092129f26834f0f3453c3c0cf6fc450c8d9c00e8521a464affb3b5696ae7263c

Resubmissions

17/04/2024, 16:38

240417-t5dqqsha6t 8

17/04/2024, 16:29

17/04/2024, 16:16

17/04/2024, 16:13

17/04/2024, 16:11

17/04/2024, 16:01

17/04/2024, 15:53

Analysis

max time kernel
170s
max time network
389s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
17/04/2024, 15:53

Sharing

Copy URL

Twitter E-mail

Reason

Machine shutdown

Report Analysis Logs

General

Target

settings.json
Size

717B
MD5

9524b55958a0e976a0b97cda97c12516
SHA1

c27592c0c683be473ccc0f1299a1a464f9f4792b
SHA256

092129f26834f0f3453c3c0cf6fc450c8d9c00e8521a464affb3b5696ae7263c
SHA512

cf122e2a291baa58a753bccc0f7cc0d93ab35f62bd39ffce5cba29e9455f904727d7496f70154254c154481adcd25f59137d993b81c0f8d7c2642a6624ec5407

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2461186416-2307104501-1787948496-1000_Classes\Local Settings	rundll32.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2632 wrote to memory of 1188	2632	cmd.exe	28
PID 2632 wrote to memory of 1188	2632	cmd.exe	28
PID 2632 wrote to memory of 1188	2632	cmd.exe	28
PID 2372 wrote to memory of 2488	2372	chrome.exe	30
PID 2372 wrote to memory of 2488	2372	chrome.exe	30
PID 2372 wrote to memory of 2488	2372	chrome.exe	30
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 1332	2372	chrome.exe	32
PID 2372 wrote to memory of 2592	2372	chrome.exe	33
PID 2372 wrote to memory of 2592	2372	chrome.exe	33
PID 2372 wrote to memory of 2592	2372	chrome.exe	33
PID 2372 wrote to memory of 2448	2372	chrome.exe	34
PID 2372 wrote to memory of 2448	2372	chrome.exe	34
PID 2372 wrote to memory of 2448	2372	chrome.exe	34
PID 2372 wrote to memory of 2448	2372	chrome.exe	34
PID 2372 wrote to memory of 2448	2372	chrome.exe	34
PID 2372 wrote to memory of 2448	2372	chrome.exe	34
PID 2372 wrote to memory of 2448	2372	chrome.exe	34
PID 2372 wrote to memory of 2448	2372	chrome.exe	34
PID 2372 wrote to memory of 2448	2372	chrome.exe	34
PID 2372 wrote to memory of 2448	2372	chrome.exe	34
PID 2372 wrote to memory of 2448	2372	chrome.exe	34
PID 2372 wrote to memory of 2448	2372	chrome.exe	34
PID 2372 wrote to memory of 2448	2372	chrome.exe	34
PID 2372 wrote to memory of 2448	2372	chrome.exe	34
PID 2372 wrote to memory of 2448	2372	chrome.exe	34
PID 2372 wrote to memory of 2448	2372	chrome.exe	34

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\settings.json
1⤵
- Suspicious use of WriteProcessMemory
PID:2632
- C:\Windows\system32\rundll32.exe
  "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\settings.json
  2⤵
  - Modifies registry class
  PID:1188

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6b09758,0x7fef6b09768,0x7fef6b09778
  2⤵
  PID:2488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1172 --field-trial-handle=1248,i,1848518459201091072,7510026579964103198,131072 /prefetch:2
  2⤵
  PID:1332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1520 --field-trial-handle=1248,i,1848518459201091072,7510026579964103198,131072 /prefetch:8
  2⤵
  PID:2592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1572 --field-trial-handle=1248,i,1848518459201091072,7510026579964103198,131072 /prefetch:8
  2⤵
  PID:2448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2324 --field-trial-handle=1248,i,1848518459201091072,7510026579964103198,131072 /prefetch:1
  2⤵
  PID:1892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2336 --field-trial-handle=1248,i,1848518459201091072,7510026579964103198,131072 /prefetch:1
  2⤵
  PID:1760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1800 --field-trial-handle=1248,i,1848518459201091072,7510026579964103198,131072 /prefetch:2
  2⤵
  PID:1672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3228 --field-trial-handle=1248,i,1848518459201091072,7510026579964103198,131072 /prefetch:1
  2⤵
  PID:2064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3432 --field-trial-handle=1248,i,1848518459201091072,7510026579964103198,131072 /prefetch:8
  2⤵
  PID:1172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3584 --field-trial-handle=1248,i,1848518459201091072,7510026579964103198,131072 /prefetch:8
  2⤵
  PID:1376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4116 --field-trial-handle=1248,i,1848518459201091072,7510026579964103198,131072 /prefetch:8
  2⤵
  PID:1064

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2768

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
PID:1092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6b09758,0x7fef6b09768,0x7fef6b09778
  2⤵
  PID:1548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1156 --field-trial-handle=1320,i,9302678676623336685,12152127355490867570,131072 /prefetch:2
  2⤵
  PID:2812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1476 --field-trial-handle=1320,i,9302678676623336685,12152127355490867570,131072 /prefetch:8
  2⤵
  PID:292

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
PID:2800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6b09758,0x7fef6b09768,0x7fef6b09778
  2⤵
  PID:476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1168 --field-trial-handle=1220,i,14305236691094093658,1222467198452777900,131072 /prefetch:2
  2⤵
  PID:1340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1492 --field-trial-handle=1220,i,14305236691094093658,1222467198452777900,131072 /prefetch:8
  2⤵
  PID:1680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1388 --field-trial-handle=1220,i,14305236691094093658,1222467198452777900,131072 /prefetch:8
  2⤵
  PID:1764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2144 --field-trial-handle=1220,i,14305236691094093658,1222467198452777900,131072 /prefetch:1
  2⤵
  PID:1068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2148 --field-trial-handle=1220,i,14305236691094093658,1222467198452777900,131072 /prefetch:1
  2⤵
  PID:1480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2316 --field-trial-handle=1220,i,14305236691094093658,1222467198452777900,131072 /prefetch:2
  2⤵
  PID:1904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=2460 --field-trial-handle=1220,i,14305236691094093658,1222467198452777900,131072 /prefetch:2
  2⤵
  PID:1456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3208 --field-trial-handle=1220,i,14305236691094093658,1222467198452777900,131072 /prefetch:1
  2⤵
  PID:2664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3472 --field-trial-handle=1220,i,14305236691094093658,1222467198452777900,131072 /prefetch:8
  2⤵
  PID:1760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3596 --field-trial-handle=1220,i,14305236691094093658,1222467198452777900,131072 /prefetch:8
  2⤵
  PID:1912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3816 --field-trial-handle=1220,i,14305236691094093658,1222467198452777900,131072 /prefetch:8
  2⤵
  PID:2836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3464 --field-trial-handle=1220,i,14305236691094093658,1222467198452777900,131072 /prefetch:1
  2⤵
  PID:2632

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
PID:1324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6b09758,0x7fef6b09768,0x7fef6b09778
  2⤵
  PID:1916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1132 --field-trial-handle=1292,i,8484713092915880508,10142548625991685140,131072 /prefetch:2
  2⤵
  PID:1332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1440 --field-trial-handle=1292,i,8484713092915880508,10142548625991685140,131072 /prefetch:8
  2⤵
  PID:2952

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1940

C:\Windows\system32\winver.exe
"C:\Windows\system32\winver.exe"
1⤵
PID:2040

C:\Windows\system32\msinfo32.exe
"C:\Windows\system32\msinfo32.exe"
1⤵
PID:1700

C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x0
1⤵
PID:2468

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x220
1⤵
PID:1088

C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x1
1⤵
PID:2792

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\2d281344-951d-4c76-8d4c-4c1a6b446104.tmp

Filesize
138KB

MD5
c13928ff368201b7964d29e0a3adec1e

SHA1
f4da9e6ab98e02af83679d29789b7ddd0ce1ddee

SHA256
603fa6b96e52f571a4163279c6508345ed0da2b298e740d69a0d5d120e432beb

SHA512
99545f89f7b82f2ec4baa0e4342418b43e476f78e29affc2d054c80b5cdb7c94878001df75220cfa155c6d47a8638336e9f502c3d06e0a8916809c452a1bb730

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
294d6278c7e065c14f83cda12e29ba12

SHA1
ef6bd33fd24a3866dd8c48c505fbc7b1c4d28e0a

SHA256
963c57847ff199029eabeb8832a4aa90a57a204ad56a18672a9bab23351590a3

SHA512
df42ddb3a364b7ac9adae110b0e9ccd9e2ef7592e256608d4c11ef1fed872de59a4f0ada05c35b3955f96c09f96a45a62fb910bb2caa09469c633c439987637a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\196396a5-f0ec-4067-8f97-975827fa5655.tmp

Filesize
4KB

MD5
65b09dd3fd991e2354bcd18c44bcb7b7

SHA1
e7b5d3cf194e977ea9f8433604866b81a7997ab8

SHA256
caf86b7ebe016067d20865988fe434a31870b981d8906ea3a677d2d4c9a6f21b

SHA512
f242c567934a1f5c3ab1eb8625bd1329dec91865fd5512020a9ca1e0fc42ac5a94ada7b1ac7ecd87cb30cc1562c9ceb75c0c7d7ff665ddeef4db015a8513d752

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
fd9821f3ab5d51231bcebdf538905344

SHA1
7c81f92ea3c7cc3c67cc32084027c4078e46a7a3

SHA256
a4c44ee9ee08b4565b6e09a03a6245801787b7ec2d60fb82932cc6aedf605492

SHA512
48a7330a3780a7463b2661b6ce8e019345e7716f8165644dca11904dda858b3f27df8b657672bb644f1978267808bdf434bc517f634a144e79089dfcfc103106

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
6b803054483e771600432053f139121e

SHA1
ed726e8b8aa7eacfb393f82f88afb3a48c06a7c3

SHA256
0d281b5640282a1166567c826a0508cc3b3c942ad22c3256810c4438a7ef1ad5

SHA512
3dc722f83616a14c9f4a4389abf7a2d00acf8db2bf61edbd47c0f675b4d0c61b085975cc68f79d9308501c488f097acc7cb27e5b045dc9786ac95f7fd4c74fa8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
df7605a2366263c008b6bc844784cecd

SHA1
bea2c749b25494c0eb6bc84b1883fd1c611649e3

SHA256
24c3f34073fa9b04a239e81a2d8281198c8e4a945bba3061e7e740c4f4fc9d0e

SHA512
d0ea6f7978d11eda94cd0501556722526172534326e35e0baa0971bbed70f43ebf13d4984b05c64b7a987f90c2aafda85507fec11f5ebfe86f0785a2f574d8f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
ec3d7c9bf3ecb25e97094d98126c1ffb

SHA1
da746034ba64d3cde3de6e7f08a72fb1722a0fc9

SHA256
680c8bfccc16921efd5172373d2c613adf2c3991a14271baa6ae4dd96fa54d3e

SHA512
cd76937535e760ba4f36b0eb5f05a9a252548d23ff85ce9886c619ce7025834a84217a3e11ea76a70762af3b93bde5e9768e774554452b721f62febcc03d27aa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

Filesize
136B

MD5
edc1cebee49ca1d5991a4f05e0fd37bd

SHA1
0c4e39e26e43de9c3482b0eecf38e375ada80a30

SHA256
27c999087f15edff46f713ee1bd9a328d41f84792149116bd09e37b1e4c93126

SHA512
57a7255699588254a9cb04e036140a6dbeaaea30980bd709ef218271f44569a428ef9a93f2ac31868615949ae5b79956fc910ec5157118204dba723f4162ef69

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-000007

Filesize
50B

MD5
1be22f40a06c4e7348f4e7eaf40634a9

SHA1
8205ec74cd32ef63b1cc274181a74b95eedf86df

SHA256
45a28788cde0d2a0232d19c391eae45777fe640790ac0674d6daa5672c444691

SHA512
b8f6f42d375e3ad8015d744fa2814994fa6e588b41cce0131fca48194dd40146b08169a8ce0da350525ff32a59a16edb503c72e0f07254955c82a0d38074856e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\CURRENT~RFf76fa46.TMP

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History-journal

Filesize
12KB

MD5
0168f6b5b921d9a1a441928a3c57a0ec

SHA1
4191526d9003aaeae36052f7d1e1efaf47d672ef

SHA256
cbf1b0ba94746b8b510d73eee057acba62843f6764d9724c274bf840526f470f

SHA512
57f9e3177b2f21a8dd830402892900f573eccaef8430503bd286e515621466648876369df13cd1611ef9437530498bdec8208a3c2775f4f137c0039621d9426b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\CURRENT

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

Filesize
136B

MD5
221b1e1834c3c82ba1df2193a7e3bf3b

SHA1
2965bad3522f1b8de45fcf27727972431c5c31d7

SHA256
7d64ac1cf24f8e361d3554ed475faddba22d48a7959255bace31e854bb88a324

SHA512
9e8b4029fee9f8b666b62d06282fb2cc0b304e0b7bc077f9e41807b540862cd5fc30a36dd51b2624ff8bd5c768f486cffac7b7f223552a0f56e69e27e58472c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\MANIFEST-000006

Filesize
50B

MD5
78c55e45e9d1dc2e44283cf45c66728a

SHA1
88e234d9f7a513c4806845ce5c07e0016cf13352

SHA256
7b69a2bee12703825dc20e7d07292125180b86685d2d1b9fd097df76fc6791ec

SHA512
f2ad4594024871286b98a94223b8e7155c7934ef4ebb55f25a4a485a059f75b572d21bc96e9b48ed394be8a41fe0208f7bfb6e28a79d75640c5b684f0c848fe3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
983B

MD5
3098f38250353a98eb059e151c3bacf5

SHA1
b3fbbd00463b5f6787474c8420e35a11be868bf2

SHA256
86333117cf4f8b87ca56cb24ea212eed19206285e52c5f2ba70917fb4c3fb600

SHA512
219d180843fb9270f6e821450c343b531059fec2b340c26c5ac90c619ac2ded195e7c700428fb4b037753f2c0b8467cd67d762b1d8a8d312fab855ae6c2b9603

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
b1cfbda0d38989d23bf133859fbe151c

SHA1
0d0e1ff9027840b5d4da8261384d0718bd396fae

SHA256
b69e8f35b3fd63c14a12f16914944c08f4aa262b0539e47fd8355efb9a675d5f

SHA512
40b76727a53018349d34d31d45044bd0896b2e20cacb253694bb9033c338ba5b96c2474f167ebb49808c0fd3f7fa6478d72ff315c5206cf0d954364d9bb07330

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
8027cc7780d0686eb25935a1e9964c71

SHA1
d4ba014ea270fb05f1d067c0e4faa3581165f648

SHA256
d451e02c9bd9cd54fc360791908845dd29e317442eb5a08c5e964eb9fe4d26f0

SHA512
e8b54eaf3b0b5948eec69bbe25a393b51d4f49d205f6290b23417e8a5d9a376751c1f72bdb24a817205ec75518fd6caeb5e9b2414cc288a340c17e2535094307

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Reporting and NEL

Filesize
36KB

MD5
9811d20f6dbc97d9c7cb90972e1183e4

SHA1
f93e4e81fbcbc0dbbc187c4deb11e3390b11aab8

SHA256
3e6adae29f44c9c332e6470ba76254f4c9bde22653062aa34d6654a64e17e37e

SHA512
3381451e3f963d05e1ce4bc2b639d2d4a41e92370031a02299517130371748ad963e1d0442c384af9125a9a63977c098a59efd43343107dae3d77efb3e7a9eed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
359B

MD5
0394e62cb02254ed6f43c10f265a6d06

SHA1
b32bbc941aa245514102d47bb58d74953a6d7e91

SHA256
f9c769ecffaffe1fb02aef4722900433dbc6a328a1913b93401fc09bc84d42e5

SHA512
cade36d204f74cee94f862564d7c0c44aa7ca0c3ffd325f2016c2c3b123b9be0bff1a1676b8f4458963e21df03872ea6b3d137c41b2ec161d1a6c9ed44a23368

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
361B

MD5
987de7e575c134dc3c575afba1bf5e3b

SHA1
45d62670aded5d7dc40d997e7aa089cfe13e297b

SHA256
9684841127ae58e1f65b2bff6a2a0d92e2e8df973234f32069f5c39e995d9873

SHA512
7467b444482fe7a8674264f25edf2c9a5e2be272dff50673e45d082f11d3198370e3c7d639c6c7227cb24ba84b44299053d8320488e8675fea9db96a498d5335

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
6ad7d38f8b82596d1690bd36ce04143a

SHA1
7623dd43e8d09be4752833ee4859bea2c740ed4a

SHA256
545ed39bb1f4eb6757ab6e5a49ff34401100e10672d2313ab6538a13ca43a07e

SHA512
cfb1b0d82f0b72e0551d908b810d6feac094840a0db13e5a0bdbf94729c12df4836c9d45693907ff8e780ebf2cc12f6f0033d8de02afe91e427f6138f3de9b49

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
89150b2da293ce8aaf70a6a5737cfd44

SHA1
805c616d7209f6d4ce55aec0aaf079440d02eb82

SHA256
aa752e41adb13d89a961423f5b8290a2d928b02405a3234d18af85da29008c35

SHA512
73b0bb3ca8418d4f099129095f2081e43f75298ff248875eb6af599881a857890911b79253f495484a2cd4c7988917376bfcc8f7b13e23db1c19c7d33bbcddb6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
b70f37b73e67fbf44366f43af53da264

SHA1
204473faca9e0006d6a274bc1652576dce581bbe

SHA256
7fe758fe3e2a7f09f40d52e3e9a8fcbe3cb1b484c07df7930862a32ae34dd1a3

SHA512
95f7025aa378f3afb0b2c9a24c6bed0a7f98c8ff2508f31e749fd620fbf76c17400b89a7c4983e2361cf4973676ea1df0295564216df3e947e4041b4d20d8408

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
f1d8becadd95c7d371827403b8ecb05f

SHA1
dd10ba65eb364544c8c5bc8e569e63697188f878

SHA256
cb3923a459a1e36fe7ba8323f25bea18320e0cdc44ea624889098f20e1441258

SHA512
c0451ddc7a81e4b4e47987558b7e53a636769745697e92d9090f36c043a6d14b4d531abbad6038e568581cea35b716203b56acbf374eaf19a12f04b99519a9ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
b2c7a6e85bc88df7d2f68edbb9843415

SHA1
c1778e319c459e8fb186203f567de710019325bf

SHA256
8dfcea3fc34f9b641167a57a2515740d979da4316b2602a3451f3415474acd84

SHA512
a35eebfee2ae52deda01e494cf54cf8187fa2b73462e00e6b2fa0d35cad08803def15e7a821516fa80a52e8d72da5be8baf17d69026343c03c47d67d50f7cae4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000010.dbtmp

Filesize
16B

MD5
60e3f691077715586b918375dd23c6b0

SHA1
476d3eab15649c40c6aebfb6ac2366db50283d1b

SHA256
e91d13722e31f9b06c5df3582cad1ea5b73547ce3dc08b12ed461f095aad48ee

SHA512
d1c146d27bbf19362d6571e2865bb472ce4fe43dc535305615d92d6a2366f98533747a8a70a578d1f00199f716a61ce39fac5cab9dd67e9c044bc49e7343130e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

Filesize
247B

MD5
01e954223481ad73e9f105e1c9d3d330

SHA1
26e9592632379499234fcf5ec4c0e83f3d8b4303

SHA256
1123543d2fcd6684383cb0bee24a1c7867a65836c7ef7279b975ed526eb6c746

SHA512
1aeb85cc3f99db2744962b14a84932ec87052156b6a6eab87a938dad7233e40685c3d5812805ed43b8dd4a60487c128af278615cc56c767d989de3c0b3372b06

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13357842843256000

Filesize
2KB

MD5
04c05a8a7ead9e9124d739efdbc273f8

SHA1
b91e60ec0936c909dc2c5d7bef6d70cb8d3dcada

SHA256
d846fd948330e04e674ba00dd12c13b952a697525b691402af71492a7c87220a

SHA512
3cb372d97f28f9870700575c9f3c1dc8e5e716b448307eb5aded1f5ff740e56c030c85e8d17fa235c7dfa65c0d38bd14c3a65b3368c6d6c4c4766fc5e1540c36

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\CURRENT

Filesize
16B

MD5
979c29c2917bed63ccf520ece1d18cda

SHA1
65cd81cdce0be04c74222b54d0881d3fdfe4736c

SHA256
b3524365a633ee6d1fa9953638d2867946c515218c497a5ec2dbef7dc44a7c53

SHA512
e38f694fd6ab9f678ae156528230d7a8bfb7b59a13b227f59f9c38ab5617db11ebb6be1276323a905d09c4066a3fe820cf58077ab48bf201f3c467a98516ee7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
136B

MD5
ce166df4319f9b9046acd336f5767c52

SHA1
215818d79305506b5b61c301ed405121547b451e

SHA256
3afd9e24dc4928fc398e36ff255d7eeac70d8545f0272728817841dc47d31427

SHA512
c4cf579dd4a97aa6f67fb8dcdbb2e9ae80144c17209fb14f373e037467cb2bf6e5457d381d90dec7df683afba31bd1a1f1dd6668ff09641b0f8b535c8a2a4b57

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
136B

MD5
fc667ed52e8b075b0b8910ef068f5a87

SHA1
e8ac165adea6c4f6e998af89bb60d8bc14535de1

SHA256
11dc7acb195ca26c5607e91b6e3d5233e7a9edb10c33512b01e611cf16fcef57

SHA512
e71e5694a77666e5726d307791258fb94600e041503965ead372404679c4b7b58ca7fb1ff0b23e6a245d7f19d757e2856be2c5acdeccac08ed3ec7e39841d48e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000007

Filesize
117B

MD5
2ac0494b5c4c6d605281ee87339a0cc7

SHA1
6ea0fd5480bd086ed4110d0622388574f0222666

SHA256
53161ecf97484ce07e22fbed3f642f3c1daec51a22b84be407522e5d38d2afbd

SHA512
77c6a0422b17b90dcc84094e184020613bfc7f71f07bb6fe15a68f48330e7b374c5228d65606341248983e3ec17c9b30a61e31ebdfac73f7e6abeb9d2b5f8f7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000009.log

Filesize
666B

MD5
dd13b3014de6d3b1f1c04ff45d78232e

SHA1
381d4b03c346d3007ab5c50874b8ab3e955e6d49

SHA256
59fd6d0b12a455a2c3a6f358b7f9bf1c1438520a8b5d9cfa090df43f44bcc154

SHA512
4f36af32b87ad84214c71c175c3ce886788bee8c8c111cd399a5784e1ac40ec2dff19b9d8f03d4772445e7adc1797b7ed5a129e78f8313cdb15b06cca4fca884

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

Filesize
249B

MD5
c6f1f337fe06c92c606c064474e84356

SHA1
9b9e89191e38c464d4213f571aefd7f96ee19ae4

SHA256
a21e7cfb852a956dbe8e0bdb18c9045608f0b5e881bd31da21f74b6edd7259fa

SHA512
c3b9b675ad9fddb008ad660c4aaa13eaf003a1a299e27f17b113f0b22176bb1f93ee6867ba48ab9f1ae8a1faaf2adcb0648eb8f00b6a46d9325c52fc0f0e491b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\MANIFEST-000007

Filesize
122B

MD5
1bb8ec2f1f6067eea333cc9e11a57618

SHA1
f7977ea970387f361a3deda9eed2170117086091

SHA256
9a3dab97d8af1fe7861c4c014a68add2b54a820ecd3ffb1acffc30be1ffd0ac4

SHA512
c256484fadcb53f06ca811996daf0b9af020ee483c660a94cc01ee15e892420b66ea795db76bdea26d68345e1f426587f3a536e16b1a18ef988b999454ada988

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1

Filesize
264KB

MD5
1f688a1d275b26c222de446229668453

SHA1
11e7fbdd684e84490ff177179846121c87f2ef2b

SHA256
55635ac858f75b59efcdf7d6eea6289b20bef20ebc9098e1e174b987cf002bf8

SHA512
7e7fc98bc647ee08193f0c892d57db31a75e4b475772ecc1fca769231a2695ae541d1a11ee17094fac15bfc960f0a42fede8795e76800a1c16eed34568f67a98

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
9eae63c7a967fc314dd311d9f46a45b7

SHA1
caba9c2c93acfe0b9ceb9ab19b992b0fc19c71cf

SHA256
4288925b0cf871c7458c22c46936efb0e903802feb991a0e1803be94ca6c251d

SHA512
bed924bff236bf5b6ce1df1db82e86c935e5830a20d9d24697efd82ca331e30604db8d04b0d692ec8541ec6deb2225bcc7d805b79f2db5726642198ecf6348b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
138KB

MD5
b6119a65d82d0c4cf98754407945e8c8

SHA1
2fb81a8a526d41e2f414c549587bf41403f11ff8

SHA256
f20a9663bbf8ab3eb918f78e543ce290a806a117b2d962eaf6673955fc0e6ec8

SHA512
0c9c176fce145afb8698957054488a8f71dd23924d7be963a3933267accd5a666d6e346c2aa270fb963c688b593b51d845184a702b4dea0307480db91bc044c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
264KB

MD5
17fd2cc8be24086cf07c49b9ec2677c4

SHA1
38d9c745c10e8331eaf2063caf667562aefa03f5

SHA256
9da88b10806b7940d3ab3c14eb336968a76f3719d28788030d1e7ae6cddcc064

SHA512
7b0027418215faeb6e378226bdacc784477e1450277743a8e5299eb198dcfb7b16e0206f282e25db5aa4f5e6674e9db51d03ac20e17394b79fb573558bed8c3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
264KB

MD5
bafb331c44896593cd0e441940c8120d

SHA1
e6629446ed431ecc9099489b4c6d642913bb453f

SHA256
1249ff443b16928d9e48fa071d7fb99f97dd253cec322a5f5f8d8648e43769aa

SHA512
82b9f1e8d79b6c8dc90c460cdb6319b1884af6ea6cb0bbc1bc9f98ac92e431da900619d2146ce9936f98ac14168d841ab4d948bf43f56b0dcaeca11433489fb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
264KB

MD5
74d52f75ad126a4506aec9cf1150dc93

SHA1
1fb2256e3a8c80ec13316c0cf8fe756a7028b2a8

SHA256
c8068c26382c238375bdfa74f0fa207861566c0c654b4c72c9852d681f4ed359

SHA512
8cc2cd2180054e8c2a79d2e58298a052b8490ceee7f38dabb42a9a6e37d44cf06815ab926dd71d9dd582168130cc5db92005ecbc0a5eefcf7c02ecaf0d5b9715

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
2984ec673de6173fad0be2e77ab9653d

SHA1
60866d0011b6852a8ec730a7c0eec054f3098080

SHA256
bc229813a4318de649a4ab49dd4800fe5cb1a1989c93a4cad506ac93dc5c576e

SHA512
f0d0397e9902bd5826ec03eeb3caa8c442cbcb999ef5b2946c5cbb93d34c01c1a1caf56f1e3de6acf6c9c1771653e0dcf00a1651748ffe0e901074a6437de397

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
f732dbed9289177d15e236d0f8f2ddd3

SHA1
53f822af51b014bc3d4b575865d9c3ef0e4debde

SHA256
2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93

SHA512
b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\eef47883-f2e8-4c4f-ae4a-799ae3d07d08.tmp

Filesize
264KB

MD5
e5231e1c6c5cc1e74de6979fe8fbaf4b

SHA1
b72f6973c73dd631eb962f8ffead1a691e6ebc02

SHA256
9b6f9564cf54363ea477a247e7e805bf0a95438f87299c9fe4601d5aa7873c2b

SHA512
a0868523289c9f65ad105f3bfbca7f8bb37dd9e40c9a0c89954351146e317b9a6872fe222cac4397cdb710d2bf0f19a64ff66129a09bb9bbc723ecd39f2ac22a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
memory/2468-550-0x0000000002AC0000-0x0000000002AC1000-memory.dmp

Filesize
4KB

Download
memory/2792-551-0x00000000026E0000-0x00000000026E1000-memory.dmp

Filesize
4KB

Download