hxxps://ezel2[.]com/

Analysis

max time kernel
1050s
max time network
1015s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
19/03/2024, 17:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://ezel2.com/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133553440714892255"	chrome.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
3348	chrome.exe
3348	chrome.exe
5244	chrome.exe
5244	chrome.exe
2008	msedge.exe
2008	msedge.exe
5148	msedge.exe
5148	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 17 IoCs

pid	Process
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
5148	msedge.exe
5148	msedge.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe
Token: SeShutdownPrivilege	3348	chrome.exe
Token: SeCreatePagefilePrivilege	3348	chrome.exe

Suspicious use of FindShellTrayWindow 59 IoCs

pid	Process
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe

Suspicious use of SendNotifyMessage 48 IoCs

pid	Process
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
3348	chrome.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe
5148	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3348 wrote to memory of 1100	3348	chrome.exe	89
PID 3348 wrote to memory of 1100	3348	chrome.exe	89
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 1964	3348	chrome.exe	91
PID 3348 wrote to memory of 4088	3348	chrome.exe	92
PID 3348 wrote to memory of 4088	3348	chrome.exe	92
PID 3348 wrote to memory of 5048	3348	chrome.exe	93
PID 3348 wrote to memory of 5048	3348	chrome.exe	93
PID 3348 wrote to memory of 5048	3348	chrome.exe	93
PID 3348 wrote to memory of 5048	3348	chrome.exe	93
PID 3348 wrote to memory of 5048	3348	chrome.exe	93
PID 3348 wrote to memory of 5048	3348	chrome.exe	93
PID 3348 wrote to memory of 5048	3348	chrome.exe	93
PID 3348 wrote to memory of 5048	3348	chrome.exe	93
PID 3348 wrote to memory of 5048	3348	chrome.exe	93
PID 3348 wrote to memory of 5048	3348	chrome.exe	93
PID 3348 wrote to memory of 5048	3348	chrome.exe	93
PID 3348 wrote to memory of 5048	3348	chrome.exe	93
PID 3348 wrote to memory of 5048	3348	chrome.exe	93
PID 3348 wrote to memory of 5048	3348	chrome.exe	93
PID 3348 wrote to memory of 5048	3348	chrome.exe	93
PID 3348 wrote to memory of 5048	3348	chrome.exe	93
PID 3348 wrote to memory of 5048	3348	chrome.exe	93
PID 3348 wrote to memory of 5048	3348	chrome.exe	93
PID 3348 wrote to memory of 5048	3348	chrome.exe	93
PID 3348 wrote to memory of 5048	3348	chrome.exe	93
PID 3348 wrote to memory of 5048	3348	chrome.exe	93
PID 3348 wrote to memory of 5048	3348	chrome.exe	93

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://ezel2.com/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcb6869758,0x7ffcb6869768,0x7ffcb6869778
  2⤵
  PID:1100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1648 --field-trial-handle=1784,i,4098901837800973893,16931758486175309152,131072 /prefetch:2
  2⤵
  PID:1964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1784,i,4098901837800973893,16931758486175309152,131072 /prefetch:8
  2⤵
  PID:4088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2196 --field-trial-handle=1784,i,4098901837800973893,16931758486175309152,131072 /prefetch:8
  2⤵
  PID:5048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3060 --field-trial-handle=1784,i,4098901837800973893,16931758486175309152,131072 /prefetch:1
  2⤵
  PID:816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3068 --field-trial-handle=1784,i,4098901837800973893,16931758486175309152,131072 /prefetch:1
  2⤵
  PID:2232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4648 --field-trial-handle=1784,i,4098901837800973893,16931758486175309152,131072 /prefetch:1
  2⤵
  PID:3640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3296 --field-trial-handle=1784,i,4098901837800973893,16931758486175309152,131072 /prefetch:1
  2⤵
  PID:4896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5008 --field-trial-handle=1784,i,4098901837800973893,16931758486175309152,131072 /prefetch:1
  2⤵
  PID:4864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4672 --field-trial-handle=1784,i,4098901837800973893,16931758486175309152,131072 /prefetch:8
  2⤵
  PID:824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5512 --field-trial-handle=1784,i,4098901837800973893,16931758486175309152,131072 /prefetch:8
  2⤵
  PID:3448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4764 --field-trial-handle=1784,i,4098901837800973893,16931758486175309152,131072 /prefetch:1
  2⤵
  PID:3140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5664 --field-trial-handle=1784,i,4098901837800973893,16931758486175309152,131072 /prefetch:1
  2⤵
  PID:1368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=6076 --field-trial-handle=1784,i,4098901837800973893,16931758486175309152,131072 /prefetch:1
  2⤵
  PID:5304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=6000 --field-trial-handle=1784,i,4098901837800973893,16931758486175309152,131072 /prefetch:1
  2⤵
  PID:5716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=1600 --field-trial-handle=1784,i,4098901837800973893,16931758486175309152,131072 /prefetch:8
  2⤵
  PID:6032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3352 --field-trial-handle=1784,i,4098901837800973893,16931758486175309152,131072 /prefetch:1
  2⤵
  PID:6060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4652 --field-trial-handle=1784,i,4098901837800973893,16931758486175309152,131072 /prefetch:1
  2⤵
  PID:4996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4904 --field-trial-handle=1784,i,4098901837800973893,16931758486175309152,131072 /prefetch:1
  2⤵
  PID:5172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=748 --field-trial-handle=1784,i,4098901837800973893,16931758486175309152,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6596 --field-trial-handle=1784,i,4098901837800973893,16931758486175309152,131072 /prefetch:8
  2⤵
  PID:1500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6996 --field-trial-handle=1784,i,4098901837800973893,16931758486175309152,131072 /prefetch:8
  2⤵
  PID:2652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=6948 --field-trial-handle=1784,i,4098901837800973893,16931758486175309152,131072 /prefetch:1
  2⤵
  PID:2956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=3940 --field-trial-handle=1784,i,4098901837800973893,16931758486175309152,131072 /prefetch:1
  2⤵
  PID:5504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=3504 --field-trial-handle=1784,i,4098901837800973893,16931758486175309152,131072 /prefetch:1
  2⤵
  PID:1968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5964 --field-trial-handle=1784,i,4098901837800973893,16931758486175309152,131072 /prefetch:8
  2⤵
  PID:4408

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1104

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x3ac 0x518
1⤵
PID:2672

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:380

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Downloads\Ezel2.rar.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:5148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffca48f46f8,0x7ffca48f4708,0x7ffca48f4718
  2⤵
  PID:5276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1920,14378490894472375723,6022406377624399412,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2012 /prefetch:2
  2⤵
  PID:4512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1920,14378490894472375723,6022406377624399412,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2312 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1920,14378490894472375723,6022406377624399412,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2796 /prefetch:8
  2⤵
  PID:4540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,14378490894472375723,6022406377624399412,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:3416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,14378490894472375723,6022406377624399412,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
  2⤵
  PID:2000

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3912

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3032

C:\Windows\system32\rundll32.exe
"C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
1⤵
PID:4848

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k UnistackSvcGroup
1⤵
PID:5908

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
196KB

MD5
813c1b41e435242e7365a4bcd7adcf23

SHA1
2d25e1564eaf93455640413b95646b3f88f9075b

SHA256
70cb2151ee4ef83195855d29819491a23c5eafee2e72b7ffd9041b35363d1542

SHA512
268c4fa1797700a205e37e716c1472592ad6242344645c703ab1ab8d4d68452c3ccce7cdc4d56a0b42d4061bdc793f1c79dffc397f038133387b94b2a1f4051e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
1024KB

MD5
1f0ddba1f3f71e6d1b1f55f43ecf9b34

SHA1
1033a801169c54245e05b7c141da810a19349f48

SHA256
a7cb01cd60d7042a8e6093eb81bbea3732e31e069311135df58c285b43e8aee3

SHA512
05db1e25ebd01670524d797ffbe2480ceaa535c1b3f5260c49e97314fc42b447034ccc8a1a7e8f946b9712ebfe491b9fef60d1b1b481f6f25be00bfa19cf5453

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
1024KB

MD5
245cb4f4d3bfc73307d5f7400238a9c9

SHA1
541aa7f1073bfa5513acde7b7aef25d837b5c364

SHA256
e9f23cb2a16c12b5b2d76e8add6bcfc71a6bc8329aed37a7aa5358dc8d3ffd71

SHA512
efabee282be3147817b7539fc450c4149459975494ad624c5814034123cbcb9ea309a10e6fa4c27a2f0bfe2fec1f88bcc3e0a9c4e256b706c5bb962f35ecc088

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
1024KB

MD5
6a18ccd2c643c9fd67c5d8a4438195a9

SHA1
ac7d7a072ddfd4587b4ed2417b39de42774071bf

SHA256
ac002616382e8f975ad2f1b4bb3c48974629af3492a4735ba72afcdf0ebe9dd0

SHA512
0a6e800dc422774cfb0d91b71c3527d75e7b3122b40ed39a739320842a6eebaccc00fc73868336fe88143d2a55b8a236e1fef4c749fa8ec86439afa15d057d82

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
211KB

MD5
2b35f5f02686a3129e142de5f25e0b64

SHA1
75c71f5994427279424a49cf66fd05104407ecc8

SHA256
e407cf72bad406fa7a4e1bde395e90ec3a07f4b11d75cd705f31bf1de536a591

SHA512
da1456f7602e53fa34bf5555b6131866e256b97ade81b0d92cdedc3417e47b27d6f26ce213d7c7197834ecbce0c91a3e12b09dfca781e6accbe93382dbc9e624

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000045

Filesize
17KB

MD5
950eca48e414acbe2c3b5d046dcb8521

SHA1
1731f264e979f18cdf08c405c7b7d32789a6fb59

SHA256
c0bbe530abfce19e06697bc4358eb426e076ccdb9113e22df4a6f32085da67a2

SHA512
27e55525ade4d099a6881011f6e2e0d5d3a9ca7181f4f014dc231d40b3b1907d0d437b0c44d336c25dd7b73209cd773b8563675ac260c43c7752e2d2d694d4d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
e5791f1612238b1b2d0417264aa50cb8

SHA1
44a0c765332b6d6ecda1312762eed7fd523d8831

SHA256
8b324bbdcde3141e105d484212a97606460ead2a01ef4276b3ea32527d9f3d7f

SHA512
be52e4cbe0245f18fec5a1339a5769349940e054fa7b9783387914acdbd47ece4d2cf6d1c178a35aaa78996cadd77de70a263be750a96424d3bdeff3497a5962

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
768B

MD5
c8993048dd2b36d18de4b50adc53d9fd

SHA1
ae1e913dc8c3dd92122232cb538ab92025e58aca

SHA256
471c9960932ce9fcb1ace9c785972d3b1560957b8262f74eddade2ede1673039

SHA512
a45040b49a62e152e44a61b06bbdefd9562a53ff1c4a2926f081d2a4838a3012c071aac0b93c79ffffd61c78c9577d49fad37f0284550fdf7e9cb2ae58bf98dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
792B

MD5
990d08360dda314300ef3de6d4d9b311

SHA1
03b69044f1a3b3f0c8591497c08fb4699a3a9947

SHA256
20b911319292f2e3271c1d8ed78a9406eda02c5f87ad1f4d76f67f14c5c62da2

SHA512
088c644e84f94d945840dcf22a1f456b02953410b7dbf73afe18bcc59c41250d6ad4ef6d3e8c28f46f7789a2cacc4df50677a067f47e75d0f40bdea248c90d56

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
3a2b4489f171dfa0bfdf0c6b57507ebc

SHA1
68b8b56f5a50e1ec5033b88daa21016c83e85037

SHA256
5de6ae2b30671aae7f993b799aa61a5aeb33f7c74ac71aec13278544daf43379

SHA512
5962115e1661d629aebc8ab6a8c6853b71a4f2a59b894d2de18b0f0e6a4607ec0c0ecb61416a6f7dd5e69abfc704792f3ef76b3753a61049068962c4044039c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\00\00000000

Filesize
2.6MB

MD5
6e1132c7d52537059c77ea98cc904336

SHA1
7f07657e6f0947912d164d8c9a64949989e26dcc

SHA256
50c6c9908a1cc808d43a1105336b7f89676be8da8830913b3a5cd464abe04f31

SHA512
adcf9b4c2527fb5677c10a0dd53fafce8efc021602d314fed6bff5ed0cbedb16c919c574549bede514279487f026ed5545d88db94c7072822f2ee006fea07d7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\000003.log

Filesize
74KB

MD5
d442efd0859166b231dbf099e9af2d84

SHA1
3e2935d87a0f1c91cadea52e9320c1f58c875b86

SHA256
4d1619847818a2986baa2027d6f62988158d55db7e7bfc13992fee7fce5d561a

SHA512
30527df5920fcf7c10d4a835a6f05569cbb13e7f23e32a5879d6cb45ebff95a41a62099a5fcdb61db392867af44a697a44d79c6d49ba251e3a6486a2c7dd0857

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\LOG.old

Filesize
373B

MD5
fa0846fc9849957fe7eaa7baff50ed0b

SHA1
a2c861c935dc6026c9d19c6d65d6f75db32d3957

SHA256
5548922f606be55232454d9fb98ce5045c0c43f760c94d1a07730a0b4daadbe3

SHA512
64841b78e7630815df1734a04c88704cc3cc59297e2a0afb46f51243f49ff810ef25611bd041c88e5fdbda2193e5fb5b53cb6e264586b5a65a79107efe224902

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\LOG.old

Filesize
373B

MD5
b6ffbdf5671046837ca99c24192603fc

SHA1
c481bd76c2eea6f23fa89ee73acb6e73615e2b4c

SHA256
b8b157c2ed3078b091a25315237dcbe66f2404a132fbd0f2e533b016cd706a93

SHA512
5319b6559c2a351bcaee09af327828b4b1d03b05edd8d56c433a147e85ff82c2cd1f916d55dbec9cfef46fef936a431e36a7c4d64a7b11e2eadc15b9201dd957

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\LOG.old

Filesize
373B

MD5
deda31775fcf0f7e037aed1ae156fcda

SHA1
4f5d48995af5e6d470f4b66dfd53ae8e31eeedd7

SHA256
ff581b22f5e91460748d8d77e8f66ba9d8d9e4f64b4f057bc5914f97a3d5ca34

SHA512
4cbcba0498ea66be16075f35e081ca32727fec50204f058c01f7ce52d5addd0f5b651e9903be34a598794ecc778446ee433d6bacacf9669b03091b51c6c50728

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\LOG.old

Filesize
373B

MD5
79397969db196933bd638fe6ad548414

SHA1
d25043971f306f0274259f16acb14e2ec8bcb697

SHA256
313cb49935f4b2e6cdfabe948acceb0eb51991c7e7c7aaeb79ee5733398e9172

SHA512
a6925fd766ae6234c0d733d17af3b42632ceae25ed3abb8cc772e97cb90ee9f83f75e7900636cdf13e1dec834805949224ec63764d6c769a2df02af36e043b62

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\LOG.old

Filesize
373B

MD5
99338e909785f39443e10d4527f49bcc

SHA1
c9576a74cea2dece58a3d18d1b2dacc6d3d30ae6

SHA256
bea48c59b8a668130a5e36535a1ffc47573a1963b0d017d9e2074b918e4e9d55

SHA512
ff5f93ee666e2e8663f43eeca91a52a662fd6b314d1521ef644de7844b60095021fa292ebde60af487195d712156ca165f75d76ca4e2978c93db55a262c4cb8e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\LOG.old

Filesize
373B

MD5
88f4e454613e47d8ceaad09b1f39fa0c

SHA1
f826eaeafe52e8f01c4d3c8ed8fcd2a56c2a6c25

SHA256
e18c57a1723bf080bdd7c1e4a0e4f7c0de841f05ff2ad0c577e204b2a0942aa2

SHA512
abf10a424d0bc77b3252976d66961c933579b5f860a8aa3f396895c4dd2ec75879961de55e4929d31278e715af32308686cf4dc372eaea0c6952a17e5d8be9a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\LOG.old

Filesize
373B

MD5
43c031729245a381214d67eebc50583c

SHA1
7cbb5a92941205f56ef90731333f1714d6af6413

SHA256
4257757e4a8163e5cde6ebbb32129ebbdb6d4fe57d9dc3836d8b9b5652332ade

SHA512
a426e30bcb5154794b9ecae7c751d8b5868226414c736feea5901596ac5ff0fa7df9310f3b7c1788ce8fe666aa9c0684d25cf14864717b0a583a3d63170ec3a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\LOG.old

Filesize
373B

MD5
70871396555604ed0d869633fb52cafa

SHA1
17609a48024ebcc60c528ed70386fb36245d5597

SHA256
7330d59a9f3de4af77fbb9199c5f6ae660ad6c9fe977cbff72a6ec9c47112786

SHA512
2c2798bc6c4ad176d5c99911fea0e202c2481106ac0ad941f57673d8581a033d41a1572a79157efdedaaf0083b443a7e534e376ba7deb2676bfcb973f897a59b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\LOG.old

Filesize
373B

MD5
a724724c62043c0bd2f9f75156c538bf

SHA1
1b2b1c826a109ce5da18b133eb625b42a12b8ba8

SHA256
bf576b819785b04ed5963f98b0fe29edfab1a54ce9d74415d23e9d0fe7329a1d

SHA512
7c1a06cef34d78a681b3435ae6081f8a83d1d4eb9a3b60d6928750966be7708dd1b2302db13a0d0099d681acb79560b5dff3b6d6a972a7f1fd1a972d4ff4f976

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\LOG.old

Filesize
373B

MD5
ce3a7230324b56a3f3435d5ab54ad520

SHA1
57ad32e078eba4b5629cc3f80b9ac13f04eb3cd8

SHA256
01b13540a1bc7eb070b451b46efac9a3d9de4fb8de093c00a55206fd268b032c

SHA512
1a8acc0f18f6619b6fbec148ca25dcabdefd6912399e79dbbb8671a2073deb4491618a5bf9f63cfaa5a6cd8d809ed88f470777a0222ab1b64099c9cea3d5b1e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\LOG.old

Filesize
373B

MD5
6f5226196e0905b604c672dd705f0865

SHA1
abd8f14306ad6351f10b138d6b07c4380c1ae327

SHA256
656814ad00fff4be7d7defcefc09c37766243fbda753296bd12df8156bae4930

SHA512
f7ec92d6a039257afdfe2cc0c8a022e41257520f006646f09efc98c72b4c0d455faa3229a3d2d290a20cd7df179ba670ad5629fed4f1d4d5d534f2312f686325

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\LOG.old

Filesize
373B

MD5
6652604ce80326f39b906ec4373eb494

SHA1
8b2557b20d95d03734fe393b0d1fffa111bf5202

SHA256
141c3e76ab6f6d36d3dff0c1404d5f978f163489e881e1320e457e6b8ede6605

SHA512
6697c3c66e8e2694cd0906edfa6488a7bafabe2efc3f482fd9d70f8aedde8622db82e7dbb41817839ee5a53f29d25cc69cd4a81e18e85a820ea0e3be4f588889

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\LOG.old

Filesize
373B

MD5
c8463cff49d03953a0cf8c99efa9e307

SHA1
804ed141016a7e03cfbf49ee2977f7485055d276

SHA256
2ce9910fd3f3c6512db5dea46f1e3991da807befaca22d111d6f58a15bc3e185

SHA512
379a91dd46baf4769d92554429d3062c20f63c2d7594095b1b21af5befb5b7df4c23471860f0bbff1b7e8fadedcde84276b6479e0a07e6de8205c2bad917a5da

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\LOG.old

Filesize
373B

MD5
4d18cd8da227dd3887765bd88541c11b

SHA1
77931fddb2562537208d4df45d53a892799a1b1b

SHA256
0e30d4cc5b85695fe67e27725a40a6493c01cfc82f9a48cb93fd40a894fa3637

SHA512
1309b03357c93c5d900120f44ec463df712001d07213892d0672db33665a197af576914ad9d79182de031b0aefc70b7caf9edb9e803fdefee6bd92c9dacd26fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\LOG.old~RFe581596.TMP

Filesize
333B

MD5
c3ea88412dca8f6a7bce142dac6a7672

SHA1
bdd1a96b4001c67d4b302704d47df21352bd011e

SHA256
742fbb815a2a06b63f1f49f40d1cc8e5ee4d8cf2a6247eb415d9ecc3421c9251

SHA512
98a6c2c57f5ad699ffdfbd5e5731b1aa15723d07ef42920c64ee24ed9400af888d16bc1191ce4e71c638d8e46e7c20d24b63a3800bbf651ac23785965e6b5101

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
3b56544275b7dba28ba4a313e735ed15

SHA1
cd56f4c799691fbb89d09e2ff9c27bf75f61bd51

SHA256
5763f356fa47bca3c54387c29b0d8897b2839a3400ea22e86036b475162cfa39

SHA512
0dbe12d52116a92851b260facec1c529116202c6b042faf99a96f69d2a0cb9bb09d6d81d89ad78b4bea615a45c3c9f1dad8c0704d2fc3d316066123bcdc5ab97

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
c617ccbb360e24930e6fcc65380e071f

SHA1
b2b564fee7540bdcc135da893fbe04a23e27afc5

SHA256
d09f0ba3849c87a6af3d3725f3f67b55c706ccd217675fe3479ad3f4b0d92138

SHA512
0aa74ea0f17b8e613f6ff918b28703677d4954127736c0c32044fb025128f70e159ad2868d91089a41e3f79ebd4587d3b5d3a15eab16711118f217b656cc7a8f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
bd5393f4bdec4cf48a5ad40774ee0138

SHA1
3e8d5540410b32ab5c6694f1fb7a6842271d8774

SHA256
98a67a32b163436599d66a9e56abb94322a99814cb0e8312eb8195f688532b42

SHA512
ad917ea99bde0294ee4561142f31184ba6665f2d42d1618f758d320277130dd6a20c2620d32e2a5b42c1885a89cade8edf04d6408f5568bd4a02235262be3c4d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
c7588c90e1db628069e6d559d4e58156

SHA1
b0022d4bb6899fe34d553311b47137b10660645c

SHA256
073bed095ccea3bd262b39bdf260b39241619590ae1755bf6e547427d9fba1b8

SHA512
a56e8a2cc3c1fa7dbfb81adfbdc808318b020e77bcc884b3737e88ecf8c3fc03aa3b4df25c166d09c0282b417965c48d720b8694085969f9bb3401a7d302bdee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
73935a7cf40ee50c50b148e61ab2ea36

SHA1
526f2b956eca39419c33aadce392f96b3fb31fab

SHA256
5503ff126483ba2c37909a50dccb5a90066690985e00fc346fe744a783edb238

SHA512
b7810c622e3e3da9d8050cbb55155a593861fe2a94bbe85138b2f5bcdd85330487a464b66ee75a8471b8a4fcf4bc3e170f3adbe92917e3850b09c708903c4e79

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
f2cdcaf9e791c7ba8e063b7c4f53ac29

SHA1
9d446238dc9b16f2e59f135d5ca934ba6dcc0c23

SHA256
2ef729e193ce3842bef1844eed60ba84b9dcdc2923580b3e05deb561b6c18872

SHA512
cfb38bf06319c75cf809c25c751fcb4bbad64026ae07578cd4c2227953fab55a457b4aabd7201c72042059fb93edfa1775c1aec2db49b12967caaf50d89607e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
15354c9ea514cec66a0c22460315acb2

SHA1
69ec7643c7fb76e450309579af5f908e9bceba4f

SHA256
4ec9b735b8a111e4dfb79e5e5887f28f4115d483113751c6719b1e9574801920

SHA512
7eb21aa8e7a445f9b1d053bc7585dd182f364a16c83313b38137d4aea7d7a812da66682a47ae74a788fa1c3be4fdf4dedacd6ba1dc589d414fd3de40061761d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c0bb16740900fb8c3098790e068a0b92

SHA1
6b48867e14f7efeabee491077b89c179197291a8

SHA256
6f4097fac0d1bf0c673a0801cad20589e2d784dc4fcb5428d4a91285bd997006

SHA512
dfa8a9050eafdca5ebe198f30f4e1600fdb82724f7db061b91ee179f00b6d95a49ab6a79d261435efbd5b360038c4143c58ce41bef8ba8b08daad3da2cdea706

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
e463347d48c5c6ce72b25391b50c4c43

SHA1
153e6f757eedd3a8ae57a601f2d977f720d0844e

SHA256
f4e2aa905b4216de870dd22f21ea04f1fec460753a98326f3e8028c958d90bae

SHA512
42d6c923d7132657dcede088eb2629ffb4e9ba5266a3b9635d901667fdb04c7255c21b513763e95b89fc45db51a97f17abcc172c7cb533c7a16e81ab0139cfdf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
d108ac6600776c2c039bc7ac6128a48f

SHA1
96f7c9167fa6ba1361d8e8f4dba16c442bd1a140

SHA256
46c3913515371373c9f254de2ceaa4f70de9917f321f98f31fa32ab96e033618

SHA512
1ab9b6926346e97211b4d04c769aa2607da078cda46a91c8604e29976f1e615624e2d992902d671478b3654d8e87b7ee8c4b9ac21ec05fc94939891987c0dcfd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
b9ba47a04668c7c911660238750e6719

SHA1
df04dd83d401201b5b776fb18f4ce2793b7ba2a3

SHA256
8707e82ddaba901ce63c31843416612d579faa80aacc7afec43958084097e5e7

SHA512
99872adb8f5673678e6e20c866793f4dce6955692f59aedcf401f037b94a03366d2e8902dda205c7d35e3ecfaa342e19d435a7f06d3727a9be23223deb507eb1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
9282c1de7777b2587ff60f6b3245a426

SHA1
9d0cffbd7bd040265c2591417ecf732f18ff85c8

SHA256
51ada595cf6778805c0c2b3e16c78d8f3e49d84bd52418a8dfd8f995a899184e

SHA512
ba103139a6f4ddbce6c63fbdf32253eb52df7cd4a53172081d0bb229dc86cce15e97327a7433d379422c9157ce996fd6d17807f18a96b16891eaa5aec05a9b00

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c9db7b4ba0ea820ae79de5e6bc32e4df

SHA1
52374d8ed101a0283fa6a49260ce372455cfa8e9

SHA256
1ea480272084331426f27d48a7b3ce7971467fe6241f7d807a54ade37684f244

SHA512
147a3a1f8639700f5085628a64942f4f6e361f3992bdff90ed9fa6c7fdd21e4740010cb7e9c8fdf20dc1f1ec87c0b7bf493ce449a112e5d5d1bfc6062a584fb9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ac32701e8d40374442d506b15fc21dde

SHA1
751f1f97b72fe6956c7468a9a0b22645b1c2e66e

SHA256
a2fbe396fedc2f4bd4baa9593061b832a2fd2f36fc78ff0389375546fe0eccf1

SHA512
f708be116da4f4bbe34372fd84383c41ac1b81ff238a3c388961cb9d2846951a18b238f08a8636c2ecaedc068d500456cad7d0bb4a67b5e0c36b273008eb6d55

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
68108843439edb8500c89dbe72e4da6e

SHA1
942df333c04491145801b00ef9551ce525b78882

SHA256
3d30a986b4ac284ea5455ebb45f0b551b225c24e1acb063260490e15f05217cb

SHA512
7bc4b931def3c86b19eb41012f9d84c0c9a5558b528c9a88500a20708575194a86c2801c24b6f5ad3306a6324911c2b28018a087c4dc85866eb33949dc4cd486

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
ed84e99fa6392f35e0ca72af02053913

SHA1
06fa2d832bafddaeff0f539b8cea6947b433d507

SHA256
33c5822d304838408ef3a047cfefe8704f804cfb4cfef0f4a2e8a37e8b6399e7

SHA512
f57a344edf0327d9b32c33b51378fffa77c61eb4c0b84239b948f9dae871f2d6138cd812fef29cd607b2f9af50abf347e64d8d7e01195e95cc54551b3221533d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
a9ebbbc865b21d6358a7ddc43fc33c4b

SHA1
5a1726148fc5bc1adcd232bbeb61fcaf15ab43db

SHA256
68b58aaaa023951bc8f204a89b909abfbb692c94a41b59b612527afcefc7c1b9

SHA512
d3ce7bf3665c57525ceae4f1ca865ce953329c2d5097102e6fb497beb5100a538148a6110d5b67d41ad42b384bd5bc09d9c994a83e3842bd4f78d4dba9aee422

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
34ce9787a9db5b854493446b5cacbe41

SHA1
c8fe4575609ba78826f1ebcb61ccce92499a74b0

SHA256
24885adc4071dcc90ce725405d916a580f593e95240d2b0f369bf3f4ebaaa0a3

SHA512
5e6511e7bb3f4f9aaeb763e8f23d083593749835394c22203faa46dbca61f0afa585963dee6fe2c003e94852c8f38ba29dd9768a57a9786a3ff36ece3bee32f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
555f4e02c3b95b956a46fef6b0eefe26

SHA1
d1f6e4e2f4349c50ea6a88c9c8d3579367eaaf1b

SHA256
f835a5f2326114842352f3eba32d654a6a6a3c768bcf56507479a8e6946c544c

SHA512
537e6dc553efb7ec79127de4ed8cb3b0e744b7b41dc85ab1f64d0bddc7efe9a88aec5d0980f4852653c7fcc065a4b6f7417a92ed565ad13ec55417cf82f50976

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
537f033e8c639f21609533f133be070d

SHA1
6f646c29dc8397b43f2e510818572bce022a58a4

SHA256
4bfaf42443bca55198cbc2dfd5444523185ef254b7c51511ae78a945062877a5

SHA512
e8c15dfb0d91a289e555b4cb6cf1275db673aa40550c54b8d127becfa5dbe7c40647a8524cea82f1529c850314b6ea734d57290f9c0a6d972b4e0b829a241905

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
744769f0294926fb0b507d42ed28c2dd

SHA1
662b4507b769edf4e8a1f1489e508cb4fe097b6c

SHA256
a055dc67534dc478080cf0369402e53118719eb85613e90210ed6e077133181e

SHA512
3c4df37c2af81ba846110066c0b98df0e68ebd3f478fd14d9212e8b78cd1b06180ac5f12bffdd94fc1f95f9d538100cc1cb3815c4976154d8befd5d73aad2f69

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
154858401199c2a4681aba3c3006bca6

SHA1
f3b2cce2b25276a55866bb40cf640bc8e8457895

SHA256
fec08bebc0ae07686edc60abccb78f3d5c2a8af478b3cc1e30bdcc8f606fef16

SHA512
c75b0bd141056b9467426e4ff666f1a5cb5f847dc59f3b74b14069169a15f173fd178e9ea1d3cadacf7113cb8e02e44ed1b7d43fade0fde879adcf89a1c2b7ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5816fe.TMP

Filesize
48B

MD5
36500e35bc1b7ed3e4acd813edfbfe97

SHA1
3cc93a35daa8c139f5992ac58a5b55f1dd06981d

SHA256
930f03a9fc73e7d3dd7a09102cd6740e6bbb759e51dedad0dc7f399eb9c7eddf

SHA512
46b28620c606cb37ff47ef9d8c88dadbae73610beb4668bd059c22b4e0033b843beb86e8191d67b8f87bd33c0345fcb6a8a10afb1e262e608090f9531377f143

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
c9d981605059b4db82407b9d9abfa895

SHA1
17673f6540d280c814276031833743691748c774

SHA256
ef2a3de762d43e5dcee74af7332687ba1d86bf0dfce916ac7c68410b3c4773ae

SHA512
8829294723650a3173f8d6bc37b1b61dd3fe17898b8ba461c5b2253a9c0e786564da4ff1d974f074f7111d66470716f1f7103430f01720c3639f3a6432278401

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
225d403b1776ba3e21b31e90792899fa

SHA1
da52e99c279b5f81fc0a37747207a63d581cafd1

SHA256
69c9f4b03572debaf701aad3f59004a18d6cc6bb24c48e8529884a8b0e6945c1

SHA512
b65adf070a8f565c1110fab17dabd3def874a329c843c4333a8f38919e5c41479cb4e2ae009fede101fc9489fd58c1a22f75695ab887146fe91293749ca74052

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
f5b03c0131a147709dc570da96dea19d

SHA1
713571ad561aade3b69601e7e6eec56150136264

SHA256
a841800bd8de1b9632f5bcbcca0aa339a30a6681568f7826fe63ab8199b8fc80

SHA512
2c3f88f8fb1d116c0fc69c5c28833daf600f95ecb7c37d5311be59964234da21a3c2ae8295d4ec2dca4d956935247ab1d1238dc17d7820a28591e9eb328d246b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
66cb06c2ca9934a67b272f41f6c7a833

SHA1
8756a00defb0489c8cdf6c61126ef96b75dff3e8

SHA256
dd3cee437f85a984117195ceda4593b9fd35b38675c66ceaca656b23404d5564

SHA512
803f84af64d0fa3044073d17adbfd360679b26c5dd6e06f6448922ce8371e1834d92614e5cd3a0ef9b1530452b76953794d9e797520c79b92d2dd16fb8d9a335

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
eb9f64da6ee177f7e87ef0b65cf1ebdd

SHA1
aabb288e3f2f0415875240c2d3f842a52ea73688

SHA256
40c470825d916f95d6168a72fd510dd78797bd375fda952261b7a527c4ad0d9e

SHA512
db72166ccbba75e9c8d618a35762ae7e1ff95e7034cf787d1b9fd5824144168d0a163cbba47efd5509fe7e531ba6dc6d5adbdfa38f51e52de71f93501b21a2fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
9406bcde1685f93839f7287427f92e6c

SHA1
090f1a200d82d7d32ced1273067fbdb4c795f75e

SHA256
227147ef93c740966e2b28882b222aedd826e5056e501ac553b2a2997f176577

SHA512
e43755e063a5b219d410a4f978f2225e0a57a3b8cc8263bb211c05e34b6d9f012cce160b0baeac0d9d6af00b3957ec19f02681fa544aeed0315956676e1f3870

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
d56397b7cbe7d9e20727967c16f79cdd

SHA1
85ef642f75bc1a95f7e3886220b9d8e3d27282b0

SHA256
c908998feb94f1fc6cdb6f7feac667a8db142a4f5d66feb74535d1dcc50dd4d6

SHA512
38ef3317395fcd508f84808d157f0f8a939d007985f429b92b2a883fa258da6a46b317bd2d6daad1f21188d4af70229707f49181798be6cd19a477e5e4672215

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
110KB

MD5
d204c89c406f12f19abadc202bac1940

SHA1
19456a6ec9a0e57df5aa3dfb9127bcdce0a11c0f

SHA256
7912ec5ce0b3789861611063fca0249b0de8228f01b466421e9eca6a2c61b798

SHA512
08dedcebebaaa67f932e17d1cecd9fce3c9989ca24af320193e49ff312a5b47d3b3a6c52c2f49845b09e9f677f403002aa49addf2d6726f093f9ef60b3209b45

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
114KB

MD5
ff1d1047188ca46800b4f635bbb823ff

SHA1
feb8078b2d053491e3470d33e255272c58b892d1

SHA256
7342252ed90c2da2b3d77223cb03c4b69f1efb9c49cf199640b026873f09bb14

SHA512
67f85feabb3c266d4f224ad8e46c70b6300ebdced92422cb44d4dbf72e999f4224a631ab4faec0d94173afb762dcfbd16bf19a376d71a67eeee1cdbf75e68611

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5e3da3.TMP

Filesize
104KB

MD5
2574615a6b2493e3e69631213b0af549

SHA1
6eab36e2bba8b7669c4c550900bdd4461585a227

SHA256
64d993d980ae5b70a2ba18c3cf2a04365a8b761120de835d3d74d5bd79751aba

SHA512
7a59a63f04856ab14475eb8b3ce4daa63ff0d88379834623577cb9c106772877e9803e1329349f767cec9370e8dba7a7935f67255d0efed89a017f30e8341751

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9f44d6f922f830d04d7463189045a5a3

SHA1
2e9ae7188ab8f88078e83ba7f42a11a2c421cb1c

SHA256
0ae5cf8b49bc34fafe9f86734c8121b631bad52a1424c1dd2caa05781032334a

SHA512
7c1825eaefcc7b97bae31eeff031899300b175222de14000283e296e9b44680c8b3885a4ed5d78fd8dfee93333cd7289347b95a62bf11f751c4ca47772cf987d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7740a919423ddc469647f8fdd981324d

SHA1
c1bc3f834507e4940a0b7594e34c4b83bbea7cda

SHA256
bdd4adaa418d40558ab033ac0005fd6c2312d5f1f7fdf8b0e186fe1d65d78221

SHA512
7ad98d5d089808d9a707d577e76e809a223d3007778a672734d0a607c2c3ac5f93bc72adb6e6c7f878a577d3a1e69a16d0cd871eb6f58b8d88e2ea25f77d87b7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1005B

MD5
d704c4cb858e713b08f5db446a23ef14

SHA1
f5b8ef7dc88b801c1d181794b367982037c6918c

SHA256
4830b75b9b66e314b04da6bd211f91d183be1353bcea3b7dcac5b23323abcc02

SHA512
bd271a473bf725e842f5a8a5e14985ce7c58d6d28e4a218747cc44e5b32fdb0e427c4efff7a8311de5187529fdc667ef20f6766d941c69453edfcbdc569a5685

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
6dc8d770ebb462998fe139df1758a685

SHA1
3e2f13219dd9b61bf5252fdce91efd8ac0929e88

SHA256
39b09f4d846b114d758cc03e0537aca3acaff5cad30b7f7d445248c2e22b3e33

SHA512
b39e4885a6ad0ffe6783710a0635bfd8dd609b4d0eee5bff1b04a40ebcae3f1ec401a515950377edb4dbaccb4c083aad3774957b21dbe6d164fb33598b7fd411

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d542ff07347883b088395a71cab6c61f

SHA1
430bd95dec8bff82e900abbf2dd20e1808becb8f

SHA256
22fd3a81275b1be84f1ac6b8f1fa4e09a1fa43b78b041e50609454351f1c17d4

SHA512
e47fed0d4ca0b961cf5a06b921796dbc6960089b47c1499ae5560d4c79d25fc0879268f45e571c701d49dcb13053982da104f262b8ea37ecdb0c547fcbcf77d7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
c8af5aaa568a07ce46f57aff73147d2b

SHA1
7e15033e816e9aae4465579f52cf6326e2f14b5c

SHA256
a7968f19d8ae30c9efeafdea2c6bd8a5995b17a5db61f8ab13f1b14ed6aec7f5

SHA512
a0f8217be2fdda4ca7589a32a4fd7fffcbf868bcca7d85a448b81930bba76eb652dee0d4f59d16c29cdcdf91f84862ffb2fcbe88a499742fd42529015d869c9e

Download Submit
C:\Users\Admin\Downloads\Ezel2.rar.html

Filesize
26KB

MD5
987567323541104221fd6ebf4fec9a33

SHA1
25b575c2bb1beaa3fa66f7e35d4da73cf4e02f3b

SHA256
0eb6b064b39f4f7d9013ac5e26e5f5e16066a71bd232f54aa63e94775b39e1be

SHA512
74d97de2fed53fc70d95e56821f7ced92eba61f2b148bd0c8a44c7d023c9fcd0616840bbb3b4bd331e5542a8526e51c1cd6a7663bf04f24713fa23d7700459a1

Download Submit
memory/5908-1148-0x000001D1AD370000-0x000001D1AD380000-memory.dmp

Filesize
64KB

Download
memory/5908-1164-0x000001D1AD470000-0x000001D1AD480000-memory.dmp

Filesize
64KB

Download
memory/5908-1180-0x000001D1B57E0000-0x000001D1B57E1000-memory.dmp

Filesize
4KB

Download
memory/5908-1182-0x000001D1B5810000-0x000001D1B5811000-memory.dmp

Filesize
4KB

Download
memory/5908-1183-0x000001D1B5810000-0x000001D1B5811000-memory.dmp

Filesize
4KB

Download
memory/5908-1184-0x000001D1B5920000-0x000001D1B5921000-memory.dmp

Filesize
4KB

Download