hxxp://github[.]com/Mist0090/

Analysis

max time kernel
254s
max time network
255s
platform
windows10-1703_x64
resource
win10-20240221-en
resource tags

arch:x64arch:x86image:win10-20240221-enlocale:en-usos:windows10-1703-x64system
submitted
29-03-2024 14:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://github.com/Mist0090/

Score

8^/10

bootkit persistence

Malware Config

Signatures

Downloads MZ/PE file

Executes dropped EXE 2 IoCs

pid	Process
3768	Dioxide.exe
4244	Monoxidex86.harmless.exe

Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

Bootkits write to the MBR to gain persistence at a level below the operating system.

bootkit persistence

Bootkit

T1542.003

description	ioc	Process
File opened for modification	\??\PhysicalDrive0	Dioxide.exe

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133561962055526717"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4720	chrome.exe
4720	chrome.exe
876	chrome.exe
876	chrome.exe
2752	chrome.exe
2752	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs

pid	Process
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe
Token: SeShutdownPrivilege	4720	chrome.exe
Token: SeCreatePagefilePrivilege	4720	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
4720	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe
876	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4720 wrote to memory of 2580	4720	chrome.exe	74
PID 4720 wrote to memory of 2580	4720	chrome.exe	74
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4460	4720	chrome.exe	76
PID 4720 wrote to memory of 4244	4720	chrome.exe	77
PID 4720 wrote to memory of 4244	4720	chrome.exe	77
PID 4720 wrote to memory of 3928	4720	chrome.exe	78
PID 4720 wrote to memory of 3928	4720	chrome.exe	78
PID 4720 wrote to memory of 3928	4720	chrome.exe	78
PID 4720 wrote to memory of 3928	4720	chrome.exe	78
PID 4720 wrote to memory of 3928	4720	chrome.exe	78
PID 4720 wrote to memory of 3928	4720	chrome.exe	78
PID 4720 wrote to memory of 3928	4720	chrome.exe	78
PID 4720 wrote to memory of 3928	4720	chrome.exe	78
PID 4720 wrote to memory of 3928	4720	chrome.exe	78
PID 4720 wrote to memory of 3928	4720	chrome.exe	78
PID 4720 wrote to memory of 3928	4720	chrome.exe	78
PID 4720 wrote to memory of 3928	4720	chrome.exe	78
PID 4720 wrote to memory of 3928	4720	chrome.exe	78
PID 4720 wrote to memory of 3928	4720	chrome.exe	78
PID 4720 wrote to memory of 3928	4720	chrome.exe	78
PID 4720 wrote to memory of 3928	4720	chrome.exe	78
PID 4720 wrote to memory of 3928	4720	chrome.exe	78
PID 4720 wrote to memory of 3928	4720	chrome.exe	78
PID 4720 wrote to memory of 3928	4720	chrome.exe	78
PID 4720 wrote to memory of 3928	4720	chrome.exe	78
PID 4720 wrote to memory of 3928	4720	chrome.exe	78
PID 4720 wrote to memory of 3928	4720	chrome.exe	78

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://github.com/Mist0090/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7fff2b2a9758,0x7fff2b2a9768,0x7fff2b2a9778
  2⤵
  PID:2580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1536 --field-trial-handle=1848,i,592994325291914138,10390962967861445662,131072 /prefetch:2
  2⤵
  PID:4460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1792 --field-trial-handle=1848,i,592994325291914138,10390962967861445662,131072 /prefetch:8
  2⤵
  PID:4244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1640 --field-trial-handle=1848,i,592994325291914138,10390962967861445662,131072 /prefetch:8
  2⤵
  PID:3928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2668 --field-trial-handle=1848,i,592994325291914138,10390962967861445662,131072 /prefetch:1
  2⤵
  PID:4576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2676 --field-trial-handle=1848,i,592994325291914138,10390962967861445662,131072 /prefetch:1
  2⤵
  PID:4172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4392 --field-trial-handle=1848,i,592994325291914138,10390962967861445662,131072 /prefetch:1
  2⤵
  PID:4800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3144 --field-trial-handle=1848,i,592994325291914138,10390962967861445662,131072 /prefetch:8
  2⤵
  PID:828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4964 --field-trial-handle=1848,i,592994325291914138,10390962967861445662,131072 /prefetch:8
  2⤵
  PID:1496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3116 --field-trial-handle=1848,i,592994325291914138,10390962967861445662,131072 /prefetch:8
  2⤵
  PID:164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5400 --field-trial-handle=1848,i,592994325291914138,10390962967861445662,131072 /prefetch:8
  2⤵
  PID:1572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5440 --field-trial-handle=1848,i,592994325291914138,10390962967861445662,131072 /prefetch:8
  2⤵
  PID:2940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5436 --field-trial-handle=1848,i,592994325291914138,10390962967861445662,131072 /prefetch:8
  2⤵
  PID:4056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1684 --field-trial-handle=1848,i,592994325291914138,10390962967861445662,131072 /prefetch:8
  2⤵
  PID:4176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5004 --field-trial-handle=1848,i,592994325291914138,10390962967861445662,131072 /prefetch:8
  2⤵
  PID:1088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4452 --field-trial-handle=1848,i,592994325291914138,10390962967861445662,131072 /prefetch:8
  2⤵
  PID:2436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5436 --field-trial-handle=1848,i,592994325291914138,10390962967861445662,131072 /prefetch:8
  2⤵
  PID:1540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4812 --field-trial-handle=1848,i,592994325291914138,10390962967861445662,131072 /prefetch:8
  2⤵
  PID:4044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5724 --field-trial-handle=1848,i,592994325291914138,10390962967861445662,131072 /prefetch:8
  2⤵
  PID:2952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5592 --field-trial-handle=1848,i,592994325291914138,10390962967861445662,131072 /prefetch:8
  2⤵
  PID:2672

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4532

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:2316

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7fff2b2a9758,0x7fff2b2a9768,0x7fff2b2a9778
  2⤵
  PID:4224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1524 --field-trial-handle=1784,i,15081482018528615047,13731772496064372048,131072 /prefetch:2
  2⤵
  PID:4752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1812 --field-trial-handle=1784,i,15081482018528615047,13731772496064372048,131072 /prefetch:8
  2⤵
  PID:2672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2080 --field-trial-handle=1784,i,15081482018528615047,13731772496064372048,131072 /prefetch:8
  2⤵
  PID:4028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2856 --field-trial-handle=1784,i,15081482018528615047,13731772496064372048,131072 /prefetch:1
  2⤵
  PID:1412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2864 --field-trial-handle=1784,i,15081482018528615047,13731772496064372048,131072 /prefetch:1
  2⤵
  PID:8
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4512 --field-trial-handle=1784,i,15081482018528615047,13731772496064372048,131072 /prefetch:1
  2⤵
  PID:4952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4964 --field-trial-handle=1784,i,15081482018528615047,13731772496064372048,131072 /prefetch:8
  2⤵
  PID:1436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5012 --field-trial-handle=1784,i,15081482018528615047,13731772496064372048,131072 /prefetch:8
  2⤵
  PID:2620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5064 --field-trial-handle=1784,i,15081482018528615047,13731772496064372048,131072 /prefetch:8
  2⤵
  PID:3480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5292 --field-trial-handle=1784,i,15081482018528615047,13731772496064372048,131072 /prefetch:1
  2⤵
  PID:3348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4664 --field-trial-handle=1784,i,15081482018528615047,13731772496064372048,131072 /prefetch:1
  2⤵
  PID:4248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2976 --field-trial-handle=1784,i,15081482018528615047,13731772496064372048,131072 /prefetch:1
  2⤵
  PID:4484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3784 --field-trial-handle=1784,i,15081482018528615047,13731772496064372048,131072 /prefetch:8
  2⤵
  PID:3760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4516 --field-trial-handle=1784,i,15081482018528615047,13731772496064372048,131072 /prefetch:8
  2⤵
  PID:3636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5572 --field-trial-handle=1784,i,15081482018528615047,13731772496064372048,131072 /prefetch:8
  2⤵
  PID:1012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5488 --field-trial-handle=1784,i,15081482018528615047,13731772496064372048,131072 /prefetch:1
  2⤵
  PID:804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5468 --field-trial-handle=1784,i,15081482018528615047,13731772496064372048,131072 /prefetch:8
  2⤵
  PID:3668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3356 --field-trial-handle=1784,i,15081482018528615047,13731772496064372048,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5920 --field-trial-handle=1784,i,15081482018528615047,13731772496064372048,131072 /prefetch:8
  2⤵
  PID:4596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=1460 --field-trial-handle=1784,i,15081482018528615047,13731772496064372048,131072 /prefetch:1
  2⤵
  PID:2736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5796 --field-trial-handle=1784,i,15081482018528615047,13731772496064372048,131072 /prefetch:1
  2⤵
  PID:1452

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:5044

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x194
1⤵
PID:420

C:\Users\Admin\Desktop\Dioxide.exe
"C:\Users\Admin\Desktop\Dioxide.exe"
1⤵
- Executes dropped EXE
- Writes to the Master Boot Record (MBR)
PID:3768

C:\Users\Admin\Desktop\Monoxidex86.harmless.exe
"C:\Users\Admin\Desktop\Monoxidex86.harmless.exe"
1⤵
- Executes dropped EXE
PID:4244

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

T1542

Bootkit

T1542.003

Privilege Escalation

Defense Evasion

Pre-OS Boot

T1542

Bootkit

T1542.003

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
7e040e0108380239aee8c630910fa104

SHA1
88b3c774709870b7854a747072c417ccd0eec089

SHA256
6e2997705f2585039b27a2d92ca679df3f222b7dc22e918ed044bd07e1816c60

SHA512
c58b6c53b5850f9290d49cdf8ba35f210d3181a2800ba8a85867c2ff4f932f04ae7436822fabccbf6094bfb6c4b4889635faf50e4f3a33506011e6a94f74a410

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
dd6dc7075db67b5d9dc3d45f8319eca4

SHA1
0c018c996f705ee8e00f7a708b8b68b5386d78d3

SHA256
6ef5b5a690e63c0da7460e42366fbdce0d36c8166bd1c9c7a8ddcaaa19b3a50c

SHA512
72a8a8e765fcc80086846b809d0aa4110b0a85c577767c5da765b9103346002614c96b4221c713f7ecc2bd858e5f9206da8d9d958f88b5c92c9bfc78dc2f91ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
6e924066998d7b85225e3ac273393084

SHA1
fe80e4939638d131596721312036d174aa740915

SHA256
abeedf0ece0de66094101bf2c32002ff5b4b5a6cb212f6cda2fc741034fa6fda

SHA512
6b094752aae97e57afae8f5bb379bbb33dacac7335ae0428ed497c3f3f85a4097fc79d863721d26eb014cdc69982c4559dd96d78ef30b13f64fd61bd91eaa396

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
73f9d16c07535fdd274b2b400e7d0378

SHA1
b6417644cd06b707fe2eff4acda038a6bf3ad5d4

SHA256
5838af2dc83c5d7876eef44b9087ec012675ea75de429d236d2de2f518989169

SHA512
5073628ae8b2e6c359fa9df62851bc1b6b30733741914cb6ab3c9fc1758f6da2ce490c16067a3dfd39c3435fa6e89b13df5b54bf0f6d843f4d2ed0c30bf0c60b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
0da9035599e30db797be8671ac6af8fa

SHA1
84cc43acb14354119cf6ce404d245a5d22e27599

SHA256
f9791be106a65a76b94c64e4eee64332d428aabc6f2b45348363b961757199dc

SHA512
4d9597a433880570caa279d3a7c300bdcf93c8c0c54e8ac50a3886d8e08bf830ec4f58b5b4ba66d677aa681f1587ba21f9bfb9af6331d711acd8930f8854d572

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

Filesize
49KB

MD5
007fb5dbf7496d94e9e4a7715d4e0c29

SHA1
cfe20a62783b5ef5d2f90ee5924e198e49675fb5

SHA256
6983af502765ba203342e45c3e74b5d32b98ab7ecd1791faecf7c1a9d7734709

SHA512
92711c785a14bd326532721b63946a602eab1e5e1f87eb255452d46e9cbcf10435bc91b2f1b1b80be8792e585f20d6850a289a3c36285a54c02dad7266c6bf96

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000003

Filesize
44KB

MD5
edadb4a5b71547a4fa0981c7409e3f0d

SHA1
2087cf3699bbb42c52bde424d0eb998fab22b765

SHA256
7d5ffd759cd49a5fa6a03b918882108e0dc5d91e755b052d6452c7930e0954f9

SHA512
92af330aa65afe0bf08850450f0b11a73324cd414a88b392a8b283feff814cd10ffa1924b506220b964e634732c7fe02e27fd5b23887c8a9aec5324b0d174834

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

Filesize
24KB

MD5
dc0ad025509c966716f971b6e0d36ee9

SHA1
64c5b5b0bc022961bcff062467df6cde579a7d5a

SHA256
ff30c58cbd4693a19a964c528b653c80ce1968b7db93a92a5ee9f3788efe4103

SHA512
3580ddfded853f05ce10d96292ae23ac2593079cb2bcedd1e5081d99e8aa54c7ec985cbbf29e5961425192a00ef639cc3969e5bc1f6450bcbbf855e3f161ea83

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
23KB

MD5
544fb04bb29f0f5788fd4c3ed2ef5f1d

SHA1
4ddddf5dbbbff39f64f3edb3431d87fb8ffbfc7e

SHA256
50881237b8ccc8f979af498f643e7823da4a71a9054ca277a200ead8daa62699

SHA512
45cae9d9322663eac8596e6f502bbbc73d3abecdba4f579904d34ebfb673b11871dedde2c61a76631c4c36ae9d117d75d0820936304690cb6a7943029090c712

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

Filesize
102KB

MD5
be346d746be4b0e6b8d9b1a7887816de

SHA1
40aa9ab8e2a67d11a5cb0ced0b8d8d5b91ec99d2

SHA256
bfe3c7a2f8dde48378e48fa7bb4c7a5c8ace07a46c17ff793f3d70d10241476c

SHA512
301522378538d2235633735de25a0fdddd6ace96f44b7b6b4c60c100d5999b2218414fca3a2bb2866f81b5202f59019870c3fa94abf8d99ba7cf7787ce50e199

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000053

Filesize
135KB

MD5
1ece3b3d1c0ac3977c026be0ec836292

SHA1
a983a26355f9fb850a357f55b0643d730b7e9c06

SHA256
dddb8fbfc07ecd1aa881e55478bc16abb66ca30e5bfed13fac4fa349eea49b6b

SHA512
c27d0c2260919b4ec69ce94de34e6d1665f06816677503fd552ab88edee58aa320076e8a1d6633ea9496315af34eb190a3137d9f8247318f67fc106e5f352db9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
58b2cd5cca5bf9b84aced29371880802

SHA1
2b461bc17e33a7db29dedc3efcbe83a5ce1b5a29

SHA256
190ba30c84722da4cadd1ca1424fe3867443da70770b3c08c4471bbb2fb31935

SHA512
1a7001cfa6c3bc8a84a9a69c48a42344fd50490a550844e829e7f8f56b109fd6f1b4131e1567cb0b8bcd35e5e5a4df41612d2eeb3b0f418068ec8733a4153579

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
6845489d93a54008e4a2cff2bb2c715e

SHA1
68d217f3cb43823b9de0533a9c6b464cfd8a65ae

SHA256
3200aac64f55658e1f5a5e571c7ed29ba0716f96e4d1af4abaa72db4cc050948

SHA512
6eb0961edffe1cab78690ded661b344da4c28acea8aa8e1739e4ef902bc88db2f9d082563a96e0fb41f234492fe45c77426e3c8d00b9cc7cf744e6713effca19

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
d277f8b8e950e0d71aac15e0ebd8c083

SHA1
4aec7102d62df52b70358259a8927a37ff88247c

SHA256
e5114a1d4d6bfbeeaa6ef8173cfbdfcc239ea5d8592f73f2842a68f8652a048f

SHA512
7e20ca5315a30567479ca7627b66bcf0997334f95fab4a885d4779e3bec14a09dc258f21a11b559358f8ee37e5eaa61591b24b66ac8b97c54123c8e528412775

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
a6739bc10263a36b6ecce4e015c7c83f

SHA1
130436ce9f1e47fda87be6129741fa6db012f59c

SHA256
de7bcde2d54e3c1e35887c135971303756c5797e9e537fc916109a3f9027a4e7

SHA512
0db2daaaf2a6cbdc7ae34097f84ee986a3a61caa33c39b5208c8ff87644be3e68da417743461f24b48538666301bf2802894c7492dd76cdf34b1441f2a237a96

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
f3a37aab94edd0ecc284e55b04e82318

SHA1
ff1eea53f78c19e81c3e2329a908fd71fe3de0bd

SHA256
d9f372362f66ba216e633eb78c4fe2e7e85d9ae1c5b53b3c51b10321010f9a22

SHA512
ae9c9179ced878403f7264e43f544db891be5152bfff6d41646ef16d4e525998005370d6367692db2573b34890a078332d39911c061693849497dd56b58ab387

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
1aa83e2d17a20a6bd1209c030a520ef1

SHA1
732eb4d11acff82cf1ada5d8a527018929fc7498

SHA256
72b03ad89ab6119436ed6142d46208cedb263f176da009ddb1f8bcf502f5d0dc

SHA512
1224a22d1a7b45372dfda825317bd51023e26385a3147ecf8942a1421660f57987ae7fc212f7838bb2efb0387295e840b7470ccb08b39a0b4e6bc1bdba91937f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

Filesize
317B

MD5
bffe86498ae8508dd3474b25ec2eb791

SHA1
2d167ce2142aa4939b7fa81816ce416ae68f5b71

SHA256
201b4052af408de315309f1869a8d8fdfe58c8c97b4f9d3e9d4c06c712341da9

SHA512
f7dcc04e8fd80c187aefcdfd5c7b8d974c502defe11414d4283c590837b8ce3f0b2b3c7619b9c6f06c76c990a68352ecbfeab2ea00b9fdc634f28aa82a4625d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

Filesize
20KB

MD5
b7947fa9484a6590e1fb8adf6cb89c11

SHA1
1903e3809581ff4b5098b6c834739fb87f9be193

SHA256
bbcda76acc5ddfd347f17b6ac5d817ff1e1f96e741008df10f11588242a136f1

SHA512
4e7716b1c44b700ce9182e327f4c92273705ce029d109461cbb8f6feaf1ab491873d6e97d1f37b0e6fd1aa407ca47b52ef87259596c6384b5c8f03454ce6e2ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
86fa6aa30aacfbd886dc0521d45b5637

SHA1
c55c17de2a6f1755d7ee8c2c4361b1ca5b637c6c

SHA256
322ddafa78f673d745a281734f52e47a94a866621f8708617317c367d5a692a0

SHA512
a02b79a109ed222d593467d1844bcb99f60c77f094664b649907f0ae1c0ca8d3d062dc0ecec109130992f3c88fd96773ca2e78dfdfa2fc53d9e24f8b1c7a259d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
148KB

MD5
2423147c4029a9ab0ed73b03c14d414e

SHA1
ea0a423572f486d70f19523489e282732d309b31

SHA256
1fb4419f74a159c8ff56b89388320df1c66f237cb2dccd359bad7cfeb97f4d5c

SHA512
99f5eb725c9e6227035f99d92389cce46d408de3d384932d293494790c755aa32c5d79bd2c6e63d8a27270a4050f071459899181c35384f4e94794d0d6bbfc4a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log

Filesize
23KB

MD5
da51a5ea68e8e245b4ae6772f3b5a3c5

SHA1
8dc9b2c62e94d02ab83cb0b87ec36af50eee4865

SHA256
7553e3055725d20d6c0962597d05ae6349d95548299c19af84361ccee0fff027

SHA512
308ceead32e8c1335e7265f529b0001f085b07b9a9c88bc5bf1d850a7261ffd234d70f5704880c9e2ea421eb8d7d738ffc8912dd554280e196b89e6a9c640298

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

Filesize
329B

MD5
c7c64bca87c564591bfeb5f83c1e4535

SHA1
2904af00fbaa51e6519ed3a178a0be2ff9ac2242

SHA256
37d2df038c9ae3665ac8f5db400d92418850f81f62d7c89ca8be9bfa8b9253f9

SHA512
77f8598c3282417446bcebc2195acbca31fa9ee7da7fb388e29d47665f6eb79c2d4274ab28c7f1b9cf0a9e77dcd7346076cf6aae510a4f4028f383ab3b842047

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

Filesize
20KB

MD5
dfc88286a04f6bac30b5547e2ed8f50a

SHA1
5bc9d990a920e54529cccc8ab1476a0c3ce15625

SHA256
ce847a660a661283c6b323b83742cfd66136ce919b78883830e745403b706e7e

SHA512
0da9d5ad3a51e73e2d0ae27fd5d90bc6706f70639f32fb34c6e9e203689eae87ab202ee539b886d46b3c88e2d576814ed230ae082c2184b47dc3fcc744df7c10

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
92b92c9a4f90d5bb9b43dbc5745fe24f

SHA1
d1e86dae17e8dddaec574858b17d67d508a29f19

SHA256
6c7b94f2d16175fe3713ac79c5ab8ff35312d19490e43989409363542ec000f2

SHA512
dec7daba4874745bc8dcf9d86eaa0a84c458f4800320db6727ea178a616717d03e0d90cf1d70d5b2e26b67a7b2d755952b9a8f49d23e1969f4f9ed1316a64a58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
733d137527b18f39912ad74230621b82

SHA1
d026ab401f7b32150ab5fbebb2a001463c918481

SHA256
8ada2b3f5eac90e1062b97290a68314bb9ddee967a2ff2228cf45865b25a9cd8

SHA512
c8f7f608c63ffcc207916888febbdbc64da3fc747a397c4a45812ba4d146304141514d9a42bc60fc7b48ffc47b50cee1b961d94be255f079396dd7304dcc49d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
3b1becabeebebfc8ea843ecca3f01001

SHA1
1867fbb6eed882837566c196758f63beba24f2a7

SHA256
c185ff45e30a5fd3942c026eff512f4bf464ca312b4ed6127ecee9b9ee13a21c

SHA512
3256a7459e0a11e856f7ef881ee6bbbd8bb27c4cb1089113383bd8c89cb71afc3c49d4a3866f88ce2a08631cc07290f13bfe1a866b990762e6b5d13b22325c7f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
f8cc6e2086c4548692da6b67f5522ec8

SHA1
0b603a1dc3c39750db9ac9e14c31136255e23b93

SHA256
9a5a8def4e485214298051f669c86fe6097888b2fc58758b85849b766fee1e31

SHA512
94b094569f12de05b5b89fb658102d03273f67abdf0bd352115cfb8c701cf34abe506c8a71cc3884be7e6b83cd2ac3f61452103ea7897bbec8162f01ab5b6c5d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
b3eb9e154664e4a3f5c41f4aedc4c9f6

SHA1
0c7bb6fff53a170f3c3fbff74914bc2753b061ff

SHA256
630b7997d6356717579094c655ce9ab21b8cb2cb7e6eb323e43b98310364e2ba

SHA512
97010abaaee3700206a3711c0cdc886be453c06af4a5e7f5da4b9c54e5ee2d1887bf5e055c38ba24d557e48c51743613d4f81b0c4c64be000ad4fc3f0d0b46a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4e1fd2ce609ef2f61f28ee7aa5d61d7f

SHA1
1bb106046c8aa2cce7bd80b5f595cb29d6d74ebb

SHA256
d3df7588c6e3326b5038280672bf3f4907eee8191fe08667e03cdf4c5544bb9a

SHA512
72af29814d4f6e85ee1742ab49eb9e26770c2dca7cb40d5a602e2d4451fe49f3b9561e8b6b119c887673c7f2a4b27b6a135dc5598f37cd228a68ebfda138febd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
9ce3d1bdf17bbea4ef062b66b820fe49

SHA1
63cbe261cb73392a9e7669191acda9c7e94f7b0d

SHA256
99ced0b69cd3b9594c10cea62e9d4145fb6a38ed4d5dd05a88d0daca455fc3bc

SHA512
b3432d36330bd8eb463fcdf15882c7bafdf18b68abf1ff4a169c73f6ef87ec917c91f62ac50068af93e275869c90e33d42fb83cc4c269eefa8de3b83ad952a1e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
129cbc5c8ad95a749591c0de325a0401

SHA1
05e11be86ece8cfc8ab892f48b553ddc38de7e36

SHA256
92d051f50488e7033bc05fba133e9e91a6c44e0cd741b8da47c74f7fdf0cf081

SHA512
58805c854b730756cdcea9998b5840623f2bf9e3217376d4a57b6d2c20a1391a303f2d0e2208cd9248e92c237522fb2d4a19d20a8b354314e0b2f6c1e7b01604

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
0003560e50ddf402ed6a4262e8db1163

SHA1
1c0138920c188f57291c82e967a7d660fe335512

SHA256
57082a2df0014cc1dcb5d0ad841dbd2d4276090643124126e5d055bac0e7c280

SHA512
0f9ea5b043cceb1fdb02679269e9e001d62eb3eb9dd7f07279bf1f59cda828d5a01f95df385c8a37e8fa85b3bd462bd5118f18a56743f2287821fc55c205d6f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
020fc861026a3f9cfd01b59814a6bef8

SHA1
e048346998c8843e128a71b55cd7b8b756ccfd21

SHA256
fa345166ac18620a50040e6c8754f01d05b69c2360898f60696f75944492c1c9

SHA512
9c4b53b3d3825bfcf801291beedbd4fa7cba9eed7f62a4c9125bf87aa8544d5c9cc0d40e9421d278b06b89713cfcbd5dbb6c743a460b3c47b20c217760171d74

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
facad1daf6fa26770cd81ddcb15faa67

SHA1
98935c9cba4846d54681cd9ca5d8dd689e6e4a9b

SHA256
d41d739f27a17c0317bd90c9220b947eb5008c1a27086510bba05b0b7f1c469c

SHA512
565472649f26819c60de380ed94f82b81ed0ae3d55ff3d1a24e1ae077a222d3b77e5087629d7249e7e029215bd78e90c1e1c778b872262112d70190760a2971a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
d2490f7b91113eeb8a0988295537c048

SHA1
97cfa83faf759ed8f390f86fa349f54184079366

SHA256
76f2d1d07866ea3ed38d47d4ee5beb5ae49c57789ef185c8602854d2a869c778

SHA512
f81b66f0c8e265980f7b67bb5c926b287d598645e0f8f1fb0289a35fc73c9664667ea7a597dd88cce2f5ad934c3399f46a263a9bb16d051965a5d6e621341c1c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
bbc4fdb790dc806b1840ee80f31c1917

SHA1
84f6e75f6602e8050e693d36bac24685423e6a3f

SHA256
e5744d9e0daa32c7a2b11a5cda2df33bd8b67c636b3fc0c2ceee858e18e3638f

SHA512
2e5bba21f37bafdeb6e01680c6188c0b50c11f85e4e4e0544a2e40ce9ddc8afce79121c46238022a87cb9b223b5adce16d68bf0d226ed90f98bd294a755df9cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
f0f859caad8a9fa2827af66661663cca

SHA1
ba0b84358fabcc8dbc42a9bb5d92e5a92cb96e67

SHA256
20c1ba3ea7dc0afc4788466d87062051c98361e1ad332855d5ddf5a8eee2818f

SHA512
d6246005448ec700b50387f8ce2b843dfb72969317f83937a9d3f1665c104aec94b4191d2bcf5f9cd5932881830463fe2bf355e882ce369c36270c8a58a8495b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
483942cf03827a7163492211793f511f

SHA1
a44cad2285cabef94f61a515e491c4c53bbd4c99

SHA256
c08799468ae6fb9240874ec109432731a1d86e716cef911dc4cba525a34a96e1

SHA512
1c4c08d09c454c50410a163d38dd6f4262e5a67273cea13645cb49b162ad5ec8ed384eb0e90419c31db65e75fb3ea8e13b60603e622c0f4a2945ce34166410d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
de5154227b722e5fb24b47ef08d55c9b

SHA1
eb200645c6e1254326162c58cea5a8fe0634d039

SHA256
3bb3a8e434a8df7c0a50e33f6e46c264c2300711a22575911ac353bc7e2f5667

SHA512
535b1e3641fc3221cf770b5d23964150362978396052a61bc3a0e5edf41741275d43a0ecc8c24aabc4841cecb6806334f4906d8ae4ccfce45ab7629ce57a0b93

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
49cfebad4c41258ff3c102306ea53a66

SHA1
841d1b3dc09126c68af78a34d83635e853b152fd

SHA256
085ff6a26b6b0ad583d34af802bc9dd06a9abb70668662f1d8b1356cdd4c013f

SHA512
a0b77fef329c98526fffe1cc3d9260e8631f9bd0cd2b792137c666d10a28ea0cca3866ff07b9d6f947d94a90917d4aef8ae42c8e2bd977babab110453065588b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
72f6d3bf2e471e2a8d60a289e307eab2

SHA1
263a6fd089487309795b83adb6b42c446b2ae88e

SHA256
ddd1f32cfddd8248e150bd52e48533546aa2436b9a2747473b1b2ff665eed8c1

SHA512
6624bfce19412c7d4607d792c176021d3c1087630b9905853cc717082cbd7ba4a0a18360842a374bd528298100667350bebdc42ab3e5e94311aea4e6ab405ff5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
12KB

MD5
117a1562d5bca0b82fa8d5757d6f6c58

SHA1
ab70ee048fe0beb9b438f09f86d6786f6e7d845d

SHA256
3b5a0cc902f3751c94ddbe5036b7ba5504f02279b5891b8b052c9e661fc7b67b

SHA512
e227b8583e3755a6116b73dab5073bdd5744d4dc05fe157336cc7398a7c869e14347bccadd887772b80f171e0013be94bff41be2715d9e52b523269fb7526b35

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\54198879-03e2-48e6-8622-558edf70468b\index-dir\the-real-index

Filesize
2KB

MD5
65ce983d444675f44f036a5b28f1a5ce

SHA1
a1a17ca7ac385d3ea87259cef475ee054bf998a1

SHA256
90db3e6e23e5d2cc4177e8a594a8c300cbf774ad6e17c21c3e9b8de20a74464e

SHA512
77f18284e3164af3486b6493a11d94fe85d7d4c4254867b94a33784b327697998d13d9d5268621791836319f34e149ef71cb487598a357839217f2c77741f9ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\54198879-03e2-48e6-8622-558edf70468b\index-dir\the-real-index

Filesize
2KB

MD5
bb3e527fd9f8cfaaef3e3d03d4b749ab

SHA1
ae58142efd6be773592ded98f126e4594cd4c64c

SHA256
0a824bbca029a22403a8068d13267f64f6a6b7a47d343826d296919395f26486

SHA512
d64f004315499396c4437e054d3b35df317800cba759927edaf3b13ac9a6b435b37fab4bd913a425aa0ed81c95decfe43aa3133dd8098f3e0d0cea558ced84d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\54198879-03e2-48e6-8622-558edf70468b\index-dir\the-real-index~RFe58e4ec.TMP

Filesize
48B

MD5
b01d931fa7e1a7e2e999a77f4e7f5b01

SHA1
9603afa079ef37f57fe6167be7ce02a0e65f4b70

SHA256
48d74cabd6fae4c90a19060978165cfa1b70a63d38dfb8a2b16b971a58684415

SHA512
a067c78acf1d14981dd7dd369bd05347c13573617f679f13210d02a4d2257f681554ede8ee2397938eb1342801b8e3f9bf94195e1375ab30ca321febb7cc0a94

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
c99c15bd380cc85aed6fd2e989f98e16

SHA1
0a4b69a21c7990447b231601bd15567db3508077

SHA256
d861de8660f94527668190fff8ed20444f3a2c7be066ff4267efc79a60ad9af2

SHA512
9e0434d8fd045e47ca2c551fc5ddf3c5f7edc97c872149cea70bdbc64282446601dc7a14091591536c92f6ea765985f0f55e0f60a2c41bfbce77589d55ed5123

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
34ebc3998cc6decbc699da51618461e8

SHA1
00189cad84cfd93e536087912b6e089f2a31c65d

SHA256
84f3dc2c51507929012ad7f59bdd7f038692e2ed309e945e3bad9630394006a5

SHA512
aac677b7dce6c7336f52cc3d0c3a39c2dfed1831434c56ef9f90cf7c0788647e9dd888d657f8d36a7fbbaedbe70e8084254208922d4eb5c79422591e6f5fa4d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
0d4227c00247d2dcb3d10594018e3d65

SHA1
c6d70c1970fbab120d52dbb69dc34742058c3436

SHA256
f93938374b43b657b99d0fb1eaab58eb63413d0a4c3317a284d5dc7e9406c8cc

SHA512
949809c4ace2507cd519e5a9fa36915efb6e412e07f07d00532c567e934410ed005f87915979ac633a33a326797a6ee1565cad15ae770ef4de155376a1b6cbda

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
ca7d61f4825f0c628d82ad36770c380c

SHA1
f359b4fc72f425887d440635dfb9272137237fa8

SHA256
c0d3b8a4e846c999647bff939c06ec42b7c52fa54686b72eeb8917d139605f75

SHA512
4900b0d5f0f24ce3361b396a1b789bdaa9916a2f816ab6a85433b1bf9107ba028859c7d27b4b69bc1c024fc0b7389cbd3fa2bf16951f86def8b595bf38aa1280

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5890a2.TMP

Filesize
119B

MD5
28979f1df69c49a2abe1fcfcc5d70a26

SHA1
7b764bb0185e9a0a67a5ebbc20080c0d1b2e4dbe

SHA256
b0cb7ee3e9c1253a6f526d01c256b87ebf926d1f2c1cd1c39ea77674961d8b29

SHA512
2412e24ea48b69390d1fed84c0ad3d5278891cc31295b8417f8cea8662c572f8116a1924ffa8360339830203494b700377443ffc526077ca01bb7c6bd3a48596

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
ddac3e04dd14426979786210e150dddf

SHA1
a48460f5680717736763d014bdda2da2cbf9c7f6

SHA256
fe3d59f95158a6e62a2e8a69559bbeb8223fa2b033dca68d9f27dda526fda0a2

SHA512
4e03a22319bfed8549d18e708ab4a13bd672263422f6fc2fb61526bbfbfa0ebdadec5b9a05e152220636cad2dd6f89b73a91e4391350857d6ac441dcc695397e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58df3f.TMP

Filesize
48B

MD5
6d5b1ccd4aae4b32ea193b52e1fd9944

SHA1
f3f427c174108a52274a1fb53758a940003653e2

SHA256
a5160a666b4a98036270e9a32dcb5d2c5e321057e749d12762fc924a56e7bb01

SHA512
0621ee29dbb250ce1cc2bcbd5a2f0ee74b8dceb5fa059934f4cc46e7a99cffc32a15dfbab5eaad7eb62a00a9957f3ce5c0f4e338bf557cce8523e87bdcbc3f1a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log

Filesize
759B

MD5
7d510925ff0abb848787616bd5c4ccb4

SHA1
2a8138590ec0e2c22d3debbdd5b9e694e3e42895

SHA256
14aa92ba96652fa3f22a9552bba9a61c180913f47c56990ed9c4331fbc826082

SHA512
69e4afc943a2c71d44cf37298b21d6fd3cd79d95475c36bee833e8a143615231ee69c5c8ef7da9049899ec45427bb404a3602b69834a7340c618059a6d4f6eff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

Filesize
317B

MD5
c51e6f5d99b973fc77f0003e84fb478f

SHA1
fbebdbb040c2024f0cb37a49a9a16ca097ca4cfb

SHA256
aa19da3c503ac33628211ece0bbb6c83b7d2444c5e69b3ee2edef3744bddbf8d

SHA512
669e0372eaecdf75d8ce797226e7fc8307e0637a6044bddacdc1b334b2643090d2973886259f3e3da9066530d392d4851044fe4a2d5788a1d5bd71666341fe47

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13356196244751875

Filesize
13KB

MD5
83663160314bae4370c0d5cd595df410

SHA1
a433296078fb12cd77d6d321d9af4d5357a83e3c

SHA256
f5f7e6a8abf4928bbffb7559ed431bb6044d46dad894b096008977c226480a37

SHA512
171b5ed3928b6de20d5b3889d2e6b602f3229145590f702510d0dcaf4c281b3926ef34d951a4abe1cb1fe82204ef7316da7b51d250f5321df3b5b15c43aa124c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log

Filesize
112B

MD5
871dc5af6c8416cd0a00b5323e6087ff

SHA1
31ca6ce58359e0263ec78f8deb4eb466971297fe

SHA256
cd2de11bcbffe30d02fc3a6af8af0eb956ecda3d8fa5c02841fb75cc6e1bbbfd

SHA512
db9e2fdb783ad712df34b3c2ea2e474fbde884c073f23262442b244736eb5016a8d8719d8f40a5b1dd09592156df25deb063963cb964d05d3d7b2b0d6a7505c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
345B

MD5
592d0478f4694840cb238f748f1f8bac

SHA1
2e64ec615dd4ae38a583662e3d2639c6c022b81c

SHA256
f7e461e842179ff0af0e163addfed13c86bf69ac9fa8c89f7f685ba2018382ac

SHA512
6c9c8580f3c38a3f81b696fcbb64fe10fb0fbcd0ae141d36433f3bc97312f42e246de8ce87aeffe9a5eb85041ec427fec9ca0c0f9c6297d43fc13d7e31dd3f72

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log

Filesize
8KB

MD5
f5290938df5ff2dcaba2aecc9bbb5a43

SHA1
0b097047c8e49f306fa55b69e7aa23f72f614898

SHA256
c7fb899577e41849895aa9ad06aaf0ce727862c7653c9aec5a2c76549006f6f5

SHA512
c75ceee6b58a438b09a6b25cc871d56ec11e59f71c671713d973414e5f1a0f133ca8d6b411e1cbe856d93fb565ebd1a31fb9f0a373144e69da93a9f6940e511d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
321B

MD5
9098eacbccb16bca0edd9d5761250dc9

SHA1
12ae5b76a3519bbffd565b75bb4cc4ec76219260

SHA256
b8f4a96b7543c53b264e3dcc8965113647be7d837a8f676e5ce5dc68a56c0e0d

SHA512
687ccb1e6cc40752d5a6dc68536ee527af578fd473f857d5aebc835538147695c91f632c51b1c52bbe67edd18be7a14bf6c557c74b54ed37dcb0fb54c0fac26c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

Filesize
128KB

MD5
6d2d44d4e03976db77bb851ad8e7a7e4

SHA1
bb3c46e2aca5e9842de2141ddf594e89dd1b2742

SHA256
3399841a3a9ecc61cbd71785ba15ce5b0ca864ee75509d5ad33f64de8de8beb2

SHA512
feec35866af7dd5e42f37795c3bbfcae8bcf1a76dddf4174f4b13face142a3dc0082082de19f57528831b19d7b47d5bcf20d054e244a7794fc507c1ba39e375f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
7f57c509f12aaae2c269646db7fde6e8

SHA1
969d8c0e3d9140f843f36ccf2974b112ad7afc07

SHA256
1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

SHA512
3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir876_82255689\Shortcuts Menu Icons\Monochrome\0\512.png

Filesize
2KB

MD5
12a429f9782bcff446dc1089b68d44ee

SHA1
e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

SHA256
e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

SHA512
1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log

Filesize
8KB

MD5
3af1f43fb656c9e70452bc75871b6194

SHA1
aa9b14c41eb0238b561dcb4c053b74067a913501

SHA256
54e913ce8f199807f083354d117df534ec1cade80da4f5f7113924f4483f08b9

SHA512
30d4243ee050b89685167d874efabc1b270e1bb2fef39e837e30cdafc1171dc327840d22c697200b435e5ccd8d74eaf6589fb04b459621e9aeca2833a17cdc65

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

Filesize
320B

MD5
e67f3a2040b51680c64a0e82b4177c03

SHA1
a47dfcc98629494d288ad81794701f0252709055

SHA256
74427837ef573973307c198925b6b9ff1aa5c4256ab11d80f96cbfb09ef5e06c

SHA512
ac7f6f0b8dde596b9a51c5da052f592cd97fa75ab1d78598c6c2faffcefcd41020a50897a04cada4254e164c2567fb31d101799e3a59cedc412d6e41f148b7aa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log

Filesize
918B

MD5
11379a47a48ee6f33ee8880811fd8d8c

SHA1
0f5070b74aaa845744a23c37330684e6f99b0ef8

SHA256
cbb3c60584f1073363cab327fea6ae5d00bf80c52baecef603bed612e081020c

SHA512
7514d146c1f47febac9b6f286f3bb7a3e52b139ebd3f1f25666762bd70de5d42a47bc5b269b5d226503b975777c5b5d9b53146078b45b56e55106ab0b0e67bad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

Filesize
338B

MD5
dd846979d40057bfe72dc5bf50b755e8

SHA1
d53e73f8e144ca57e5b348cd6f5bb399672f1b16

SHA256
f218f8b22b6dc3c18c0b4f91d1604ddebb865527f25d8d73ded05417fa600f00

SHA512
0c5a8fc85999abb7059d784db935a8aa590f1a50cd8bfbfcc017ec5b356627ffd3beaabe860bdf4c40b783d8c9a43b022eedc1431d16328898de3ff524e4656d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0

Filesize
44KB

MD5
79f770c811db3ddb6003449f597d6bb1

SHA1
54da5f2b90d12d8bccf507c6a67a50820615f4e0

SHA256
28c9d9a584ad5a232c83f819a223e5a1935aa2b72311738cfb4835c003b600bb

SHA512
84db3a1dfacd47fd03a39674617e13ed146efc3981b6992b34ca185821604309cdc8c5e042a349cc68989aec28b78054adf4dd8d21ec647c3480b2ea4146c245

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1

Filesize
264KB

MD5
0ae32cf23a5207f8196e4fbd5d14691e

SHA1
81699721cba7b7e7347ffb616ecfafb140ad502c

SHA256
bfe704ae3782fb98fc7063bb98b8e395f4423d5663009931df817d90c5250864

SHA512
be261159030d472e5f684f18f2899e8fdf32b02e6f8bc091ca7decdbbd4389e6b6f83e3a946221be1b64f1c1af8dd647907d0f1f2ffcf6ccb0abd523cd118b06

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_3

Filesize
4.0MB

MD5
e191b1ce61df348044b7432797fc01ff

SHA1
2118f8a8a917a731077904a37680e06a104a7585

SHA256
55c4c02c6d1fa84a93fca3712c8ce5d323269ae5e7915943dbed726aab81304a

SHA512
d3a51889abefcd263fcb2aa038af020ee639c4a368d237e70689a6620e70c001400fb70bc6971677cd00ae58508619a8bf4fe2a5d73c26909a9e670768ef74e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000003

Filesize
19KB

MD5
9776cb5c65e3fe76b219b84b0f3b4bd4

SHA1
de3d833fe499f379ff0e1ce7cc88a97b9a68a3e7

SHA256
f474b99ab1a3c5165b5d0b2c491b2dabce5b97c17d2451c3e3a25091f2b3b39a

SHA512
ea412c5687ac0449a28bb95ceed7f463f1a072793df5a987c6c3d33d5ebe3e6e09486b79f7660184a760bc0febc0759a0749af988db0a9ef3223bd53c9652b83

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000004

Filesize
20KB

MD5
728ae1cac1901937bf1bfa697e6564d1

SHA1
41bb5df4bfdfd3eec4a70add93d584ac7b939488

SHA256
9ebacc96204854b34766374e0ca8cb838fec350b72b1b044b6c2c9554db30f34

SHA512
a90cc62a4fa42e6104b7e85c0e515e409cc8cf02faae773f93298e3b966c877eb5b2c15fa17b06d0c254690a2aa5a3af6d6f02e9f9add8456193ec990c8f684a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000005

Filesize
20KB

MD5
53179cfa9bf8486d72444dfca7a0ae82

SHA1
e509dbbb367eda74210e6a3565a7cbcac0d22969

SHA256
0afc9b9f917c36112aec1dfa511cc60a29866de8125ffeddd7da7edb9d3dc53e

SHA512
4db84694ec23bb86e34c422357f7e5cc443abcd9280236c78e11ce102bdfb15b4bf592809b9ee0ce682930f615c440e7bd1aa2191c25f1d588af4a417fe1b9d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000006

Filesize
17KB

MD5
a64d32d35f08881fc241e1a54b1d9c62

SHA1
2543fc5865e2d7458fc24d55e0743b9276598bcd

SHA256
b22fa8fa318db9254464b589950eb3508cd35a798eea2588f03dfc13d663388a

SHA512
cdcef8619607fe1d776fe7f1810cde7119b1e1c601e30c0324884027ecb1f1c243f07d7ab973630a9bc17eee4328fa2853cac86fbf369cf00922220cc8279563

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000007

Filesize
16KB

MD5
ba7dff0949245e64b2bafea2800848a6

SHA1
ef85a9796564b0cd90052f0145e1df12afdf5ce7

SHA256
9c5f811e3fc9c4744b4394128bf57e581cb9f7b17203cefcf8a099b39ee8e9a0

SHA512
bc301036228d59ce8bbeef49837c82146d3012f956a67751b1252efec9c675e5ac7fde7878a6e6218f21d3a6fe4cd4f4a2eb46c4847776cfcb87186e00252d4e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
9eae63c7a967fc314dd311d9f46a45b7

SHA1
caba9c2c93acfe0b9ceb9ab19b992b0fc19c71cf

SHA256
4288925b0cf871c7458c22c46936efb0e903802feb991a0e1803be94ca6c251d

SHA512
bed924bff236bf5b6ce1df1db82e86c935e5830a20d9d24697efd82ca331e30604db8d04b0d692ec8541ec6deb2225bcc7d805b79f2db5726642198ecf6348b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
261KB

MD5
17a85594bd47ff72c247d3c3aee6d7f7

SHA1
a02ca55af2614aaf11aebd84fd12de5f1b83a21a

SHA256
f9312d479b5985019d6f78881c8f988f08afd8e16257b2ec7177db150ce472f8

SHA512
61de704d15cb663ca73d6e8e9b784189a9986457477d38f3f661644c5f575d509e52a6eed36d49c7d15e12903994cc6072eee6a63a227fd18af560a06588421d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
72d01e03a6b710b970d2f6f2f8d456ef

SHA1
3bc82af6f07554f8cc846c1cd6b1c84240ba12e1

SHA256
0e8c90b9eb9a22ec51e94f75c680e1d28bfd822cdbe9d4dd463cdf05227d1064

SHA512
b677ce0a541d41cdbd94371002c98a350ca8d21c4a8cfb1a01a57b668f92be450668080ac46ccf4fbf0c9435680c2d239349362636d4f4a2dc44ee52d7254c80

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
039e241b3bf0e9bad5df7de04fccaa3f

SHA1
3bc08a938383c53bc7b2188b8d38ab2396d0c3c1

SHA256
9fd809cdabad98307d6dfb7b3245488eaaef86b5675554c43a950b3266a48a5f

SHA512
299695e0cecd91381e9079032ac2faf9b4b694ebc82f6ad1c9e997e2d5223f36893d09667c386be251c3f5367e31823183b5a5701cd6a63a3c2955affe20b14a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
107KB

MD5
1051e49d401ef68ac3765f45916e2aae

SHA1
1e2a1c2151d817f19c6aa98373133e7590d1a5ec

SHA256
0c3153838137fc71826f7c87075aefa3327cb5726dc32f5927de6212f39da482

SHA512
9291d03cb7ae1d0cda0ea7adea907edcf383ed192c82e3ce37aca1059e8f3f9f56897d4b8b4382d2dea21392d96cc301dfb0e83a317b48c7ce37d11f77ac6c07

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
105KB

MD5
6e9d9928cb5222067245bbeb891b4ac9

SHA1
77ffa2743846dd7e413f9bd93a85f02d199f33a4

SHA256
f0a282b0f432af55a3564335f752a905d52c624045d5b74e4f751f1c4ccc737a

SHA512
a1ad99cb9494e0dab11593f5e2c5542010b39f6b26c6728cb1228395cba72b7ced04d078a8117c253deba244f3fd1e5e0729ced48b4f08777cedb7a7faeb0dcd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
108KB

MD5
01e769d26df781b2dbe0bb10c7930a8b

SHA1
468056de96382f15f973594848469fe59a9e0dd6

SHA256
21410f06d317d7f392d7b109b8aece15380ed8cdfaccff7c6c7de51980df1ebb

SHA512
c97d0936338c736b22e15386ba191a5ec087f9665319f937e34ce53447c0e62525d985e326ea503b679c6f91b82948b3254bb256bf785273d78c3815b215f69c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
109KB

MD5
fcbc396d72342712a222ad2805e44ee2

SHA1
99f27e0844df6c928c18ceb031e57ea7e3203582

SHA256
6176f07ee6fd9c674c1c06c064332a190746e1642d63c0918f47cd36c09c7594

SHA512
7c0433f62e22abc04bd77579dd3b71d3565ea5765209ccf7f39afcc5fa1b048f58b496a3ea6bb5948bdfd75e422509d0389b20a87937138445b86268f213219b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57c6f9.TMP

Filesize
98KB

MD5
6dcad718af7e1c55cb058bd2c6aded73

SHA1
040f41f36d1cec0524cb532c47482e200c1b0a57

SHA256
668e0f68440d7aabdbd0ec0635d6ddc23e5d8c1ed9237674294faf734ff6e399

SHA512
12ff96e319b808274f38daabcad7b3e08f7e20fbda559d618fc6b3f441040822ade51731bb94a80177cfe428caf1772f910b516e6b78745180bec43cbb4ba648

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
dc80845b3f70a657aebf7377b6bfc744

SHA1
4532c3ed619ee5fa5126190d316a66b47b06cc86

SHA256
6e9be8b94f91087939163b31aef16bf34e73b3f56c91010249889165428a4a08

SHA512
9838ac7263d8cc66cdf17a0793a3fb03a962f74b17722479bb805c273aac9aea8f9217ff5012afd366b1b2424793d83ff87dafa00bc6d980985a6193163f8479

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
85B

MD5
bc6142469cd7dadf107be9ad87ea4753

SHA1
72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c

SHA256
b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557

SHA512
47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 344692.crdownload

Filesize
131KB

MD5
bd65d387482def1fe00b50406f731763

SHA1
d06a2ba2e29228f443f97d1dd3a8da5dd7df5903

SHA256
1ab7375550516d7445c47fd9b551ed864f227401a14ff3f1ff0d70caca3bd997

SHA512
351ecd109c4d49bc822e8ade73a9516c4a531ebcda63546c155e677dcff19708068dc588b2fcf30cad086238e8b206fc5f349d37dda02d3c3a8d9b570d92e4d9

Download Submit
memory/3768-1226-0x0000000002340000-0x0000000002350000-memory.dmp

Filesize
64KB

Download
memory/3768-1218-0x0000000002340000-0x0000000002350000-memory.dmp

Filesize
64KB

Download
memory/3768-1196-0x00007FFF188F0000-0x00007FFF192DC000-memory.dmp

Filesize
9.9MB

Download
memory/3768-1198-0x00007FFF188F0000-0x00007FFF192DC000-memory.dmp

Filesize
9.9MB

Download
memory/3768-1195-0x0000000000290000-0x00000000002B0000-memory.dmp

Filesize
128KB

Download
memory/3768-1197-0x0000000002340000-0x0000000002350000-memory.dmp

Filesize
64KB

Download
memory/3768-1251-0x0000000002340000-0x0000000002350000-memory.dmp

Filesize
64KB

Download
memory/3768-1254-0x0000000002340000-0x0000000002350000-memory.dmp

Filesize
64KB

Download
memory/3768-1296-0x0000000002340000-0x0000000002350000-memory.dmp

Filesize
64KB

Download
memory/3768-1199-0x0000000002340000-0x0000000002350000-memory.dmp

Filesize
64KB

Download