Resubmissions

13/03/2024, 13:51

240313-q5587sec8s 10

13/03/2024, 13:46

240313-q293zsga26 1

Analysis

  • max time kernel
    159s
  • max time network
    164s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/03/2024, 13:46

General

  • Target

    https://app.mediafire.com/uzg9rt06apy3o

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 1 IoCs
  • NTFS ADS 1 IoCs
  • Opens file in notepad (likely ransom note) 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 15 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://app.mediafire.com/uzg9rt06apy3o
    1⤵
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:3128
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd8ef29758,0x7ffd8ef29768,0x7ffd8ef29778
      2⤵
        PID:3672
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1776 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:2
        2⤵
          PID:2324
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:8
          2⤵
            PID:2352
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2168 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:8
            2⤵
              PID:4380
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2992 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
              2⤵
                PID:1696
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2996 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
                2⤵
                  PID:4608
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5360 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:8
                  2⤵
                    PID:1664
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5068 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:8
                    2⤵
                      PID:1964
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5604 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
                      2⤵
                        PID:2816
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5652 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
                        2⤵
                          PID:3836
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5780 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
                          2⤵
                            PID:4208
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4852 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
                            2⤵
                              PID:5800
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5584 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
                              2⤵
                                PID:6076
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=6196 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
                                2⤵
                                  PID:5768
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=2704 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
                                  2⤵
                                    PID:6008
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=6492 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
                                    2⤵
                                      PID:6044
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=6652 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
                                      2⤵
                                        PID:5084
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7024 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:8
                                        2⤵
                                          PID:5496
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=7332 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
                                          2⤵
                                            PID:3604
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=7340 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
                                            2⤵
                                              PID:900
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=6148 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
                                              2⤵
                                                PID:6000
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=7608 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
                                                2⤵
                                                  PID:5468
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6312 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:8
                                                  2⤵
                                                  • NTFS ADS
                                                  PID:4860
                                                • C:\Windows\system32\NOTEPAD.EXE
                                                  "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\PASS_2023.txt
                                                  2⤵
                                                  • Opens file in notepad (likely ransom note)
                                                  PID:3200
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6456 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:8
                                                  2⤵
                                                    PID:1756
                                                  • C:\Windows\system32\NOTEPAD.EXE
                                                    "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\PASS_2023.txt
                                                    2⤵
                                                    • Opens file in notepad (likely ransom note)
                                                    PID:5360
                                                  • C:\Windows\system32\NOTEPAD.EXE
                                                    "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\PASS_2023.txt
                                                    2⤵
                                                    • Opens file in notepad (likely ransom note)
                                                    PID:5676
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=924 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:2
                                                    2⤵
                                                    • Suspicious behavior: EnumeratesProcesses
                                                    PID:5516
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4596 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:8
                                                    2⤵
                                                      PID:5784
                                                    • C:\Program Files\7-Zip\7zFM.exe
                                                      "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\roblox.7z"
                                                      2⤵
                                                        PID:5892
                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7832 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:8
                                                        2⤵
                                                          PID:2648
                                                      • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
                                                        "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
                                                        1⤵
                                                          PID:4088

                                                        Network

                                                              MITRE ATT&CK Enterprise v15

                                                              Replay Monitor

                                                              Loading Replay Monitor...

                                                              Downloads

                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

                                                                Filesize

                                                                40B

                                                                MD5

                                                                7f652922f004ed965b78a444360adb45

                                                                SHA1

                                                                c681cba7ca5514905f53cab070f45fcc549b8efe

                                                                SHA256

                                                                e888caafef4d1107a5ed6749cb7520e7f7eacb2b0f2cbac9f8ba4882167200a2

                                                                SHA512

                                                                f9f79f1360f01ded2ade45a14af8755f9d76d02bc82eb643bee7d1ddc196b6502047a34878e90706878e15ed25ba85b3e32cf0325e93f9a90038e429b87ec294

                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

                                                                Filesize

                                                                20KB

                                                                MD5

                                                                87e8230a9ca3f0c5ccfa56f70276e2f2

                                                                SHA1

                                                                eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

                                                                SHA256

                                                                e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

                                                                SHA512

                                                                37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022

                                                                Filesize

                                                                62KB

                                                                MD5

                                                                aa41473732f30d3b58deb7b994624a04

                                                                SHA1

                                                                785555553919d805666b4b135ee0cb79b3aea51e

                                                                SHA256

                                                                7a3ce70f6a14dbcffeb2aeddc3f22dad500abaa0d18b387e4930e36bae09ed51

                                                                SHA512

                                                                00bc19d8266aca5de6b551551d8baf8f537b8e5784566109cd9c24cc6463a652ef7d1466588e0401a7d52c226647454e5f992c4581b2166811294091e3040af9

                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                Filesize

                                                                288B

                                                                MD5

                                                                274efd17192b14a26fd50ee9be7453ec

                                                                SHA1

                                                                16b7f494e6ac8aae7f2f6c38412d1e61b341159c

                                                                SHA256

                                                                30de954d353d052ce505f8824bd19a2b6cc89d016264bce9e8394e5fb689e888

                                                                SHA512

                                                                aef780b1e2ed36500e91457cac6e5b1478c88700e5ad4f1828b97736c2854dd874c017e48f598566d7e7e065578211e2589c4549a378d91065a23b35f206e9bc

                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                Filesize

                                                                1KB

                                                                MD5

                                                                79e3ed1b80f05dee3f32fcb1c9aaf447

                                                                SHA1

                                                                0d1dd1102e11b6cbe8d7dd98bbcd52845303629e

                                                                SHA256

                                                                f4a4767d4408745c3a13edcbe61b20e7ba911eace0d586c8ec1cb6559654da91

                                                                SHA512

                                                                e7a47c909106a1df100ee1a7ae114a649787365c0abc26da59169ef9bfff9447ebe32dc683f1ded17bd6775cfb67f1451d49fcd970fa83149e43f7cc7b43b209

                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                Filesize

                                                                7KB

                                                                MD5

                                                                5ee51ae38ba4b96222ed3899b5016334

                                                                SHA1

                                                                6332f44680607085675f7f81b938c94419964242

                                                                SHA256

                                                                ec16e7527ebcd73a9af8c229866e41967ef47b02f47906ada336935ca978833f

                                                                SHA512

                                                                d65bbdeeed037a6cf3d51a004a5383ad1a153c523d0bb922d70481ec74507f42774d08f820ee21a19bfc6e33d411d9a2d9654ed5394266caa8faf8ba9d60e6a6

                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                Filesize

                                                                13KB

                                                                MD5

                                                                f03149a54955179a1e6ff2a5f478e092

                                                                SHA1

                                                                78ab5db7a4f7ab183ff1da2d981b356c6663d70e

                                                                SHA256

                                                                ab01eb118cd36f72d995802c93a439a6f54a907a0b743a0e45532c1ce48afa79

                                                                SHA512

                                                                ea65b9f6c87a50bde5bfb9c7b72238cee6ae3cc0689b9d95b89cb435b5111188f48d5499d9a0bba22f2822809b13f38d3813f8f9cb638adca2d88e1da2587155

                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                Filesize

                                                                1KB

                                                                MD5

                                                                dde37f2abdd0151c034d4e930efe62d6

                                                                SHA1

                                                                48e7314aa0d4ff4ce7510b03c3590113eb5bae2f

                                                                SHA256

                                                                88a737f0a9455a3caca4a0cc7fc6def9d0e86e43f1ba01e9929db2cc97d89650

                                                                SHA512

                                                                08f0b54296fbcf692c34048b1d8ae42679b1d756a249ea058375e7c7ac0bab2d10a79911a5973e94d8cef459bec3ebbfab5d2bf772a61a3318583e6313d5bafc

                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                Filesize

                                                                1KB

                                                                MD5

                                                                9d47d5fa50afba4b6bf5cda25ca4ac24

                                                                SHA1

                                                                da2442224d0ff34ee8abfcc688af85be4c404299

                                                                SHA256

                                                                ab48d6b9824527095f323dd420ea2a433da0943eff3ec1ecb11b1f094f372e73

                                                                SHA512

                                                                a51bda9c72959509de13e56a37df15044c768fb45037d9ae91dd398af799f17bc8d90868349a3b57579701408d32d49f2a05d39a6b9e7cc9c24135c160756aa8

                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                Filesize

                                                                2KB

                                                                MD5

                                                                aa7f6edfa39b2acd39c75925abead25a

                                                                SHA1

                                                                14ed8a0e3726419e7f851a6701971ef399c1f11e

                                                                SHA256

                                                                9f313bfe8863eda86bfb07482a75bae7c850969e831df637cd174119d7f74e2f

                                                                SHA512

                                                                20fafae02c8914447505f8127340a5505595b44fc4c36176c992f1ea6b5ff43a7071289a8a9d309d58ff845b88b6b455c168177845c3fc3ac96279a1ebc02451

                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                Filesize

                                                                1KB

                                                                MD5

                                                                ebb136c035b1d5a50eb6553884756211

                                                                SHA1

                                                                d973a13b9fd26b27c22d1a08664dde8b39998140

                                                                SHA256

                                                                c9acd7f2579c30ea6cdd1bea36b1a48cf43fd01c15de9b92fb006aa2b7d1bf36

                                                                SHA512

                                                                eb343edba7f57a6fb43f634f303ad3a9884720c23b35433b57f83e339a3a4cddb4c5eefd03fe433c669d856585775d9311a509c0b37bd5d2df1554df63371c5e

                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                Filesize

                                                                7KB

                                                                MD5

                                                                3996ce5435649fa0afc05eb87e9e9397

                                                                SHA1

                                                                52ada8006cb0e844a94474751649bc5194dd8fec

                                                                SHA256

                                                                9a411cfc8dc799b96c1889cbb6d1322c78e973817572e997e9053e704e97e52a

                                                                SHA512

                                                                922653dde4e53c629fede7aece855aef00461edbc1020eec5dee4d681945aac2659d34fc70b2011af212ff6d13488b5bae636a8a27e7bbce6148b9d0dcb8ab7c

                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                Filesize

                                                                6KB

                                                                MD5

                                                                06cd14bc8887567c034d6d7f1096327c

                                                                SHA1

                                                                a79e4ee5d5d8042aa89ee8e01b3cae5a5d8de997

                                                                SHA256

                                                                742b30458f29ef2e6f8b2d2702d1215c068a5cc572932d1db4507ee9b78f1634

                                                                SHA512

                                                                44671c7c554781bb7c51cfdcee26a5d0b3a7dacca9523b20ce3086ec52ce908cb6c754b8dcc94c7e5dd61523173171ab3f0d36940ef5fa76190001fb87833df1

                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                Filesize

                                                                6KB

                                                                MD5

                                                                57a262279c62e30d76e135e00c2fde9d

                                                                SHA1

                                                                ee8da855c0abce2708b3e9546ffce058dc521ae3

                                                                SHA256

                                                                27740b4a6daec32e40e98a4ffe23c8e30f554f4a432bbcaf665a1f8a86d7cb6c

                                                                SHA512

                                                                768310e81eb044b4bf378d70e47b90906adae098912e7ed043e9aac84d970e46ae819f60f365c34485f065a4792159354485d4498dbb13e001b1a204dd30cf74

                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                Filesize

                                                                6KB

                                                                MD5

                                                                ffaf935325769ed161ef5018567147ef

                                                                SHA1

                                                                e063ed1bc9a65be9de4d6188823b5d98fc8624c6

                                                                SHA256

                                                                544496b3c8fe2a3685be3a28077ef943d2cbb4fd8eff86fddf28ae3b20fb6cad

                                                                SHA512

                                                                4a85b203df108d6749f900c7816964e72d8d67e7b2905d621b8bf3419c3b2fd798e642a75930780bf6030701b6e8a482604f22b9a31027b5b3963d53a37b0710

                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                Filesize

                                                                7KB

                                                                MD5

                                                                cabbdb196857fc4c507f848d18c0d81a

                                                                SHA1

                                                                529194e4b5a362a51daf5d48dea3e366c5c9aee1

                                                                SHA256

                                                                073fd94e4fb75285c28a8838b1f2aba0740d84261ca8d4cd3fbd34de25a1f2ac

                                                                SHA512

                                                                8e1925d2b93e6387229354232d70e72e4457c8eab70a244dd45ae13e9dc50091a914dd3c48297fc3b0c8d1539739fc1d9aa9da9c3249923e115707b60a7f88ee

                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                Filesize

                                                                7KB

                                                                MD5

                                                                e061cae66cc3d6d6dec56aa0e8ae0485

                                                                SHA1

                                                                e17eb08738541317bc4c77fc1b044d24270ab66a

                                                                SHA256

                                                                d11370f7032248b6512eb6ba052d310732af813b5440047f2c36736edaebbf40

                                                                SHA512

                                                                9cff41a020c58c5d0e12a19df8a39ff1c62c9f7ad0bb64ddef7778fe305732978cedd29881802ad5b6a0fb424b29056d8160432284093f9f574383692a33071e

                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                Filesize

                                                                253KB

                                                                MD5

                                                                9bdf243ae814a8520a743e2c57517427

                                                                SHA1

                                                                06d2d5cd2507c53020d499c2cd4077967171bdf3

                                                                SHA256

                                                                5efea8ba77271105b033259563d00830aea59f1e514a88c23d6efcf9632ead74

                                                                SHA512

                                                                298bbaf1b69769e00a5b3f4aa4eee042298789f8b8dd98155271f876f991d74f47d92b1f5c4ffe0e70e07555e6a2ca817fbf95e9ac03ef390ced5c9019ba6fde

                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                Filesize

                                                                253KB

                                                                MD5

                                                                14a75668ff755f14e5cb89e25715e9e2

                                                                SHA1

                                                                80fab2507c7a30930d6f0ff66270a098b3301505

                                                                SHA256

                                                                b79aa82c4b8f84d39094b6e70563857061f6afeb812d825ccc6229b34ec83570

                                                                SHA512

                                                                1d8ff7419d6ec0ddf6bbefe7e37214fed650f6771ff7a983ee3d2d816dfe6b4cc031ecf2003c5de1599c4ad5ca0a96a69484bb058c56fc3ce2e94c3f013c32d9

                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                Filesize

                                                                253KB

                                                                MD5

                                                                dc0f895773ffa90e743c4d2ff27aec92

                                                                SHA1

                                                                e1b27c756d2f812808ca603475f9b7eaa72137a2

                                                                SHA256

                                                                734f4f215e8ffc1b65619f4d162495e0a6da350e672c3b76f1b84fe9875bb6ff

                                                                SHA512

                                                                a00590089bc4f01e0d8a5550670bd345170bfcbf5d9a8a84e8f2b28cf8a998a3a153274e6c841c138108c54ff9396bcbb6fc8adaba948e680cfac46e88f02f44

                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                                                Filesize

                                                                109KB

                                                                MD5

                                                                e275f829805a2b53b500ce50460e19ed

                                                                SHA1

                                                                667a994b84b22d03518676630e3d073494b71c16

                                                                SHA256

                                                                d37b6f1617206af22ecdf1777b9bc44c3bbe7631109e3b5aae1b5b28af6ef366

                                                                SHA512

                                                                66d460b65236bc1bcf1c3d43ae184bc6001e01ccd7d741a4c844f25bfb7a158258c01e3f4b04fb2c0e5ff1aabae708e7f3497bb0ddf2b245ccea7db298156957

                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                                                Filesize

                                                                116KB

                                                                MD5

                                                                894b0c38c66791d6e5eca49fad18c62d

                                                                SHA1

                                                                3404578f9e27bec13697f8f15964fd45a7f5cc6b

                                                                SHA256

                                                                e03f130b3f72e80b39cb818177e50954379a3deadeef3dd024e1897eaf269e03

                                                                SHA512

                                                                af7ca3f5cd49b2671b6b6036949cb7a478c5861038339f3d428dd6622118aad8d56f7cee2cf5c6ac9e12f9e7978a359a4abbffc91a51a731bf8d9263888851d3

                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe590c99.TMP

                                                                Filesize

                                                                103KB

                                                                MD5

                                                                65249712a4f6ea7a51593a80d4e02092

                                                                SHA1

                                                                72980376991f1a3fdbcd4449a9b4b82c86914f50

                                                                SHA256

                                                                b3591725a51bb042451e71245cd7982c435b0e8c52f3600af87bad9d983a5cd2

                                                                SHA512

                                                                7c3683f0afc3dd6fcea060cb1d5b52ae215603f26e7901310a07e9c483820bcf9f7b13aade3bb08b14861b5a460221432f22698a79bd95c8dd73f057c6712e20

                                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

                                                                Filesize

                                                                2B

                                                                MD5

                                                                99914b932bd37a50b983c5e7c90ae93b

                                                                SHA1

                                                                bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                                                SHA256

                                                                44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                                                SHA512

                                                                27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                                                              • C:\Users\Admin\Downloads\roblox.7z

                                                                Filesize

                                                                8.3MB

                                                                MD5

                                                                b2d6b0d1babc365dcf7fe66d6ad958e2

                                                                SHA1

                                                                79776e8df4ce1f4d79b3fad67da3a4c2665fadca

                                                                SHA256

                                                                deed075831932d463d5111d9222d52943f2f887f2e060a40dfce7be881b837d0

                                                                SHA512

                                                                a3ec921919d40823f03a651aa7defd32a5244efc4fec2f8e2fa2d45c7e8e95ad3964eca723532e12e0b430eb829d7c7c17e367319ddd5ba0bd903931916aedd1

                                                              • C:\Users\Admin\Downloads\roblox.7z

                                                                Filesize

                                                                4.3MB

                                                                MD5

                                                                f1ad59b5a1119bc5386ad42c85d23269

                                                                SHA1

                                                                18eefc02cc5401a7ab005afd40872547328c7ef6

                                                                SHA256

                                                                a67bf5edd4719a7d0079c410e164f962efddbb308206baab5aa07666a0dce4c3

                                                                SHA512

                                                                2afe38dc8aac35edcc24f23d4740ec4498165b185fb390d8704ad119fb05d19308c23c74c8db8f2bc4df0f380f3218d1fadc43a0293f3db711b96b9f6fb86ca2