hxxps://spdmteam[.]com/index

Analysis

max time kernel
1799s
max time network
1685s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
19-03-2024 10:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://spdmteam.com/index

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
46	raw.githubusercontent.com
59	raw.githubusercontent.com

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133553162122700914"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4888	chrome.exe
4888	chrome.exe
2616	chrome.exe
2616	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe
Token: SeShutdownPrivilege	4888	chrome.exe
Token: SeCreatePagefilePrivilege	4888	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe
4888	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4888 wrote to memory of 4156	4888	chrome.exe	85
PID 4888 wrote to memory of 4156	4888	chrome.exe	85
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4492	4888	chrome.exe	87
PID 4888 wrote to memory of 4092	4888	chrome.exe	88
PID 4888 wrote to memory of 4092	4888	chrome.exe	88
PID 4888 wrote to memory of 4884	4888	chrome.exe	89
PID 4888 wrote to memory of 4884	4888	chrome.exe	89
PID 4888 wrote to memory of 4884	4888	chrome.exe	89
PID 4888 wrote to memory of 4884	4888	chrome.exe	89
PID 4888 wrote to memory of 4884	4888	chrome.exe	89
PID 4888 wrote to memory of 4884	4888	chrome.exe	89
PID 4888 wrote to memory of 4884	4888	chrome.exe	89
PID 4888 wrote to memory of 4884	4888	chrome.exe	89
PID 4888 wrote to memory of 4884	4888	chrome.exe	89
PID 4888 wrote to memory of 4884	4888	chrome.exe	89
PID 4888 wrote to memory of 4884	4888	chrome.exe	89
PID 4888 wrote to memory of 4884	4888	chrome.exe	89
PID 4888 wrote to memory of 4884	4888	chrome.exe	89
PID 4888 wrote to memory of 4884	4888	chrome.exe	89
PID 4888 wrote to memory of 4884	4888	chrome.exe	89
PID 4888 wrote to memory of 4884	4888	chrome.exe	89
PID 4888 wrote to memory of 4884	4888	chrome.exe	89
PID 4888 wrote to memory of 4884	4888	chrome.exe	89
PID 4888 wrote to memory of 4884	4888	chrome.exe	89
PID 4888 wrote to memory of 4884	4888	chrome.exe	89
PID 4888 wrote to memory of 4884	4888	chrome.exe	89
PID 4888 wrote to memory of 4884	4888	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://spdmteam.com/index
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffef7209758,0x7ffef7209768,0x7ffef7209778
  2⤵
  PID:4156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=312 --field-trial-handle=2064,i,1706033672860007033,14767558268091629233,131072 /prefetch:2
  2⤵
  PID:4492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1872 --field-trial-handle=2064,i,1706033672860007033,14767558268091629233,131072 /prefetch:8
  2⤵
  PID:4092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2072 --field-trial-handle=2064,i,1706033672860007033,14767558268091629233,131072 /prefetch:8
  2⤵
  PID:4884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2912 --field-trial-handle=2064,i,1706033672860007033,14767558268091629233,131072 /prefetch:1
  2⤵
  PID:3968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3036 --field-trial-handle=2064,i,1706033672860007033,14767558268091629233,131072 /prefetch:1
  2⤵
  PID:5036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3944 --field-trial-handle=2064,i,1706033672860007033,14767558268091629233,131072 /prefetch:1
  2⤵
  PID:3112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4732 --field-trial-handle=2064,i,1706033672860007033,14767558268091629233,131072 /prefetch:1
  2⤵
  PID:3184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3092 --field-trial-handle=2064,i,1706033672860007033,14767558268091629233,131072 /prefetch:1
  2⤵
  PID:3364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5276 --field-trial-handle=2064,i,1706033672860007033,14767558268091629233,131072 /prefetch:8
  2⤵
  PID:5076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5384 --field-trial-handle=2064,i,1706033672860007033,14767558268091629233,131072 /prefetch:8
  2⤵
  PID:3516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4724 --field-trial-handle=2064,i,1706033672860007033,14767558268091629233,131072 /prefetch:1
  2⤵
  PID:2016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5552 --field-trial-handle=2064,i,1706033672860007033,14767558268091629233,131072 /prefetch:1
  2⤵
  PID:1972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=6112 --field-trial-handle=2064,i,1706033672860007033,14767558268091629233,131072 /prefetch:1
  2⤵
  PID:4832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=6120 --field-trial-handle=2064,i,1706033672860007033,14767558268091629233,131072 /prefetch:1
  2⤵
  PID:1240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3268 --field-trial-handle=2064,i,1706033672860007033,14767558268091629233,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2616

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1652

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
264B

MD5
a69b3927cb74166841918b3786fd0852

SHA1
7f3effe9d4740bef0589eab88b0c60780d00df3d

SHA256
cadb8e45b0a1ec0d31ea7777251a4061b98a0d87fe05f349bd29dd235b399fb2

SHA512
a17ff5b73de40ce3c698b5d0f6f2099c784ef6b3814f45fedc43bfa76699fa45134b3cf330850143cb7211814ec0cef0690d33159cdea100e712304a53f1aa42

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
04f79086e30d13ffa490960d8b5282dd

SHA1
e22419803cdf9640da696d783a4364d346fdee21

SHA256
1f62cfe7c4b3a1853f06fb2f165171dbb27b70319ce36d4ef394e80f8f83f3b5

SHA512
9c0c50ddc556278295164ba6a2a8da0950f5534f2218b807101f6b508bcc18c120073f874f2e7528b45d0a1c67dc9c044aecc8f46f3eab179508ee3345886ad9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
f509ddcdea391086ef4c9e55a6c2c999

SHA1
e98c493eaf3b8e82e1d3bec14d9d0189054b27a2

SHA256
806152e16183c118ed45dda6c911b1ddedf24a4c008a209ef635c0270feb94b8

SHA512
0495a662b7954c9c29c99535e54bce7733f8b8a7c9624d4f54abb0eb5cf085a2c8d3c6cac616ef28e003524d34a3f289eef6d9fb7ab573523d45a08ad5a107c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
1f9ccf5ce1d1c8ef5235126417a6ba56

SHA1
b508d04b8a94aeb9a454fe0b1d8f4e1009588c3e

SHA256
c0ecf54bec5cd8a421dd8d68eafe8fc8f037fb766d36ed528d6884fdcd9e7b0e

SHA512
a59673cc905c83943d83954201bd43a518996da5e8369c84a8594412de27aa34872e07a25094b6721be057e1bce38f77ef78f46d209ddcdbccaa975d9c5affaa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
bfeafe27df31e30d75894ab6e06a8c14

SHA1
cc288f455b9cae6edebb5c468af3be877d907a74

SHA256
8cd29c4a30bbc8aaaa29948319ae2663e5ebd93e41c767b0a4fbec8fb1b508e6

SHA512
ea744e0338af047257281241c3257da9617682775a9b05e542639ab86edf324eb0f8555b33cc63a867cabd153e19ac49527fc8be510c6284230df41de5de9503

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
2bb78c279a18e000d2cca72afdb8b958

SHA1
0ebe6a398d73a00a0e4af049cb5984dc8b881ef4

SHA256
98ec79cc01de33f6f5e9a8df06c916ec5e957d7b118267050984be2107844997

SHA512
298dc75b725ac25b1af82d721fe7050348db61be937c2be98f8cd9efb09cc2ab669e0f832e1f8b82ba7be91d908e6e370b38e91dd2c9d5dfea07e65d87f7418a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
f67794520cac20c672ae4bb7e4b80d21

SHA1
31ac58feec5fc43e8d5180bc6920c24bae8067e5

SHA256
8944593d410cb648bcace96261b787453291d3a6d44b81b9a0100ee886babbfe

SHA512
2e88c09cf66ffeffb7ea06b01990bf1a836f748638c6d81445920cc301d0d391303b68ad263abfce4207c39183015f865cce0340755f095477238841e691060d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
5b618fce9e45b0d7bc0a0aa47001b67e

SHA1
66029e50e66ab35836cdef8de7a795e1694e5905

SHA256
d1eab3c3e41c2f3652fc37d8b97bcd759b2e9b748b654f4a05b54779b2f4eef8

SHA512
da3f95351fafe79c100109efd2e65ae91011d15624ceee6dd9b715c20735f87586d56da443b201c1cc41e315123c5ec7a4014a463686f9e7e01bc836a111949c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit