hxxps://github[.]com/dotnet/vscode-dotnet-runtime/issues/new/choose

Analysis

max time kernel
260s
max time network
265s
platform
windows10-1703_x64
resource
win10-20240221-en
resource tags

arch:x64arch:x86image:win10-20240221-enlocale:en-usos:windows10-1703-x64system
submitted
25/03/2024, 12:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/dotnet/vscode-dotnet-runtime/issues/new/choose

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133558449593830159"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4736	chrome.exe
4736	chrome.exe
3328	chrome.exe
3328	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe
Token: SeShutdownPrivilege	4736	chrome.exe
Token: SeCreatePagefilePrivilege	4736	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe
4736	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4736 wrote to memory of 4740	4736	chrome.exe	74
PID 4736 wrote to memory of 4740	4736	chrome.exe	74
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 3724	4736	chrome.exe	76
PID 4736 wrote to memory of 5104	4736	chrome.exe	77
PID 4736 wrote to memory of 5104	4736	chrome.exe	77
PID 4736 wrote to memory of 3592	4736	chrome.exe	78
PID 4736 wrote to memory of 3592	4736	chrome.exe	78
PID 4736 wrote to memory of 3592	4736	chrome.exe	78
PID 4736 wrote to memory of 3592	4736	chrome.exe	78
PID 4736 wrote to memory of 3592	4736	chrome.exe	78
PID 4736 wrote to memory of 3592	4736	chrome.exe	78
PID 4736 wrote to memory of 3592	4736	chrome.exe	78
PID 4736 wrote to memory of 3592	4736	chrome.exe	78
PID 4736 wrote to memory of 3592	4736	chrome.exe	78
PID 4736 wrote to memory of 3592	4736	chrome.exe	78
PID 4736 wrote to memory of 3592	4736	chrome.exe	78
PID 4736 wrote to memory of 3592	4736	chrome.exe	78
PID 4736 wrote to memory of 3592	4736	chrome.exe	78
PID 4736 wrote to memory of 3592	4736	chrome.exe	78
PID 4736 wrote to memory of 3592	4736	chrome.exe	78
PID 4736 wrote to memory of 3592	4736	chrome.exe	78
PID 4736 wrote to memory of 3592	4736	chrome.exe	78
PID 4736 wrote to memory of 3592	4736	chrome.exe	78
PID 4736 wrote to memory of 3592	4736	chrome.exe	78
PID 4736 wrote to memory of 3592	4736	chrome.exe	78
PID 4736 wrote to memory of 3592	4736	chrome.exe	78
PID 4736 wrote to memory of 3592	4736	chrome.exe	78

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/dotnet/vscode-dotnet-runtime/issues/new/choose
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffb1f879758,0x7ffb1f879768,0x7ffb1f879778
  2⤵
  PID:4740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1380 --field-trial-handle=1772,i,12233081225693708496,13409338797464082124,131072 /prefetch:2
  2⤵
  PID:3724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1844 --field-trial-handle=1772,i,12233081225693708496,13409338797464082124,131072 /prefetch:8
  2⤵
  PID:5104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2112 --field-trial-handle=1772,i,12233081225693708496,13409338797464082124,131072 /prefetch:8
  2⤵
  PID:3592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2908 --field-trial-handle=1772,i,12233081225693708496,13409338797464082124,131072 /prefetch:1
  2⤵
  PID:3756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2916 --field-trial-handle=1772,i,12233081225693708496,13409338797464082124,131072 /prefetch:1
  2⤵
  PID:192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4720 --field-trial-handle=1772,i,12233081225693708496,13409338797464082124,131072 /prefetch:8
  2⤵
  PID:4332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5204 --field-trial-handle=1772,i,12233081225693708496,13409338797464082124,131072 /prefetch:8
  2⤵
  PID:1948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4492 --field-trial-handle=1772,i,12233081225693708496,13409338797464082124,131072 /prefetch:1
  2⤵
  PID:1220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5868 --field-trial-handle=1772,i,12233081225693708496,13409338797464082124,131072 /prefetch:1
  2⤵
  PID:4856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5296 --field-trial-handle=1772,i,12233081225693708496,13409338797464082124,131072 /prefetch:8
  2⤵
  PID:956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4784 --field-trial-handle=1772,i,12233081225693708496,13409338797464082124,131072 /prefetch:1
  2⤵
  PID:4332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=6084 --field-trial-handle=1772,i,12233081225693708496,13409338797464082124,131072 /prefetch:1
  2⤵
  PID:1240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5704 --field-trial-handle=1772,i,12233081225693708496,13409338797464082124,131072 /prefetch:1
  2⤵
  PID:1736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5296 --field-trial-handle=1772,i,12233081225693708496,13409338797464082124,131072 /prefetch:1
  2⤵
  PID:4508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=2216 --field-trial-handle=1772,i,12233081225693708496,13409338797464082124,131072 /prefetch:1
  2⤵
  PID:4536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5932 --field-trial-handle=1772,i,12233081225693708496,13409338797464082124,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3328

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1664

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
49KB

MD5
1538b116ac1d82b34723c14506c116da

SHA1
915f43aa05de689aa64f33b842d1b5df7c62d7bf

SHA256
05337bfc960a7786bb8af2c8a19d203c099ca83fea11c1056612ef7d37d89b3d

SHA512
afcc85d5e84e87433f21acb5c6efb7851389ca65f208a1d86914846b0a90bfc14992218fa3b77c3235021ffd6fc2f184a0b730be8c47a3336191996210179f6a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

Filesize
44KB

MD5
39ceaf4aec6adbc7ec30a99e8f256ced

SHA1
65a6b5cdf7a63cf9e4da6c83dcd09c5f3bc767f4

SHA256
49f0c650e3f74c4803a2d9f390fd5ab19e082a99bfe7a64c30be767fcd9b77e9

SHA512
945b61af2ae0aee54da5db49de4f56c68436037936e7513347521ab207a94e98c9427f772d0da2cc85ed578194affec689c8f84516e6c303c334e091d46bcb72

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000003

Filesize
24KB

MD5
dc0ad025509c966716f971b6e0d36ee9

SHA1
64c5b5b0bc022961bcff062467df6cde579a7d5a

SHA256
ff30c58cbd4693a19a964c528b653c80ce1968b7db93a92a5ee9f3788efe4103

SHA512
3580ddfded853f05ce10d96292ae23ac2593079cb2bcedd1e5081d99e8aa54c7ec985cbbf29e5961425192a00ef639cc3969e5bc1f6450bcbbf855e3f161ea83

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
20KB

MD5
42c6e70ed442343d2b822cb0fe315a95

SHA1
1f384ee1523e58137d9ef4695c66ab259d0af2e2

SHA256
304a78016ae47ccd02451106836b9daca63201cb82a02157dfae99431ea8b9d7

SHA512
da1942f808f40c9cb943b5863b7d3af01c43ad4f7ad1bb1389969b1deda5116e4012d0fc6937bff8284645d33f4578a309e9899bdd80a47dca65547cde6fbefd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
c76d6e492dc422eeb806e578ccaf3798

SHA1
5b9a5cf20788e646eff6668db50ad6568250cf43

SHA256
2255bffbdf7e85187492d32bcbf0661795cdb215379875e8a31ebfdf5e12d552

SHA512
1cfdc66df121ecb5feb2195bd33ff0663849a10e3f0dee30fbcddc6ed4ddee78d5fc638a7968d59137e7970443768caad063c114b3e9e646049e04b34b099af6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
ac4c693db60632fa778c313a29a19b71

SHA1
a6df7d07a978290364cad8dca065920b5795c433

SHA256
0fa480ffb0084016112445f137e4948c3170b94187f599954c68794811936347

SHA512
8234a461674d62e79c00596273c2787dfe8c4e1ae8be7c854d422eb71581f9640158f5f0e61acad2f236ddc5927e8f0165a9a0c0045e6287ca6dcb4237971ebc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
2e5ded4fa6f2ebaef4b1278dbb651199

SHA1
1104d857a9f3357a42785877fe3ae898b168cf70

SHA256
dde54506bb7b6e2088e46ef4c9182551f99ddf4316d332d33af4ae2a8d84cae9

SHA512
8a4d5f0d433efa9b635807256292b1627dd2822cea2b8731a88219ae2f6dfcb7dbc0898df59ae5d3f258b7082078bbaea275b92b97ffa7917ffb02399b954fca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
ce36cd86a6ca8b3a0c79abf4960fd5c6

SHA1
2853ef5df744f6d6edfb9d2f956cfbbc71031569

SHA256
93e78163a2ad1941c15295536bb97234c1edad98201d373d54aa6e3e73ddf7da

SHA512
95275129464de391f3b22904eb1c3582df9ba0bf93f322a4f813e2517fd0bea140337ba863d4ca7228fe4b55cfbaea1c1ee0e403284ebf07b389e88cfb29af17

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
8b6f49d22c59a44cf87e7a0a54ad7104

SHA1
0fe85d6046f94205176b8df5aa5adbeebd52e1c6

SHA256
6a4d54c4cb9ee3760a12aa58fa00f6d8851d9fccc13e3c7a64920198facba82f

SHA512
99f3bb3341094688b80c6390f0f9cc608dd5975fb13a44f9a48b14df33cb9487ebd5e23af8d59f80bb19901f6b6fa6c4387285f37a871ab3bae2584dbb1c1d1e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
83ffe6a333de22429b6db57502fc68a1

SHA1
a53eb6235309abf2e139f808598f466d64481367

SHA256
81698789e4a5f0ef50f3af05baff14e8daf5c7c75593c13b2a369b51bb82ce1e

SHA512
f4f34975c56c09cc0f30346250cdb688a339e408aec4736858ee626c6eb6d984f75803964fdbb0f53ee7d08e4371b119601f176e64fbb916572e41c69d83d54b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
987B

MD5
53e5c92639b1e15a1397db999d34320f

SHA1
ce01159bbd1277a2c846356f3e820676db9f18cd

SHA256
f5aec19d35005fedeef42571d3946a984621cb9baa198377994b5bb6e1cb1208

SHA512
31797e7eaec9a1591aefef029632be7355a0ae320df9669a264256d1e35cf2a508d7202c1270eb74f01766b2b964394f93f828994bc5533071b817cd89052ef8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
0313e016045f74ba668926a06b187e7c

SHA1
fc58dd045a5f14abaaafc45b8067073a076f3fc1

SHA256
96ea4514e6c41091ef5380169b24c5d384a90c5ff52188579d6d69a83c34e5f5

SHA512
91cbb04f3d477b8dbb1769f4428cc4a1f49abe1027e316ba7989a173e06cedd52d760a0945bc680a4294f9360a7f585e94c016e6c37e8a97918807e3fcd35b45

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
d34e1f6e3aa1a42b529f8c823f7d83e4

SHA1
55ff3548e2f97b31931466907c06be74b9d2800e

SHA256
fbd7d016b19969c7bf7c5971afa06b57ae304489661c8a2ded668c12fdde9ed3

SHA512
6fdc1a49c4efe2e5fc716b966b3cac779ee2f4c30e41080b102826bd4cabd5fab06f9cb9269583cdd54658e73f3199bbaa58db170b4a4cb08c3faf16811dbec9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4c2749c1e0d979bd92f5d02d86676709

SHA1
36d378a794f68af056d3d1748b16cd474a64491d

SHA256
21d25760e6695b118da22d9bc18d96833b1d37a37b03215d7e99f4cc683a8e9c

SHA512
25273f9b8f2a77423f2b6207e319a659f0464ea119fa2e979d4cecbc295c83fec442c5d58e185de3916d2648a6ebec79bc47995d3afbac565006a64ef43033f4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
0fde8541120cf08f3a0a3d7620f80b40

SHA1
008c613adb9a5e209f5a4eb6d904ee817ec997f4

SHA256
472729343b434dbec8a2990f93c07b0186c0fa68a7b4da94f96fc40b8ab4c36f

SHA512
8db9344b02a548b6928a042bfadfd32969bddea0c567ef2ff16a444bacdfa8ac339824e2e66820e2095241a8639caf4c4ddc630400a2864ffa91326539f9bc71

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
1b510cb5090a459a7446adb63358c549

SHA1
cc75bb1a3dfbef01bcb30f2be856e54218bfb555

SHA256
82274599a6c89a4c041935e78042dd613fe0b55ffee8bc7d9732c3a5140060e5

SHA512
a01f93983970cf27e91e2dee7af7d9de3e3f1774f8a92a2418e07f07cdc7e0a9bdf071d72045bb23d117aae37ce6c928bc7a47e04b2959d2976fdb26357c88ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
66a88a59f1990a791e4079395604292d

SHA1
525b9a726d0b031d6cd80d9ee5dc9d7a380f12a6

SHA256
4573cb215b8f61f120b56cbc660cbf71b72154f9566a9995832b9938ffbf5b8b

SHA512
2bc28f5d4fb142bfcafde934c32bea8493caba6cca8f4f29ea1cdcdb6437b2172d8c70dc1bffc1074e674cf63fd61acda7a819cb7588cad247292963b74f0f86

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
568cb7d1a6587f8e9b7cd1acaf591d1f

SHA1
67ac6b1945a5a75e80a8c3fc321d6abdd7849036

SHA256
d23532b3fc5d57f4c566226fa0f0ec9e009b43ab6a7a4aad2e47d3a146733b25

SHA512
a8d8132b497a37abcd3d7898d0d91366b5c45ffa487238894ac11622731d96cb28ea58a75967e51db98b7c02d7cd2cfedf55de37d5246c8c4bf19c600074d554

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
71c4071d720add02987a1af62fb94eea

SHA1
d37ba119cd39d14be01d73011ed1982eaaf35653

SHA256
52ae82b6fa384fe707e1f2372a4d2d6fbc38adc2167fbb9c049a02c9876facbc

SHA512
c3589df945a94ac4ecac86856c4acdabc45f392452790c83f6973b5f8ae1a01db979800a13313a5d3cf689d6d0df98f4563d289e2930acc63522906964b9b3fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
cbea146b687d6f5f56b6e776ac9ca3d5

SHA1
30bcb74e415885b2a7f5af94e6b6fd4438a3400b

SHA256
96b5dc5240239a732c46a698b1d7513fbaa0ff4c7fe86082db157536f6868838

SHA512
5036671d1f2b8b634e3dfa29f8312d0f77de2b8345ed37bdb42b38b155c7092b238d83e146d14fd45828a693d83a9c916dc77251761ed18192f2e061aa91c08f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
6f47bd60eb69711c066a8f60faef2d46

SHA1
cd2fc2c18be3d1258f235ba5cc6472a062c7957a

SHA256
e89f16bc36795a195ddd832dc74d7a8eb1c003f2ee21129f7e9d36c41148c3de

SHA512
78fe29d0b93e2d06b0e9d0f3ebdc67a1776acd8a49bc7b81f7ae15f42c6526106106a2fb36567de3fc997f00eb56628f4f5663a9774e8f052cd8b220b940117c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c8374630e80af27020e843bd55c0ed13

SHA1
26424491ea5db4b12309db687d976c8a63a5716f

SHA256
72b0c496c7ae26aaefd296067f460893d9296d33df80f3c51a5caffea0102a84

SHA512
46e4ceccbc63b956c3c400733879b426a1cceaff4f9ce714072c74fb30657472b0371ffd9de49b282fe11d42637b6badb463301057ff20b5ad98b9d0c64b45b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
dec681a928c4dc2c4f2dea13593c0e27

SHA1
76dd27cccc0809da9b389a4926b185afbf8e7dbb

SHA256
b33341c532d2208612c25f7a3be1807df2f4039d5325f5fc12a67655fad2f39c

SHA512
40c5ea8e0dc05e83472e56832f629b1d0dee91eb10ae9f0aa42ab84fd718c05a94cdab53893815452ed6083d96509c6002adaa9dd21aeeb6e4df2f29c232437d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
a20ceff8e0d300f636628b60ca20b64b

SHA1
af7569c951919cddc7025be17efcff0463015f56

SHA256
fa356a1eac806df42382a1ae135b9e7f7ca1e98f615379c92bb37d91550f2b90

SHA512
7e47ac06c3747b1a8a5c13cd77e28825f53adcb9cd8af96af48bec854904fc22227a389c6c4606789e349d64277e1ba41c0181991049f20179e8b3a6704b4728

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
e3743ec276e1ef2990ad65c74ddbd33f

SHA1
2e8758efbbceb35ea35f0b421019ff8266e9a1a4

SHA256
15b838280b6fb36f80f327e63ba57415e128e50a455f4af987f0e6a245d2ea18

SHA512
7de5ca1905563172c702ffbd538ac5e7ca217899d619893fa65470ff5c95a0c9d69fa50448aa88cf8f7de713751f824782a6789f4d8cddcdcaca98e1f8cbc4dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a0883dc4c96ad496b1574769a25f1c23

SHA1
b8f692e2b90ac50b0f0d07e3540b42b0214d8c10

SHA256
f9e44a559170fb9dea313e29ec4524d0a62bc7439d159615132f0a2dd586fe37

SHA512
b14e9356342ca6fb1fd93b1152a754aa727db722b27aba79b99e52f7ac47cf3c7f304ffcad023913b9e64fc4c18d0d830e05d6b055608d57133fbc3da26fc0a1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
58441296f34f1529c290f4328e6ecaa0

SHA1
d6717175eb1d049faa98e0e5727e4eae33d03184

SHA256
98b48ad17417b671ca6a7fe000b87a907f6bfc2c347f97c779c73c120f085a36

SHA512
276766c7de8a107bfc97b91427c78ef7901d1e26b1cbf72de9023f70d83570134291e5adc9506ae240cb12a2bdbea9f0aee8b8185a8fbc4804c383a645e31075

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a36550059759884950228e479088faea

SHA1
40c0e53ff2503633324afa35c9d4a6d4444785b8

SHA256
31f10a54e5d38d37e6ac6f4ca2306ef88090e159b052dd28bf6841741c32bb54

SHA512
f3afd214551582e6a8ef159584d62ff7633209eaf5eb5bdbfc54d51c57f11c4d4bb363f946395e05f2e9c040fe037e404805334880947fb83ec129ceae2245e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
7464b56c4234bc69c35e02c6b1c892d0

SHA1
7ce12b055f9ffc70f7c10c3cf8397368bfb69045

SHA256
ede682abf30fcf658d5dad6c482edc947aa8c94efba4e78a11700d6827def38d

SHA512
72039cd0818be8ff94598e33148845e50eedf1cf88f4d636a9c01f9c67b2b89dc360e18398fbf11b81a18993df050df20d04e64463a414da1639b9bf0b961b8b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
149b3cfa536ea1af62e69d501621b9fe

SHA1
6687071ba16a7c08b9088c28ba28f07e444cca67

SHA256
a2f46b3bda6a84a0d9eddea341e0f1b38007266be4448cc9c8c9d7637fb6b3cc

SHA512
de5d99532e7d37ebbfaa3d2a0e1d82a7af3e073ff417c31a96dc18c285da201bf8f233f0576b8ef8e93a2bb9f897e43702324182b664207d8634f4c19829f85a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
2c2fdfa1b579efa23ee72c5fc7d140cc

SHA1
49eaa50685872a7b4a2b2353413a22e26f2a52b6

SHA256
b893e76f6b06fc912a44d5b3f11dd43f46cdb51dc36d18ad3d631566544163bb

SHA512
7526c5d1afa9fc5d174144304fba6a7917080478ae8fa8d97f2bcef9b8d28a780f0cf7287297978f803ce20eeb76be8b91b18e7b8d2997e38765891ec08fb3ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
78603683643157764b0d7ee5bcb22128

SHA1
862814fbe55a0914e4ace87ec9e4b7a217a52c2e

SHA256
a8aaf5d74bf31b53fc5f52b1b4e447a25d638b72f6e414f8408b1e5c472b61de

SHA512
d03a3e03f0a21351a37051e14f7eb3055a4b3b32cfdc4e348c82646416258460fe1228ddf6219b2a4c69eb3f301c1e689ee052e745d5a4ea2db103ac9b6bb6c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
40a5ba6dd4ab21636b0da2a0e2244985

SHA1
5b625751e806964731fb3afb5056f37c5d02fce7

SHA256
89fdedf8ac20176cdf3ea7b6a7c0f9d246cbcf86bdf59182d79f0eddc602494d

SHA512
742bcf6247cc920078a5f9c5780213901a8784ecf644720839ab76fbc23274068583476638360e8c8fb2c017c45e44c9e0bef960ff4c424ef68088860e53b97e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit