hxxps://kittenassist[.]cc/

Analysis

max time kernel
149s
max time network
155s
platform
windows11-21h2_x64
resource
win11-20240221-en
resource tags

arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
submitted
15/03/2024, 05:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://kittenassist.cc/

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
3	discord.com
23	discord.com

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133549528760473236"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3084248216-1643706459-906455512-1000\{013EA249-B60B-48C6-8606-FFA9E71503ED}	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
2344	chrome.exe
2344	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe
Token: SeShutdownPrivilege	956	chrome.exe
Token: SeCreatePagefilePrivilege	956	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe
956	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 956 wrote to memory of 3116	956	chrome.exe	80
PID 956 wrote to memory of 3116	956	chrome.exe	80
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 4916	956	chrome.exe	83
PID 956 wrote to memory of 3132	956	chrome.exe	84
PID 956 wrote to memory of 3132	956	chrome.exe	84
PID 956 wrote to memory of 2316	956	chrome.exe	85
PID 956 wrote to memory of 2316	956	chrome.exe	85
PID 956 wrote to memory of 2316	956	chrome.exe	85
PID 956 wrote to memory of 2316	956	chrome.exe	85
PID 956 wrote to memory of 2316	956	chrome.exe	85
PID 956 wrote to memory of 2316	956	chrome.exe	85
PID 956 wrote to memory of 2316	956	chrome.exe	85
PID 956 wrote to memory of 2316	956	chrome.exe	85
PID 956 wrote to memory of 2316	956	chrome.exe	85
PID 956 wrote to memory of 2316	956	chrome.exe	85
PID 956 wrote to memory of 2316	956	chrome.exe	85
PID 956 wrote to memory of 2316	956	chrome.exe	85
PID 956 wrote to memory of 2316	956	chrome.exe	85
PID 956 wrote to memory of 2316	956	chrome.exe	85
PID 956 wrote to memory of 2316	956	chrome.exe	85
PID 956 wrote to memory of 2316	956	chrome.exe	85
PID 956 wrote to memory of 2316	956	chrome.exe	85
PID 956 wrote to memory of 2316	956	chrome.exe	85
PID 956 wrote to memory of 2316	956	chrome.exe	85
PID 956 wrote to memory of 2316	956	chrome.exe	85
PID 956 wrote to memory of 2316	956	chrome.exe	85
PID 956 wrote to memory of 2316	956	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://kittenassist.cc/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffae26f9758,0x7ffae26f9768,0x7ffae26f9778
  2⤵
  PID:3116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1580 --field-trial-handle=1800,i,11658418103126604333,16284623609161462240,131072 /prefetch:2
  2⤵
  PID:4916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=1800,i,11658418103126604333,16284623609161462240,131072 /prefetch:8
  2⤵
  PID:3132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2188 --field-trial-handle=1800,i,11658418103126604333,16284623609161462240,131072 /prefetch:8
  2⤵
  PID:2316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3036 --field-trial-handle=1800,i,11658418103126604333,16284623609161462240,131072 /prefetch:1
  2⤵
  PID:4736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3052 --field-trial-handle=1800,i,11658418103126604333,16284623609161462240,131072 /prefetch:1
  2⤵
  PID:4480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4960 --field-trial-handle=1800,i,11658418103126604333,16284623609161462240,131072 /prefetch:8
  2⤵
  PID:1012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5056 --field-trial-handle=1800,i,11658418103126604333,16284623609161462240,131072 /prefetch:8
  2⤵
  PID:2356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5152 --field-trial-handle=1800,i,11658418103126604333,16284623609161462240,131072 /prefetch:1
  2⤵
  PID:1800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5316 --field-trial-handle=1800,i,11658418103126604333,16284623609161462240,131072 /prefetch:1
  2⤵
  PID:1356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3124 --field-trial-handle=1800,i,11658418103126604333,16284623609161462240,131072 /prefetch:8
  2⤵
  PID:1360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5452 --field-trial-handle=1800,i,11658418103126604333,16284623609161462240,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5396 --field-trial-handle=1800,i,11658418103126604333,16284623609161462240,131072 /prefetch:8
  2⤵
  PID:2940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3144 --field-trial-handle=1800,i,11658418103126604333,16284623609161462240,131072 /prefetch:8
  2⤵
  PID:4948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5008 --field-trial-handle=1800,i,11658418103126604333,16284623609161462240,131072 /prefetch:8
  2⤵
  PID:2988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=748 --field-trial-handle=1800,i,11658418103126604333,16284623609161462240,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2344

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1088

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

Filesize
37KB

MD5
8729782f19919a112ee0a416c39c3b4b

SHA1
e3eebd369daf8b2f4a571a2a9580c1abe6c2e0a3

SHA256
0f8ba61c87cf18816d209580426067080e1e570e23a29d6cd5b94eec6035cce8

SHA512
c8779eaba1703e5a700b1b927d18d3f58f5f22bdb6669c7fd7ab3d9e14a365fef2459bc4017dd444b4aeb6f85db25ed5b618b39a4190190d73d541d0fcf97d6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
169637a7b5b4ceb2cdb2c311d80e3a55

SHA1
56c2ee1a902f900c2a31403cf3c689a9f3a52fff

SHA256
b425ecc590d02e56a570dcfa156b1e628e271154b9b1da4af3158896aba83709

SHA512
015ce650e6b3ef7aa4665b991cdf9d574f38ea262bdf2deab5a065c6287b83a852bbbd83e1cb7af11f7ceeb4d036adb8e3bc59d90ac8a3ff3aafb062a81e5406

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
4dd92a8fb41b3b13986fff0085715a87

SHA1
217a5f9bdec2de0d85d635957021533294cda5e0

SHA256
e5c376b7b6004da95644c4592d37f973e60a802c7ef8a499f62a3dae795eb9ab

SHA512
c53c8fc31a8906ea508c4830e676d6ca209710aac4c806f2768b9feebc9002bdc2b7cf780c245089d7711593dbd5ece1c8489f4e2c81e6a30285484aee099225

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
875B

MD5
26d41142ed1f2c4e72adf9ba6ffd839f

SHA1
6f6cf7f606c00f9318179326c413d7dd5cacdd4a

SHA256
84a3c00d176a605db5d3db33538098541bdd3aa121b947fff6230f5deaabcf8e

SHA512
b1c94e6d42c644003aa34e00ba69620d68aba07fb95082dfb182209ad077be4ac97154ba674199ef288c4cd91fbc405147303e52d13914524946c24ea49bdab4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
438bd2849cca1d8f1a0d17b45e837a48

SHA1
8ef0983482155495923485af68bdcbfe1a7fa716

SHA256
5aa7b4f11ede680f685172a455ebf93b89499caad4f46f64f4a67c3ff4def098

SHA512
06b51322746b718228ab7bf07d770902b021bc91a247b48235bcb664d8bb44c4ec34368aba5c4afee81d4fa6c99fe59a10252484e9d516605888eee5a62c4a18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
232f5b2aafdaa756891c48ea01b0d955

SHA1
521edf13c6ddc71150971a849956c791fa619258

SHA256
6ff3311104965d7fc7d46961cdfb6b4a9f73091360e37be5b0396dae73e83b53

SHA512
e83cc08d4979e61008af08f92517d8f7237affbc5d652a39d7ac8cf6b4cef4b0aeb6b8bb27c5ddada238b9575f7dfc9565864da9ba9647fc405ac62f0298b766

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a2dcdfaa9ee38d2676e961016569d30b

SHA1
663db83575aef6651c5a50823768ed12e86c56ac

SHA256
625cdfd1a29da4a39c96a6fe72bb1f6f25c30d9175192dd7f202feec25bc78bb

SHA512
89a8357bb4207ed9696759b2ec8c6997814678997b6e4d07e39ec8504efad934948a563f9d73493f10de184e5cc3cad804f0f8ae5010611b134fc721d35c2850

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
131KB

MD5
b3adf79a299737cab2d54eaf6cd26a03

SHA1
40ab5f5cfcfa2ee559b95b99876edfce89b7e9ea

SHA256
8c9205dc38b07a66713eb7a086b8a6d2e7fbe19d3f3544802ce344e4dba91a1b

SHA512
011d082b72a20bd53e86b30bdc40448a973a9470f5a0311ae5777d00b255031228f17c1e316647d4de45168f61d9b6fa006bbd44d468367766ad6e4f5e348640

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
132KB

MD5
f08f12f9ee96a8c0b1c8557160b6084d

SHA1
5a3f712337ffef11ac3a773f179e7afa243a0296

SHA256
0b528c3d7476c3826777a4541a5714144f3cf4233c1b3836315d8c47b3792828

SHA512
cfcd1f55ed0065134733ce43f0181419b665eef5ad07d34722d73639a327049673fabc8405d72971de9930dbbb264cef4a47afe5feae207e297f4c59541d7fc8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
151KB

MD5
2f967ba01b9fc85184e4a7142ff1b721

SHA1
4baf2dbf5220b40612aa7234d2810babf73ba526

SHA256
1dbec54be95397b8fd20f7cb2b0fd2fb9f05a973eddf69786fdd55d02cd3d284

SHA512
6762ed68bcfd1bc245ae21aa2ac5c815589a9283984f1a1c5362738f01c0f692eb83e00d1bdc76a8613d56e7c11a2c10f44731ffc0608ae6ab78c01646da8a70

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
131KB

MD5
ac2967237d7e6ee531dbaad4e45f0d0d

SHA1
ac78c6061ed823536dcfb0ed3b233a19037c618e

SHA256
1ed88280db06be95c424f302ae24602ec80922402edf0b4960cda0de89031e9c

SHA512
b797120d9a5a9d3e416b8957065ad586151fd2c7a349ae321502c65b4d9240bc4f6118066c95f9dc803959734f8fd18d20044ebb0261523297e1b7ee2329a3ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
94KB

MD5
203cb3fc1f1bea5ad4fef176aa2185cb

SHA1
baa36496224b083bd1fd947e07847b0624a96660

SHA256
a3c6e70577c9173cfd4019cfff598a08082112926eb6c700ab474fc09dcc2222

SHA512
1579037f4cc98dcc613390dc65debcbdb4e9fd5623ac7bc191563c537df838083d9be985f8a3b5aea9f01ad56b98151f682bb3b9394a9ca12e6c4ba5b97bd19b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57fc23.TMP

Filesize
93KB

MD5
c19cf856a67b4a2f7d0f5d27994b1cf2

SHA1
cbbc6ab68ddc5bee8a821bc594ce087841f87cef

SHA256
fbcc4e99cbb4499ee75af0c8872f2d1ddcec5a05be702247c6b1e0a1573a243b

SHA512
1f14204914e8dcdfdee413a7e708357756aa3336c8a3eef526234933d400551d866828fe86ad023a0134555b5afb3ab1c22c5ca911fcbbc5917195225ed0ba12

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit