hxxps://outplay[.]document360[.]com/clk/5954457A595759744E57393562586774654456714E513D3D

Analysis

max time kernel
53s
max time network
64s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
04/04/2024, 16:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://outplay.document360.com/clk/5954457A595759744E57393562586774654456714E513D3D

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133567205303208178"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-513485977-2495024337-1260977654-1000\{DA5E117D-B28D-4AAB-AE57-D84F845F93A0}	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3856	chrome.exe
3856	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: 33	4436	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	4436	AUDIODG.EXE
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe
Token: SeShutdownPrivilege	3856	chrome.exe
Token: SeCreatePagefilePrivilege	3856	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe
3856	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3856 wrote to memory of 60	3856	chrome.exe	85
PID 3856 wrote to memory of 60	3856	chrome.exe	85
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 3480	3856	chrome.exe	89
PID 3856 wrote to memory of 2312	3856	chrome.exe	90
PID 3856 wrote to memory of 2312	3856	chrome.exe	90
PID 3856 wrote to memory of 4668	3856	chrome.exe	91
PID 3856 wrote to memory of 4668	3856	chrome.exe	91
PID 3856 wrote to memory of 4668	3856	chrome.exe	91
PID 3856 wrote to memory of 4668	3856	chrome.exe	91
PID 3856 wrote to memory of 4668	3856	chrome.exe	91
PID 3856 wrote to memory of 4668	3856	chrome.exe	91
PID 3856 wrote to memory of 4668	3856	chrome.exe	91
PID 3856 wrote to memory of 4668	3856	chrome.exe	91
PID 3856 wrote to memory of 4668	3856	chrome.exe	91
PID 3856 wrote to memory of 4668	3856	chrome.exe	91
PID 3856 wrote to memory of 4668	3856	chrome.exe	91
PID 3856 wrote to memory of 4668	3856	chrome.exe	91
PID 3856 wrote to memory of 4668	3856	chrome.exe	91
PID 3856 wrote to memory of 4668	3856	chrome.exe	91
PID 3856 wrote to memory of 4668	3856	chrome.exe	91
PID 3856 wrote to memory of 4668	3856	chrome.exe	91
PID 3856 wrote to memory of 4668	3856	chrome.exe	91
PID 3856 wrote to memory of 4668	3856	chrome.exe	91
PID 3856 wrote to memory of 4668	3856	chrome.exe	91
PID 3856 wrote to memory of 4668	3856	chrome.exe	91
PID 3856 wrote to memory of 4668	3856	chrome.exe	91
PID 3856 wrote to memory of 4668	3856	chrome.exe	91

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://outplay.document360.com/clk/5954457A595759744E57393562586774654456714E513D3D
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff2edc9758,0x7fff2edc9768,0x7fff2edc9778
  2⤵
  PID:60
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1640 --field-trial-handle=1888,i,7450739483453552266,4029062004661764240,131072 /prefetch:2
  2⤵
  PID:3480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2008 --field-trial-handle=1888,i,7450739483453552266,4029062004661764240,131072 /prefetch:8
  2⤵
  PID:2312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2228 --field-trial-handle=1888,i,7450739483453552266,4029062004661764240,131072 /prefetch:8
  2⤵
  PID:4668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3160 --field-trial-handle=1888,i,7450739483453552266,4029062004661764240,131072 /prefetch:1
  2⤵
  PID:4848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3184 --field-trial-handle=1888,i,7450739483453552266,4029062004661764240,131072 /prefetch:1
  2⤵
  PID:2388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3748 --field-trial-handle=1888,i,7450739483453552266,4029062004661764240,131072 /prefetch:1
  2⤵
  PID:1980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4892 --field-trial-handle=1888,i,7450739483453552266,4029062004661764240,131072 /prefetch:1
  2⤵
  PID:1008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5092 --field-trial-handle=1888,i,7450739483453552266,4029062004661764240,131072 /prefetch:8
  2⤵
  PID:4800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5148 --field-trial-handle=1888,i,7450739483453552266,4029062004661764240,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:2508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5924 --field-trial-handle=1888,i,7450739483453552266,4029062004661764240,131072 /prefetch:8
  2⤵
  PID:1780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5312 --field-trial-handle=1888,i,7450739483453552266,4029062004661764240,131072 /prefetch:8
  2⤵
  PID:4988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5928 --field-trial-handle=1888,i,7450739483453552266,4029062004661764240,131072 /prefetch:1
  2⤵
  PID:3812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5496 --field-trial-handle=1888,i,7450739483453552266,4029062004661764240,131072 /prefetch:1
  2⤵
  PID:3816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=908 --field-trial-handle=1888,i,7450739483453552266,4029062004661764240,131072 /prefetch:8
  2⤵
  PID:3748

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4560

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x510 0x300
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4436

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
47KB

MD5
045937268a2acced894a9996af39f816

SHA1
dfbdbd744565fdc5722a2e5a96a55c881b659ed4

SHA256
cc05f08525e5eaf762d1c1c66bef78dec5f3517cf6f7e86e89368c6d4a1ef0cf

SHA512
71a025a421384ed1e88d0c5ffadc6450a9e1efd827fe929f5ef447d2901cd87572fccf13dfa8b2706c9fab8160163e3a0c80bfe1ab49d63ffbbcb0e4e591a84f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

Filesize
216KB

MD5
18cf4f18920eb32bd1479f14659926e4

SHA1
82e1a5bc11e746d4342fbd4f71e9daae69edb7cb

SHA256
98cd83c29ea288adcfca8d9b320167bde3ef9e4aeeb98b436d35afd3117bd502

SHA512
01e667dca902ec3cb34a5515957ce5fcc3cdc1538bc9bd708294d8bdccf63fa87a7ca334abbe6e3b8a90e80bc58fd17b50a90d7b3c36deb04d5e7416532bba34

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
528B

MD5
b056109cbc452f79aed2dd2871fff02b

SHA1
bcffd3670a4dd387af92321adeb6a0e2a6833ed7

SHA256
33db9ae541c640ae19c274588f9be3d79f9dbdb489ba82b8f68a4102acd6b462

SHA512
ef27ddbef45e985990677d4655397d5dc48ac033a074a7b6169dbc29043fbf7e5874029b2d45c4d3fa439080aa7ed619eb95eb65e539d4783bacbe9db7abb45a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
e0517bd9f053f0d5cd753bbf9ef13eb1

SHA1
cb1a2611cc0182bceaf76375daf7f268d41b4580

SHA256
e585136e0e7226f6ab78da3ff61ff8d01725a4028e979d59a21516e7f44deec0

SHA512
a3e300f28de32fabd663a03f1fb06e2bb58cce168b05c25bb465fd7f87214a9b3e8dbfef2dd0ad85ec5fdb6342c789fe4965449effffd7ac3e585ade7d189668

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
f3cf48e770c480b839ce57fd2bff086b

SHA1
ad06639b7a8f11ce630459e5f457a04cdfd35b5a

SHA256
0fc3f0bf7d2d571ecd6e3f2d4d035061ea27a569ff6cfe3e8755e1579c0ab852

SHA512
5aa09978cafd9024cf6df5576da33916f86aee2a33f72840e1e57c51d75a6bc2eb805fc785d3e177546693e1d3542bba9922b4492358d90bad542be40d35a2a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
421d8f8af92a9df025fc3f8b4ab1ef50

SHA1
f95b1c1208c5e35dac2c64836d0bd0ecaff2b23f

SHA256
ef3e92acb9ca4ea2848f2d667885884311b0202797d815079a7e120e6452753a

SHA512
80f14c8f400f6bcf61f0913aade584cb1b96caf6eb56edd175a3a577a0dbeba7efad382babf5bb686050d9506bc4a6b002461510872798c27b7a403368f12ae9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
282764df18cf7c59049657544558b030

SHA1
f27d3a647fb5a8abd813caa9827cac386657acd3

SHA256
763a52bd0c934c8d54e416d8eda5aa407cc70dcce33a1d5fa7fb0f6aeaa63911

SHA512
f67e2978d95fe0b0f00734ed4309d7901c73eb9ae683fe8c0d8e990da747e7b1062a466f1f6ce2cf31b7b6f7d4a27f29eedbeb692e1954121c4c223f77b6ce88

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
bc68eea711f7d23b7e571495891b6aa1

SHA1
843d672804d9f1fea4c5e5dc516d3c862ae3b9df

SHA256
92aac7595f5fe96834a1d49312089669b92c8761bc1eafadae31c4789c4d6fff

SHA512
262bd49a994c08a54f947e45be87b640fe348a7187a7e3acc0279b9b147c3db834b269ce5818fdb147de210b87dbeab30d45f950ad322bc158da32c3a4133bf4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\8f02dc49-1ce3-48e4-b321-00f7078ada21\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\d62925a5-dd54-4378-8d3d-f19f47d74d04\index-dir\the-real-index

Filesize
2KB

MD5
03d84a9583c482686baf4ba5f5d5d322

SHA1
69ed30c10a173a208d0f46f3e17397dbc0bea26d

SHA256
79359eeced24835099cb75c928e482a09a29b8876c176c8a4301afbd39221a53

SHA512
547f5132ea8f5484d7705eabd310e0f6d714b355f3d1dc7d39ac5e0a2f3e9236889eda20ea18b199f22b4fced9a62884980ff448fffaca9472706c3d49c69066

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\d62925a5-dd54-4378-8d3d-f19f47d74d04\index-dir\the-real-index~RFe57cc58.TMP

Filesize
48B

MD5
97e3dd09f5b906993017aeeeca3d90d4

SHA1
414d4e5d7ac9a6a7d9e4fb5aa1d482261f8e48d6

SHA256
2b83268f0dadc4420c83454632465cb92a841c6ad3403512ce6f8b1cfff17cfc

SHA512
8dfed32bb74d97563262eb22baeb01dada3f6585af107153f3e46fc722faad6873f01a048d2737bd87b5b5a8a4e9e24638db320d8ad383f3cbf6c4a9ef6d0f42

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
5c2d430618ed8aaae86c5f0041fd31af

SHA1
2ae3ffc404cf282b0afa64f5fa86d95eca7f4ee3

SHA256
9153ad89d2bc2993d2d5fea6769ee9963499acf4090e6ff9c688fa5c2ee7c99d

SHA512
d52cd08614e2d351d6e567c167dd598e115584b6e7f775881af60425b334e5d637d200856662f10c2830bd41796e9e2035ca9b642cc45e02925ee309afdd71f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
63151ee1e55caef7535e6e4ecb31dc46

SHA1
c700e4f3b3a6eec37b1962b461473dd2e0668def

SHA256
ee4e0efd31b2fc2babeeeb8dad8251babd556bd600214a71e2d19905736205f8

SHA512
cd88cea9894fcd9d4c849fb0e79beea4afd565b85d1a6bae03351de41a138836d34c332f7bdc647f7f5cda108a0d77235b86b5e69c9ce241614fa4a6094731bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
de1022c4a208e2ad19bfe47b40d8c68d

SHA1
9a8569b92013cc5e5a823e9cc9705660033d4ee1

SHA256
222704328ee07c46ab9525d133058089103f0abb1a0398cc10a844971a30b76f

SHA512
74e02e2038e524d7f3b5aed9ecff27ab3338a6bc0ea811b3ba25579dae0b022a4f063cc83c2f736c358ab7c5f2a85d728e52372a0b0bdbfb24e9e9f984fcde31

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
178B

MD5
d38d1f7593ebed25ca06f25543d612f6

SHA1
f7e7a5dceea8baf841db91f0c0e278acd6ed8fa6

SHA256
2ebca5b4d89cbc95d776e846532a0f09d7ece3bec72cd176a3eb80260d3b396d

SHA512
9ddc43b2a17d556de06128ad0bdcbcbb1de33e6e112f9e2c23342c4367f314b6a66e221a3f33080a3c201a5027ed0d831911120897ecb28ca1dc244decb37ad6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
187B

MD5
782cb4fc48f7fc337c3a97c292ae4f6a

SHA1
326eedb255c1121569d01b99b4ee835a958be286

SHA256
d50c5999161118e765431d24a75fb665457b98b4226d35777e3b27797833005a

SHA512
6f0f1235aee3039f3956d62b1a9c9e8f81c2956a4207d4788303f657f00bd8a0d675136d39d337d0aa25dd5f5a9f0d7beabce6069ae1293914e5a93c5135ad87

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe576d6f.TMP

Filesize
119B

MD5
a6dbef33110577eda674315ec08f69d0

SHA1
6a4e4d6596fb392003bf349d410104f973579925

SHA256
a3aa409833d7f359a55143629d986bc9ad233ec02065cce43ef814321e8b64ec

SHA512
c78c1a2f684733087ad141cb799676670005e3bc95f4990c262d1efaf777818648ac0e25dd9df951bfa3b8f1a8c1ede8f5872f1269bb40c6862a6c2a3f44179d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
b99b50de982e6381122dd482f8603c49

SHA1
dd2c4fcf17ad68233d2b10f6d3e91ab17a11e792

SHA256
804603f1e1d8a0164c4a6e2655552f25bf22c136745d5b9f6a744f0c9effc9d8

SHA512
eacff2540d2ce8d1939a5a64dd4118fe0c7a5c027ad02bfd6236cab886a5834656e4403877404f61ec7a54559fb127af9737388b78912e655f7e15e5bbd47cba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57bc4b.TMP

Filesize
48B

MD5
c37888d00f966c96798dbea5fd03030e

SHA1
b8fa2bf55317e77d203a649567994d630ffc7e5b

SHA256
d8d6c359fdef34b60019a029ff446f5af56091735d2c66e1283c364d61be1942

SHA512
5f02e98b14baee5f273195193e0b2f5d9d48f9accca01bece3cb7704b74c232870130d65bd994ed5f6e92b6a2c9b176a94d0fcd9a436f0d732d6422e2f902356

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir3856_1000212702\Shortcuts Menu Icons\Monochrome\0\512.png

Filesize
2KB

MD5
12a429f9782bcff446dc1089b68d44ee

SHA1
e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

SHA256
e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

SHA512
1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir3856_1000212702\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
7f57c509f12aaae2c269646db7fde6e8

SHA1
969d8c0e3d9140f843f36ccf2974b112ad7afc07

SHA256
1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

SHA512
3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir3856_349459389\Icons Monochrome\16.png

Filesize
216B

MD5
a4fd4f5953721f7f3a5b4bfd58922efe

SHA1
f3abed41d764efbd26bacf84c42bd8098a14c5cb

SHA256
c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3

SHA512
7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
599065194bacfb8f736569299729c737

SHA1
b29ea36060fe39bb8dbfa25b15c185b2d9f4d9f9

SHA256
1f313b8d7847947e9d03fd9ee505d58f450bef127e37990ddab505c92ed8b160

SHA512
f84ccd52b11e9db796f8f7beab804b0431fac11a440866d9913832128e122c955facfcc50d81ba7e32d9c8cea2eda06f77c8ab472324968706d791a9643f7b47

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
99KB

MD5
3fd4980b2a1793a6b93a96291b509cf6

SHA1
02b10fb8a3d5c28ad5822809048b0dfb83144480

SHA256
615c955217eb2c955c77d168a8f43468fdc54d6c4ef1c12936c7db57909cca4d

SHA512
5d3d08ae5b5ce0a97a1c5e1366c6bef5a057291e2881209bffcc7a4a1e3f72ccf7fc74c5e0592551708b53c7a04e9e735569800d24fcf8fe4056b49d3d2ffd04

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5808f4.TMP

Filesize
97KB

MD5
1a8eb26a61f172a1059870269e844979

SHA1
96fa7e14d038f11fd630cf8f10a5789d64235c5e

SHA256
9128e97cd9b5db4d006c69d3e29a4e8d57a5a9890ccc43caa139f8674df854d0

SHA512
ec7774bcc3c180d1e80ff7b04e1bc21daea418055f9bd13343748400e72e6928f510dd65bd523225db8d38e84119f3587fa87e9b3ec5dd305f28ac0546463d8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit