hxxps://info[.]trustwave[.]com/e3t/Ctc/5F*113/d2vn8X04/MWZfQmVndqJN5X66yjQvgdMW7bJF9w5c74XKN8Zqh8F5nR32W8wM7ks6lZ3nqN9c3pZDgCWMZW6-6Nvw7PJNy7W5t_d4v3x2V2gW8-kKKx5cDYFPVf7xZQ8bCHnsW1Z545V7kWy9dW74L6Xj4c9p8sW3tz3ql51f3JFW3_nQpj6rVF1jW5x9rg-3PVBLVW3drPr86clXFwW785vsv6wd-zWW7qyK3N5vg_0pW8hVLQS6kMQkYN2-ytZ3v8dRKW4GDjSW1TXjndW3rw-pb7Bxt5nW2T7WNx6ymkPMW2vCzpB5FKx0MVsspRn8-Q0BYN4QNp_b7rshDW7WXg3f29rnyQW278rgQ7bFSy6W2NBTRC6fxXHWN3r8ZgTybFLbW2XHKdf72FNlkW77dM_q8CM5_YW7rYQWf1dFdJBW9jsXD084thV6W95-Y8L2Sz6S0N1GCNQFX97xRW2HNhxb5PB_CBW6Xbp-f1NtFb2W5KrcY47vgSS7W9bk-2w3BMQDZW23MQfc92QW95W1K9cRL53QwZJW3vVQ5v2l766QW6lN4JJ6xM0ntW2QQ91D4CWHPlW6H-0mJ2CTfwJN6lnyF8NZLF9W72TylY6RWLMZW9gc11J6GypXrf3L_5Mn04

Analysis

max time kernel
300s
max time network
279s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
26/03/2024, 23:31

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://info.trustwave.com/e3t/Ctc/5F*113/d2vn8X04/MWZfQmVndqJN5X66yjQvgdMW7bJF9w5c74XKN8Zqh8F5nR32W8wM7ks6lZ3nqN9c3pZDgCWMZW6-6Nvw7PJNy7W5t_d4v3x2V2gW8-kKKx5cDYFPVf7xZQ8bCHnsW1Z545V7kWy9dW74L6Xj4c9p8sW3tz3ql51f3JFW3_nQpj6rVF1jW5x9rg-3PVBLVW3drPr86clXFwW785vsv6wd-zWW7qyK3N5vg_0pW8hVLQS6kMQkYN2-ytZ3v8dRKW4GDjSW1TXjndW3rw-pb7Bxt5nW2T7WNx6ymkPMW2vCzpB5FKx0MVsspRn8-Q0BYN4QNp_b7rshDW7WXg3f29rnyQW278rgQ7bFSy6W2NBTRC6fxXHWN3r8ZgTybFLbW2XHKdf72FNlkW77dM_q8CM5_YW7rYQWf1dFdJBW9jsXD084thV6W95-Y8L2Sz6S0N1GCNQFX97xRW2HNhxb5PB_CBW6Xbp-f1NtFb2W5KrcY47vgSS7W9bk-2w3BMQDZW23MQfc92QW95W1K9cRL53QwZJW3vVQ5v2l766QW6lN4JJ6xM0ntW2QQ91D4CWHPlW6H-0mJ2CTfwJN6lnyF8NZLF9W72TylY6RWLMZW9gc11J6GypXrf3L_5Mn04

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133559695228880493"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2300	chrome.exe
2300	chrome.exe
4144	chrome.exe
4144	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe
Token: SeShutdownPrivilege	2300	chrome.exe
Token: SeCreatePagefilePrivilege	2300	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe
2300	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2300 wrote to memory of 3992	2300	chrome.exe	85
PID 2300 wrote to memory of 3992	2300	chrome.exe	85
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 4812	2300	chrome.exe	87
PID 2300 wrote to memory of 3476	2300	chrome.exe	88
PID 2300 wrote to memory of 3476	2300	chrome.exe	88
PID 2300 wrote to memory of 3920	2300	chrome.exe	89
PID 2300 wrote to memory of 3920	2300	chrome.exe	89
PID 2300 wrote to memory of 3920	2300	chrome.exe	89
PID 2300 wrote to memory of 3920	2300	chrome.exe	89
PID 2300 wrote to memory of 3920	2300	chrome.exe	89
PID 2300 wrote to memory of 3920	2300	chrome.exe	89
PID 2300 wrote to memory of 3920	2300	chrome.exe	89
PID 2300 wrote to memory of 3920	2300	chrome.exe	89
PID 2300 wrote to memory of 3920	2300	chrome.exe	89
PID 2300 wrote to memory of 3920	2300	chrome.exe	89
PID 2300 wrote to memory of 3920	2300	chrome.exe	89
PID 2300 wrote to memory of 3920	2300	chrome.exe	89
PID 2300 wrote to memory of 3920	2300	chrome.exe	89
PID 2300 wrote to memory of 3920	2300	chrome.exe	89
PID 2300 wrote to memory of 3920	2300	chrome.exe	89
PID 2300 wrote to memory of 3920	2300	chrome.exe	89
PID 2300 wrote to memory of 3920	2300	chrome.exe	89
PID 2300 wrote to memory of 3920	2300	chrome.exe	89
PID 2300 wrote to memory of 3920	2300	chrome.exe	89
PID 2300 wrote to memory of 3920	2300	chrome.exe	89
PID 2300 wrote to memory of 3920	2300	chrome.exe	89
PID 2300 wrote to memory of 3920	2300	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://info.trustwave.com/e3t/Ctc/5F*113/d2vn8X04/MWZfQmVndqJN5X66yjQvgdMW7bJF9w5c74XKN8Zqh8F5nR32W8wM7ks6lZ3nqN9c3pZDgCWMZW6-6Nvw7PJNy7W5t_d4v3x2V2gW8-kKKx5cDYFPVf7xZQ8bCHnsW1Z545V7kWy9dW74L6Xj4c9p8sW3tz3ql51f3JFW3_nQpj6rVF1jW5x9rg-3PVBLVW3drPr86clXFwW785vsv6wd-zWW7qyK3N5vg_0pW8hVLQS6kMQkYN2-ytZ3v8dRKW4GDjSW1TXjndW3rw-pb7Bxt5nW2T7WNx6ymkPMW2vCzpB5FKx0MVsspRn8-Q0BYN4QNp_b7rshDW7WXg3f29rnyQW278rgQ7bFSy6W2NBTRC6fxXHWN3r8ZgTybFLbW2XHKdf72FNlkW77dM_q8CM5_YW7rYQWf1dFdJBW9jsXD084thV6W95-Y8L2Sz6S0N1GCNQFX97xRW2HNhxb5PB_CBW6Xbp-f1NtFb2W5KrcY47vgSS7W9bk-2w3BMQDZW23MQfc92QW95W1K9cRL53QwZJW3vVQ5v2l766QW6lN4JJ6xM0ntW2QQ91D4CWHPlW6H-0mJ2CTfwJN6lnyF8NZLF9W72TylY6RWLMZW9gc11J6GypXrf3L_5Mn04
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffa2d19758,0x7fffa2d19768,0x7fffa2d19778
  2⤵
  PID:3992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1704 --field-trial-handle=1876,i,15586232552738784128,15374766231743781120,131072 /prefetch:2
  2⤵
  PID:4812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1876,i,15586232552738784128,15374766231743781120,131072 /prefetch:8
  2⤵
  PID:3476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2220 --field-trial-handle=1876,i,15586232552738784128,15374766231743781120,131072 /prefetch:8
  2⤵
  PID:3920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2948 --field-trial-handle=1876,i,15586232552738784128,15374766231743781120,131072 /prefetch:1
  2⤵
  PID:544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2956 --field-trial-handle=1876,i,15586232552738784128,15374766231743781120,131072 /prefetch:1
  2⤵
  PID:4992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4680 --field-trial-handle=1876,i,15586232552738784128,15374766231743781120,131072 /prefetch:1
  2⤵
  PID:1804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4688 --field-trial-handle=1876,i,15586232552738784128,15374766231743781120,131072 /prefetch:1
  2⤵
  PID:4704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5492 --field-trial-handle=1876,i,15586232552738784128,15374766231743781120,131072 /prefetch:8
  2⤵
  PID:4620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5600 --field-trial-handle=1876,i,15586232552738784128,15374766231743781120,131072 /prefetch:8
  2⤵
  PID:4280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1712 --field-trial-handle=1876,i,15586232552738784128,15374766231743781120,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4144

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4644

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
624B

MD5
f91a7fc02b52312b499dfee98e53e97f

SHA1
aa9d16b71f9c4f1fc07714a60d2ac7b9b0f5ce83

SHA256
96fbe8d9d0c64e29c2916a00b4842f962f94fe1b24ab442dc1b9676397167f93

SHA512
c39f6db1ab9d388ca6b208638342dea5d7eabab04b8bda5829cc52dfd40728ce2e893d808dfed6123a316317a780ac0ec09daf827555b91a64506c84acfb3be9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
cc8658bdcab58f1708a045c22859acc7

SHA1
99dff93daf55c3c7e95691c11eec8915f88ad26f

SHA256
3e4aa9ed3d608658c84fa6bb550338df0f4d3afc4364d993c22ce4f7ad917e9e

SHA512
f932e28c034d50dd178ad8386eb022a03f789117ef8ac7bb72489b9f7a7c42eabfeeac048ee1dee3d5d8d26833d8b266cf95f354d6107eab9819e1d23be22789

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
cd807476250e27978f225f698b4a0adc

SHA1
f382ac53a628b9af2887ef7f3d68d1f15e8db087

SHA256
4dba61f774ca6d0f33f4b4ba3b305321cc00ba0419f80dda06c0657e91224ece

SHA512
6d356005c0148508454b416303dbb79f0b9f76ac0fcd256ac2a474d0d16d7276e69b9d141238a286c3f6fb7fd9dcbbd6a824c4be3460d78c058a796eafe48c51

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
ca9e098099bf002260f5594fa2421451

SHA1
1c991635dbbccde02b8e9576df50a7fa80664be6

SHA256
516144f57b3a82608a3404ec7fd51211b726c8ca05ab6fc298ac61a6202e3c73

SHA512
4bfb253a712c1bd5718f083bc75863911bf4f6dbe0aeda1b4d93816a6b1c05384d506baa6e9c9374dd666175f748f5d3fc38997b284285c4cd2c9dcd47b76522

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
cc87ad28ba17963044c63f91c1dfd3c5

SHA1
ec89e316e63410c5a230f2648a9563553db9100d

SHA256
fd1cc095ba65e3197fc6eb4e8bf00f60c2f71e16686f9aabd8f1cd857506744d

SHA512
d496c50b065ff31dec3bb3d88c43235137a3dddf0b1770971ab45adaa0b13b4c04a7c8230bf41b5b102eb15e1ed6ace58b6a53d1c1c4a1d4cded41fc67cdb5e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
046d05f7c8d528d22b7f7744299f9e63

SHA1
6b0e27ff7a0e99149436c0bab6cfe892826a3051

SHA256
d99a539a55a5988b9342ae1a014a3e2e2b839fc5c61ef85e782d992c93fb1cf1

SHA512
fcd10b00223b6091ae015342b3121bee5f5653d6fcfd82bc540156be75735be393d55939f1cd060688e0942d94f2155b614ae4972bfdf70c99079e5baa1992f1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
6317b3fce8f10410abff6cbf625cd952

SHA1
81a52230133c0c6c7091d1c9904f8e5f91e09511

SHA256
e157e6ea671020feedbd211ec72295a421b8befc2658473deef3aed803345f6a

SHA512
4681578db3ab9b2d206c74513e3d7c0576ccd0cc4faeeb1f8fb91b91143a60b90deb031cc16b66189382d43dbbf608d011c19dc6ec0b3338e258a8c7a540c359

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit