hxxps://steamcomnunllty[.]com/gift/activation/7058ec4a666c1eaf2d98981b61

Analysis

max time kernel
149s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
09-03-2024 17:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://steamcomnunllty.com/gift/activation/7058ec4a666c1eaf2d98981b61

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133544787934868105"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exechrome.exe

pid process

3392 chrome.exe
3392 chrome.exe
4392 chrome.exe
4392 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

Processes:

chrome.exe

pid process

3392 chrome.exe
3392 chrome.exe
3392 chrome.exe
3392 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe
Token: SeShutdownPrivilege	3392	chrome.exe
Token: SeCreatePagefilePrivilege	3392	chrome.exe

Suspicious use of FindShellTrayWindow 28 IoCs

Processes:

chrome.exe

pid	process
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe

Suspicious use of SendNotifyMessage 26 IoCs

Processes:

chrome.exe

pid	process
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe
3392	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 3392 wrote to memory of 4328	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 4328	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 3604	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 4280	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 4280	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 1176	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 1176	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 1176	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 1176	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 1176	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 1176	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 1176	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 1176	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 1176	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 1176	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 1176	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 1176	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 1176	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 1176	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 1176	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 1176	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 1176	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 1176	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 1176	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 1176	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 1176	3392	chrome.exe	chrome.exe
PID 3392 wrote to memory of 1176	3392	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://steamcomnunllty.com/gift/activation/7058ec4a666c1eaf2d98981b61
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3392

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd6fd59758,0x7ffd6fd59768,0x7ffd6fd59778
2⤵
PID:4328

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1620 --field-trial-handle=1872,i,2470722389777399870,14140361679536247043,131072 /prefetch:2
2⤵
PID:3604

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1872,i,2470722389777399870,14140361679536247043,131072 /prefetch:8
2⤵
PID:4280

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2200 --field-trial-handle=1872,i,2470722389777399870,14140361679536247043,131072 /prefetch:8
2⤵
PID:1176

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3032 --field-trial-handle=1872,i,2470722389777399870,14140361679536247043,131072 /prefetch:1
2⤵
PID:2280

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3040 --field-trial-handle=1872,i,2470722389777399870,14140361679536247043,131072 /prefetch:1
2⤵
PID:1748

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5388 --field-trial-handle=1872,i,2470722389777399870,14140361679536247043,131072 /prefetch:8
2⤵
PID:4360

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5024 --field-trial-handle=1872,i,2470722389777399870,14140361679536247043,131072 /prefetch:8
2⤵
PID:1208

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1788 --field-trial-handle=1872,i,2470722389777399870,14140361679536247043,131072 /prefetch:8
2⤵
PID:4072

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=2068 --field-trial-handle=1872,i,2470722389777399870,14140361679536247043,131072 /prefetch:1
2⤵
PID:4692

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3068 --field-trial-handle=1872,i,2470722389777399870,14140361679536247043,131072 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:4392

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3616 --field-trial-handle=1872,i,2470722389777399870,14140361679536247043,131072 /prefetch:1
2⤵
PID:4756

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:832

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000026
Filesize
119KB

MD5
57613e143ff3dae10f282e84a066de28

SHA1
88756cc8c6db645b5f20aa17b14feefb4411c25f

SHA256
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

SHA512
94f045e71b9276944609ca69fc4b8704e4447f9b0fc2b80789cc012235895c50ef9ecb781a3ed901a0c989bed26caa37d4d4a9baffcce2cb19606dbb16a17176

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b
Filesize
121KB

MD5
2d64caa5ecbf5e42cbb766ca4d85e90e

SHA1
147420abceb4a7fd7e486dddcfe68cda7ebb3a18

SHA256
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f

SHA512
c96556ec57dac504919e806c7df536c4f86892b8525739289b2f2dbbf475de883a4824069dbdd4bb1770dd484f321563a00892e6c79d48818a4b95406bf1af96

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
696B

MD5
9d887481445e347ddcec2000d61a8f2d

SHA1
105ae0c20ce584ca02025bc64f767cd441625966

SHA256
0a5ff2caa84ec5c1a409aeb1303dc590ba580e8ed8abad9253f109db6c7b477f

SHA512
f90a52c02cd5385d095fa228ebb1b2100850a2bd14a4d61910940f6c3c3665ae2718c9f1290c839c21e79aaa45f1bf2ec216eb7114325d667b744b4f6d7ca959

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
480B

MD5
e59166edf255a9860ef36f3afe51bde4

SHA1
6adfca0884905b7c0a735a4d82972966aa625a2e

SHA256
6138c0ccbed9930a8acbbe6f2ceb2bc0b982e25973c5cfe91bd384dd4a266240

SHA512
b99e65095e70cb45924d86c44fc0508d5ce2cb43fc0a1cb1e59874b05bf85cf8eea45599fc4476967cd325c804be88bbcfc1ff56b3f6d011bd5ce672be22193e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
1KB

MD5
ca3934ee28271d3dd9e642472488f7c9

SHA1
ad435d6c788687d02c487f62eac5fd991d3369bc

SHA256
f3a85d999d458605490462f0e9c8a389527c2dc4049ee29a84bf7b0f7788192e

SHA512
14b7fc0444d0769b4690cf06b85e9aa7be29c0d2f3e74d15cbb4f3667c3fdcb7f3551340c0062dcf70e4c6f00a5f254de15ea727cfdda1a5a4ab0f821f400e0b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
2KB

MD5
60ad65c9b6388dcadbe45baa006fbe37

SHA1
a550fe0e80e1fd1272672a95c96e4cc150825342

SHA256
e1b21d0ad5dbe212e3f8da152d81a877e9aead7b1737a222821aec7552d5a73f

SHA512
9068a0aae6268c9b99999d59de2ace81d74f70b6d23c9d89cface3920806693eada115d101ddca055c57e9c44735d9202435f035f8b7e358cf7cde99de67ac18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
874B

MD5
fbb26ef6bec2d41362987a10b345214a

SHA1
17cbbf747875cb506a6c131d5429a902a5313a80

SHA256
bb2e14f634e19445db7cf0370d9c0ff403060cfd63c7c647c4d4f831b7f8b75e

SHA512
ffaf889a63dc80b7eeb78389b7858af9dfaf1e8f721a18b657ec475ec6281822347ef36c918effbf244287a3923c60ebae80495932bc4ce6b6a9582b5174d296

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
874B

MD5
a1443bda2c0dfa4070410cd13f8f06ce

SHA1
6b868c2ac18196ee8bad9b2d7a1ee6594e4455d9

SHA256
fa5ab3bad5677be150e99f3f942739be427a37493c9786f0b529f590da1354be

SHA512
197ab98f00eaf1e0a80e04457f7176d5cfac773c2dd4ea01afb5c23dd976eafe2be19f8491f59285eb1dc396bee79a0c601e279f77c6c907fcf85a79c1065be1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
375274dcac795147c507839a4f9b66ce

SHA1
2ec610c4e08166bcf92279992964c31bc2d2d1c1

SHA256
72b55ea1d0b18c72a784f9122ac0011ca6e01dde64a769afc5783076abcd5c64

SHA512
068ba1b7faf49f9007de9a21651fcc84844daca6c5ea3e82ae836c8003020e2afa2ddcd0826fccd1c2280d2acb76a54d0038a3b3fe90b3204065e1e61761a95a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
db61bbba7f8ae259c71698b1d1c06af4

SHA1
2eb9a4ac2672c6c8ff72702845af8979abcc440a

SHA256
e8131ea85394d21e5678bb0a60b657e0ddc26f7552c91dab5c5e60d9fb719dc7

SHA512
841402cedf0ea81b780c1be6e3f3f1392ba6a76b850cbd2c7860e66314e0a3292febba7c944334202ae3a5eafe4fda8110535065833b286da10cf73ed3727f01

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
355dd70a6e724517a2586512922b1ad9

SHA1
63db15fefbf0c40e4e1492d9ba8a743d57a5568a

SHA256
06277fb5ecf3339260544c8d048419a85ca33f51992f16edcee6ad126b88bfb4

SHA512
8449f099e53b8ff4c092935170cff0c717c5843bb35b20ecc1e64d3a6a59521ae2beafc3ce2863faeb3f1cae3e147c11af714e439d606daa3c2cf3ee7f5d32bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
e6df1d8453ca40e5b27b5b330ca586b1

SHA1
d4c480c79cafaaf1a350d1bb29ae87d42d94d547

SHA256
c364ebfc196ca499c41496aa39010b35e228c4adaeb267cd3200bd51686dc016

SHA512
c5b704b9a3de04ffef123c63d0b877558037bca7e8d4155b88cfde914e62990d632cc3771eb146540a11dd151feefb42a84f28a903f400336cbf245419be7aba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
0d112d0741d9fcb479479b250cba0f99

SHA1
af5d78371bc00628c4613fa651a8a8d4e063023c

SHA256
1855227637b807b3b27f1fa7b35a23b09c89d665122b2af657065d8297bacc8e

SHA512
b9a5dc5c6b145bd2c63364606e3c9884dd3e25aa79ccfaa25484602f5d72a703bf21947e511cbc0d873853d2c2e84da2e9710799a9e751ee05c45b158747a523

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
128KB

MD5
43fc10e6d9c1b04ff69ffea44728e7c9

SHA1
6b1c27aa97afd185341bb0a6d6efcc9deef74b19

SHA256
571eb4efcf7248d2cd294e9b3b8b4002b577cdc39962080ce2314eff51b75177

SHA512
9e7c8873a073200e669380307b8cedf71948db443fe37dafbab480048a10552920cbb16fff1cc92941745d7021a022d73703affb84493a124a97797e8811ea76

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
128KB

MD5
376b30d0180762705004c8248b80cc74

SHA1
dbc879f11edaf208950de50ff33f4e7a1066b5a5

SHA256
4c1b4a073cc2dcb0e84330822bca2bd1581f94d9bba6f3d9cbf7c8ea4952e84a

SHA512
f64cc0d53b30cd8f0546f65f36b46851a79b7b554e5aba5567d87f61f9b20d9884c06219686f2ac11d3c99c2c45805b8c69d372b3440b5e38a7f3c339138fe8f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
Filesize
101KB

MD5
8cbfd3feac92abb16893eb1c170183a6

SHA1
095113276bc32fbf6d3f1ef08b1c3e8cb809969d

SHA256
2757151791c35cb7357a9ec74456886906bed20550df895e10e7bd603e8eaea1

SHA512
ec09ffaed9ad995be0d5f1f4cead3b1524c95c097290a9047d2dea74cec8a1dbdaf188433022d6ca0209eda8ba6fedbca7c753532dc7eeca5327ed2441c00643

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
Filesize
103KB

MD5
f0bd50f8fbc7434ed8cfcb46357e5109

SHA1
888e858e586e4bba2d51aaf0267dc997b5f35201

SHA256
c42a038ef72cbb2796f983dbd7c612ff965a5b356796d3008de4a99b2f4c312e

SHA512
51c281d35ba6fc0ca79779f3f4245f2f7e6d95dfe74a70b633522cf243479436290087e03c292c487963f28cd4e9ebafe45bba0e60d9a89fcd01d2756cb63afd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
Filesize
104KB

MD5
e71ea08f71b6a23362c3167330af6623

SHA1
8d09a02bb896d0a3821192f41b4f73461ac495b2

SHA256
75f16fc27fcf0296e91a9fefe10836e54e4688a7b227547aab15080dc937b9bd

SHA512
3330110aec969c533073c690c6fb3a5bfc646d7c285343165294ba0d51e08353731e6def7222e880993b62d140a95d549e75775f2125c4bf9f894b3b9f61a437

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
\??\pipe\crashpad_3392_VFIYYOBTPLAQHNDX
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit