hxxp://aps[.]aucegypt[.]edu

Analysis

max time kernel
410s
max time network
404s
platform
windows11-21h2_x64
resource
win11-20240221-en
resource tags

arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
submitted
12/03/2024, 08:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://aps.aucegypt.edu

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133547056287292234"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4500	chrome.exe
4500	chrome.exe
4296	chrome.exe
4296	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4500 wrote to memory of 3768	4500	chrome.exe	77
PID 4500 wrote to memory of 3768	4500	chrome.exe	77
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3016	4500	chrome.exe	79
PID 4500 wrote to memory of 3088	4500	chrome.exe	80
PID 4500 wrote to memory of 3088	4500	chrome.exe	80
PID 4500 wrote to memory of 2388	4500	chrome.exe	81
PID 4500 wrote to memory of 2388	4500	chrome.exe	81
PID 4500 wrote to memory of 2388	4500	chrome.exe	81
PID 4500 wrote to memory of 2388	4500	chrome.exe	81
PID 4500 wrote to memory of 2388	4500	chrome.exe	81
PID 4500 wrote to memory of 2388	4500	chrome.exe	81
PID 4500 wrote to memory of 2388	4500	chrome.exe	81
PID 4500 wrote to memory of 2388	4500	chrome.exe	81
PID 4500 wrote to memory of 2388	4500	chrome.exe	81
PID 4500 wrote to memory of 2388	4500	chrome.exe	81
PID 4500 wrote to memory of 2388	4500	chrome.exe	81
PID 4500 wrote to memory of 2388	4500	chrome.exe	81
PID 4500 wrote to memory of 2388	4500	chrome.exe	81
PID 4500 wrote to memory of 2388	4500	chrome.exe	81
PID 4500 wrote to memory of 2388	4500	chrome.exe	81
PID 4500 wrote to memory of 2388	4500	chrome.exe	81
PID 4500 wrote to memory of 2388	4500	chrome.exe	81
PID 4500 wrote to memory of 2388	4500	chrome.exe	81
PID 4500 wrote to memory of 2388	4500	chrome.exe	81
PID 4500 wrote to memory of 2388	4500	chrome.exe	81
PID 4500 wrote to memory of 2388	4500	chrome.exe	81
PID 4500 wrote to memory of 2388	4500	chrome.exe	81

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://aps.aucegypt.edu
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffeeeab9758,0x7ffeeeab9768,0x7ffeeeab9778
  2⤵
  PID:3768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1668 --field-trial-handle=1832,i,15135811938272290166,3522904028437328573,131072 /prefetch:2
  2⤵
  PID:3016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=1832,i,15135811938272290166,3522904028437328573,131072 /prefetch:8
  2⤵
  PID:3088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2180 --field-trial-handle=1832,i,15135811938272290166,3522904028437328573,131072 /prefetch:8
  2⤵
  PID:2388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2916 --field-trial-handle=1832,i,15135811938272290166,3522904028437328573,131072 /prefetch:1
  2⤵
  PID:1340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2924 --field-trial-handle=1832,i,15135811938272290166,3522904028437328573,131072 /prefetch:1
  2⤵
  PID:2080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4652 --field-trial-handle=1832,i,15135811938272290166,3522904028437328573,131072 /prefetch:1
  2⤵
  PID:1820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5196 --field-trial-handle=1832,i,15135811938272290166,3522904028437328573,131072 /prefetch:8
  2⤵
  PID:2828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3260 --field-trial-handle=1832,i,15135811938272290166,3522904028437328573,131072 /prefetch:8
  2⤵
  PID:2044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2804 --field-trial-handle=1832,i,15135811938272290166,3522904028437328573,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=1056 --field-trial-handle=1832,i,15135811938272290166,3522904028437328573,131072 /prefetch:1
  2⤵
  PID:3656

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2724

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

Filesize
73KB

MD5
1ea8873a35773f2046bebfdd80feb1d1

SHA1
5e1513013efe57a6206165a1e271962d2cc85a9a

SHA256
4b9d94041282c6a5bb61279aa4a9b1a92c0b5f6c4923e9d3d58bc0e054771b19

SHA512
93b5883db8fab32a83d704ec577a348a977466265e09bfadfe86b8f971d61a523e0bb40e6a3274c841d8121046a5d5235dab6306d1fd97cc9e2832d12b1c2bd4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
1KB

MD5
c861812693e1614da90f19e4db4e3259

SHA1
eec4316473fd86c5dee2a7ac1dbc179e0427246f

SHA256
49da20abe422031a578a3ff8a7997da3e52b857910bbb236906f7b7e36906b82

SHA512
9670464d862dff9e47a36200bc9ab7daa43c57543f60de28759dff8da35bb3535fa99d25a3c15c0055b78d8fcd60f76997b37f34eba431e67010561a83592e31

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
88d0691a6ab5478dfefdac7b6086b0b8

SHA1
d48b9ea7ce282ae4ba0d2ff513d2849cfc2faf15

SHA256
ed1e7e4cb040bbec285c6184f0eb4bcf87aba016ab72ab5a7d094b1bfae43cfe

SHA512
0544ca06a7a66de234a145112ebc2550379184637e9c8b17a7f94dbe9ce842ebaa710eaa6623cebc71b9ea51fefbe9e3c40cec99f5813b5938beb659a0d2ca78

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
6f1b21df829ebb1c0a0d7ad577ad9e2b

SHA1
f651c5955043779460a63b88ceb23f4a14c9b315

SHA256
16d9bdc20b23d1aef83486f0ea1bf8da4118253544a345ea1070ed2f394a3416

SHA512
22e2146fbf105c7657c8b1a59b952f58649ee3ca92d3d4492c93077889b3bd7ca555a6dd1dc6e2c90cc6c7998a83f26ad45c5bc7568ad957a7b32e4721478004

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
816B

MD5
f04ca0cca4e38071df74c22d7ab7ed56

SHA1
d92c778256f4af938778571eed3cb70f56e15b93

SHA256
ed5be166e5348984ff67f1880270a577e5b2f632b992ae1c184e80d4d7341187

SHA512
6c66533e30b51d4cccd35c06ee783a3c11e49b5f18b1404d94f878052cc7f1592059f7ebcd23ccaf7e5f3d433193ece025f9313b3d50ee4d6a14b392f29962d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
735751432c12965f1b13ead788eacd86

SHA1
78bebedfcd047513f6968912c43e35daf71164f7

SHA256
f675b3cd915bf2f8930932762c78ba11286c9ee7f04fe3aed8a40d7a12649570

SHA512
87e0d814ab237688d6dafb1e469098ff4c40e44f68cc8e924265a5c0be0066465f881730db4c09a6d3e8807b399d98a949ee44d541254848a3499df504fd7b7f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
b5eed68d973d5fb8079fc0067879a59a

SHA1
e99549491a822f55c7a524eba3355fab83d00e66

SHA256
121ef965a8ea034c1eb7b24c9e1f66b2348abc8dfcb23250ef605faecb864e63

SHA512
dbe16f55a4c4ab34b4a5d9c34c4727fc849a3a346b4ff226f1db5beb01c51db2d5618f09b3b2a9cdb04d77c69adcefc5c2feee3cab3fa951a308506c34d66dfb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
9f40f11f486dd243fc0b84891ec5f0a6

SHA1
1484977d7bace800e22cbeda5cc0b132b51511d9

SHA256
3f84b07a41548dc2040e10c431b8f1ccf4e7b961e298c4e3e991023b4cadfa3b

SHA512
b336bf34a826bfd453470830406ba82d5b7084d80369b9a7ed8c143b68cb7561637d3de7b3a6304f0caa78fcf93eaf72a3f5a8a72d764281f06ea37486521315

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
8424dfab631b809e60ec93017229085b

SHA1
3861b5a6d08e738bde049c46ba9e50b0b5dde98d

SHA256
1540b5f42b4b76b6401be9c37963970ddffff936f19d07a9058ed33537237f15

SHA512
6d2bd3e556411de499bb69bf5ae6102b12c2a1b513b1ebf691612645b34daf86398e822c25fccb91aefae082da6fa80f17b9d9e3a0775a16d8476dfc197bd73d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
f5d1e79b2ca8f73bbba58358f3d936ac

SHA1
ad7c0d37faf536de8eee40812e3b523e1e1a3548

SHA256
eacfd49d6a8f6a530aa95e4ce320cfa1bd5a31a21184ba35d09e3b867ba3d329

SHA512
c30d672c195f61ec5233ecee397339ce731a60dadb28f85524e213bc76e057d7bdffff89a6ad14c8c159556acf371502403c88b7b353b75023acf4378f691053

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
9738b449bd759365e0e555daae0d6773

SHA1
d18502b8951d0407a791212e6294d1cd504128fa

SHA256
d78fa3a11f85bccfef10c6905fc40ed35f282968cb12214d96a892721ea222e9

SHA512
2d21e26371f83bb19af20d809303127834453c3ea89c7a5ed18a7bb423f23e436d53f38c250a0d7d73b949db1b8431c7c18f054ccd86cc27c2cc4badddcf56fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
26bb429016a8441a320fc38626fe37b2

SHA1
77402f1be9981351a6ff3eeb4024c5531a5f857b

SHA256
2bb3c65ea9714b1904b22274a73804eafd6bdd5fc047ef0f61f769e38a5bdeaf

SHA512
27630c8cad21991c0d375ed6b555c3e4d3e4026f1062bafec2e0b5ef903f0f811bcd84fac066f2152ac292ce2fd44656f495cc6924332752b0ad5f73635141eb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
2906706e4d6dbe1b7af4317108733177

SHA1
13650ef8f19fa74e1b31f8513a4b3ac5dc64b63d

SHA256
775f0eec7d51e4ebfe140b6e68e58d55913e87f1179138da386348b631e653ea

SHA512
d06c289aa97d6c2c91111a1ebfa9244356836e0b4635032e5fc13962f9a3b66749036d60da45c7d8e608db7e3538d8a898acd0fa5966b7f4ebf1813a65fe0e83

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
30d6740bcb85b67b91837a7c938f977d

SHA1
f44d75d7334092ff79ffc5b9326a6cd0cede0810

SHA256
46db49b19c30c058597efdff151d2926c692958d8cad89ff043bc6c3f8fec6dd

SHA512
c69740464268162ae44afcd8e227be8e49c096cc0aa29b9fd298e77a5c6348a25593a467d16ac573dcf438c75c30be7f4cce777401300eda736db670d7246471

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
51d413b101ee5078bd01e6634e7e70bb

SHA1
dc375b3df024009eac28a25750f2008c71a15447

SHA256
383c40e4a7207ded79fca693255ce85db7f07988beddb3ef22de3c258aa6049f

SHA512
1b4596a2e758674770d9a5fd811d7236b7e7d53d22c3a675b1e331917ba934e2192125051a96fd1e8dfe3bab80e83aa9b80269995bc4523dc18bb7ecf1851b06

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
53a71425958909050e95e183b85fa925

SHA1
fb210bb7317a73f7613626f6051f9fb68352f9e6

SHA256
e90212761a6e8e0273a239288b42eb54782a750a33e167c5e42be26f981685eb

SHA512
22a0c2da9e48a40e8ce33f6900f257ef96b4789315ff184e833972ff42525b82854d16135af024050c58fbdf4cded8c4a8aa5b7cd277f5845d746b17d7ee8db6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
9a993301ecea93dda4329f045bac0bcc

SHA1
155fdde9c4df56f55f00660eb6cd23dd5d0e00ce

SHA256
7c66da90b50c2a0213b9833b64b63c54c045f76f83c2aaad617f379c27827489

SHA512
dccf3dcbf90376e73190a2db1d9d0a9ddf95559471404ef4a64fc3179e0dfda9c70a9e2e297ba0ce743dc7ff50baa334d76263b663ee6c29f628a615f94af742

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
d2cc62fa263379db393472850ee505b7

SHA1
d1b76f6ea266064d971e325901911010a84dcdf6

SHA256
9b380a46e7f2fd8b112015f97dc8a3bde9423ccd2697001ea1684b24ebeaba04

SHA512
6924d3646765bdda5a38db9340c6cd1743eebc2aa6075681656a903e175934265c55e96ea700244316f64aafc49bfd717efb9379826c7503fc3457dd1da34f6a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
73b10936219d75eef92a7eccba54a717

SHA1
839c911be6d199b5a1115e120618e306bf086806

SHA256
44282b319f2be54c052284df2d99f178b08189a499320970a3d9fe7103cfe561

SHA512
820056a12cd8ca48ff9b96189fbd08ca46a85e3905b82ed5f7593eef31244e688022a3ff9a55854ad24220d4dba47e8cf30340174777d636e31f8eb21bcf97cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
642b4735b29c6a9bf2d76366d88175f1

SHA1
56ad0a85aa227fe00a55ac3dd29086b2fe6beeb3

SHA256
e6855d93ddb1a24737c161159a47dc0e1cd0ac132b828fd6ab7e1d8bdfb9e4b5

SHA512
be60743dcf32acbbb3069c21255f453810248b216423508bb1ddb7e7d6c1deb248285ea205071926849882600b5f1f4ffbab6c61d80b18bea892909e1ea98400

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit