hxxps://www[.]dailyburn[.]com

Analysis

max time kernel
599s
max time network
599s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
10-04-2024 20:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.dailyburn.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133572549879939452"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3148	chrome.exe
3148	chrome.exe
2848	chrome.exe
2848	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe
Token: SeShutdownPrivilege	3148	chrome.exe
Token: SeCreatePagefilePrivilege	3148	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe
3148	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3148 wrote to memory of 1816	3148	chrome.exe	85
PID 3148 wrote to memory of 1816	3148	chrome.exe	85
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1772	3148	chrome.exe	87
PID 3148 wrote to memory of 1896	3148	chrome.exe	88
PID 3148 wrote to memory of 1896	3148	chrome.exe	88
PID 3148 wrote to memory of 4492	3148	chrome.exe	89
PID 3148 wrote to memory of 4492	3148	chrome.exe	89
PID 3148 wrote to memory of 4492	3148	chrome.exe	89
PID 3148 wrote to memory of 4492	3148	chrome.exe	89
PID 3148 wrote to memory of 4492	3148	chrome.exe	89
PID 3148 wrote to memory of 4492	3148	chrome.exe	89
PID 3148 wrote to memory of 4492	3148	chrome.exe	89
PID 3148 wrote to memory of 4492	3148	chrome.exe	89
PID 3148 wrote to memory of 4492	3148	chrome.exe	89
PID 3148 wrote to memory of 4492	3148	chrome.exe	89
PID 3148 wrote to memory of 4492	3148	chrome.exe	89
PID 3148 wrote to memory of 4492	3148	chrome.exe	89
PID 3148 wrote to memory of 4492	3148	chrome.exe	89
PID 3148 wrote to memory of 4492	3148	chrome.exe	89
PID 3148 wrote to memory of 4492	3148	chrome.exe	89
PID 3148 wrote to memory of 4492	3148	chrome.exe	89
PID 3148 wrote to memory of 4492	3148	chrome.exe	89
PID 3148 wrote to memory of 4492	3148	chrome.exe	89
PID 3148 wrote to memory of 4492	3148	chrome.exe	89
PID 3148 wrote to memory of 4492	3148	chrome.exe	89
PID 3148 wrote to memory of 4492	3148	chrome.exe	89
PID 3148 wrote to memory of 4492	3148	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.dailyburn.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc82ae9758,0x7ffc82ae9768,0x7ffc82ae9778
  2⤵
  PID:1816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1668 --field-trial-handle=1864,i,10312407245477565394,10053534664527810816,131072 /prefetch:2
  2⤵
  PID:1772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1996 --field-trial-handle=1864,i,10312407245477565394,10053534664527810816,131072 /prefetch:8
  2⤵
  PID:1896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2224 --field-trial-handle=1864,i,10312407245477565394,10053534664527810816,131072 /prefetch:8
  2⤵
  PID:4492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2768 --field-trial-handle=1864,i,10312407245477565394,10053534664527810816,131072 /prefetch:1
  2⤵
  PID:1388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2776 --field-trial-handle=1864,i,10312407245477565394,10053534664527810816,131072 /prefetch:1
  2⤵
  PID:4964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4748 --field-trial-handle=1864,i,10312407245477565394,10053534664527810816,131072 /prefetch:1
  2⤵
  PID:3612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4724 --field-trial-handle=1864,i,10312407245477565394,10053534664527810816,131072 /prefetch:8
  2⤵
  PID:224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5904 --field-trial-handle=1864,i,10312407245477565394,10053534664527810816,131072 /prefetch:8
  2⤵
  PID:3720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5592 --field-trial-handle=1864,i,10312407245477565394,10053534664527810816,131072 /prefetch:8
  2⤵
  PID:4216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5512 --field-trial-handle=1864,i,10312407245477565394,10053534664527810816,131072 /prefetch:1
  2⤵
  PID:2388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5472 --field-trial-handle=1864,i,10312407245477565394,10053534664527810816,131072 /prefetch:1
  2⤵
  PID:3652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6104 --field-trial-handle=1864,i,10312407245477565394,10053534664527810816,131072 /prefetch:8
  2⤵
  PID:4448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6108 --field-trial-handle=1864,i,10312407245477565394,10053534664527810816,131072 /prefetch:8
  2⤵
  PID:4004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2880 --field-trial-handle=1864,i,10312407245477565394,10053534664527810816,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2848

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4580

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4e8 0x4e4
1⤵
PID:3584

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
7a65608e5d1dda08d14f12be72311500

SHA1
751b65fc407e8c4f4ad11243446a897723fc6642

SHA256
76b5781df5108da9d03668ed9825e5ce401ada9e9e61bfccb30da46175e56233

SHA512
648bd8023bbe8d168835e3c44b23015bdb082bee0f5c3ef0c82c05179d67e8ddfaf878e78689335e930286c1a8b52a9bbbc826acf1c60dd8c9e3b0ebdbbd27fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
784bee37abb8765a95e0d4d7bde3a6cd

SHA1
5b7103db124190915237f1ced9ed4f426415c543

SHA256
e52e69ac03717b39d68b1e8a509c47d612e1ec9f116e401b7d7b9fffbc4097af

SHA512
06a1175f5299598fc2be99b3f5f17ecce26e5fa7bbd1a9760542377a62e3a9524f53b8151efcdfdab9b5db141b511461f5a90c2d19339ff06daad63fe018e7b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
7ed1aa3146fd7a238b965fd9578428ee

SHA1
30d5c92d4a575280c5f55d1d2e5b432e239c2c2e

SHA256
3c0bc3e062a8158b27ec810e44f73ee48c1f2c0326b42edc31866ea5a5c04983

SHA512
ea46e460368f94ce34c908bbf99c12135050f6cc0bef8c1adfb5bab45794c3a47dcc43c83a781c284a1c361874ed85857dee5cb2d1564adf41f951e7f6afee0b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
962748461903738b77f8491dfbf997d3

SHA1
938de78773245ddd3ee502ff2c17bd181a8943c9

SHA256
63baa0390c38a403589ce47bc34de1f7bbb59f750a716f591eff9fd3440bf584

SHA512
9ee0b2326f26001a83693d4c0ef180c4cc3960c63f349d92f52f645fdeaa223bd5b60d4310e7e5cbf30f6eb68dc5d0a1cce5345aee85dc631abc805d80bc6843

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
b7a3a2b443c8b891176a98ca241fc575

SHA1
7fbd0f9c39be9dde05815ea76067b33464628025

SHA256
5a2766d2c3b8601169253e6f0b364592d56e056db1da41edf199c1fb86ff76b4

SHA512
945d2c23904acb894bda9186380d153919c131212b669c82b9f393b7c28c6522474b4a247f279e830d208fa9cd760c0d9322b300208c158d64a55f74fb4ea6c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
75122c298aefbe5980bb806a79a094e5

SHA1
b987ba359b98500f3f5fbbdcc3299d8324cc607a

SHA256
2fdeb929b0f6b36a54d4cd98ae4bba25e3e4d14f2369ad88d3cf719f3818846c

SHA512
479eaec66c1eed917ed08448e7e7ed01d170c2208e377b4c0bb86a0701189466e37e5524008c92a57ed089a975c4ceab784e2bb1b9ba55421cb5d867e4faf702

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
5ebae7b035ed42abf32c414fd7aef46b

SHA1
fa659dd40e0af7f259203446d46021c8dc55470e

SHA256
b27930cc2952f6cbf1d5ae7c7e7309bcd770cdeefff14945631a0bfdae887bb5

SHA512
f27849fe07a528c46cd2f5b9c1cb2f1b060ea7672db9d724cb9ee1bd0192c7161d170cc19136805ca622031c66fb683ad97d3f3235a2b4d9384f957d50d61136

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
fb6a7c35ff4aac5739b0a17050573bee

SHA1
9fc04d2c3632a866a05386eb064aac795970536b

SHA256
4798734c89666f3decf51357f808ec986f1cf8f36b39b8e5b42a311a7c1b93f6

SHA512
4747a3f362e0cf9feb0c553b4a3f64dc9112394d5b5806a01f4e0a7315f07da212393226d8089c56361e35d059d338c837f5782ecc635a0bbde3a05224ea133f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\29619bddfc5ea6a95414651a168afbb2c0bcd077\index.txt

Filesize
109B

MD5
8e22d3b2c689e1d528b07723b43d16b5

SHA1
765bba8dcce3c63d729bf349033df6f229e882da

SHA256
7769219f5cf1d0c64a9c71ea7660340fec915fa9715364176f7ad04027222cd4

SHA512
3e4f691398dfb335ed85357f03cbee9ce29ef0849b4eeee7e035121ce9007718d3fa9e7a335bf2fbcf0ecfff8ddfeaaba17b2d9be24bcda23e22ba9d2019b04e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\29619bddfc5ea6a95414651a168afbb2c0bcd077\index.txt~RFe579616.TMP

Filesize
116B

MD5
6596de63f5354afbd98bb295a4117fc1

SHA1
46c0d33c9f5ef6b9bff72dd6fb38a5b6db13a1df

SHA256
cf7c776aaf5b3f88bff40996ce1bebe4fb9225e54fb1c79f50adcb4c2ca9d82f

SHA512
a28f93c609892ac2ad144f5170918a44cc53ead7de011c763308fc7c3f1a375a29e208e0ffce08129a7aa33f8f5cc0e7a5c615419bed4e52ee72cbb31de05375

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
56abde00ee36ddaadbcf09ce8e8eea69

SHA1
af9b8cc88545868327e82db081eda59d30b84441

SHA256
fe7871dfb448ccf9c040222544a8533ae65deea1efc20a57613fbcb5aa22b677

SHA512
8cf761b52da045945112e219b327aa170dd9f79025fcd00f8d30fb0536638cd7e995be955013fb9efadf185976cd01081cb3eb66f67ce28f78b3c34bc8e61231

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
e33573c38d40c856d7adfbc1de13d827

SHA1
333927bf2a49574fe8f030ad34078c00157f10aa

SHA256
86e8bae444171454fe914a123e6106fddbd68e9365686dc486a5409667a36f90

SHA512
fa07b9741ca2e20b514c5c9302dc303d25128cc8d4afdc0137e33a2d83ba4fc193237b0b2258b5700486ef0a34e0cd4e5855d2139ac41a7200dff9dfeaa1c3d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit