b7cbf8de34ebe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
Filesize
102KB

MD5
5dfb64dba7a22d7da8a47c8060cf6362

SHA1
0c9cb167a0bafe739039e70209e7dc81645fb04b

SHA256
82b3b119ca9ee36ff0d8222d18d068e5f8a78a873e2ee528aebc73a3498b8a31

SHA512
e16b2ad5b42d80b40ca18a92f7649bc063ab41acad6f00254c0a83b7645ddca36b181887d005e270fe1b75bb02fa062d9eb539eb94605d0dcb97e46f1f46e607

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5972b5.TMP
Filesize
101KB

MD5
43dbd8a66abbd6cf0e7afe15aca34595

SHA1
970acc1ada39f7a6333c14d965b81ee4ea12cf9a

SHA256
70bb287ca88e531ffa36957f80229854b53815d4b48d6d157c9d2ad1ff6c45fc

SHA512
212b0f8853c70f5477204044f3ce447cb107b864dd0608d2fd01ab042d1290a3025fe567a000bd97b5d320577c5503e87ce847dcbe68798f3f3524f404962850

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
\??\pipe\crashpad_3292_LVLOAKJDDWCSBNAO
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit