hxxp://url4331[.]amplisoftware[.]com[.]br/ls/click?upn=u001[.]nCZY5w4VzWLSAx8qzDNgaE6jWRul4L6UG55iR2gVLz0g1SkP0Z8rzeAYaX7aMgf7BfnaGAZhJydx8PDfUG6J5PaK02sCITn1uO9pSQrYJinj5h0lDEtMKXGC6xWxBkF6opCdBQYxG-2FOqmMJikekC3CLiY2iWLubHcMztKWeutS4JobMbyisBw3p8mLEkk-2FkbzGoR5JriHU7XYKBM6c9bm2llIq6Il8-2F8Bg5M-2BS0z9WGYHHMxrvufxvckR2-2FCgwv39supz5Pi-2BF1bATf-2F8Qq2kSVnGobpO1emnAeHl8Pfw98-3DONh6_eNjBVie080konMhhsA7qiXJ8hxa359EEmSbRGzHA5O4kGV1-2F-2FYc5VU9zwRf7F-2Fu0lTAIJbgFq73I3S2u4mGfFZpv-2BLAczE27xjiXj3ZoCoh51GlsYSFSMa0UIf5bGMBM7MJFm2bDTSthOB-2Fq99pl6BiDxLlriSQdLLp3SXtkEDgrv8SObvtc-2Bdf2nuw1pN79G5U3Fl11MrU7Ga5ZEB-2Bwfm-2FUPeunyqMC7AfwKmW2J24-3D

Analysis

max time kernel
150s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
15/04/2024, 12:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://url4331.amplisoftware.com.br/ls/click?upn=u001.nCZY5w4VzWLSAx8qzDNgaE6jWRul4L6UG55iR2gVLz0g1SkP0Z8rzeAYaX7aMgf7BfnaGAZhJydx8PDfUG6J5PaK02sCITn1uO9pSQrYJinj5h0lDEtMKXGC6xWxBkF6opCdBQYxG-2FOqmMJikekC3CLiY2iWLubHcMztKWeutS4JobMbyisBw3p8mLEkk-2FkbzGoR5JriHU7XYKBM6c9bm2llIq6Il8-2F8Bg5M-2BS0z9WGYHHMxrvufxvckR2-2FCgwv39supz5Pi-2BF1bATf-2F8Qq2kSVnGobpO1emnAeHl8Pfw98-3DONh6_eNjBVie080konMhhsA7qiXJ8hxa359EEmSbRGzHA5O4kGV1-2F-2FYc5VU9zwRf7F-2Fu0lTAIJbgFq73I3S2u4mGfFZpv-2BLAczE27xjiXj3ZoCoh51GlsYSFSMa0UIf5bGMBM7MJFm2bDTSthOB-2Fq99pl6BiDxLlriSQdLLp3SXtkEDgrv8SObvtc-2Bdf2nuw1pN79G5U3Fl11MrU7Ga5ZEB-2Bwfm-2FUPeunyqMC7AfwKmW2J24-3D

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133576568498142040"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3976	chrome.exe
3976	chrome.exe
1984	chrome.exe
1984	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe
Token: SeShutdownPrivilege	3976	chrome.exe
Token: SeCreatePagefilePrivilege	3976	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe
3976	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3976 wrote to memory of 116	3976	chrome.exe	83
PID 3976 wrote to memory of 116	3976	chrome.exe	83
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 1740	3976	chrome.exe	85
PID 3976 wrote to memory of 2968	3976	chrome.exe	86
PID 3976 wrote to memory of 2968	3976	chrome.exe	86
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87
PID 3976 wrote to memory of 520	3976	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://url4331.amplisoftware.com.br/ls/click?upn=u001.nCZY5w4VzWLSAx8qzDNgaE6jWRul4L6UG55iR2gVLz0g1SkP0Z8rzeAYaX7aMgf7BfnaGAZhJydx8PDfUG6J5PaK02sCITn1uO9pSQrYJinj5h0lDEtMKXGC6xWxBkF6opCdBQYxG-2FOqmMJikekC3CLiY2iWLubHcMztKWeutS4JobMbyisBw3p8mLEkk-2FkbzGoR5JriHU7XYKBM6c9bm2llIq6Il8-2F8Bg5M-2BS0z9WGYHHMxrvufxvckR2-2FCgwv39supz5Pi-2BF1bATf-2F8Qq2kSVnGobpO1emnAeHl8Pfw98-3DONh6_eNjBVie080konMhhsA7qiXJ8hxa359EEmSbRGzHA5O4kGV1-2F-2FYc5VU9zwRf7F-2Fu0lTAIJbgFq73I3S2u4mGfFZpv-2BLAczE27xjiXj3ZoCoh51GlsYSFSMa0UIf5bGMBM7MJFm2bDTSthOB-2Fq99pl6BiDxLlriSQdLLp3SXtkEDgrv8SObvtc-2Bdf2nuw1pN79G5U3Fl11MrU7Ga5ZEB-2Bwfm-2FUPeunyqMC7AfwKmW2J24-3D
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe7179ab58,0x7ffe7179ab68,0x7ffe7179ab78
  2⤵
  PID:116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1252 --field-trial-handle=1856,i,15317316181645562817,9914062871565835934,131072 /prefetch:2
  2⤵
  PID:1740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1856,i,15317316181645562817,9914062871565835934,131072 /prefetch:8
  2⤵
  PID:2968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2184 --field-trial-handle=1856,i,15317316181645562817,9914062871565835934,131072 /prefetch:8
  2⤵
  PID:520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2952 --field-trial-handle=1856,i,15317316181645562817,9914062871565835934,131072 /prefetch:1
  2⤵
  PID:3996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2960 --field-trial-handle=1856,i,15317316181645562817,9914062871565835934,131072 /prefetch:1
  2⤵
  PID:864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4264 --field-trial-handle=1856,i,15317316181645562817,9914062871565835934,131072 /prefetch:1
  2⤵
  PID:1004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5024 --field-trial-handle=1856,i,15317316181645562817,9914062871565835934,131072 /prefetch:8
  2⤵
  PID:4324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4580 --field-trial-handle=1856,i,15317316181645562817,9914062871565835934,131072 /prefetch:8
  2⤵
  PID:3324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1756 --field-trial-handle=1856,i,15317316181645562817,9914062871565835934,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1984

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:4916

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
864B

MD5
5dff8a2a38bf345a64ac5d0db7b8c950

SHA1
f0c3b9639e75956c2f83717d73b47a79657c7a4e

SHA256
07dddce25e3ead716be310afa8d4f413d453b8e9d1466c9fc0ed6a630db0f129

SHA512
dd15b328a5de87b8e0e7887f98e73a5630aad896fb52d9daaeaf766fd293275e9139d568b88f55a92a54606eff9c392c058548a4c714cc36e4ed95e54f423ce7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
ab41c60deeaacc2f661cc1dab699caf0

SHA1
7f93193722ed9cb7e9edc60239367a56eb5cf1e0

SHA256
50b8e93b844b98dcb0f2cba259568e5a1ab5b710bd1c1012b5b30022a2807547

SHA512
7a225498fcf0b48a524de25fdd9f5db291895a5aa5526fb87296acac6987ce8a046db8e90b69cb856f9d9ad5774ce28b24b25ae8aa601d3633f5ad20037fcaed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
89e3df30f993c5b301033643570b5f2e

SHA1
73ea8599e73a2360843008fef6a7dc72723f97ce

SHA256
46731e1b017d4d89910fefeb1e3e88cf2a27fe42bd80113136fa90b89d3fe279

SHA512
4fc6ba64a61edcaf43a39ba9824c88cafaf7c69916986fcd76a34f6079666fc7ff5ffe03f269e0dd1032aeac46b6601581dd0548c9b2134d3d6ee01933b84cc2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ed8fa6dd161f79aeabbf736718737ad4

SHA1
3a6b0634a94a4e2ee9027509c40d80c1657fc16c

SHA256
e4c292b851957469435f2b60953ac3448d6c3eee3504dd4f63c112aa0e67cc60

SHA512
ff2403fbd3eeade9d2bae832e610c93a619a0410976f1579ce315a408af0939e16835c078c5222f9cff1431dde3009a2dcaf315776074c0667c1b698e8354878

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
7b3c0587943bcd2f959fca514c215f07

SHA1
f95a6da914c9fe976c419728fe241235bfdff349

SHA256
2c26e9d3ef5e2deec23bd06ebb897d272d22a54f6e9855811ad7b3138c3db1de

SHA512
45705a5a7675863df0c135405dd20515ae59610dbdd5d3d1fd1be3213047cd9f83bca7c5bcb5bde26f2469e1b06284b0e0872c1dcccf20d62e8f3bf1af4f3a4f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
250KB

MD5
7848329ca046f48eb793b87e6e3cb1eb

SHA1
1f58cd12db2fe459f0bf5553784fe802f904ffde

SHA256
a338758b2d3e6dd2eb31dbc137ec5c52b6e1333566fcf904a70139deddf4a538

SHA512
45bdb9abf995e93b265cbfae7cbed4a247db6c2a9ebe2689c09094d2cb2efc81c360a14a7ee22941ca2e12d3a213e54d33acfa60b7e93a3270df622b604e3e73

Download Submit