hxxps://getwave[.]gg/

Analysis

max time kernel
150s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
15/04/2024, 02:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://getwave.gg/

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 1 IoCs

Web Service

T1102

flow	ioc
230	drive.google.com

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133576221343683321"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4092317236-2027488869-1227795436-1000\{72CA972C-135B-441B-936F-3CE37F54E307}	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1772	chrome.exe
1772	chrome.exe
4316	chrome.exe
4316	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 28 IoCs

pid	Process
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe
Token: SeShutdownPrivilege	1772	chrome.exe
Token: SeCreatePagefilePrivilege	1772	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe
1772	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1772 wrote to memory of 1056	1772	chrome.exe	84
PID 1772 wrote to memory of 1056	1772	chrome.exe	84
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3636	1772	chrome.exe	85
PID 1772 wrote to memory of 3004	1772	chrome.exe	86
PID 1772 wrote to memory of 3004	1772	chrome.exe	86
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87
PID 1772 wrote to memory of 1920	1772	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://getwave.gg/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff964d7ab58,0x7ff964d7ab68,0x7ff964d7ab78
  2⤵
  PID:1056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1636 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:2
  2⤵
  PID:3636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:8
  2⤵
  PID:3004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2244 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:8
  2⤵
  PID:1920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2984 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:3124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3004 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:1228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4152 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:2476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4396 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:3344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4064 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:4816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3016 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:8
  2⤵
  PID:4996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4768 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:8
  2⤵
  PID:4312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4900 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:4120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4868 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:4780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4860 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:3304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=1684 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:8
  2⤵
  PID:1048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2248 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:2376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=4308 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:1472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4792 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5208 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=3932 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:3136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=4804 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:3600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5444 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:4828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5568 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:3124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5700 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:3008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=3136 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:3776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=5704 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:1972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=5716 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:1856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=4764 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:1716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=5176 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:3736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=4492 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:2784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=5940 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:2132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=4472 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:1196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=5116 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:4648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=5920 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:1684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=4496 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:4072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=4416 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:1
  2⤵
  PID:4884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5868 --field-trial-handle=1872,i,12301391445836624105,11006804699952470470,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4316

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:4508

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
323KB

MD5
2e6f924fb285f9174798ce8d7f16b7da

SHA1
7ddae16062f53226a60fcd24980dbb862e4a095c

SHA256
2979a0e96407b46e057329071b9eb5a11cbb8266e653ba982d0a45db7a4b0c98

SHA512
1f0da4009b0a3aea7831e7d4926fda276aaf0d0561e7b99a2cbbb382dd17b40cd8e6e0edfd6532089ba4e8a815e9470e34422c3904bb750e008b5c07931c6dbe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
136KB

MD5
c4c73d98b5014dae9ee446fdfc6952d2

SHA1
c8540c5d586e01b72c66a582f9483707743e140e

SHA256
a27a04197df16624691f196e8fda3fe7aecd88254b9e309adc478c15c6b260db

SHA512
269f9e27d618a02636545b9b93065664b119e4325fbb3a037881c649428b4e98d4b266673b8f56375f7adcccbb0265fbfc5dba6148c60556e0808f40daba4145

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
75KB

MD5
ed0d4cfc6644697d35fadcef06d50844

SHA1
2303c2669635920fcf20c706cfaf63d5fe4f1814

SHA256
5d0d57f183d68873bbf1a865c6b448d5b87032768ac6047da1b2d20697e90e45

SHA512
9ec37eff397d40caebe6cea75e99fa7bca3b2f3fce2b7dece62e33c88a1c966ff6d4a6adb145fd9c78476cb83ab236820f022e2108838579befd6da2a414d418

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
40KB

MD5
0f81b6d61de3f11df96afa46fb362f45

SHA1
b73925c797fcb5e23b0e0495ebdfb629d16f26e4

SHA256
7171337d694e449b8c4923733effa4185a3eddb330b96e9fd0e4e3497faf5364

SHA512
1c97e4e7357d385613f05f7a16439c25614d553cafdbd18a197c4a369726ec28b372ec6bed8b87a968d74a2585e3c999da9799e6cf558fa9ce25f87010d0e617

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
66KB

MD5
1e3866fae78400e2271411d54c132160

SHA1
15ce0b2c130b987ffe9376c47b6c246dd44c32d1

SHA256
00a918386aea10ee2c25d529038843c9f4d70e61a7e2578c3aceafd81673968a

SHA512
e50bbcada0323759e3a6a796a6455d5a6e8bb613a1f7d5e0b86ccec95df44139ab9d3c5fdc5649853532695fe7135037b0ddfa4757d742bd94d93da4303cb4d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
47KB

MD5
045937268a2acced894a9996af39f816

SHA1
dfbdbd744565fdc5722a2e5a96a55c881b659ed4

SHA256
cc05f08525e5eaf762d1c1c66bef78dec5f3517cf6f7e86e89368c6d4a1ef0cf

SHA512
71a025a421384ed1e88d0c5ffadc6450a9e1efd827fe929f5ef447d2901cd87572fccf13dfa8b2706c9fab8160163e3a0c80bfe1ab49d63ffbbcb0e4e591a84f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
17KB

MD5
9d4cf01f846a0613c620463794b1a31c

SHA1
0b4a8dfdf83967af3380d3693c34cf264dfb8c27

SHA256
89f76dcc3cd90019066409a4bc6ece01d9fcf5ebdf193de83ca5b518f8428ea4

SHA512
53ec47a27c937f62006e4631a762e842cfc608489b40dc3f0bd35af963e8ff79292e8ae52152c728e1dcb7638e350d826806cacfdb8dadae3d4b6dd4b17070cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
95KB

MD5
0fc830d06ac3635b8f24773df1b87b2c

SHA1
b9d82949f40c63ccae4395650095430bc6863cae

SHA256
f996cb602fc30f7dd054c83ba995833ba398706946eab563a2d987b859fe383d

SHA512
a2d7f3473cc6cc43465c2bb01c85da64dbd367868e79a76b58f2b8756fb656675ee61ab460cd023959251cef7f8cf2acdfc233b5a2137c7c08347f8175b86a72

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
249KB

MD5
a1a62f8ca46eff569ed847cf7b4920c9

SHA1
4bdc14b6cc9586fa7562fb467a37fb3dcc38ae01

SHA256
34e2c28d7d2ec91c12bd5f4a10142da314ba9b870815dff1f5d995ea19dc5339

SHA512
4f07ce0a7af437457b88651a21cf5926e854d2784312e3831111bdb94eb4c45773e63d93571c744b2f71d26439df7032c4be3e380aa16359debbf5d87934a7c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

Filesize
789KB

MD5
0f49bb1b91100dfca4aa9527f09cb7fd

SHA1
1a9d1c5eeda4abcaa18694e5f0694e69ed13d147

SHA256
a8fc1cc23aaf6985814a81e2dc22ceb156cdaefc038374fafac1969b24e73c78

SHA512
7315d44ab0de3824fc228a9cc9b5249a548782872cc563db561a9a818d52a5f38293cd351f536984a2170cdcefafe8a0d6969ed1b6a8e3fbafd20c6bd363b628

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
169KB

MD5
e9144b22ef0ad3bbab37e1f427e2ca6c

SHA1
5de9fefe90de4cc67ee01e7e121c2c96f906304f

SHA256
9ce80ba3042c941ddd9c8b36088691c993f3cb478a60bf87d9690c88a2ef4ce4

SHA512
7a93f1123ec291cbbf75db745aacd3d625c424554ba5ab33c545d95937234cf60faf7312b8498be593d234f5d73bfa0604031c182d7c5a0a4d9a34427b971072

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

Filesize
41KB

MD5
1728b08ff3b8c2f99aa96607fbd78a2a

SHA1
81a18d07ecab2cb1a0d5ec22fca0253fb1a9b86e

SHA256
1004aab3c66fe3a9f18d12938a40cfac1a674a576420a5c4a2a20d639e4fa28b

SHA512
81a165ea3d209d8c9a66c95acb5f9f1db1831f6feef7b81761ddcc95885a6b5cde65a3fea9570c7c06015d2d4e584ee8359e5a8c184cdfabf6dcf65309511eef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

Filesize
211KB

MD5
42d74ce329ff04bf03c10c6cba3e653c

SHA1
6508eb5c9894d0466b5412aa7802aee3a1265b71

SHA256
c79e1fa5ccec708122f13424efaccf978834fc62b00556217c8bc5a0aaecdd52

SHA512
96c875ae662fc6b9ac86918ccf767ddb2691674b19f8caab92735d048d8fdf755a42063a6b127602c166105ee7d59f671ba426a7739a490011624d5455fa1608

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

Filesize
33KB

MD5
b54a39d6949bfe6bae0d402cd2d80dc5

SHA1
9ac1ce7c7c0caec4e371059ac428068ce8376339

SHA256
6d26dfbcb723f0af3c891e9e45186deccb0f7e710106a379464c6f153792f792

SHA512
d86ac61ccc0a23d18594a8a7e8e444de4838fe1b7cfeea01ace66c91da139bedf811f5d1d5732c7da88a352af6b845f25bb87fc5a130ddf7450fd6d6b4146b6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000034

Filesize
65KB

MD5
34717ce01e946a0d385473ec97d2e845

SHA1
a369937730ed782bd4ff490db7168da743d24d65

SHA256
3cc6335d28f8eaed16356da8786fdd98b861605f34b685e1ab011b152b34f27f

SHA512
4e389044e0c2095f8365353aed53f25e3f5138622f1c34ec33d4b7f4c19c3f07df21435b1b23e2f97b562562ed02d92edfb6cee7cdf60c1c78d97988860095d4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000039

Filesize
33KB

MD5
c15d33a9508923be839d315a999ab9c7

SHA1
d17f6e786a1464e13d4ec8e842f4eb121b103842

SHA256
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

SHA512
959490e7ae26d4821170482d302e8772dd641ffbbe08cfee47f3aa2d7b1126dccd6dec5f1448ca71a4a8602981966ef8790ae0077429857367a33718b5097d06

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003a

Filesize
19KB

MD5
3c08ea28594c96031b19d0a42e717539

SHA1
c071b1cf58173811299272af7857598f7f923ea3

SHA256
a98022da7bbf7eba3c74954b67c237417e7511c0a6b282c3c00213fad46d31cf

SHA512
0fcff0835a56760fe26b1814799fb92b1604675a933f02b5e104e79ea3ddf8d4eb20159c5887a4baf9ff4f4dcd552f3dba1e8419977329a5951bcd10a075b541

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000061

Filesize
198KB

MD5
319e0c36436ee0bf24476acbcc83565c

SHA1
fb2658d5791fe5b37424119557ab8cee30acdc54

SHA256
f6562ea52e056b979d6f52932ae57b7afb04486b10b0ebde22c5b51f502c69d1

SHA512
ad902b9a010cf99bdedba405cad0387890a9ff90a9c91f6a3220cdceec1b08ecb97a326aef01b28d8d0aacb5f2a16f02f673e196bdb69fc68b3f636139059902

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000062

Filesize
19KB

MD5
b4ddf003b5f47fe6f28ac51de6e6e4b9

SHA1
4db138daf6375adb554844e5c98c60a085c61af3

SHA256
623ae7025d0b82afd7ed93022c9874908255f511ed5a54633b5157a15a65853b

SHA512
6d45c53df4c272a6eb549739b812be5462331ccfc9f723eae5e7da41cc2f35e08fa34684a4ee18f8e6a9b586393b5aeb844cd1187dd3cc6257fc1126d6b3d873

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
2a0c40fb2cb0dd5f72fe960908254b8c

SHA1
262072c2a158e0a68eb0305d74f2caa2aa24242b

SHA256
1978d64b02a11a0c276eaca120fec60b1935049c2184be9c7d4a050940c08f61

SHA512
1c16a8df6207450d2a21c00b105bbe2c1dbdd000cac3378c1cb977e29bae1b4afd6a4d9368583a7591c09a4937584034c2d540fb1cefefa242158382443bbb64

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
2103bc81d87fadbcf5ed102d4a0e2a08

SHA1
968718ff06084653454bbe2cbaea70eb03479125

SHA256
7df1bd6a5905a08899aedc13dfb9325af4d9efd9108e4fbbd4f5729597c68eee

SHA512
6b9d4bcab890eabc3c9d9136f76c2a4cb5fb4c0cad0d8a144ee85af7b7021ad1061cf53403464b54c84e43a9c81d32eb61782c8b480764aa54fac54a44114f81

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\000003.log

Filesize
66KB

MD5
abf9ccf77301c5e1bb27dcda900c1aa8

SHA1
5c53b7e77447c18b00ee9cdbc8a41e1d6f85db64

SHA256
668882e15674c054689bea1f124d0c65ad0f9f997cb8e06de138181623392032

SHA512
cfe9ea458d0545000f5dfe0d8aceecdf46cb1077edfbcd19c22e93e8fe85d4a41d0077d02168b3d7fe35b80708e9ee062154432dd8c503f1f98dac8114572e2c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG.old

Filesize
392B

MD5
28f3b2135bcd40235f94699142ac9ea9

SHA1
79a320cc677f67c9527a129555297cef30ed68a5

SHA256
a785f7733897d8284f7fde2bd9199c0265845273cf1a36e4492c182ce78694d5

SHA512
ff4791f574cc7f542caa356cbf1977c9e4680487cbfbf3f5e316beaafcf398a45db2e0dff1749dc1824e607b418e7bab21185cc002b56efb2685ee6288bc9d3e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG.old

Filesize
389B

MD5
45e6ff2f747cb0968b58991c1f008c33

SHA1
55bac159b9026be2bcca8b6042e00c29bc0b28fc

SHA256
196097ad633a84a559cd97a2870392af42dedf0b7ce088e528cd48e1ef3970a6

SHA512
72a6dcfa730340b3157b2f3d11b2eb6041ad297b3f8884988185c1f201b9e91515e5e1b5c092e9f720ed3f8f3e49fc92718f06c20e50c90b4f7d3ddc32c4c898

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG.old~RFe586be4.TMP

Filesize
351B

MD5
85efb2fd32dc1e218d91433596f8d1e5

SHA1
eb792dc08d177bc3fc18a25585e276e1d22d3619

SHA256
8eca39b02ae4aa3c0e3942cbdc104c1285436d5a64f9bc324050be39fc6c052a

SHA512
a5b5c9a415a92ed2261f62cc07d826bbd264f241681dada8731a57b089b55daaf17968b23488d2629f67c49eaf5ee48672e18a86ae2618f64cbbf307f3570c9f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
10KB

MD5
f7133067f694cf6d9fafac67af2f2c89

SHA1
befabd6d6633e1ed647373175609acceb2c3709b

SHA256
2eb1bf00b264e1a702453a26997f8aff521892d0c01dc4abfe253b630dd0fc8e

SHA512
ba895e7988c450641301174b656b0be1a5eb482450d0009f60eba0f5d6d3a588300eb6008e91bd5e78abc8e1bdad0be7468f75dea581aca6b2b51dc908f3a24f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
8KB

MD5
003fa0512cc336f0801b1953a423d44e

SHA1
70968129d081b4c6c3125902d5bb388a9b2ff3a5

SHA256
b11f21c00c98b4843310a6fc926859ffb68508f16d96dd7e5d1bb7e9ba8adaba

SHA512
aceec3b8f19eafaef57f77a81c5ab1fbb1ec4bd41cbb50a30848966bbe8ecbe40e0cf65bf78590bec528a1d4aa4d4cd922fae9f5da427fbab2a52399b1e0c625

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
e3d83fb0379876142fd56fd7ac0e0bf8

SHA1
71b2a7f2f57c24d95f3cb356605bcfd1af0e6183

SHA256
d436dfe2eba7a4dfad12c223ff2513d7169173eb26542ac428833182cc16d5e8

SHA512
d8db4d88545e379136a6a71a06858c95d0715bd66d354e7d36fb688191e999586beba4db109fa40d9d3dabdef1957cc3d129f8b24c215581de95ec37c3f8df1b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
b21bdb1910ffaa4d5629f7b8c0b238bd

SHA1
4ade296d55bae1a81fdd80d94fdb1f0041993ea0

SHA256
41d2a68537c72fdf81f71b9ef6cb2443d515d98ab1905431b223ce44934d2ded

SHA512
d5099b8f7f8726801eb5d115b2da5675c813fd72c1459f242ae8f1e6841b779785de07ae4021eced73066d56a6227588983359f920dfdf719e9895e5cbf1c0aa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
0a20d7ce5187e1e58f457793a7e04a6a

SHA1
07ada616323f9538b179aed95d04d2517181a257

SHA256
2db249b0996974a2742e1fef84a6ccbdbefd256eaa23352378b7e6f307a25e76

SHA512
5d896b566a33ae31fdc88e29246bcd57cc0fd8edd40c18ab6973b2db0b7cfa19eae6c4bbc7e7065b6120d4a618c26eb6fa31d3e6dd08f518aa0381aa54532487

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4776dcc665f6a29a5734908ead28e3cd

SHA1
aff7342c933d602aeadf3de740454a7292537833

SHA256
6a63ab4a93b63ddab71a4b74ac169763c443bf54d17ab7adaa808fec8b2299ff

SHA512
584c05d711559538f3a578485cd389d529bc76a677d62529eeeff5a9502c69b1554a50fb8e6654f2081b37a3f7da2a067e60072161b642186ffd20d83b083c05

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
b891560268430f04590aed4ac2ae7aea

SHA1
9cdc15d8e8f692b192bdaa346b6021fb9c73a49f

SHA256
4e2380e2135000e87fffe508dccd3ce8c346c30280b4be15ad60192a25447153

SHA512
efaa65f34d022a7f4676009de7484cd90687876104b83fecac23ad74b38ef4dd4ca26f2cf6f4b6666153da2bf1805cd8918f60e342a21661a97da5df69319d09

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
7ea2d5920c5eccddbfcde7855da3cad4

SHA1
5595b6a0c8c2f72c304a5afbb2ffac8d4f5f3e5d

SHA256
2359677c53e8d6755f9589e6f975d0bb9cb32f9615154eb3f688fc131923b440

SHA512
ce8ddbe5f5c5d4bb8cb0e4897a49f86efa3dc5108c03f2894aa0bc64595b515cc1114d87ff2c1dc54893b0f239aae07275a84976bcce58df49f3f210a76f6508

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
f7f4686672b8ae48bb364cc3b6c24622

SHA1
b62e417f823510abaf3ce4c9c990141036a6ff75

SHA256
6ab5bb2724a8d1bd60c063efa6ae4531c2d6b4a82011144bec74ac6678229a74

SHA512
fda8c78b4e1a1290ae1c30c1eefcf3e14cb42c3a9c7d388587f238299301dca86e5d88d3527d85723b18193c7f9ed69b8833b57d6aa376115d18b9afb66b2586

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
50be93e58255628685b35e33bd53fede

SHA1
6a116a3acb2d50804ec4e7276b7b3b5c512a6fd8

SHA256
65e658927fb1a2abe4254fdae23f9190b3de23bedcf19cc09d5d01f32acef9a3

SHA512
440040d2d1ba5321d8db28046027313b91aa8dd291e9a6a216991a35c6a3e6abb56c1b2d58c4fb7a39465654038b8627bee0ff3049a9ea4953d15a8d09d82fd4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
870c31667af774a7b1c5fe55c28c2c67

SHA1
7da3be1be39310475bf0a372a07f45bc2e583aef

SHA256
1501080fc308301817717898dfca95a90adabcd2c98093682689c176f704ce14

SHA512
e546ae5a1c182ac1f3268a5d444709d12bace98ff9c85d8857f8ae19a63ab61b8ededae263f3a9816772f354c70f0021da190046618596fa3d3e4d5130fe8fef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
d9a9e5022914d79d92c0c42aad1a2c7c

SHA1
bb207b379f32f1070f7439ad4c0af275abc3ddab

SHA256
b458dc99b27977c81a86e695b9feedd52c0e9ff408f560cca68d7428ff1fca3e

SHA512
bc0e7cf59ddf59af72e14fbdc683edf47172773e9ca661878f079aebb4e400e8d603bf35e1632f34f736d16a1b729a291a22185fb301e7ce866c9878979eceb9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
084c4934b9c7ba7e3fc23dd575221fbc

SHA1
cfb12e4e0bb7cc48330706d94b60763efde5da2a

SHA256
7626db908cb977ded575190507e1e09d26710e269feebc507e72b0d2b322282d

SHA512
0541f86b86af4a5232fabe1404d19b7824828e3c4450862901b2747e21ffeb4cd8ed14f4b05a687973ccbb53d4302a393c82ddeae2e1ab1fc24aa261ea7e53a8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\258da343-6944-4b37-bc2f-ad315502a9d6\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
30bf48d20c50569ab1e77c4103959e73

SHA1
4235ebad6d686f13d7eb3364ae9dfd0f706c2e11

SHA256
e9e645da9616190554d5b2ae758f71f3c5a46322b1c7ae6c3cdfdae13d71aae7

SHA512
01fe3195083a1207c99b7cd2427c8e48a72ad0ea2deb4311e8e8becbe683152749aa08e8b95803c78ed14a1c5c6b898c2bdbcb7664028f9417bad86fe8cac699

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
f7f3e99c020a8df97348f70777c970f7

SHA1
af7e76e5a71560fdb0be76690c890c439fa8bfc6

SHA256
46de16b003c0d09c60d4d35548de724c740b90fc718736db24897c6e024c1598

SHA512
702208117f7d5cdf60500e97f392aafc1f249a757980fd6310f56dbdfd4e239af20589fbbc014457ce9adfeb4b73d9a5fbc81da9fb364912f5652c7081f320fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
79a8d5554883172aa726d1f4043be1d1

SHA1
3882a228c96f6550844d28f60da70c458c033a49

SHA256
a1905c390f85abbc7f227bbdc5d0b7f9a29202e939cdef4436250401538b5091

SHA512
651d60ff89406ebdd47798a6b1a187d9a908fda47784eede5caf763d2b74b9a981e0081fc7f64ae77a930c5261ca58daf11de88b62c2943433d7f5f322d8a38f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
5401c3c21d421ac2ae6f791b0716fa59

SHA1
9544f2f06e559c830fc2064a1fc0a0d11de008d1

SHA256
057c876b1798d82f3ab13b4ab4963795abfe04b74f42c660fa14bf51eb309d1f

SHA512
ca38b7d844ee6fdcaab1a252983833966c1d5a2b229d8f393fbaf682f5b384f9e89c71c64b5d86f457446c02b24e7dd2808fe55e5ed9ebed77141765dff79e28

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5788f6.TMP

Filesize
120B

MD5
e45cf0d5a2c7c414cca5f4bf0b5ba0f7

SHA1
9d30976c3c7a2ea079a2e56b053106deeb671c07

SHA256
6b760b6b8d68db22f18ed96a4d4d63d3c5a548ab2efd31bd368246435a8ceb0d

SHA512
814660e76eb8c64116ed6fcc97c712f7708dd1f35b6c20c5e7e79a6af2025e6eaf59cd9e30a07d1dc0f3fd28e6ca3c14d6b31fef0ace025792021ebd6fe50363

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
127KB

MD5
d681a6f44c56d1870bb2535b48d13eb8

SHA1
2bf7cf904f86fcde3bdd95ffc3c6b62960ce3610

SHA256
cc202c7d47ba61bd5f18d6d962ed7caba1654bcf3e66b22be03ac59c104ee8a6

SHA512
769255b62334ebfb75c4ccef0ac3a15ab5908cb82c4f555c2b5c92db839b9ca2f76935efe4bf2e1b9e615b8086cb82b06afd02e4a1942c3047d965127e7b9f14

Download Submit