Analysis Overview
Threat Level: Known bad
The file https://shrturl.uk/e/78jt7igc8hQm was found to be: Known bad.
Malicious Activity Summary
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Modifies data under HKEY_USERS
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-04-05 21:08
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-04-05 21:08
Reported
2024-04-05 21:11
Platform
win10v2004-20240319-en
Max time kernel
149s
Max time network
151s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133568249244600751" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://shrturl.uk/e/78jt7igc8hQm
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe5c1e9758,0x7ffe5c1e9768,0x7ffe5c1e9778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1716 --field-trial-handle=1896,i,3299544530539159222,17147505025616446441,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1896,i,3299544530539159222,17147505025616446441,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2236 --field-trial-handle=1896,i,3299544530539159222,17147505025616446441,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3020 --field-trial-handle=1896,i,3299544530539159222,17147505025616446441,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3040 --field-trial-handle=1896,i,3299544530539159222,17147505025616446441,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4540 --field-trial-handle=1896,i,3299544530539159222,17147505025616446441,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5672 --field-trial-handle=1896,i,3299544530539159222,17147505025616446441,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4756 --field-trial-handle=1896,i,3299544530539159222,17147505025616446441,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5064 --field-trial-handle=1896,i,3299544530539159222,17147505025616446441,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5116 --field-trial-handle=1896,i,3299544530539159222,17147505025616446441,131072 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4044 --field-trial-handle=2844,i,5640589924128028832,7963280732661142908,262144 --variations-seed-version /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1616 --field-trial-handle=1896,i,3299544530539159222,17147505025616446441,131072 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | shrturl.uk | udp |
| NL | 45.128.232.160:443 | shrturl.uk | tcp |
| US | 8.8.8.8:53 | 20.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | roblox.com.am | udp |
| US | 104.21.88.183:443 | roblox.com.am | tcp |
| US | 104.21.88.183:443 | roblox.com.am | udp |
| US | 8.8.8.8:53 | ncs.roblox.com | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| GB | 128.116.119.4:443 | ncs.roblox.com | tcp |
| US | 104.18.33.170:443 | roblox-api.arkoselabs.com | tcp |
| IT | 108.157.188.81:443 | css.rbxcdn.com | tcp |
| IT | 108.157.188.81:443 | css.rbxcdn.com | tcp |
| IT | 108.157.188.81:443 | css.rbxcdn.com | tcp |
| IT | 108.157.188.81:443 | css.rbxcdn.com | tcp |
| IT | 108.157.188.81:443 | css.rbxcdn.com | tcp |
| IT | 108.157.188.81:443 | css.rbxcdn.com | tcp |
| IT | 108.156.2.102:443 | static.rbxcdn.com | tcp |
| IT | 108.156.2.102:443 | static.rbxcdn.com | tcp |
| IT | 108.139.243.66:443 | js.rbxcdn.com | tcp |
| IT | 108.139.243.66:443 | js.rbxcdn.com | tcp |
| IT | 108.139.243.66:443 | js.rbxcdn.com | tcp |
| IT | 108.139.243.66:443 | js.rbxcdn.com | tcp |
| IT | 108.139.243.66:443 | js.rbxcdn.com | tcp |
| IT | 108.139.243.66:443 | js.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 160.232.128.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.74.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.154.82.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.88.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.119.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.33.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.188.157.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.2.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.243.139.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.189.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 104.18.33.170:443 | roblox-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| US | 8.8.8.8:53 | ssl.google-analytics.com | udp |
| IT | 108.156.2.101:443 | images.rbxcdn.com | tcp |
| IT | 108.156.2.101:443 | images.rbxcdn.com | tcp |
| NL | 128.116.21.4:443 | roblox.com | tcp |
| GB | 104.77.118.114:443 | tr.rbxcdn.com | tcp |
| DE | 172.217.18.8:443 | ssl.google-analytics.com | tcp |
| IT | 108.156.2.101:443 | images.rbxcdn.com | tcp |
| IT | 108.157.188.81:443 | css.rbxcdn.com | tcp |
| NL | 128.116.21.4:443 | roblox.com | tcp |
| GB | 104.77.118.114:443 | tr.rbxcdn.com | tcp |
| IT | 108.156.2.101:443 | images.rbxcdn.com | tcp |
| DE | 172.217.18.8:443 | ssl.google-analytics.com | tcp |
| US | 8.8.8.8:53 | 4.21.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.118.77.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.18.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.2.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.184.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.2.37.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| DE | 142.250.185.234:443 | content-autofill.googleapis.com | tcp |
| IT | 108.156.2.102:443 | static.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | fra2-128-116-123-3.roblox.com | udp |
| US | 8.8.8.8:53 | mia2-128-116-127-3.roblox.com | udp |
| US | 8.8.8.8:53 | dfw2-128-116-95-3.roblox.com | udp |
| US | 8.8.8.8:53 | c0.rbxcdn.com | udp |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | c0ak.rbxcdn.com | udp |
| US | 8.8.8.8:53 | bom1-128-116-104-4.roblox.com | udp |
| US | 8.8.8.8:53 | pulsar.roblox.com | udp |
| US | 8.8.8.8:53 | lga2-128-116-32-3.roblox.com | udp |
| US | 8.8.8.8:53 | ord2-128-116-101-3.roblox.com | udp |
| IT | 18.66.196.49:443 | c0.rbxcdn.com | tcp |
| US | 128.116.95.3:443 | dfw2-128-116-95-3.roblox.com | tcp |
| US | 128.116.127.3:443 | mia2-128-116-127-3.roblox.com | tcp |
| US | 128.116.101.3:443 | ord2-128-116-101-3.roblox.com | tcp |
| PL | 128.116.124.3:443 | pulsar.roblox.com | tcp |
| US | 128.116.32.3:443 | lga2-128-116-32-3.roblox.com | tcp |
| GB | 104.77.160.221:443 | c0ak.rbxcdn.com | tcp |
| IN | 128.116.104.4:443 | bom1-128-116-104-4.roblox.com | tcp |
| DE | 128.116.123.3:443 | fra2-128-116-123-3.roblox.com | tcp |
| US | 3.136.45.205:443 | tcp | |
| US | 128.116.127.3:443 | mia2-128-116-127-3.roblox.com | tcp |
| US | 3.136.45.205:443 | tcp | |
| IN | 128.116.104.4:443 | bom1-128-116-104-4.roblox.com | tcp |
| US | 8.8.8.8:53 | 234.185.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.196.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.160.77.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.124.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.123.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.95.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.32.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.101.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.127.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.45.136.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.104.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| GB | 128.116.119.3:443 | ecsv2.roblox.com | tcp |
| US | 8.8.8.8:53 | 3.119.116.128.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| NL | 128.116.21.4:443 | roblox.com | udp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| GB | 128.116.119.4:443 | metrics.roblox.com | tcp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| US | 8.8.8.8:53 | aws-us-east-1c-lms.rbx.com | udp |
| US | 8.8.8.8:53 | nrt1-128-116-120-3.roblox.com | udp |
| US | 8.8.8.8:53 | mia4-128-116-45-3.roblox.com | udp |
| US | 8.8.8.8:53 | lhr2-128-116-119-3.roblox.com | udp |
| US | 8.8.8.8:53 | aws-us-east-1a-lms.rbx.com | udp |
| US | 8.8.8.8:53 | cdg1-128-116-122-3.roblox.com | udp |
| US | 8.8.8.8:53 | ams2-128-116-21-3.roblox.com | udp |
| US | 8.8.8.8:53 | aws-us-west-1c-lms.rbx.com | udp |
| US | 8.8.8.8:53 | iad4-128-116-102-3.roblox.com | udp |
| JP | 128.116.120.3:443 | nrt1-128-116-120-3.roblox.com | tcp |
| US | 54.209.80.119:443 | aws-us-east-1c-lms.rbx.com | tcp |
| US | 128.116.45.3:443 | mia4-128-116-45-3.roblox.com | tcp |
| GB | 128.116.119.3:443 | lhr2-128-116-119-3.roblox.com | tcp |
| FR | 128.116.122.3:443 | cdg1-128-116-122-3.roblox.com | tcp |
| US | 54.241.163.36:443 | aws-us-west-1c-lms.rbx.com | tcp |
| US | 34.202.93.224:443 | aws-us-east-1a-lms.rbx.com | tcp |
| US | 128.116.102.3:443 | iad4-128-116-102-3.roblox.com | tcp |
| NL | 128.116.21.3:443 | ams2-128-116-21-3.roblox.com | tcp |
| JP | 128.116.120.3:443 | nrt1-128-116-120-3.roblox.com | tcp |
| US | 8.8.8.8:53 | 3.122.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.21.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.80.209.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.93.202.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.102.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.45.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.163.241.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.120.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 13.107.246.64:443 | tcp | |
| US | 8.8.8.8:53 | 131.186.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.65.42.20.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 44f8f6ca209532e27ea5ce3c6dd093e1 |
| SHA1 | 680d6ce7eccd08b808c547a4cd018b15ba40923a |
| SHA256 | 52f1156c03cee40bade85a9da5e748541152441d1218a0b2684b3acc76726f39 |
| SHA512 | 4f2b27ae5d640e01558efa8a9963bbf5df0889fcc13a329ff344163aeca3a05ba8d9c0858140b7dcdd26f3c9b8b811cc42263c0c8d5f0711951e7ae1ab2e3d31 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
| MD5 | 55540a230bdab55187a841cfe1aa1545 |
| SHA1 | 363e4734f757bdeb89868efe94907774a327695e |
| SHA256 | d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb |
| SHA512 | c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | e03ba35fefe3af5a996bbc4cf5c9fe2c |
| SHA1 | 89abab450469abda3e8c8d4388cffd929ceeffd2 |
| SHA256 | 664d73416571dcd45eaf82a67d31767d3333a452fc88b2da0ea166b5d68ee529 |
| SHA512 | a04ec424c1fcb62edcc1772a78a97eee6dec68d796c5fc7fb1e7b2c4566adc1faa36d92dc07d928dc25e83605859e429f4d6484bf24a5d0578d15960579240fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dd2efb1911367e4307a9df85a3eaa252 |
| SHA1 | 4bae5af9f585718f26f50ed3efe8f1272a05903f |
| SHA256 | 88d4354ba7e4969dd17d95a7191fafd8889f36d5c905debcf9d4164e2c8613eb |
| SHA512 | d51b8c5cf877995a8ade6eff66cc9dead7894a06425b8c72a6dd272f59eff9157150ad239f6e515ba1b71b2ac2e91284e532bd4a39d43e7b9a5ff4aec05a33f5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7bace98421cc5e03b53c20610f53c6f4 |
| SHA1 | 6a7f96ba691eb273def155f756a634182998afd0 |
| SHA256 | c04eeac0cca050320e53e3c6f9479397109716416f2b567cae48a4558a916694 |
| SHA512 | f5d511eac7daa659f47bce924b44d3212c70a3c5365eb79a931ff6fc4af9b8355b9944f6e428c4efd17dfdf78a6b39ef5aca950b3185767ff7ec8fa84d8392f5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 747f96394d13a6888a5ba3ab684758b0 |
| SHA1 | 4ab293667adb0e09badb89e16364ebedaa33f73b |
| SHA256 | 9bdc61ceddeb97049da3dade80a876e3ca9c2e5c60841c7043fc702527d8866f |
| SHA512 | 577b7a05399802eb6bd19426d975fa2babfe2eb700dd10d4f963fa24bfd639f82778d4d68be9f995208cf486ec12d12d09bc8bbff9c1007c2b564da99f28b4ea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a3df687a4d3aad7f581dcefb5098e4ff |
| SHA1 | 02af392f7c8c78bff0aab263e227e693c1ee62fe |
| SHA256 | 9a43766bb6df6ada4cb91d32b3a0c9f58e2e580f334720cccf6236d635037e14 |
| SHA512 | afc65375a55e57cb21d043845b1fce3c6af47a2f84b8c611204d6cbaff47a1ee3f4b15bf41d09da61b420d40146dcd853a456cb7b307f8e1c7ce39e100f3f242 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012
| MD5 | 21af9bc981d404957c6344aaff4b3e28 |
| SHA1 | e5569bc0876884ded0d9594432cc261effc66d47 |
| SHA256 | e9515acb1b0c8f7c1008358ed424d6563cae681f0e87c53547d0cb7b9f51b051 |
| SHA512 | fb42427a114a3cb5739c30f6235c4fe3102876b2063772665c82ecce483955d357dead930e6da185f2b27fb0e72b9837ee272c3271efa5b7e80f98edf4cfaae8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021
| MD5 | 588ee33c26fe83cb97ca65e3c66b2e87 |
| SHA1 | 842429b803132c3e7827af42fe4dc7a66e736b37 |
| SHA256 | bbc4044fe46acd7ab69d8a4e3db46e7e3ca713b05fa8ecb096ebe9e133bba760 |
| SHA512 | 6f7500b12fc7a9f57c00711af2bc8a7c62973f9a8e37012b88a0726d06063add02077420bc280e7163302d5f3a005ac8796aee97042c40954144d84c26adbd04 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 003b6bcc5e52e75e600a56388ba7921b |
| SHA1 | b2baf151aa567138d482f6ab98cf64f1ece7c09c |
| SHA256 | a57f253a998d49a8a084ae01bbf9e7386c2bc37fddb7e372035de59a9dc64a1a |
| SHA512 | 6eaffc74d8c38c287aa14aedfe49a194e90c88bb9fd8e33c87cd595c93f71744d287d3bf94d312f7002c1943bccc8fd2f0556e03eef7fdb1ff7ce3e81e9f12b9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f495ca90356513524d7974df2be381c7 |
| SHA1 | c5a5dbd11dd2f2e2aefe0b0ce2b316389f5ab14c |
| SHA256 | e9d4ddb21ec441141a4fe02af78a6ab96e8f94f54c55910afa156553b5a0cd60 |
| SHA512 | 91b56ddc512e47ee294b572f50593cedf270f9a111066c8931d71b2c28f0ba0d34a4ea0b3c7b9174ef92f1534e9f7b08242ae87758fc0c2be116cd880b798b38 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e4cbc657c6f764e1f115caa1f2e7041b |
| SHA1 | dd1e3c07bdfc1499114d28c0df9008e7a7bec9d9 |
| SHA256 | f5a80e371b37bc6853790b7e50c8ad271d344387f819cf3656129f772cb739d5 |
| SHA512 | 1641b8e0babf0e805d4140f15c07a780c5f1786151a846a1e55137b616f037256799469d21e6310607c470c0869b3edb26c627f1ac442ed117016da5212a16ed |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8b28ba2f0409a6ab7d97e925945b4f77 |
| SHA1 | 957cfab45e43bc19c0ec88e9a0c5382294d93acb |
| SHA256 | 009885b1d380f126963751e1dc2ae41110d7144ea35f52a0d276195d3c01ffe4 |
| SHA512 | edc9b18251d37d43baa1760ad61af003d541de93a3b93019482417a10831c4a3dd85e3dce68e6ab528b254e73af7b903d83c260b4d3e08a71323526fd32ca2b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b4e82593989d510a060b3c2ac5036bec |
| SHA1 | ab2ea75c538c28ae85a18127c4f9d5f440a8fe6a |
| SHA256 | dbe1e9b46d48eadfee5f7267b432f83d2fe0505591c69b4872192bb76ffe780a |
| SHA512 | 517a5db28a6ca72edb8c41a6888192a57559177acf5c86e1fc8761b7c1a30beb526624419ec1d1a7699da5c8592fc7ce125925e1faad02f8b879c43d93a09879 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | d461d6c472751cf3e55ac51ab9f9db68 |
| SHA1 | 05c2a226107d42d6b822987cabd0c1d202d2474d |
| SHA256 | 5b3fdfbf83e5952a47fa3d672ad04d048f5bc9b28fe6261654c0f041f4ade7a7 |
| SHA512 | b2cc897253854d04663596379c0aa1c8980ae83e05b7fb6e3670d744fc1dc94c904cf809d35cf6bba930c22b246f83638085889039e91dcc68480313c01e6830 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 673daf3941e52475c09f6fdaffe475fd |
| SHA1 | 4e142998fd96d3b70381cb69c46ba02442f25b68 |
| SHA256 | 7c4afcbc8e1d686ae9d78baa2b9e5ae435d82a84f5f711fd1dfdcdde29a8b38a |
| SHA512 | 6c25083c9039fd041e15336bdaa7ceef29a3533d364a07abf7f473144866ac33cbece07e5f7db56b01beb76febb5a8526e42cf3b91789417525fdd66ee91eec8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | ec9037236f24eb403ba9d624fa832f7c |
| SHA1 | 7f14102120df4408a990b90d07b303627b0f8509 |
| SHA256 | 42b58ebd0df20ac0af16af9fed248fcd0de2142ad0fa57a2c38538deb047e4d5 |
| SHA512 | 20977fcd47e1582786798a1136c2b6afa1ea8f8f29f7366b7eeb14e8f3dcf9f665b15dc9e397440901c1206391c0165dc4b586181fc61a5606255eb34a7e0c65 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 984ab25ec7a8bcb495685b17a8c84cea |
| SHA1 | 988bd7516bc1e1d895e4bc4fd838a8d555d1c458 |
| SHA256 | 5534afec16dc245d88665c4a9c974b023b82ea4ebe234e0b7e3c146ae70c64a2 |
| SHA512 | ba9496b2e6190728294f4b55fb11789a42636cbdf010648bc05f12f5b3418a8c1b9fe7b9113fc93c154ebdfef1b473df128fdc35c2507e815aee8c5952294ad7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | d60982e370c111d1602b282c8c1a71cb |
| SHA1 | 445c3e177c81632d5f9c5648f7d0c6cf46def416 |
| SHA256 | 5bfe24f57f69b9586f3010bf4834da2c2477fa331a6417e8a67d973314d10392 |
| SHA512 | 78c3dc7bbfc6847b16f6c54d3b5534338675655241df57e710b2c3b0b3d32fb538a6082489e3334bd2ce1546913637d188c5553cf26c9f09530517602981acf0 |