hxxps://www[.]youtube[.]com/watch?v=hpGxvmayq20

Resubmissions

12-04-2024 09:38

240412-lmeajshc69 1

12-04-2024 09:17

240412-k82gjacc6t 10

Analysis

max time kernel
70s
max time network
75s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
12-04-2024 09:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.youtube.com/watch?v=hpGxvmayq20

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133573883549661680"	chrome.exe

Modifies registry class 1 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1904519900-954640453-4250331663-1000\{54815819-D340-45BF-AEC5-F829D71C9117}	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

chrome.exe

pid process

2724 chrome.exe
2724 chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 15 IoCs

Processes:

chrome.exe

pid	process
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exeAUDIODG.EXE

description	pid	process
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: 33	4876	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	4876	AUDIODG.EXE
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe
Token: SeShutdownPrivilege	2724	chrome.exe
Token: SeCreatePagefilePrivilege	2724	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

Processes:

chrome.exe

pid	process
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe
2724	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 2724 wrote to memory of 4776	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4776	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 4768	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 3356	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 3356	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 3584	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 3584	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 3584	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 3584	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 3584	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 3584	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 3584	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 3584	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 3584	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 3584	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 3584	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 3584	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 3584	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 3584	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 3584	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 3584	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 3584	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 3584	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 3584	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 3584	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 3584	2724	chrome.exe	chrome.exe
PID 2724 wrote to memory of 3584	2724	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.youtube.com/watch?v=hpGxvmayq20
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2724

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd0ef29758,0x7ffd0ef29768,0x7ffd0ef29778
2⤵
PID:4776

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1708 --field-trial-handle=1904,i,9369972758079770821,3446308175692505754,131072 /prefetch:2
2⤵
PID:4768

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1904,i,9369972758079770821,3446308175692505754,131072 /prefetch:8
2⤵
PID:3356

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2244 --field-trial-handle=1904,i,9369972758079770821,3446308175692505754,131072 /prefetch:8
2⤵
PID:3584

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2864 --field-trial-handle=1904,i,9369972758079770821,3446308175692505754,131072 /prefetch:1
2⤵
PID:4896

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2872 --field-trial-handle=1904,i,9369972758079770821,3446308175692505754,131072 /prefetch:1
2⤵
PID:5060

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4556 --field-trial-handle=1904,i,9369972758079770821,3446308175692505754,131072 /prefetch:1
2⤵
PID:4276

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3076 --field-trial-handle=1904,i,9369972758079770821,3446308175692505754,131072 /prefetch:1
2⤵
PID:3916

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4996 --field-trial-handle=1904,i,9369972758079770821,3446308175692505754,131072 /prefetch:8
2⤵
PID:3116

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3988 --field-trial-handle=1904,i,9369972758079770821,3446308175692505754,131072 /prefetch:8
2⤵
- Modifies registry class
PID:4616

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4648 --field-trial-handle=1904,i,9369972758079770821,3446308175692505754,131072 /prefetch:1
2⤵
PID:1364

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5464 --field-trial-handle=1904,i,9369972758079770821,3446308175692505754,131072 /prefetch:1
2⤵
PID:5428

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6232 --field-trial-handle=1904,i,9369972758079770821,3446308175692505754,131072 /prefetch:8
2⤵
PID:5980

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5768 --field-trial-handle=1904,i,9369972758079770821,3446308175692505754,131072 /prefetch:8
2⤵
PID:3872

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5064 --field-trial-handle=1904,i,9369972758079770821,3446308175692505754,131072 /prefetch:1
2⤵
PID:5220

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=6532 --field-trial-handle=1904,i,9369972758079770821,3446308175692505754,131072 /prefetch:1
2⤵
PID:5640

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=6776 --field-trial-handle=1904,i,9369972758079770821,3446308175692505754,131072 /prefetch:1
2⤵
PID:5936

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=6996 --field-trial-handle=1904,i,9369972758079770821,3446308175692505754,131072 /prefetch:1
2⤵
PID:5496

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=6988 --field-trial-handle=1904,i,9369972758079770821,3446308175692505754,131072 /prefetch:1
2⤵
PID:5828

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5416 --field-trial-handle=1904,i,9369972758079770821,3446308175692505754,131072 /prefetch:1
2⤵
PID:5980

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=6540 --field-trial-handle=1904,i,9369972758079770821,3446308175692505754,131072 /prefetch:1
2⤵
PID:6120

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=1732 --field-trial-handle=1904,i,9369972758079770821,3446308175692505754,131072 /prefetch:1
2⤵
PID:5956

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=6320 --field-trial-handle=1904,i,9369972758079770821,3446308175692505754,131072 /prefetch:1
2⤵
PID:5240

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:432

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x510 0x51c
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4876

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3884 --field-trial-handle=2264,i,7010714054498059916,1862725710331979271,262144 --variations-seed-version /prefetch:8
1⤵
PID:5324

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001
Filesize
47KB

MD5
045937268a2acced894a9996af39f816

SHA1
dfbdbd744565fdc5722a2e5a96a55c881b659ed4

SHA256
cc05f08525e5eaf762d1c1c66bef78dec5f3517cf6f7e86e89368c6d4a1ef0cf

SHA512
71a025a421384ed1e88d0c5ffadc6450a9e1efd827fe929f5ef447d2901cd87572fccf13dfa8b2706c9fab8160163e3a0c80bfe1ab49d63ffbbcb0e4e591a84f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000003
Filesize
217KB

MD5
876a8491f9caeebd660bdd7c9522ea70

SHA1
7acaf6272f9e65ba0b691047184e16d89de10baf

SHA256
e08a8ae9e345c9cb60b7d0d12e47dae88fa3363d9ed44105bd2dd20096d174e9

SHA512
3f2d1297c007ccfd2d81c5b06798d59d4c5a3c6d7ddd69fb846c1a64dfbcf6ec623e62442f74c9e0b8388544154e60590b33381abec1ce26a231dae4c9c8795e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000027
Filesize
198KB

MD5
319e0c36436ee0bf24476acbcc83565c

SHA1
fb2658d5791fe5b37424119557ab8cee30acdc54

SHA256
f6562ea52e056b979d6f52932ae57b7afb04486b10b0ebde22c5b51f502c69d1

SHA512
ad902b9a010cf99bdedba405cad0387890a9ff90a9c91f6a3220cdceec1b08ecb97a326aef01b28d8d0aacb5f2a16f02f673e196bdb69fc68b3f636139059902

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
874B

MD5
e40664a04a41e054e27465f6fc8c704b

SHA1
1f7c8f8049c8ad2630f2c548514a7347170a87ba

SHA256
5b6018d4fbcdf55097cb458069faa5c8187f8367ead904e1865d4f53ad34a4b9

SHA512
b745517f644ef423bbf71bd2ed58bee1a94c5eeb2e1bb063991d6442bdb92e99694881a7e43078ce1a84cb9a6e5b20859cff41ddaac94515000077a63d3c1f41

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
874B

MD5
bda0617c8a52997268fee15e4c10f99c

SHA1
57bbae1ea7cc7b4fdb2fab714c0488f981b5c21d

SHA256
590d459f6ab1abb385aa33d806560e6bee4de3f69b6b2de3efcb3272149d9e89

SHA512
ca0de413b76d4b91f2ed6e13c33d9bc04650903acd5a0466e5265561c2cbe7c48ee8ef1fe69a15721ee58d18af9d1c24f08300a9b5e85a3483912d1bf32c1523

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
052b12810967a154e65d6458017ff078

SHA1
c4bb2e4002dcc44ef4cbc3993c92f00dbc6f8fec

SHA256
1235cd42e23054e92ba317dcb9578a466c163926827dd7e4f61103b4aa4d228d

SHA512
55cfc6c2885266c4f6953319bd3443f88d08959bc47bce598034ed4e0923b7115d66a471008af8eee14652143f802eecb88b8cbe2a667c40039345058f1c1d48

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
c1ddd90c5c6a3777e53936d653a15515

SHA1
4e450783d7d97405582194533145e5b770df3a0d

SHA256
c2d2214389b461be085b6fd6179571900bb748e328703c2c433fc9095ec93311

SHA512
cde64f99c9d324b9abbb9706fa2090f8d032014235447a76add6dfa61e5c4e291e4ed1a211fcfdb086945c2f4e4d0ac4cb7ab82cadb11e9f53ca7891edd8aa8f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
855125ceb197037a9250c1122650aeb7

SHA1
ebf20ffa2d3cdb5f6eb2146340a68b12100bfa9b

SHA256
b3224aaf7c6b4c0a377f0d0b1e991c0db8af3caa8917cf9d1a3299757770d361

SHA512
dafa9690bab93664f893b5812c64990f0e8f563da6cefc95d4397def310b3cf73095ac42cd68ff03d91aa06038c9e1059c59a52472cef9c7c7ff184d0085c3dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
64a9cabd84f290018945ce87018dd200

SHA1
69bcb24b176769ba4a635f98e1e16771837aa77b

SHA256
b86d64f5eeeeeb2782fb3ef8a62dce75ff59c6ab411db719a0b2f5f1c7b073aa

SHA512
f7acf558daa6b34a87854cca900f7c4f8a4a875d9deb95d8045fbe8075e9bab626c042722ea5fb07abe494838fb29d7ff0c17f6db9a3cb1cf7b3d0a319e21d84

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
7c169cf6ee277bb285cef11373c7a201

SHA1
319ebacb9217a2fd53365a27b137f1dbf1871c34

SHA256
405608b74d65ce6344d3ab33627a143a5a70c1589c38f5edc22bc2a78a7bd210

SHA512
f50723d48584ef12e3f1ff3590f8bcf1ddaac4a6d159baccc2b042e7cbcbc482e1c4348be583ee4921ec5c1e8e677edffbf31c5972e3aecc6871b02980fc4978

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
f24766b43dc162841ee5f50aad229604

SHA1
07b9c31c10b65d486a061dae6a8f9d853ec3428d

SHA256
db57e7b5595924771b14e825f1a59e7ddd55c18f8693c4809827acf8c08622df

SHA512
1723c1a213b61c63616a81832b3bce3d1c259228ca39fe86fec8817e5d4e353e0f050ff766dc99b198bbe7fbe4d7197588f83b5e2a6ec6c89771f8b2d17580bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\250158b8-e2b0-4c73-ab73-fd8462615657\index
Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\250158b8-e2b0-4c73-ab73-fd8462615657\index-dir\the-real-index
Filesize
2KB

MD5
6fbe2614991ea2c0e12675d1f34a8477

SHA1
f0c68aebcae854e39b0f98be9d8024337373dd99

SHA256
7b3f4c8808ed89e5af53b31294098e8fe995560e8614a3581e66063a3ea8577b

SHA512
35bb6fc3656cdfaf214007e5bad2c8c38a6a88ca78a6219ac3b51755260f6429a149d013e0192099f67681495c3778ba6c6ceaf0dbef7d109284b638863040d5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\250158b8-e2b0-4c73-ab73-fd8462615657\index-dir\the-real-index~RFe57f9d1.TMP
Filesize
48B

MD5
422817f91af38cbf91fa50e313f6cfe4

SHA1
87d5cea1379314c096b5cfc0c0ba4a25f0f089ba

SHA256
b19ad661afb872f25ad8ccbe12f16dd0d9f70929cb0044fce4f70064a1d1873b

SHA512
841810a53a6c251a0c61b41e8da12ccc146ab74f6fa426adeddfbc5eb9a1f1d641b77b37358ff58b92edc2cbd3077f1f4e66264ab12fb80201869ca376f018bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\8556b515-0298-4810-a063-5bb9d4bfa022\index-dir\the-real-index
Filesize
624B

MD5
21180e040ea8a404c820ac28d457c475

SHA1
6851acb6796d970e142a39f4ec9c2391aa3c9870

SHA256
1d05cf7b7054ad64e8e9980746c51982e35ee9e64376c9bcfb908d7098283681

SHA512
02d7596c5318b551adbd561da2bcb3e2319c785d3086454f81b005dfbe0ed756eca2a816fc1d4726d1958f717577090b13671eec7d803afa1e3af3aca42e5261

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\8556b515-0298-4810-a063-5bb9d4bfa022\index-dir\the-real-index~RFe58026c.TMP
Filesize
48B

MD5
665f1b12698e567c5c888cd7aceb3d6b

SHA1
ce7b92a9236be443f44cd2364a517faa3ce401a1

SHA256
6e252bb46d8fb5bdb35a0835fd505a3d589535c0a58d58a49c99912eb31af8bb

SHA512
7b3e3c626e6e24acf7702b9bdabd9161368514d0f2ee20452a7529bbce0e5a0797087d3b04929e6a77fbac7156e17bfae6d6a81fe8559ad8cb101601c0abab32

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c4b2084e-b5bb-4038-9170-bfeba7bfa06e\index-dir\the-real-index
Filesize
2KB

MD5
40f47eb5c757670e2b80962aa956006f

SHA1
b57a54992e566d283c1837f1820cb15080888fc0

SHA256
6b6d2fd6874bdb3cbb2a368fa7eb6def46cf9be8b7c321c48f9f04fe97279145

SHA512
25ceda5619b27ffd4a528130caf54ae2915ed49579891d4e76cfa0904b14ace9a5e1b43682330f215286e1c0cc784c191edd047eb19053785e31aa9acc9cf673

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c4b2084e-b5bb-4038-9170-bfeba7bfa06e\index-dir\the-real-index~RFe5784ef.TMP
Filesize
48B

MD5
502d223d35c9977d0cdf659708a415a8

SHA1
f382ebbbd6ab5f0bb08eb713676ecb5dd705625b

SHA256
8c137d37095489411dbc20d55b8e2875b08316bac1c8f7adab0cdcf9718292b3

SHA512
0fe742ac0fbe61e173122df6a4d86d74afb0af7b8fea3b6c8bdf628d55676f6e3831ba23c0b35300c2674219921caa5656baff4b7b658b0a6bf372f958eecee0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize
176B

MD5
acce501c4dfc3910d997da68c5fbb49b

SHA1
f1367699dd6b30469262f7c4531ba63184963b6e

SHA256
0d60eaf0c9e11b0b6e60b0caa44205fdb3fd2ceb075768683aa953d4d260dc0d

SHA512
a56fd127133f2288f5e445e1605555ee8af0f71a2a575b4ff7f2a550c0b5865fbd9278333980960f6948ca1831ca4425efd8b834903d4e9f983a8af9441cf148

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize
112B

MD5
505501f36b47d1c09272d95cfe4ef5ed

SHA1
e9f5167b6d27356c2673958a785e5ca338bbc878

SHA256
3acb767b6f115a3ac1946a9d275515aba1b8f09e106d007c011bf524046d5b5e

SHA512
b04c963b56c1a426df54e2f8dd1a4da2cca2078208429934f0b41a898d4a585347f8c57f44dffb8007be67a78384e82ac62674d2ccf2d939c95e4ac3c96b216a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize
176B

MD5
03962cc6cff4d2e309c2f23a149c0355

SHA1
a64bdc97c50e3253968a6fd2a8ac328af2318dce

SHA256
4fa0a9d9d22405da509183c7aa0192c97e7479f6ecd453ee415586ec506b5e1f

SHA512
0ee6c2c2fc2f843850c333e884a70ee7ff50208100b993436333280735154e54b1f31dc6fabf36d676ae72b3c40731ca930782d9d9d9098c96be69ab0a413f0f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize
119B

MD5
1aab4cd266f861a37a61f63b6f7a4ce7

SHA1
fd3678abc024487fa45227987c76dcbc8c8f8e96

SHA256
e084f647d8edb09488cd8e1abecd0ddecdefad9144130c9d3778556deb4ea8f7

SHA512
0f7a6f3e24c688d035d3baaf72e53f9b820fa818069146236cfe1cc7c0a26225ede4115913a7df68f8d0565f968928a6d38af53c6e44e56872e99cd29e9f99df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize
112B

MD5
f9ba719c855b8bad8c06d30de215c6d6

SHA1
714d341e2e4670f27b3019956967d24f12f239a4

SHA256
1511c72a52c453872cbcc56a881693cf82f7f44a9a7ea3cfd9e8d3c4e05d91fa

SHA512
d9f07f63b95ff28bf46de9372041513f2ff0888fc2a3f7a8b30bb71e5c953d5d4ba81281e1a1636f356af0256d8d9df8044ab34e99bac9e8644573714d096550

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize
185B

MD5
551725eca272fa5955bdb80cdbd48797

SHA1
10e3bbf8fa98dd1737ed0daff191a8e818b52db2

SHA256
d2ca2f645176baf861c734162ce63117ec1d024a976861d09704410e11a88f7f

SHA512
a9fa37c2d2d00029113552962418b9288d50b642b597b6fff01555e74943d7b52d6a89d1d522bf9effd6f752495337e3f3a6a131d76a1ca8ae8eaad13ae2f14d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize
183B

MD5
76e27e1d48ebed4f933c969296646a34

SHA1
d0a7cdf5b0573d9a00e9d5e7ba9eb5ce9b95e775

SHA256
710d9fc4bf63d620afa65d4f85ec499da9d683ca8bfd50bb0a5724e24fc25c7f

SHA512
4af277e131f03abb2e7475542cec155e8d3488c52eaa04cf49e72837640c526967e2e7c40cbc8e2930704692364dabf8559376dd77b4a7fdcca80c24afde1600

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe576c85.TMP
Filesize
119B

MD5
dab9a0b07e4b05cc867268ca0c2760df

SHA1
2e7979f4d14135abbbaf0a5f803d9efedbcec965

SHA256
bc40e630543d338768a2a106e07d2373717cc4f3f827f17101df0719dbf04512

SHA512
3861504853ca77cde5e61e13346312f28648902804718545d8c9bc374267da1f66fbc64f8673fd2dac95713a84a6695ca5490b54009b189031ee53023d391419

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT
Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
Filesize
96B

MD5
15f88dc5c4d5b78c627609b14dd59f72

SHA1
84f47f930efe2272c9a55b6d7c8f5141384e0534

SHA256
a69c57e9d3e7284138c86ce09e7afc4d28f01ffe6c1ff9391626cae93e9dd6c6

SHA512
44f4ce71c432ec744b352873dbb1bffc4ae740847fa258105e72a1de568c249686d550e4198cf7c1602b477be916e6f0b928474f10357d8992787ddf7292ba8a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57e484.TMP
Filesize
48B

MD5
e1448e889b88c67be20af21fef4c449d

SHA1
14a17e678b14b13a7e59307a0840392f83dd4eb7

SHA256
ec93a35260285d6a20c375208703a1330bd1d3ebdcf8283100fde3982f928698

SHA512
4bd7725b0f3f8db689c637dc9bb0cb339cf92b56d5cd7111718215c959016d04dcc6b3d0ccfc95497e110f1c904f3c4a6b2161bde53c7bcba75c198ff84ef149

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\0\512.png
Filesize
2KB

MD5
12a429f9782bcff446dc1089b68d44ee

SHA1
e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

SHA256
e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

SHA512
1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png
Filesize
10KB

MD5
7f57c509f12aaae2c269646db7fde6e8

SHA1
969d8c0e3d9140f843f36ccf2974b112ad7afc07

SHA256
1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

SHA512
3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
253KB

MD5
e15142457f3127ca3c69950d95d848d6

SHA1
356aa95b01411003f40775c21303a2de4af59b4f

SHA256
6d0305698514ea2f7be6fe5fc52d95c7a7f3605e1f7219525b060f27a764e20c

SHA512
16ceb82ee371d98a5f2f485c7dfb5ea1d5dc1383ce06e32a15f68e68d3a1c16c5fc5ba481b6301e41adbdc2ac804505ae2a6e0a7eece8ce43ce238b84c2b860e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
253KB

MD5
aa9321219b26e360066409138586fdb4

SHA1
4148d7f4919ac98695e5a6edb4f1fa4ff2ad7cac

SHA256
d095b06f0d6f4b4a8e9daf09fe8c355f0e432c77d879000b7ba5033c78c488d2

SHA512
38eb7959a6dc70a06468483675575f849cc119aa9ff51091ee876f42709f805f9f20768191dacd320982d733e5c0f79e62416db106aea14d1a05c33816124313

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
Filesize
104KB

MD5
90c72980e17c8a9d7b4b08c161617cc5

SHA1
111f54c87a7440bc611a589d33deecb95db92499

SHA256
1efd294a05d2d37f939760d402742a8d0ffdb229bd74f4c17fcddf333cdbf41e

SHA512
ff27f7f0cfe32716c16deb977bcd564920fa360a1d65341daad52d3db436f68138668f8208ac126ad1d6d9709cab9015984b8975293be7c763aa63273d3f65df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe581dd4.TMP
Filesize
103KB

MD5
aff3b0f7dd494cc8617a42886b90394d

SHA1
ba3760c9debeef6804f24dc5925c648fcb8ec482

SHA256
2dc6d6f0d96026e11b4787b088cba7ac34d964c50c293976578882822af51eab

SHA512
1068961d4fe5889a5bb125a61044235e3bdb97425e1dfb0d0466b949b3c4c4064340e5c2d19df481f54fa4fe00776fa39f195db6b42ec3e91937667575edc136

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
\??\pipe\crashpad_2724_USELUIEBQYXWTWTR
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit