b67042a291ac385fe187641834a55613a4533ed69863ec8d5d50d59274e8609b

Analysis

max time kernel
58s
max time network
122s
platform
windows7_x64
resource
win7-20240319-en
resource tags

arch:x64arch:x86image:win7-20240319-enlocale:en-usos:windows7-x64system
submitted
09/04/2024, 11:41

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

DrakeUI.Framework.dll
Size

1.6MB
MD5

0562b4c97f643306df491a938ae636da
SHA1

0807c37b711374ed4814a9518c9e264517de89a0
SHA256

70e72477f7fe0018e043ce8fe2228a289459058ee41caecd6f05855898bc5b80
SHA512

c969cd274b6bf65a34f1d129b6531616a3485a1f153088609ad2369d380fdec37c3e88a423495912715a26e353dd5498f7f9e73c895e9f3f18fc7d1e65d2ecaf
SSDEEP

24576:nYyUyUxws47SDJ+wfa3ZsacYwzhmT5LOMobxqFFnM9Pv1w+Fus:nYyUyUueD001YwzhmVSMoNqFF

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2740	chrome.exe
2740	chrome.exe

Suspicious use of AdjustPrivilegeToken 46 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2740 wrote to memory of 2928	2740	chrome.exe	29
PID 2740 wrote to memory of 2928	2740	chrome.exe	29
PID 2740 wrote to memory of 2928	2740	chrome.exe	29
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2596	2740	chrome.exe	31
PID 2740 wrote to memory of 2440	2740	chrome.exe	32
PID 2740 wrote to memory of 2440	2740	chrome.exe	32
PID 2740 wrote to memory of 2440	2740	chrome.exe	32
PID 2740 wrote to memory of 2408	2740	chrome.exe	33
PID 2740 wrote to memory of 2408	2740	chrome.exe	33
PID 2740 wrote to memory of 2408	2740	chrome.exe	33
PID 2740 wrote to memory of 2408	2740	chrome.exe	33
PID 2740 wrote to memory of 2408	2740	chrome.exe	33
PID 2740 wrote to memory of 2408	2740	chrome.exe	33
PID 2740 wrote to memory of 2408	2740	chrome.exe	33
PID 2740 wrote to memory of 2408	2740	chrome.exe	33
PID 2740 wrote to memory of 2408	2740	chrome.exe	33
PID 2740 wrote to memory of 2408	2740	chrome.exe	33
PID 2740 wrote to memory of 2408	2740	chrome.exe	33
PID 2740 wrote to memory of 2408	2740	chrome.exe	33
PID 2740 wrote to memory of 2408	2740	chrome.exe	33
PID 2740 wrote to memory of 2408	2740	chrome.exe	33
PID 2740 wrote to memory of 2408	2740	chrome.exe	33
PID 2740 wrote to memory of 2408	2740	chrome.exe	33
PID 2740 wrote to memory of 2408	2740	chrome.exe	33
PID 2740 wrote to memory of 2408	2740	chrome.exe	33
PID 2740 wrote to memory of 2408	2740	chrome.exe	33

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\DrakeUI.Framework.dll,#1
1⤵
PID:2980

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef70b9758,0x7fef70b9768,0x7fef70b9778
  2⤵
  PID:2928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1168 --field-trial-handle=1372,i,9018588864949912830,14380467801274496152,131072 /prefetch:2
  2⤵
  PID:2596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1516 --field-trial-handle=1372,i,9018588864949912830,14380467801274496152,131072 /prefetch:8
  2⤵
  PID:2440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1624 --field-trial-handle=1372,i,9018588864949912830,14380467801274496152,131072 /prefetch:8
  2⤵
  PID:2408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2340 --field-trial-handle=1372,i,9018588864949912830,14380467801274496152,131072 /prefetch:1
  2⤵
  PID:2744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2348 --field-trial-handle=1372,i,9018588864949912830,14380467801274496152,131072 /prefetch:1
  2⤵
  PID:2812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1556 --field-trial-handle=1372,i,9018588864949912830,14380467801274496152,131072 /prefetch:2
  2⤵
  PID:1736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1156 --field-trial-handle=1372,i,9018588864949912830,14380467801274496152,131072 /prefetch:1
  2⤵
  PID:2088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3480 --field-trial-handle=1372,i,9018588864949912830,14380467801274496152,131072 /prefetch:8
  2⤵
  PID:576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3604 --field-trial-handle=1372,i,9018588864949912830,14380467801274496152,131072 /prefetch:8
  2⤵
  PID:1448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3572 --field-trial-handle=1372,i,9018588864949912830,14380467801274496152,131072 /prefetch:8
  2⤵
  PID:1756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3752 --field-trial-handle=1372,i,9018588864949912830,14380467801274496152,131072 /prefetch:1
  2⤵
  PID:328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2744 --field-trial-handle=1372,i,9018588864949912830,14380467801274496152,131072 /prefetch:1
  2⤵
  PID:1596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=2636 --field-trial-handle=1372,i,9018588864949912830,14380467801274496152,131072 /prefetch:8
  2⤵
  PID:628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3732 --field-trial-handle=1372,i,9018588864949912830,14380467801274496152,131072 /prefetch:8
  2⤵
  PID:2040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3772 --field-trial-handle=1372,i,9018588864949912830,14380467801274496152,131072 /prefetch:1
  2⤵
  PID:2808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=4076 --field-trial-handle=1372,i,9018588864949912830,14380467801274496152,131072 /prefetch:1
  2⤵
  PID:1568

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2664

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6ff98f68435d184427b8170af5ca6e93

SHA1
2172bfc88ecce1c4c7c329372c4bd4d7a8f51c10

SHA256
71c3771790e84c76a059d8fa5cefdbbf60e793473923d58deab59ee3557ca2b5

SHA512
bf8cc5e6cc2b816094b6206c5c252aaacdeb0dce72a892d52b86e8033f80082077628f5371de7af555f82001a24755b97c1e891a85f14409307d007c673960ea

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
274a2e9f03ab416c17d5a9023210a4d2

SHA1
9d02cf1bd9b7438313db5a36200b1bad2b433e12

SHA256
3558af17dbc65b902d2459c712a07b6210348070680dcd00a95ba3405abc1763

SHA512
1c02a884f62c7aa06b240598e6032976e232e3d31368832efcb190082f5928528791e18b417df530a070a38d32a0e41fa31b25f36d62cbddc99391670b80f8d6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7de8ced5da52fb0f714adae78b274000

SHA1
23994e4c08aa1a6d74caa7bfed84da982adc5b52

SHA256
1e459ce5f89640db7c99145e7110306ac7be49eef5b1f02f247e22e9f5ec0b76

SHA512
01b97e01e2203651c1d4b6495d02bac5f3a4dd8cb3beaaaef32f2552ce22f43af253a6ea41b96d17ea019d2e20964466e7e88af6a6793ccdc84da3bc4b1968d5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
80a8912d5ffb6327c34aa6eacac11769

SHA1
a58509dc3131c0a45bcdfcd75d2c89480834d14f

SHA256
94c2cab05e1bc0b738846b9f154f81ef88ca96184275262daaa71acca02fe099

SHA512
fa6075eebbb6624ae53fda869da26844e296305a215ed05601beab206a6d2c25ba3ae27965b0edff928c5f31fd9682d0158f2be0dc2a069be51a506e8e41abdb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\195efaba-c677-4c44-9461-95c87ae3a5d1.tmp

Filesize
266KB

MD5
e978f87543bc34876dd435df5b101552

SHA1
de1ba39421aa8270969425777061ea132f9f5c32

SHA256
78cae03d78ce9d19dfd9026deb3f1cb5e1aa014c32cbd272377b0d5cb9fe91a4

SHA512
b585eb5bd67515aa383b25f4081649bb490f77914a3b4211076ad6b5afd4f42fd820aa56756943baa1746ee1e6f16cf858a8c025e062668aae3313b4727369c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\000004.dbtmp

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf770f3d.TMP

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
688B

MD5
2b52d46823e2d344b2885213c914df5d

SHA1
cf5d749f633e557211dee1f621b64af7e718bd78

SHA256
2dd08987cc23567c7424c8c73c69ab68d752081b1c4d8b5a3948e46e91972da0

SHA512
dba56d1cb5adefc306292c9de907647e9357bbe0a9fcd56d26cceedea287095de2fe348628e4440745f15a6d3aedf7cd0af066afb1ff3564628193d3963fb9be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
361B

MD5
19feb169eeb70dfc20eea167b4161ae5

SHA1
847ad07259af9c3d872b3dac4a75dba6125f18ea

SHA256
31618a2a05d0a7c45db02d71ce796b1272206beaf9990e3f326cc182186bbe12

SHA512
f3828cae0d407b8033dbdbe9942e8ddc44c4552d9e9cc6632bfe9f0d3fe455dc1c95518765ab78dccae6e5572595e69cb01dfe5e3fc2d99b45466d4dfb2f22de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
851B

MD5
d6e9c5ca4d4b6a5b33214ab42a322344

SHA1
9723ed84fca0801c101f7475dc6e1e2f14edf33b

SHA256
4d6b448ecd2e35e5a139474b9764f0935ebb28ac1178103bf3b4e34fab4b71f5

SHA512
12286b7305cdf78afee5d24eb5a1a42a7516c9c7638ba6cc2ab9b2fc1b5c916736e240fbe8963e699008f672d3f57ac4d76d667c3824fd940fda89edc3840b00

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
92b33e683159826feff89ab0ef445a29

SHA1
0172af456f68cca3d3bd42c1fbcf47754782dd1b

SHA256
81822c670b068ed36ac7940b259ab99e4b7c225e45ae5b17efc6b2fb370624eb

SHA512
2c2c70ebd8af253dd4f72abf8b7945a17fbf5897705eae971c7f00ee171c8515836be50e960165508858f6a46e4cc7355d1f180217a6f7ad68d4a5f63e1c0760

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
56e6e0644159a73e133a1826445351ad

SHA1
829bb0d464d1ebd327e791c1f0334d4252de9d8c

SHA256
66d05544671b692628c3d24de304db4e28b33cb7efd30f1efbe7b7529c7b1a96

SHA512
265f95bf80710051a43331adc95c70c59515563551dd7330ee0c129a1c151c593527c1027b509d403d31209e78bf292eb0c6682fc9b52f8aa917a2f00e704ee1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
92b105b05aa24846bdc4611016050c24

SHA1
aa8d03db195a7546006516808f71b0d6d66fb037

SHA256
c344272829c37dfd792c4f2166bad0a2a6ba0280684cde324ea20651b416e095

SHA512
6c9dad1e7ab02b8e0755b6eb1ed62ff5e5206f97832049bb82e9cd4b4d5768e2f44882db39f7da6a212cc388b8076703cd41169420b293b884e78d82c48e1c3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
3ef56aee07bc0d728cba9aa9698db372

SHA1
0482acb0eec68e4446960a542a8a23316447c075

SHA256
fbe512b82975f3b5c10422f9f6b689f6aa5f5ed8a7c2e58930de878efe155134

SHA512
8da867184a2aebd9a037209b73464544667ecd9d6b10848895284cfb7685c9d61c98f7dc38f0ebb37a0e5302d8fa9d1eed5538b207cf8c2973923bc6384fe804

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
dbb57b9c5a5352dbd4bb55d2cc414671

SHA1
d7c408173b4dba03a05351d5b0ea47c537034582

SHA256
3bdeb8f530a45f7f017cf6409f93967701553d9116c18f99af63ed9c5f776903

SHA512
2300de01646e8ae8388c33fdf53d34ca45319a436930e36094424a737d7a354e8a5ea1aff02fc32405fd44aa8dc6749b3c46300d27c4f403cb324ae66d2a3c97

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
266KB

MD5
57ddf6816e278a1de69de502c3a367f2

SHA1
b6888e2d00355d3d7ab8a42c213eddc425bb39d5

SHA256
164ce68e3614e28a523001d4bd74daf3095219f2cbd3c64bb177118f750ab3f4

SHA512
0a2e9bf4596404c7092d93405347cf8039cf3cc65c621419601f5f340933df3650728770b658c1504f27b2d6317759042a43f740ba78e547024bb773b50d052a

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar2B4C.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit