dbda6c3fb1a2fcf56a7143ee81c723ed23392a34aea6a94eaea3620004093cf0

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
05/04/2024, 15:24

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

N0T_A_V1RUS.EXE.lnk
Size

1KB
MD5

94794427fef5f13d67d49e1b7a3173cb
SHA1

34fd994cd0c3478b0537b03dab17d2cdbd16a320
SHA256

dbda6c3fb1a2fcf56a7143ee81c723ed23392a34aea6a94eaea3620004093cf0
SHA512

9e3fb3040522661497521645a63591099004c99417d6828c2d746ee342d290f5136b772d4f62443c51e0c345ceb89e3f4c76aba641f9056c30f3dc71753cc8f5

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2516	chrome.exe
2516	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe
Token: SeShutdownPrivilege	2516	chrome.exe

Suspicious use of FindShellTrayWindow 35 IoCs

pid	Process
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe
2516	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2516 wrote to memory of 2004	2516	chrome.exe	30
PID 2516 wrote to memory of 2004	2516	chrome.exe	30
PID 2516 wrote to memory of 2004	2516	chrome.exe	30
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 2748	2516	chrome.exe	32
PID 2516 wrote to memory of 3044	2516	chrome.exe	33
PID 2516 wrote to memory of 3044	2516	chrome.exe	33
PID 2516 wrote to memory of 3044	2516	chrome.exe	33
PID 2516 wrote to memory of 2460	2516	chrome.exe	34
PID 2516 wrote to memory of 2460	2516	chrome.exe	34
PID 2516 wrote to memory of 2460	2516	chrome.exe	34
PID 2516 wrote to memory of 2460	2516	chrome.exe	34
PID 2516 wrote to memory of 2460	2516	chrome.exe	34
PID 2516 wrote to memory of 2460	2516	chrome.exe	34
PID 2516 wrote to memory of 2460	2516	chrome.exe	34
PID 2516 wrote to memory of 2460	2516	chrome.exe	34
PID 2516 wrote to memory of 2460	2516	chrome.exe	34
PID 2516 wrote to memory of 2460	2516	chrome.exe	34
PID 2516 wrote to memory of 2460	2516	chrome.exe	34
PID 2516 wrote to memory of 2460	2516	chrome.exe	34
PID 2516 wrote to memory of 2460	2516	chrome.exe	34
PID 2516 wrote to memory of 2460	2516	chrome.exe	34
PID 2516 wrote to memory of 2460	2516	chrome.exe	34
PID 2516 wrote to memory of 2460	2516	chrome.exe	34
PID 2516 wrote to memory of 2460	2516	chrome.exe	34
PID 2516 wrote to memory of 2460	2516	chrome.exe	34
PID 2516 wrote to memory of 2460	2516	chrome.exe	34

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\N0T_A_V1RUS.EXE.lnk
1⤵
PID:2172

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6339758,0x7fef6339768,0x7fef6339778
  2⤵
  PID:2004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1176 --field-trial-handle=1232,i,8898741914007685472,1136554034240396445,131072 /prefetch:2
  2⤵
  PID:2748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1504 --field-trial-handle=1232,i,8898741914007685472,1136554034240396445,131072 /prefetch:8
  2⤵
  PID:3044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1560 --field-trial-handle=1232,i,8898741914007685472,1136554034240396445,131072 /prefetch:8
  2⤵
  PID:2460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2300 --field-trial-handle=1232,i,8898741914007685472,1136554034240396445,131072 /prefetch:1
  2⤵
  PID:852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2308 --field-trial-handle=1232,i,8898741914007685472,1136554034240396445,131072 /prefetch:1
  2⤵
  PID:2384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1308 --field-trial-handle=1232,i,8898741914007685472,1136554034240396445,131072 /prefetch:2
  2⤵
  PID:992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1424 --field-trial-handle=1232,i,8898741914007685472,1136554034240396445,131072 /prefetch:1
  2⤵
  PID:1464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3208 --field-trial-handle=1232,i,8898741914007685472,1136554034240396445,131072 /prefetch:8
  2⤵
  PID:912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3248 --field-trial-handle=1232,i,8898741914007685472,1136554034240396445,131072 /prefetch:8
  2⤵
  PID:1592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3712 --field-trial-handle=1232,i,8898741914007685472,1136554034240396445,131072 /prefetch:8
  2⤵
  PID:752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3968 --field-trial-handle=1232,i,8898741914007685472,1136554034240396445,131072 /prefetch:1
  2⤵
  PID:2324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2500 --field-trial-handle=1232,i,8898741914007685472,1136554034240396445,131072 /prefetch:1
  2⤵
  PID:2216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=2312 --field-trial-handle=1232,i,8898741914007685472,1136554034240396445,131072 /prefetch:8
  2⤵
  PID:2036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3768 --field-trial-handle=1232,i,8898741914007685472,1136554034240396445,131072 /prefetch:8
  2⤵
  PID:268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3748 --field-trial-handle=1232,i,8898741914007685472,1136554034240396445,131072 /prefetch:8
  2⤵
  PID:1620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=2812 --field-trial-handle=1232,i,8898741914007685472,1136554034240396445,131072 /prefetch:1
  2⤵
  PID:268

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2044

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

Filesize
216KB

MD5
530f5281cb2a808f5d83e29941a25f2b

SHA1
ab22859d6aebd7621602a44b3b39349a8749949e

SHA256
0cd4ee64b33093789d565ef7520f2805685332e104b2ea01750f430e0b699439

SHA512
b226b209d0bbbbd839e3afcd64f246e3d3a9142174b315752d20130c9efc766866e96e628cfe4421817bdf3861d7c81e8a9701ab63a1292e7e997399eab36224

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
47KB

MD5
045937268a2acced894a9996af39f816

SHA1
dfbdbd744565fdc5722a2e5a96a55c881b659ed4

SHA256
cc05f08525e5eaf762d1c1c66bef78dec5f3517cf6f7e86e89368c6d4a1ef0cf

SHA512
71a025a421384ed1e88d0c5ffadc6450a9e1efd827fe929f5ef447d2901cd87572fccf13dfa8b2706c9fab8160163e3a0c80bfe1ab49d63ffbbcb0e4e591a84f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
785KB

MD5
d36a279a33de96214071fd7f70c747d8

SHA1
ceac09f798320386352d961e3b8a1c557361c2eb

SHA256
1b07b593ad68e1a8a0d1b0e3ae27ef5c9d9512f6638bbef8555dd046580b92a7

SHA512
d58b0a54678ceed317222ba60eb1ed34c08e92a44839e83047640294bd79edbb2237962892be029110843de7c9c3bcf8ea6d5d9dabe687027669f27d5fc2ffa4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
32KB

MD5
5416adda2605f64197034c00ba971124

SHA1
f2b3e5949b05bf493a7d846d5f2d157ead8fda23

SHA256
17abe76f8cfd85312b9e957dcce49b26eb2b51b7f55d67ff5cb5008a31861857

SHA512
6f27ec864db9391ce6e3d39277366702ff0c05c28b0b665aba86738877b83d8e3517006bdbe56e4c6136b4dfe243571f9ee2a8b337d2aa6d91598203cb57f53d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
33KB

MD5
d6f27248d0b338a5e9aa64b7969b301d

SHA1
f222d3d95d3b6df50a66b19392501a90ad60c4dc

SHA256
677bede5209907bc7ebb241580d7e5b723477fab974cf86a96bfce1036816b74

SHA512
787512056bd45957c202d13710ae382f3c55480a1c6fc28b1c4e4bbb62aeb2d072c27a1757bd0cbbb1eb185bea0bfd2173b8820ea64f3364072996ef768ad49b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf769c8d.TMP

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
854B

MD5
df526529ab9f3f1bb9c22515ec90fe15

SHA1
41149297edc1de2cffc6b684cae0c75225161ce8

SHA256
650df048f2a57a402b41afa44217e603d2535301326eba2358d3c10b1100c9fb

SHA512
b248bfb1d591517de11c734368e1781b855adc6b145ba3ea74317518b660fa353859d5685a827f492436b3e12785c2dd3fa089249d44f444a9a25be75173b289

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
854B

MD5
63426f1d424ae5c65cecd8eb176adb72

SHA1
c06f91ef3f7022a4faaebae1ccf15f7c28b18d25

SHA256
1f321d4665a147d80a4ccdbba86985b7c68e53c540278cbc86f05e7b27e7d41b

SHA512
34eadec87df49a8c4821ec6b4613dfe38345cd1282ae4b899822711a2c3c94e58f36b3fdd0bbfe8f8dab091c68843bafbe16eb13ce6c6056f1ba3c563bcd3a8d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
20fd60e904addbb2987e8763e1caad50

SHA1
20d2f51413f0bfae2ebf329a54608cb19db4b9b5

SHA256
e138abc126d47ed86b7cc599e098848c56bcae78ac1afbfd5307422204694e42

SHA512
62560e79f9c25e82562bbafad815ef00a69d3ff7ae3c4f6cc317838c99843c1e7068d7ca3bfd3f304d3cab2c8511143407b29227ecaf4427f3ba51fd17fac5ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
aaf92f7d54b090fdf77e5294d589a00a

SHA1
f65ff0a3c59c7fd85121e0615dc3e34e51703c9b

SHA256
39e5401c3574eb12b4a4b1b97008791acdd5b9c99c59f66e89a70c3a8e635aa4

SHA512
52d6265e5f880901fe09c0e3395263f7f668b001cfeb306612d176994737390a68dfbfd8fd4e473443522a7c1ab7ab73da811d281eaf4350c3a91e52a0bb8fb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\481d9da8-8e89-47e7-a177-7e9099b1292e\index-dir\the-real-index

Filesize
2KB

MD5
70d30aac17633b218de9af19fb79f73e

SHA1
3e85ab7dccedf553792bb17eddcf079783c4bb24

SHA256
fdbc504466a7a9b35e74b1eac3351909cc7f8d477bc689f85ac873fe18250517

SHA512
5315f77518e2f080f588749451b4362737a8f0742aa61ebdc56da604f5ebc25c185edd99ec8106a7836f8ed74a7979b4741e983552d34f3a795291913706d092

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\5474e28b-c066-4359-9cfd-2c048b5331fd\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
187B

MD5
bf667ad2067e894b4a48f1a5f2ba2cb3

SHA1
042476a71b305a5de5e762396dd043256679ce10

SHA256
51b418aa02a717ab04ef587eae035c2d45de38acf50be0d7e6fd01284f2e2a59

SHA512
dd3262e11cb7736c6d95819633483da14c6182b7dbfb107b6d97cb23a7f93d40c61142d7c93fd849eb212a5c32310692b482caeeb0648d31db65ce4ce7c0d647

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
a1bcd251e9a0acfc4c7550a9e3062a76

SHA1
6ca86ede6b1207ab84c630d5912c2184ec3f9850

SHA256
59ce8a1372cb983d971c7dc58789ba21baa3132fea7283c22b64d4c3343d9c9e

SHA512
6db5cf6f09e12a30010cf70ea93faedb76a931768d9a042b1fb4c31356885fe6969d39dd122f35163f95454988918b63b8a238e29edef4e464c630916a230bcb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
05d1f55fe5b85548896ccdcfcfa1dc6f

SHA1
126ce6da382a16e62fb4e74932e48ae6805cea1e

SHA256
230f50f0875fb947d068357a34540dd2c43fbbe157baf11eb3f35263bc9efd7c

SHA512
89910f6ee1bf84160ded9c03941938c6fe80e2a61fad54a72ae6356b42743aa1ee68e39147ecb5e7617d8784294a07d6da7e6f10f682bc9285750a346d4075ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
178B

MD5
831710a4538b0dc519f2e37cef3988fe

SHA1
797e96df8bbb4433df463b0acda8d427e80a2fd0

SHA256
35bd669df76ef4b9cd282fbb89d5d4d4cdf8d4be3ddb35a4a1af858ffaf01138

SHA512
063cb39c52a8a1e5eafeffe5ca3a57298b3e6dc838eeca959972156d61d644e99aa23781fba539699292679ef770111edb5da97a9094947cab8f66806cc6e9b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
9d78f42b7da017da8149ff019dfa71fc

SHA1
e31becef726686c9accc29efb1d8baaf9d3dd882

SHA256
91d0029885a262031cdb396280dc179f467ab3a7c98b518d8b906fdc024bae08

SHA512
47c1945d4807d35004eb8ce4aa2cec9ff1d626b1253d8a6e3171a995356962a01158b6be1cea6816a31dd33a376567538e7601fdfa90b77f27d66643581ff38b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
7f57c509f12aaae2c269646db7fde6e8

SHA1
969d8c0e3d9140f843f36ccf2974b112ad7afc07

SHA256
1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

SHA512
3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir2516_1681616782\Shortcuts Menu Icons\0\512.png

Filesize
2KB

MD5
12a429f9782bcff446dc1089b68d44ee

SHA1
e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

SHA256
e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

SHA512
1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
261KB

MD5
c77d4e49365afb4c866be0ed0b8d13db

SHA1
686b89a26081e8346151aca130c80008f60e727b

SHA256
e0e8f7e72d569f08bcab55eb1a08e2b80e85b218a8f14b996f9b4f7145eb0e04

SHA512
10f83293b6cfe666dd6ee9f3303a22d261cb4972d0c3ce69602bf06927a40a023ff34dbbe22a54505aac0b9879083d2780298531038be9c295410c319dce8196

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\f556e988-5a22-41f6-8d67-f3ea81b38fc2.tmp

Filesize
261KB

MD5
dc1da93ecd3726bb6253c76ad1fe0758

SHA1
adf8457608ea414899f224b4bb9e0151b756599f

SHA256
aba373954dce739e03d5538c98949cb7098b59e49fd17228c72a7d722a51c404

SHA512
a7a05bd013fa78e9693332c32778437d8b263996de5abfb9cfcb49681a75258d780cf07b1d68a5072787465147808d6014b49c306fe8620d49a014a51fb37457

Download Submit
memory/2172-26-0x0000000002C00000-0x0000000002C01000-memory.dmp

Filesize
4KB

Download