hxxps://www[.]youtube[.]com/watch?v=wwE7UlWbJHE

Analysis

max time kernel
1799s
max time network
1687s
platform
windows11-21h2_x64
resource
win11-20240221-en
resource tags

arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
submitted
10/04/2024, 12:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.youtube.com/watch?v=wwE7UlWbJHE

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133572274742017152"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4181651180-3163410697-3990547336-1000\{A77CD677-BF3B-4B5F-9201-463AB5CB3EB6}	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3352	chrome.exe
3352	chrome.exe
3276	chrome.exe
3276	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: 33	2384	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	2384	AUDIODG.EXE
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe
Token: SeShutdownPrivilege	3352	chrome.exe
Token: SeCreatePagefilePrivilege	3352	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe
3352	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3352 wrote to memory of 4948	3352	chrome.exe	77
PID 3352 wrote to memory of 4948	3352	chrome.exe	77
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4140	3352	chrome.exe	79
PID 3352 wrote to memory of 4896	3352	chrome.exe	80
PID 3352 wrote to memory of 4896	3352	chrome.exe	80
PID 3352 wrote to memory of 700	3352	chrome.exe	81
PID 3352 wrote to memory of 700	3352	chrome.exe	81
PID 3352 wrote to memory of 700	3352	chrome.exe	81
PID 3352 wrote to memory of 700	3352	chrome.exe	81
PID 3352 wrote to memory of 700	3352	chrome.exe	81
PID 3352 wrote to memory of 700	3352	chrome.exe	81
PID 3352 wrote to memory of 700	3352	chrome.exe	81
PID 3352 wrote to memory of 700	3352	chrome.exe	81
PID 3352 wrote to memory of 700	3352	chrome.exe	81
PID 3352 wrote to memory of 700	3352	chrome.exe	81
PID 3352 wrote to memory of 700	3352	chrome.exe	81
PID 3352 wrote to memory of 700	3352	chrome.exe	81
PID 3352 wrote to memory of 700	3352	chrome.exe	81
PID 3352 wrote to memory of 700	3352	chrome.exe	81
PID 3352 wrote to memory of 700	3352	chrome.exe	81
PID 3352 wrote to memory of 700	3352	chrome.exe	81
PID 3352 wrote to memory of 700	3352	chrome.exe	81
PID 3352 wrote to memory of 700	3352	chrome.exe	81
PID 3352 wrote to memory of 700	3352	chrome.exe	81
PID 3352 wrote to memory of 700	3352	chrome.exe	81
PID 3352 wrote to memory of 700	3352	chrome.exe	81
PID 3352 wrote to memory of 700	3352	chrome.exe	81

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.youtube.com/watch?v=wwE7UlWbJHE
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x104,0x108,0x10c,0xe0,0x110,0x7ffa52619758,0x7ffa52619768,0x7ffa52619778
  2⤵
  PID:4948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=312 --field-trial-handle=1904,i,6321636152387038408,550565189907999118,131072 /prefetch:2
  2⤵
  PID:4140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1884 --field-trial-handle=1904,i,6321636152387038408,550565189907999118,131072 /prefetch:8
  2⤵
  PID:4896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2200 --field-trial-handle=1904,i,6321636152387038408,550565189907999118,131072 /prefetch:8
  2⤵
  PID:700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2900 --field-trial-handle=1904,i,6321636152387038408,550565189907999118,131072 /prefetch:1
  2⤵
  PID:1708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2908 --field-trial-handle=1904,i,6321636152387038408,550565189907999118,131072 /prefetch:1
  2⤵
  PID:4520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4404 --field-trial-handle=1904,i,6321636152387038408,550565189907999118,131072 /prefetch:1
  2⤵
  PID:4684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4412 --field-trial-handle=1904,i,6321636152387038408,550565189907999118,131072 /prefetch:1
  2⤵
  PID:4968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4820 --field-trial-handle=1904,i,6321636152387038408,550565189907999118,131072 /prefetch:8
  2⤵
  PID:4720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5084 --field-trial-handle=1904,i,6321636152387038408,550565189907999118,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5496 --field-trial-handle=1904,i,6321636152387038408,550565189907999118,131072 /prefetch:8
  2⤵
  PID:720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5284 --field-trial-handle=1904,i,6321636152387038408,550565189907999118,131072 /prefetch:8
  2⤵
  PID:3788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5528 --field-trial-handle=1904,i,6321636152387038408,550565189907999118,131072 /prefetch:1
  2⤵
  PID:1992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4960 --field-trial-handle=1904,i,6321636152387038408,550565189907999118,131072 /prefetch:1
  2⤵
  PID:1788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4944 --field-trial-handle=1904,i,6321636152387038408,550565189907999118,131072 /prefetch:8
  2⤵
  PID:460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5768 --field-trial-handle=1904,i,6321636152387038408,550565189907999118,131072 /prefetch:8
  2⤵
  PID:1648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=2552 --field-trial-handle=1904,i,6321636152387038408,550565189907999118,131072 /prefetch:1
  2⤵
  PID:2804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1496 --field-trial-handle=1904,i,6321636152387038408,550565189907999118,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3276

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1416

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004CC 0x00000000000004D4
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2384

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
768B

MD5
383cce5fa8829978be691fcceaf599b2

SHA1
8145bbb4d5860480435a8e9531dadc1059388ca2

SHA256
116cea9ea928ab5ddc03bcaee9a62e0c11917590ff0e439e20b0a4eb416554a6

SHA512
2eec6b54cdf8aac5518428715a1fcac3255f94c5120b19bac8c5c54ad931ea131a5b9ae7cce1b6d223ffe813d8ed4e3c3eb08c1fbb1fe4170d62d538b04b4dd1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
528B

MD5
3e2aecc44e69e06947b167355def7651

SHA1
b865aa844badbcfd52a3e73ecb10d07c89077b9c

SHA256
1ce4f88cfc567a9dbea705ef5e3cf5a7d96d7e22d99ada29ccc5114d6aba617c

SHA512
0cf36edb4ef7489bd21ac13f3cb91b855b38a07131fb0438bb043c97394927c2161da19ee20549d875ec05bbee067ae531dad5afa26c09be6a9dcdb0123f6ca1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
7c7556d3a379d8e3c7ded78690c2b839

SHA1
c13fcd7814f16d115b8e321f6ce80e3e59e34724

SHA256
cac3b1ed12fd9332e7c13ca569f74ecd03415117d48ac7dc12ce96797c1698b0

SHA512
6573d492b0c01658934736403e6f7be16c78fc9b4727deb5d229ef72f1ab74400b5e2c5f806db5a4324b4b700e7159a64e9e3c9ab29aa2558a6d278b0ddbf95a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
3df3565ce5414006a4d5e89f04c8d1e7

SHA1
337e74431285ba3bc128621c133d1a6e41ed6a4b

SHA256
e112161fd9054b6b86a42775d4c1ee7e3b3fb530cb879e446f5f0decf3db16b3

SHA512
30de8612ad470009e4ee2143ca2d5ff50ec8930b87b9b4da1b53bc8c9b875a1d6579db697635e455bf9c05ae48f50d65aec44659594f1b7431ccb411f85490fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
94ae53a487e00d8e2b5b9c9869f04c13

SHA1
b2c7913cb4a3edf8f8a2a850b475fe8dbe13fa18

SHA256
26e43992c88a2cf578ba1f202f660e497ba4452984901f4e5777c69df8b229d4

SHA512
d08d0b5545ffe86cfa8c5a16b67702a34c8d776154ee6db822917fb7cb6ce678e310ea89708c8d9875c28a92bd8705f5a112b7fdae0f461af71ed6878b7c560b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
f5e0dea3fbd2fe01aecbb69637f2dbc4

SHA1
2bc983b076223d3fbf35203545f48e11f5c55efd

SHA256
dc19e1db5a9fdfb28ac1610431a7dd6a10fc0e27d9e84360424ec6fe45d75a0d

SHA512
3e23bcd1b54fd8c3170775b3edbd26cfe94568831aecbf7b5aec300a8ba3116a36c0a9df0936121f51475a8061352714cce4862645abbd4407264371aac5a15a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
5e862162290d51353a2689e50f7c8972

SHA1
a8dfb95c31731a03bea45bc69929c8b523c41d3c

SHA256
b6e16d43356afbeabddfe69770e6bc91350a75a86a3aa5eea677d43d89d503ee

SHA512
464db415237f48465f55eed5cdfb6d32d03c7523ce0ec28b63110bcfc313d563a55ebfffb8aa5cff9f5ebfd22aa317250042e681949473c110d96c7e3ffde214

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
a9ad1e2ef25ac034623c930f29dce436

SHA1
3e9e8ffc64315f1c4ba89c88c3e9897e68515971

SHA256
207c7ab1c37e63b1dd0c31c98545349b77d12b667075c83d7ecc5be94bb00fb8

SHA512
944765ff1b68a59b28e9c294fb0e874b1a9cc1f72b175d95d6dcf36e3ed4ce1be1c3a1ae507092dbc2e8176d7dc54cb3524896c3868f2025c89cb6ffa1aa52b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
957b341963462f04efa2321bf68ec810

SHA1
2e5f77ddc2ce3f514bc3bd2b873ca9b6337411be

SHA256
b008cf0eeedd5b81b01882dbe593f172d9f3505f0e25d5e9faeb20a9493cb0c9

SHA512
f827e6c99f04653afcd476428592744ff841eab7643dbb72b3038636ed9e1fb00535eb21ab29993b6702ca68bfde3c9984b7fcf4fe8176315316651c4e2b2f1c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\e1a4e689-ae13-4386-ab12-0bdf15eae459.tmp

Filesize
3KB

MD5
05b4f6853b94124c61762ae9e2cbed05

SHA1
da76f5d11e055f3dba2e04e4ecf039620c66989b

SHA256
721951230b8340730d20a262030cdb7bf58ebf23345c69f7d3d57fb3688f7f16

SHA512
aa3483264e84ac1f8e00b0e7afae38e0972e10ff76e86eebe8ddd9c1451464ca83efae69a88c5c9a8b1a42f1093cbeb5b5f93a0040c40c47464e5d0e833a7637

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
ca545b24f6de34e5790a0d4bf2cd5d62

SHA1
828eba22de537fe3a039edf0580aad152044a137

SHA256
66a4432d6381f2abd2d63dab43bbc8f9a46cbe26a106ec8d37d77165b8a226d2

SHA512
a806ac74ef1c566f90119e6bbb9f1217faa0efc0f1c9b0ca9d7f707e931563f4b7494834381e11fb1536bcff6d64b3ae1d80e4d9b8769d4c24173b983990fdf0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
705cdd3671692679a5c6e9d3e8b876b4

SHA1
90e49c61af82882de88525d2bf1f03a03c61fb63

SHA256
98d5f31ce28f615e86d9068cdc1c1b6e678f9ec2c1976df75e422dde93e2d871

SHA512
a0ea4bc955d6436ba0dc74117bdb1c29d72710d34c3b9557353dba4a6df75b3756a3d3db4e595d4b49088328ce9250182bf9ddfc314820e9165c0dacf7f95f47

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
fd9aa5aad5220e734e501f060bb3db73

SHA1
29d65aa9fd6100057f193540563ba96664d3510b

SHA256
042560d5c55947ae75002364a87966b6945cfbacbfe44cf22022cd363b295c29

SHA512
f213398d88c6d46d28a15846e69c6b0b36982a60c54d115288587e91513b497eb1a02fd1de945a65284ee2bf1fcc6430a32465ed6e2f60ecaf2b04f70c3e3928

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\b4a86ada-771c-4bfd-8273-cc7056c07b9a\index-dir\the-real-index

Filesize
2KB

MD5
08cb5802994e3aa917d6874419717596

SHA1
125d6f262604c59f6b08fffd43199297fa7f26d7

SHA256
dcba5e69d0f71724fdb9e9d3338ab0215703df5f881eb0f198a07d2d9ae6e858

SHA512
8fe50709bc1225c00fcbb398d39901478f26d4ca9ab73ce52868e1e661568aa3b069270e4a41ff6e1c50958ba4d8cf6e3388e86cbd6f48f9dadd162e090e4a65

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\b4a86ada-771c-4bfd-8273-cc7056c07b9a\index-dir\the-real-index~RFe57bd26.TMP

Filesize
48B

MD5
3a6376f02794166cf78020ae294f1794

SHA1
fe3faca5db56f5bc704aff7fb0c9c51704e47001

SHA256
b44be186eede8a37d1a0d748fa7652df22a996db8efe58c9ce7aa95139eff395

SHA512
ea8e5c9f986ccfbaf1395659dafa3ca6fbee6d550fe26da7dcb815203d5fd1f34073e289c588f99f58e89f98dd634d501fbc1b94c96a36dc706b0073e7b41014

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
69ffc3af1574627b6969540be38ac517

SHA1
f2607926e36ac252adde0eebdc455127a6ffef9f

SHA256
8482dff6f60cbf8dd007dee336008eca2d4507be34ca833ed13d3a762673deca

SHA512
cf94094c2536778bc008d885654c2c53bfe46b7554ec13e0f7e3f077687bd3e150a56b27a15259e54f450a793772579d7c1b8ed8c8f2d2ff10792326ac4ba289

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
76725823801b75a1ccca57f9d2b3459e

SHA1
75a175c4c2d88d0c2e2e7953c657d44aa86f87c4

SHA256
0f168bf8cd83d9d5c8cf17fe4ae773ba09ea6ab6c9f710f8182c827eaec2eacd

SHA512
edcfb9ccd38741e70b11418905c8f64ff2018d0c066009f8ecafd2f400a65c46ac2e2fc6fec4138b20b269f5b4f155765cab24311b32c1dd54c3df67048493c6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
e8e4052eda01e31c27652bb7eb5c2302

SHA1
eaf571cb4ffa895303f00507eb074aaba7207f11

SHA256
3046e2a99aa935d89c39efeca461104bdd821507934ff783bfdb720297f3cfc1

SHA512
209dbb7a8c4271fd22cae8d0368e92daca67b537f22898541924e58cfea0d077fe3c3d4000fe8a16c1c222a698e813e0e64526f30b2774cbad36ba9a86e54fd8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5762c1.TMP

Filesize
119B

MD5
aebcc62f0544d065c43784bcd404405a

SHA1
8516efef928ab95a17ef4e342ad81c7f18a62711

SHA256
715b9bc9baa9f3c32f5079bb161cdd0938fd7d0a803bf99d02f22561ed66ad2c

SHA512
8be58c82d39072727ceaf38d9db246358a61f7d729b4735a3ff28a3ee6abbf0a4984c606c8e056cf89f6def6657f04127bc7e6f538926fe2f148d27040649a01

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
48B

MD5
4ab359c0a2e7c67825d98014c2d44ac1

SHA1
43b4569c325d1e67dd851f468625c91fc35503a2

SHA256
4ce3d85d8104b1844820c534731729a79a5840b0f3a02593e8dbd8891835ddaf

SHA512
b0dc289d6f2a7ada6b2982a164b458fd5905e63708d35553d7ed7f6db16e4d1c79910da5a360cd3c026757d58847afcf404db98b96706f98aeec443a53321f9c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
22f62374011c63ee749e22ffb697de4b

SHA1
1694e1963dfb66639a8f0757d0a9dfc29c781022

SHA256
d8df6129ba4178f6bee810c719f88ea5f4ac55729a1157eef524d278eaa58928

SHA512
ab8df8173a6718c61c1c9f5ade9acf21e08b7c9a2b528dd869001b7c9634827af820513b418e69b519e77f4c618cf8b038192f5d1ae4a7520006cc8f46c25259

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57b14e.TMP

Filesize
48B

MD5
b96b106526d6c8834fc574031413450f

SHA1
890303472a086974a1d94808b6d0ba63f567ff64

SHA256
952bcabf02fed6b9bcd65c808177b194d517659c1ea88356a0a7ae0f40c3065f

SHA512
42c49e00d92eee2893884263e327e5b191ceeb9135410f760f4a9dfedf33c38d2aa9b5669e2712785537200229243bc73f323b62563071d0bdef7f48abdac9b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
7f57c509f12aaae2c269646db7fde6e8

SHA1
969d8c0e3d9140f843f36ccf2974b112ad7afc07

SHA256
1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

SHA512
3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir3352_531667973\Shortcuts Menu Icons\Monochrome\0\512.png

Filesize
2KB

MD5
12a429f9782bcff446dc1089b68d44ee

SHA1
e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

SHA256
e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

SHA512
1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
6b726ca1e047244f577065ba5617c84b

SHA1
32f5ad48db157ed50ccf3ede06421bb3456bc08c

SHA256
4509a5b4c0f18332e6e3f50d3c0b40c31701b3513f06535bfece25213f38af6c

SHA512
f7380e00daf9ecbef621cdc04fa4e4cfdffaa362c602549d341559682ead45f9e148f6bcb9e5d80a4489a97513aef18886f4f28e8fab807b58b93e366f320645

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
27fb7d7fe1df0257d63aaa9a2cd76cf6

SHA1
990d36e7c909df25b2abf83396f3a5a280bd4aec

SHA256
287e8b6c10b6572415753adeac414a53baea2c3e50233938e1d7599dcac4aa7e

SHA512
5b0e632e97da01bf8f081085f807b160472fb05a171474a3166e3c9b46ffde575a3653809f6d1f5d28644637f3694d61eebdc9444d4cf45927917433d7f3b9a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit