839042d0944390e6b5164e705398b73b3337392cc7a94f92ca773bddc3b69f04

Analysis

max time kernel
30s
max time network
59s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
05/03/2024, 16:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

sample.html
Size

15KB
MD5

afbbe269b354deb00088ad215842b358
SHA1

da491423e2cb0d700c88adf439d1c02ac41722b0
SHA256

839042d0944390e6b5164e705398b73b3337392cc7a94f92ca773bddc3b69f04
SHA512

1c2285c0b8e97f627f01df623e29756fca0fd3836bbdc5f35cdf053eeb687e7eb49ec52b293b79657b7a8f42945d8ec35da10c10bffce005b411365b8a866970
SSDEEP

192:PNx5Ssv99qXoqTJkNr423eSRRVv9ohKK1PZINIIoV7C+UGjM4oyjN:5Ssl9qYoJkN0xqlNSIoV7C+VLN

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3008	chrome.exe
3008	chrome.exe
3032	chrome.exe
3032	chrome.exe

Suspicious use of AdjustPrivilegeToken 32 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3008	chrome.exe
Token: SeShutdownPrivilege	3032	chrome.exe
Token: SeShutdownPrivilege	3032	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3008	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe
3032	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3008 wrote to memory of 1744	3008	chrome.exe	28
PID 3008 wrote to memory of 1744	3008	chrome.exe	28
PID 3008 wrote to memory of 1744	3008	chrome.exe	28
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2740	3008	chrome.exe	30
PID 3008 wrote to memory of 2436	3008	chrome.exe	31
PID 3008 wrote to memory of 2436	3008	chrome.exe	31
PID 3008 wrote to memory of 2436	3008	chrome.exe	31
PID 3008 wrote to memory of 2456	3008	chrome.exe	32
PID 3008 wrote to memory of 2456	3008	chrome.exe	32
PID 3008 wrote to memory of 2456	3008	chrome.exe	32
PID 3008 wrote to memory of 2456	3008	chrome.exe	32
PID 3008 wrote to memory of 2456	3008	chrome.exe	32
PID 3008 wrote to memory of 2456	3008	chrome.exe	32
PID 3008 wrote to memory of 2456	3008	chrome.exe	32
PID 3008 wrote to memory of 2456	3008	chrome.exe	32
PID 3008 wrote to memory of 2456	3008	chrome.exe	32
PID 3008 wrote to memory of 2456	3008	chrome.exe	32
PID 3008 wrote to memory of 2456	3008	chrome.exe	32
PID 3008 wrote to memory of 2456	3008	chrome.exe	32
PID 3008 wrote to memory of 2456	3008	chrome.exe	32
PID 3008 wrote to memory of 2456	3008	chrome.exe	32
PID 3008 wrote to memory of 2456	3008	chrome.exe	32
PID 3008 wrote to memory of 2456	3008	chrome.exe	32
PID 3008 wrote to memory of 2456	3008	chrome.exe	32
PID 3008 wrote to memory of 2456	3008	chrome.exe	32
PID 3008 wrote to memory of 2456	3008	chrome.exe	32

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\sample.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6ce9758,0x7fef6ce9768,0x7fef6ce9778
  2⤵
  PID:1744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1196 --field-trial-handle=1216,i,6267861767622175663,3883010967428238706,131072 /prefetch:2
  2⤵
  PID:2740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1520 --field-trial-handle=1216,i,6267861767622175663,3883010967428238706,131072 /prefetch:8
  2⤵
  PID:2436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1624 --field-trial-handle=1216,i,6267861767622175663,3883010967428238706,131072 /prefetch:8
  2⤵
  PID:2456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2316 --field-trial-handle=1216,i,6267861767622175663,3883010967428238706,131072 /prefetch:1
  2⤵
  PID:2024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2340 --field-trial-handle=1216,i,6267861767622175663,3883010967428238706,131072 /prefetch:1
  2⤵
  PID:596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1416 --field-trial-handle=1216,i,6267861767622175663,3883010967428238706,131072 /prefetch:2
  2⤵
  PID:1908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2992 --field-trial-handle=1216,i,6267861767622175663,3883010967428238706,131072 /prefetch:8
  2⤵
  PID:1724

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:292

C:\Windows\explorer.exe
"C:\Windows\explorer.exe"
1⤵
PID:2040

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:3032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6ce9758,0x7fef6ce9768,0x7fef6ce9778
  2⤵
  PID:2128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1148 --field-trial-handle=1288,i,3291421568631973129,4551552007668852436,131072 /prefetch:2
  2⤵
  PID:1088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1508 --field-trial-handle=1288,i,3291421568631973129,4551552007668852436,131072 /prefetch:8
  2⤵
  PID:1620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1592 --field-trial-handle=1288,i,3291421568631973129,4551552007668852436,131072 /prefetch:8
  2⤵
  PID:704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2316 --field-trial-handle=1288,i,3291421568631973129,4551552007668852436,131072 /prefetch:1
  2⤵
  PID:2868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2324 --field-trial-handle=1288,i,3291421568631973129,4551552007668852436,131072 /prefetch:1
  2⤵
  PID:2004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1356 --field-trial-handle=1288,i,3291421568631973129,4551552007668852436,131072 /prefetch:2
  2⤵
  PID:1080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2272 --field-trial-handle=1288,i,3291421568631973129,4551552007668852436,131072 /prefetch:1
  2⤵
  PID:2072

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1644

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\56175d40-6303-4fdd-942a-27051f5ca60a.tmp

Filesize
258KB

MD5
bfd18000520ff2abd6481fa9a38ccc7e

SHA1
89cb94ea269c2dee1ef7f71635df52cbf901cce8

SHA256
508d2af7f4cb857a5d822ef93d9e0f24c7c4ddb78f4f7aa4e484bb9c65871ad7

SHA512
6c9e9176d6a16580085429562f5a4287ad2faafb74a5b00b905582b4fb2217b026948b755d9fccdd9a7fb0c44790ed7eaeff0cc22240dc63b94aed41e697f6ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
ecd8ebd0d441c0b49b641fbcd5444d17

SHA1
75760164655f0e440880cfb868a10a01b67b6c90

SHA256
f46d8cdf1812d342e3b49ee242fdba78935d597ccdf86989d165e28696cf62b7

SHA512
99913f343bc9df93bcd6d789c4ddb2378e7f49778836e844bee55de79a98c39a9793331a22c2e6b6f171fd3289c77586a4e32b9d9bbcefd68a0029f6d11d2256

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
368cef17775f5057c4e74a3e341e6a83

SHA1
5aafc72010a2d100b4c0b8167d1288f8d1419399

SHA256
8711b11a93ed5d623bce4fb01d91f5d3277c43b8deccbabc1fd71a0a0853e0a2

SHA512
2493333e1543dec520cf5e9a4cf9deb0c08e578103397da9048d840f45a6dd49450b4c663a4acbb3e8683033e56c5bb89d0f810449f546e74e93069b1754cd95

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

Filesize
136B

MD5
68e9cf6d33e48be624af7c9cc36fb143

SHA1
f78f1664e23164b90bb57768376d4ad14f4b1b5f

SHA256
331ca645f5728949287fda1dce9fa2bb15af9603bf08322ee5c3c6242291afc4

SHA512
e3dc93b9abf47ba5b9483928ecd2e453190cab9ffd9b232d39639c7424ba8b64094bab7d765733e015cb1a6161e4b86be87a2e6717178e666fb2bf5f8e6455f7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-000007

Filesize
50B

MD5
1be22f40a06c4e7348f4e7eaf40634a9

SHA1
8205ec74cd32ef63b1cc274181a74b95eedf86df

SHA256
45a28788cde0d2a0232d19c391eae45777fe640790ac0674d6daa5672c444691

SHA512
b8f6f42d375e3ad8015d744fa2814994fa6e588b41cce0131fca48194dd40146b08169a8ce0da350525ff32a59a16edb503c72e0f07254955c82a0d38074856e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
148KB

MD5
5d42d4d4328a24f7c172a22c2aabba2b

SHA1
8f4ae337b702bcbccb934f3f8295c81ace62317a

SHA256
b817bc368409e6a1cc6d86939b62868c1df8a2624e100d5849887a1c13c32c88

SHA512
06b52cf35f2d39bae1ee8d0f8da3d87e9d283b3db23cce305c0469161e81f3a9695f9a408ac75792ee5b59092ab2cab8818000851a04608260da72c4c652ad09

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\CURRENT

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

Filesize
136B

MD5
96aa6d739dbd298785bde6f4d219b45c

SHA1
b83f7133ac89ad613eb80ba3960b1be121f067ac

SHA256
394ed01e48cb94492cdf1eede777bddc118ab067f66f26e666eb58a719f24f45

SHA512
405ae59c62102699d9af641e42b8844bd3d14b56f2f0842c06fb750d668d68ca062e39361d0e91b03f0722ede682bf6f260add42ea0ef6532da3a838b9a1709f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\MANIFEST-000006

Filesize
50B

MD5
78c55e45e9d1dc2e44283cf45c66728a

SHA1
88e234d9f7a513c4806845ce5c07e0016cf13352

SHA256
7b69a2bee12703825dc20e7d07292125180b86685d2d1b9fd097df76fc6791ec

SHA512
f2ad4594024871286b98a94223b8e7155c7934ef4ebb55f25a4a485a059f75b572d21bc96e9b48ed394be8a41fe0208f7bfb6e28a79d75640c5b684f0c848fe3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
38b8acb9f873e7ed55c0b8977851d81f

SHA1
8eb59ed8879edc3774af1da5b7595d0677ec8349

SHA256
ac19c8ee049dcb730060edab1f5226cc78b14b5ca9a2d3a95dc5f465981b6a6e

SHA512
c7e447f23b8a7eec43a6d7d77d737150087ed7c5aebde6e65a109728e127bfb922e9c3d6b207ce10e27e5427dc56112708197636acffd4b66c7bb4333e373c8e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
ef07888230a67d93a40df682ab0e06cf

SHA1
7b6294079941bf30e5b80294293640a8bf4eed4b

SHA256
6bf3861f9e7271fb7a41a50e5fdc7a842d05f4b09d73a3a683eb4d15c4297983

SHA512
aa75fba7abb55b5e1317120a135565285cbb6bf2e25f6250079190991833b9684ae976013714bee04d779b8d346dcfcf294b8d1069f77653155dc0b4e4f1f5a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
d8a1d4d559fb56e1f37ae904d8199c8f

SHA1
0dfbb4c93efbc4805c0150a9f8cbe0cda53ede0e

SHA256
d79b24a277f940c89326b0ad37cad5613f85fc2468bff230a4a97131cbffd299

SHA512
33a4a34d04e0eb4d8a0b8c0341d9a0304fbf30fc5270fa971249925f6ccb14b11bbef8baf06606bf51da096742a06b88ed9bbaae176967719a0faa940df14ce8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000009.log

Filesize
38B

MD5
e9c694b34731bf91073cf432768a9c44

SHA1
861f5a99ad9ef017106ca6826efe42413cda1a0e

SHA256
01c766e2c0228436212045fa98d970a0ad1f1f73abaa6a26e97c6639a4950d85

SHA512
2a359571c4326559459c881cba4ff4fa9f312f6a7c2955b120b907430b700ea6fd42a48fbb3cc9f0ca2950d114df036d1bb3b0618d137a36ebaaa17092fe5f01

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

Filesize
247B

MD5
3d4b68115e791b49fef5b2c25c04e0f3

SHA1
ca4dd17661fdf0eac10f405b12c27a98a8749920

SHA256
e6cef39f015591aad26d3935bd56cbe3854451e3724215f77e6ea9ac4bca6545

SHA512
d06602e6f7a3f962bc75a80061109105dc58229339d4ccc004963dd3267d1f838a428ece528bad8ff609246f3a90f516cb3f8766451a2ac527c495eeb9b04ee8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000007

Filesize
90B

MD5
b6d5d86412551e2d21c97af6f00d20c3

SHA1
543302ae0c758954e222399987bb5e364be89029

SHA256
e0b2fdc217d9c571a35f41c21ed2596309f3f00a7297a8d1ded05f54f0e68191

SHA512
5b56ae73a61add9e26f77d95c9b823f82a7fcdc75eed64b388fb4967f5c6c42cb0796b0b99dc25c89f38952786176c10d173dec7862a8a5ce5f820280f72d665

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13354131369590600

Filesize
1KB

MD5
83f48b087bd0a193e90d5166b54edea2

SHA1
737c7323516387f2167abd75cf0b2ba78c3d1079

SHA256
6ede573ca0d657ed360517dcfbf7cdbefb605701c31c625dd67a5d2dd703c02a

SHA512
23d037400d76ec4ed6c109c000b99f3ebc6834909777e5a6af1702bad4949a95a8e62e689deed5ca0ec1154f6bc919e6cdd39844db9f4928b6da0f894fd12d9e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13354131381477600

Filesize
945B

MD5
33214bfe9c4e25d566e83a890d1371e2

SHA1
b9401a8c02ab9ed80891ae07390e511973001cae

SHA256
4eecbc8a34b68c7b9d8dec9dbc8a24b3a7cc8d912e382465d81883251cdf2691

SHA512
91e171c9bd068eb75012079292dac2de3710ee08e7a33dbc6fb8fc56da9346c16e7686ef02dbf6b8c161e5e8f43475354c76ebe624f8b8f0b3ddf4a4bbb93da0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
136B

MD5
2e6c80e7c14b9884aa8f0e9cc210cf78

SHA1
cf016ce835ae531762f47458e53cfcfd362984ca

SHA256
44029b9e0e7dcc15f6e4e50fa0c1cf19099243cab4c43fd688563503ae5b8578

SHA512
a2a4b6f48d2011d6dfd4ed2528a437b80aaf2a573876523d3ab0a99ec37d473c0676eaffc69f2f4981140aaea892d5483c7f47542bfeceaac041efc8fdff2913

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\MANIFEST-000007

Filesize
107B

MD5
22b937965712bdbc90f3c4e5cd2a8950

SHA1
25a5df32156e12134996410c5f7d9e59b1d6c155

SHA256
cad3bbec41899ea5205612fc1494fa7ba88847fb75437a2def22211a4003e2eb

SHA512
931427ad4609ab4ca12b2ee852d4965680f58602b00c182a2d340acf3163d888be6cfad87ca089f2b47929ddfa66be03ab13a6d24922397334d6997d4c8ede3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000009.dbtmp

Filesize
16B

MD5
979c29c2917bed63ccf520ece1d18cda

SHA1
65cd81cdce0be04c74222b54d0881d3fdfe4736c

SHA256
b3524365a633ee6d1fa9953638d2867946c515218c497a5ec2dbef7dc44a7c53

SHA512
e38f694fd6ab9f678ae156528230d7a8bfb7b59a13b227f59f9c38ab5617db11ebb6be1276323a905d09c4066a3fe820cf58077ab48bf201f3c467a98516ee7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
136B

MD5
6a4138a63ab750c215bd3b51470f61af

SHA1
76db38e88e25c3384b5b80f11c6ee49d651627ed

SHA256
1254878f5ae862ac80209012955149bfadd88ee518a4ff971c27116ac030327c

SHA512
bc67614e0a1352e64c11814a3f0d617fea1fad167a857756b0dac879fcdaf35d5dba9d93839926a3be530098d6b73e39b5cbf2f0244e2e57094bebecea70f03f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000007

Filesize
117B

MD5
2ac0494b5c4c6d605281ee87339a0cc7

SHA1
6ea0fd5480bd086ed4110d0622388574f0222666

SHA256
53161ecf97484ce07e22fbed3f642f3c1daec51a22b84be407522e5d38d2afbd

SHA512
77c6a0422b17b90dcc84094e184020613bfc7f71f07bb6fe15a68f48330e7b374c5228d65606341248983e3ec17c9b30a61e31ebdfac73f7e6abeb9d2b5f8f7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

Filesize
128KB

MD5
52bc3616786efc35bb9bb971c87d6b23

SHA1
05f3ae9d516b022df2d8c0a95d84973ad31dacec

SHA256
14735766fd65a5f917b165775441297281350b448649d865c2cc384fdb3949c3

SHA512
0080014fa2fc1811ffc253518a353a90263c5b76a03211aa2f941f8521f2ba16ff9ba170f0563e74136562db295562234f97000ef8a8e73ee5cbdf682e3a545b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000008.ldb

Filesize
491B

MD5
ddc6156ef54e186f2e64931383d1b6fb

SHA1
b3ac759693664b7dd1f16d7ba1383d18fa0ba8cc

SHA256
f20c759c068464e013f45e052c9237dfc841dc71e6825a8f889ba5a0274dc277

SHA512
3d4c55c2de7e614f6eda75aa52c916b61e34e3d87f6bfe9869e3eb1ec0071e8deeb17e22a8a1b96b234855f6f93cd68a1dc0c892d57fa791bdfb339a9eeabb9a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000009.log

Filesize
123B

MD5
e540fb2faf73bec44dfcd0fb452483d9

SHA1
98b95b7d44cb76f59db16cee39f4fc16b4a3075c

SHA256
4c8ae5e1ef220ae5fd5ad6798051fc5d1ef05e59c5f9f8955ee01719689fd71a

SHA512
549183bc9224afd80934d3bbbf0edb494904733e1ccb97aeb77a383b810b11cce21d8e847b5d7b81e17557f050100032a08ce6d744a4c7a870050085ce213d96

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000010.dbtmp

Filesize
16B

MD5
60e3f691077715586b918375dd23c6b0

SHA1
476d3eab15649c40c6aebfb6ac2366db50283d1b

SHA256
e91d13722e31f9b06c5df3582cad1ea5b73547ce3dc08b12ed461f095aad48ee

SHA512
d1c146d27bbf19362d6571e2865bb472ce4fe43dc535305615d92d6a2366f98533747a8a70a578d1f00199f716a61ce39fac5cab9dd67e9c044bc49e7343130e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

Filesize
249B

MD5
ee8654d4f46ee86c0453c32e18fce401

SHA1
ac8e985aace704a598b1d55ed0f61c85d822190a

SHA256
8a9ad01d0580cca915a0b9ccfdf4c3688de15e622bc0a9f33713f3cae2c8eae1

SHA512
131abbb3d340395d72f1eecf3276ee3f72667bab26f693076958c38d390e93ef0ae9247429c31dbe92c6072d20028cfc985e3bea1eb340f18afb2ed8600d389a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\MANIFEST-000007

Filesize
98B

MD5
aab5165d35d17e55661c7e3e75b5819b

SHA1
06e206362674a35662e484bb00ba33144a91e593

SHA256
d86225872ff58111ea478f5359f6b189f1c54949a50dcac3dcf4328158b3dd3a

SHA512
7491d54be4eb985e768dcebc0502f86d73ee55e808567112af3688aab75934b8505ce32f1ee0b7ecbbefe01f022fbea7b5f7bba9397d7edf247f009247551538

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000008.ldb

Filesize
318B

MD5
50e83bf6e3ad9364df1d1f34f48eb19d

SHA1
f142916aa4169fa233c8e5599f12080c5c6da947

SHA256
4ed7ed6524655cb09c2ac6a6d94131709c33d7f12b43dff4d2404972fca7d1e9

SHA512
5dc23e2f31a89a879943bb63f917d6e223c3d5aa8220cc9216e805e0076ff11927067d51382c1e05275777456a1e9d759744d51acb43a8f700a6d70575d4a928

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000009.log

Filesize
34B

MD5
fe62c64b5b3d092170445d5f5230524e

SHA1
0e27b930da78fce26933c18129430816827b66d3

SHA256
1e1a9ca70503efd8c607f9bc7131f08aba0476d75f2586dadb4da5485a5315d4

SHA512
924daccfbfb0c0464b4c5fd769e01a8f2e96fe28b635aa27ab4cd91766b05b03bbf941af14c017436107673f01bad815ce1fac2a649e745c76b3c736994b4fd2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

Filesize
249B

MD5
4cc0cedd08afef98bc2c80370415f771

SHA1
ae4838d3e12580390aea2be0d12a49655033d610

SHA256
fe96550977ccb0234c1e968d45d481654e1bbddb0e1bfee26858819402f38f99

SHA512
8224b0d220df5d78371d76f497c14b088e3a78c8d0733e773898d4c7996d519b099581e1fca9d98c285292eca83f40eab2a040bea67d47694caa3d3aa093ad0a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\MANIFEST-000007

Filesize
118B

MD5
d757e9f525200060aefbd2e00bc69809

SHA1
ae551809c3435fe3e6716b76dc23b7294189b4ce

SHA256
729406f9e7c1e50d927d0c6916ee0a97eaa26c46e6cdecef7580e61b8c0dfe20

SHA512
50c15062061f449952bda82a8b0cd4bafe6f3f434f642fadb8017e65c09886bb4d0b52967c80f8fa380447c63d79b6518f605a3efe7d8eea40c2dbbaa0d41953

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
9eae63c7a967fc314dd311d9f46a45b7

SHA1
caba9c2c93acfe0b9ceb9ab19b992b0fc19c71cf

SHA256
4288925b0cf871c7458c22c46936efb0e903802feb991a0e1803be94ca6c251d

SHA512
bed924bff236bf5b6ce1df1db82e86c935e5830a20d9d24697efd82ca331e30604db8d04b0d692ec8541ec6deb2225bcc7d805b79f2db5726642198ecf6348b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
fa9670262a41dc58b7b2f0417d932b3d

SHA1
61a87562d97c674dd54a34d64c7ef03de3a175cc

SHA256
f8612e317c8e2266c8e1edcd56f5dc3b81d62bce8cce9de7bbcb8c977826dbf6

SHA512
1bcbc41c5a008ea0c020a7ca1d19918b2ff7e078316335ab408d4e4a90c0552ecba1c0380fa09f0c1b6d2385f266fd05dceb5a3d7093a3149d9ef13d470f2bce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
258KB

MD5
a0cdd6e53fdd147aaf563a6248a3eb3f

SHA1
6f341a5d7f01d2aedb8a579204ab6e1959ab5ad8

SHA256
c1ba39f2957f4b6bb1960610814c49fba5f23a054b53188d365217b22aa369ef

SHA512
e147f5697ee1150df6eca1fb201a474dd75158bb598c70dc02c8a3c01ec662032bdc85ebec189923a7c1f2933aac6b2874209a344c14f59de13a199a569e8561

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt

Filesize
4B

MD5
50f9406be087808527fb38b487f17aeb

SHA1
24869daac58a3d3b5aa84f880a0ca77e3633c432

SHA256
a278e0fa6461cc8384bcff420d5d0c30c77f7ea4ebdc9ce89ac0605d6fd885a8

SHA512
7f22e743e87eb8009f8ac3b57c6b0c457ff8773ba6ba70c1e2ab0105b81898d4366384cdadcc4fd87174b7959c6651964e0c4abf4b9ad2b603f4660ccf5f6c55

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\f167f440-f53d-4052-8739-673afdb62ce3.tmp

Filesize
130KB

MD5
6ba7e3b45c8843febcf147bdc73a35fc

SHA1
3efe5e67aacb02a2c2a74a3caee1f030da3dfe29

SHA256
97541e7cf5deb9c36c850cc9b8ae866fa5ad08090e8108c72f9790d28d81324e

SHA512
ae71842c41b3d7a04a8f00d218778db47e9de980fcbec2870f31f2b7f4e14e3275096cceede34fd6eed718ae84462fca1f625704f033d8b66d2bebfadb579ce1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit