923ae78ef3ace374cf0d3674376943b0cdf1747b46de74dc5c14fda16df936fa

Analysis

max time kernel
1800s
max time network
1690s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
10/03/2024, 21:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a (2).htm
Size

1KB
MD5

fa29916f652602f11362858fc58ee874
SHA1

3e79b7c48adf7dbe39c935633d442d4826730344
SHA256

923ae78ef3ace374cf0d3674376943b0cdf1747b46de74dc5c14fda16df936fa
SHA512

902f2b5c73920a4610f898804cc53592de6bc62979ee092b0c15121cfd632c1c1b1d85ddaa3e2275d7e652fbb0a6f7d977f77456f1fcbbd3007861ed49781d6b

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133545949062025278"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3900	chrome.exe
3900	chrome.exe
3856	chrome.exe
3856	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe
Token: SeShutdownPrivilege	3900	chrome.exe
Token: SeCreatePagefilePrivilege	3900	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe
3900	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3900 wrote to memory of 3048	3900	chrome.exe	87
PID 3900 wrote to memory of 3048	3900	chrome.exe	87
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 1496	3900	chrome.exe	89
PID 3900 wrote to memory of 724	3900	chrome.exe	90
PID 3900 wrote to memory of 724	3900	chrome.exe	90
PID 3900 wrote to memory of 1092	3900	chrome.exe	91
PID 3900 wrote to memory of 1092	3900	chrome.exe	91
PID 3900 wrote to memory of 1092	3900	chrome.exe	91
PID 3900 wrote to memory of 1092	3900	chrome.exe	91
PID 3900 wrote to memory of 1092	3900	chrome.exe	91
PID 3900 wrote to memory of 1092	3900	chrome.exe	91
PID 3900 wrote to memory of 1092	3900	chrome.exe	91
PID 3900 wrote to memory of 1092	3900	chrome.exe	91
PID 3900 wrote to memory of 1092	3900	chrome.exe	91
PID 3900 wrote to memory of 1092	3900	chrome.exe	91
PID 3900 wrote to memory of 1092	3900	chrome.exe	91
PID 3900 wrote to memory of 1092	3900	chrome.exe	91
PID 3900 wrote to memory of 1092	3900	chrome.exe	91
PID 3900 wrote to memory of 1092	3900	chrome.exe	91
PID 3900 wrote to memory of 1092	3900	chrome.exe	91
PID 3900 wrote to memory of 1092	3900	chrome.exe	91
PID 3900 wrote to memory of 1092	3900	chrome.exe	91
PID 3900 wrote to memory of 1092	3900	chrome.exe	91
PID 3900 wrote to memory of 1092	3900	chrome.exe	91
PID 3900 wrote to memory of 1092	3900	chrome.exe	91
PID 3900 wrote to memory of 1092	3900	chrome.exe	91
PID 3900 wrote to memory of 1092	3900	chrome.exe	91

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\a (2).htm
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc2a669758,0x7ffc2a669768,0x7ffc2a669778
  2⤵
  PID:3048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1772 --field-trial-handle=1880,i,12907575083676258488,11886917978930263098,131072 /prefetch:2
  2⤵
  PID:1496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 --field-trial-handle=1880,i,12907575083676258488,11886917978930263098,131072 /prefetch:8
  2⤵
  PID:724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2196 --field-trial-handle=1880,i,12907575083676258488,11886917978930263098,131072 /prefetch:8
  2⤵
  PID:1092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3048 --field-trial-handle=1880,i,12907575083676258488,11886917978930263098,131072 /prefetch:1
  2⤵
  PID:1880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3096 --field-trial-handle=1880,i,12907575083676258488,11886917978930263098,131072 /prefetch:1
  2⤵
  PID:4836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4040 --field-trial-handle=1880,i,12907575083676258488,11886917978930263098,131072 /prefetch:1
  2⤵
  PID:4896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4256 --field-trial-handle=1880,i,12907575083676258488,11886917978930263098,131072 /prefetch:1
  2⤵
  PID:4972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3368 --field-trial-handle=1880,i,12907575083676258488,11886917978930263098,131072 /prefetch:8
  2⤵
  PID:2624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3040 --field-trial-handle=1880,i,12907575083676258488,11886917978930263098,131072 /prefetch:8
  2⤵
  PID:3744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3340 --field-trial-handle=1880,i,12907575083676258488,11886917978930263098,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3856

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4428

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
432B

MD5
78cafae891f7017a502538fdff8c5852

SHA1
fb0f1ffe64aac89490ef290c5dc1b941b58b2e6d

SHA256
734c7efe00f249c3f2efc1dde3fd6eadf3cd1a8ead0932fb7563b8a6af0cdf7d

SHA512
86aa98c79ff9e8e88d4a9ba777daad5846d889838f5bc2a9020b07dbd005e9c2a8bcc85196b2a8f63ebee8140f763b57e8b273ab44165ba8d563dd1041792962

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\567a0538-1d72-40ff-969e-b107050ad0f8.tmp

Filesize
2KB

MD5
4e68b05aeb1cb0ca9f74df290830eecd

SHA1
76951d58cd0fd686b9b5ca87b45fbcfc20ec6c68

SHA256
e65856039d6f0773b7bbb2ad13dfce8cda56f8e641e23ee134c3185d09eaea6c

SHA512
8a413939633556058b9f4eceada3584918f7b9f6a991dcaf4d066bce3714c45e4f9dfb5ca04094f7aece9caeb9307eed7ad8a81feafe5b5bd7b59fb7076b3a4e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
3a250a22fbf83fb663a8b00e00201d64

SHA1
85cbbf7870c0d9ab7fe42bc4cf8b55643c8f9a53

SHA256
d9d869af2b1bb50eabe7155b6ea867b57c5f581d56ebf6ca89b669787e084ef6

SHA512
77ea15cac088273f151dd913de9b140ae60569964b0e90ad1bf29b3370a58cbe93d91adefe03e470fb6f51b50894d739888384836cbd0860fe233b54f54f9d22

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
5fca83fdd1ca4423b47339a95ea8162c

SHA1
d696eea781c8fe734060aa15d2992244befa921f

SHA256
f5346c1019740031e9f410aba83a32e7a78a3966efa9e888913468ac01319451

SHA512
edf78018cfd1defc1ffb8452f75da8db38b7d85e7014ea7a0cdaeee06c686cd62b91a209492de430bb631918b20c642b41e85ecb651ee6ae57446f73c38ce271

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
4d626e5a8423fdca3d4403cd022f09fb

SHA1
1698b4e8b919dbf49cac8e4e71794ffcb238e6d3

SHA256
9adb1d3a6b664735c63a1b796059d25e542382df303952ff4b751e026fad4293

SHA512
c57f867792c48293a23b6b6183c91d33d7cd1aec6111deed2d6a51e6cc16c9e5ce9019ed5598abbb6d6d80380dbcd638ae697637887b29e897517458da9cebfe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
ee1be7a2b224b80cd7e7f693ae9cdd8c

SHA1
b2de38e528a7d35f700af1cd38738604995e2fe9

SHA256
aa820f80fb0cf1369929a58cd91d920c9b3292869d32bc721c241c502187dde1

SHA512
d27c573ec9996da18627b16aa5c4cb8e116de99e702cc93841e2a197e49dcaf5342f73ff427cf2d51a86ad615e0ec0a002fa85da85b318d2815a522c9a880da7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
0e44875281aa2d89685832352b833cd8

SHA1
c36eb1e77cfc1ed12d12f1a63db1882203a8a5e8

SHA256
07e345818dff39bcb90bc233001a56afeb939be0f0f5a2e5c0c7e697c0e68d66

SHA512
c5650f5948f95524da041352266ca044442fbe579806d903657bea2b091c0da2335f53053a03a3ad742edc6432f99978eb156ec290e093564c5e094d2533653b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
79aef60f64c142d9d6b8d287dfad50a0

SHA1
aa68096697de432d6875c79435bee28cecbb98b9

SHA256
8ed44eed1ad543f628b5cfac8f7818d37b0d81c9a2d652eeb3d872cf02650f8e

SHA512
2ae88cd2be81a7637b296bb89b3ca7cbc56edd0984eace0cf735f52a7b5c7bdfeee6a4e0e4689a2d0c60e90f23e0a05ccef5d9825c56a91804cfd0ac0241b9ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
5b445504ddfa788a49228f0a6f607b22

SHA1
b7e88ce6c1745f5b0e27126d71a2dbf894a2761f

SHA256
2fc04a2e5a029f6601c99a1ccf5137a42e45649b7f7cccaff03f965d6b887f6d

SHA512
270511a83b4b2ccb5ca63e342be4e7a20d8e6fe336e56897d1c6a21812593510df3d1ad5166528eb55aaf2fd720eba7762d0af0873e7f0a564f9f2ef6ca65220

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
976f939583f8c6a0b02a07149cab4d82

SHA1
3d09778e65d43858c3a8d3bc4c83731701ca482b

SHA256
bc42d91468f96b361f02019004058a8b94e811e3d8b65eba7b3339af2e514709

SHA512
8b01f166d57d82aff1b581e90d4efeddd962fdf462c82a07ef0a9ff991a9b4da4e29fa47db80343f91994eaee7c249b2d07fc1669fa756d1e9a19f5bef394786

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
2faef7f6355c53ce70524b3fc161f1b2

SHA1
a85d04050a4a6122c2a34314f2c7084480628570

SHA256
54885c4d1b70aae8b200ac86e5f18123b7dd8f63b68366fed750e58626f4c0a6

SHA512
8b36b4d0e4107e152d2eb908cdc3052c666794f6b236871d51cad9d5538e9e327bd5bcd854e7a6fd8558563f2479bdc770d130c941129ecbb1bc7cd54b9b2af8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
386abfca82d1ae8f89b352b1e957cfbc

SHA1
7cf9209624bd085f0c759973d87986175988f448

SHA256
c0523674e0fc08997a816b2575b38341813f06f97c16873ac8d4b54e8548c63a

SHA512
bd2fa867d148325098b6865e640408b59395f574472edb009d6b256ac2b2a165aa4cb96260a5420c496d9f3b805efc19e7b938cdefff6f58ec206ed615a83b8b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
7f595174bfc3d2dd15b23c1d04a02fdc

SHA1
3685162c1d14c5f99a863434bdab52adf905058b

SHA256
a5cff4d53019fbfb1ee3b83bc45ed8df659577b7b9d818040001cebc46d086e6

SHA512
a2a45159cc2f622487805a4ac59d1beb1c4dc5a2fa2c498c1ba4a6f3e452887b1269628b0864a33e265c08fbb951b1ef705de77b8d2a162fcc26c5baf562ecb5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
052fc06a216be2fa9953f425c453f326

SHA1
8a41ce299beb5131d4354b9c13797985eb404a8f

SHA256
91feeb4afd8f2d709fa666a0920236ac5226ccc86f4fc8641867de4febd7b52e

SHA512
31ee8841faf2c370d4c9875ae5ce18d11b31854cdd3b6fe0163f35f46646b746f982dc73c62f79b15ab821b6f160c9f3ccd2658b50b7af82c150f6b3eaad06c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
f5bff3c05ee2bbe4a33267cd68ed3580

SHA1
14b673405c8ccc4a49f715028406087a538b575d

SHA256
8894c8e576578e8f8c3de3a97b9453494ddba2c6a29050e5d0c832b92948824c

SHA512
dd737768979b8ae0748a4bf5952db881ae1f99ef5c9f3acbd901b7e6329ebf4f12ae568b9c7b5d33ceab771612c3ba800ad8dc78b3aed2be7b250672428cf251

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c765f393a970459f176023b498867899

SHA1
8b6c1f81102410c3ae9105445e92e43bd30ac379

SHA256
09b6416b45f2acbab5f9963e17f2abf6d48ad4aff1f2e6d82bb4fd1e32524ed5

SHA512
716b5574dbb0b511092b141c5bf8ce845d964d5cd0473dc05e1f62d6216bd147ea78b1e41e57209f0f406bd8a4d8aa8b48a7a0309059885029ae84ad68f305bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
39e52ef41e6ee414666474be16e16a18

SHA1
db584b4aba04ebac540fa266b9cd2db87000a7f9

SHA256
53b01e00c54fd7e432c8f8364da1e1e346de833459c44d28453338dfaa1cf79a

SHA512
b1952ec425aaa2cafc8678adbeb07527f21067b23a2abb627c03a9ad0dbdbd2e3d3c988c06fbc0f8339b9f42a59f9f7b06660a3e5c789263788739a5b785a41d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\cd30b777-feba-492a-aa69-e917a5732391.tmp

Filesize
2KB

MD5
e1df31f2fd3950c436f56f639a7c3ee2

SHA1
dc8dda346ed2c175bb31e4365485c8df3481b899

SHA256
2ecfc5b57508375a2ddf85176f255067e85299afee821119424283db15e8a211

SHA512
87e764f4b66543ab93a92767a99f205f452041e1f3ec7bb1251c1af75c6ac03beab01cf7afc6f6742a7be3835a973232730731a4400cc1867b818e8b632bf4da

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
fcb15ddaf3e5df601141151717df478a

SHA1
7dc65af6b2e2c41acf35ed475d1cb41d856d404f

SHA256
5b745490627f0bfd362c76446869dcdf9d9136204953c90932cffc48bcb23c13

SHA512
cbf43f8b9bdbfdfbea401783ce6912c20b222371de3ec08b00cf4c03297b85cc186e9b8b90cdb4fe2a6d1e97d95c5c4425782c28e9548604c177424c3f5c4499

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
18f64e49daa50acaf2bb9d325f1c0b4b

SHA1
b423ab0fe6a0ff96e4e11d1efe6f39ed0ff41a6e

SHA256
d57fef8818f5f5372b19102949366754e51e8c56197168d3c31de51985ae8404

SHA512
aae4976b1998f012c61c079669ead65b93d689fa3b25c8d006562b8eb99c3d1b1ffe547ddf692d1ea587e8797144364fbdbe77c21a0bcc865028919be2f79a51

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit