hxxps://direct-links[.]net/s?tguq

Analysis

max time kernel
150s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
17/04/2024, 16:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://direct-links.net/s?tguq

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133578435878383722"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4996	chrome.exe
4996	chrome.exe
5000	chrome.exe
5000	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe
Token: SeShutdownPrivilege	4996	chrome.exe
Token: SeCreatePagefilePrivilege	4996	chrome.exe

Suspicious use of FindShellTrayWindow 29 IoCs

pid	Process
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe
4996	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4996 wrote to memory of 2140	4996	chrome.exe	86
PID 4996 wrote to memory of 2140	4996	chrome.exe	86
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 4880	4996	chrome.exe	87
PID 4996 wrote to memory of 5104	4996	chrome.exe	88
PID 4996 wrote to memory of 5104	4996	chrome.exe	88
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89
PID 4996 wrote to memory of 540	4996	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://direct-links.net/s?tguq
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffbae3ab58,0x7fffbae3ab68,0x7fffbae3ab78
  2⤵
  PID:2140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1720 --field-trial-handle=1960,i,13510308037380661678,11979036996595796744,131072 /prefetch:2
  2⤵
  PID:4880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1944 --field-trial-handle=1960,i,13510308037380661678,11979036996595796744,131072 /prefetch:8
  2⤵
  PID:5104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2216 --field-trial-handle=1960,i,13510308037380661678,11979036996595796744,131072 /prefetch:8
  2⤵
  PID:540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2968 --field-trial-handle=1960,i,13510308037380661678,11979036996595796744,131072 /prefetch:1
  2⤵
  PID:1568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2976 --field-trial-handle=1960,i,13510308037380661678,11979036996595796744,131072 /prefetch:1
  2⤵
  PID:3496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4072 --field-trial-handle=1960,i,13510308037380661678,11979036996595796744,131072 /prefetch:1
  2⤵
  PID:384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3000 --field-trial-handle=1960,i,13510308037380661678,11979036996595796744,131072 /prefetch:8
  2⤵
  PID:2752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4436 --field-trial-handle=1960,i,13510308037380661678,11979036996595796744,131072 /prefetch:8
  2⤵
  PID:3828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3572 --field-trial-handle=1960,i,13510308037380661678,11979036996595796744,131072 /prefetch:1
  2⤵
  PID:1912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4648 --field-trial-handle=1960,i,13510308037380661678,11979036996595796744,131072 /prefetch:1
  2⤵
  PID:3144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4908 --field-trial-handle=1960,i,13510308037380661678,11979036996595796744,131072 /prefetch:1
  2⤵
  PID:3836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4796 --field-trial-handle=1960,i,13510308037380661678,11979036996595796744,131072 /prefetch:8
  2⤵
  PID:3968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1696 --field-trial-handle=1960,i,13510308037380661678,11979036996595796744,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5000

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:412

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x468 0x324
1⤵
PID:4976

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
273d2cbce45caf2ede717d027049f931

SHA1
4d3880a875edaa72dd9cf1b44108c5748cb3dca2

SHA256
37b7d501862fc5714342a23f53d38d130e4f685f0c7302c4cf9df83e20d07154

SHA512
c2dfff0f1d845d68cac6758161653cad51fc47644cb4231bd92dbf4a140b50876312b254f9381a5b8c42723d00e123956706e94c2c41354d36c577c79de8f5ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b

Filesize
17KB

MD5
950eca48e414acbe2c3b5d046dcb8521

SHA1
1731f264e979f18cdf08c405c7b7d32789a6fb59

SHA256
c0bbe530abfce19e06697bc4358eb426e076ccdb9113e22df4a6f32085da67a2

SHA512
27e55525ade4d099a6881011f6e2e0d5d3a9ca7181f4f014dc231d40b3b1907d0d437b0c44d336c25dd7b73209cd773b8563675ac260c43c7752e2d2d694d4d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
d6c8bc45f5f06f044a5b41be71daedc7

SHA1
0ca4a21ed418aad5359da811846d3edced8b0022

SHA256
79661b9762a8a7521d407f9c02ddf8501badc59b92fe9a5ce3f97244cde1d8af

SHA512
d1c14aeee933131fd3c2ddd6532500a44a699ede8ad971bfc403b6ae19b20a9f9be6d8bb2e875121fce8bbdd5266704abb2ac53111686c1645912f0ead5ebb59

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
268b23e577866f143c3a7e090ccff1e3

SHA1
1d733e4d55f2a6e8bc9bc41b6656bc88ca346f6e

SHA256
bd352295f5930b38878cc3039b2c43dd480104ae2e69826fa87ec2c1f8e314f1

SHA512
b6d0fe23bf4f1bcb0d58f41c4d6b06b9c6188d0db10abd5fa812f6b6dca5234a9a9391ebeab5e83930da8002b8206fc1bab026b0c4545959e1b1276c6c7c238c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
352bb5516c2938f4ac42356b58dd56fc

SHA1
cf0fe4628a834780dadff4a3a13d33447f7f0a6c

SHA256
e7f31e9f7840c51a5171a6cb45005049413bbbe9103823bf2c595f33470806a9

SHA512
e812560cab16e121c4b96306989d2ecb3b18701e62f32deda7111e9a6074d5c99f49e752de6600f9eceda6d6d6853f72e76e9e7ffd110359aec49f807a7f9053

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
12986eadd64da4a969f1a548fe28e750

SHA1
9f008372952c7c86f661670794a0f864288dda36

SHA256
9a952df3baeaf0ba1789d682d268a4d38120e8075e93fe707ef273eabd3c91a1

SHA512
5bdccb800b4549db7e3e1ded7744f8b63cc2670e9844a8155f6b9c124145b6d147c52a4a26a92f3f16d2292a4902f4cc4d6c194c15c6ff9d5747b12b807bd4b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
692B

MD5
91360e44c3745b7d149d8b647c4975e0

SHA1
3d88bdf1e92ebb545210d52da486e442adb5a779

SHA256
7c84d189637dcb7591000172f6b1485d1eee9f5cb926f37f0ed38913e15b476b

SHA512
1b68d5a812dd91d5df556697e5d50f933165b279dd8af128773f1f4e7455cf8f90baa58723421988a206108d6653592aa4cdb4e704105e57bc0a73e601070edc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
859B

MD5
64080146639336ad65e6f52fa992bea5

SHA1
6462cc8a70f603778463f2a14ba30dca4be67c99

SHA256
9910f499460f86802e579a101c471e3b1b00b8996531e03c7fa378a779233dd8

SHA512
ecd3704f1cf689508218a0e774bf53e2b67e62b2fbf184e35d6af283e41a3fd4db7fac394e511015b5edfac0dca3f23b62784090747814f5295ffd8826047bf2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
6a8cab0effba69238bdd75d0c362a1b5

SHA1
5bf3918f041e1f6c67dcc818f93057a73dfecabb

SHA256
80e33c9785ed90ce7d8054dbeec718e08d28d55fd196b5ed73d15707d3fb8a1c

SHA512
cd61f58567df1963bf66955ec55a7ed49eb217bbc808e6d5e926a0eb1273b33d260e57a68e41cda79729d2d0ccf30e54d7778ec2763ef71c649217b2b95c3e64

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
a463d3201710f084c60052e19a9aba49

SHA1
c0fa88fbb8a161f1999a0b6b74faae362720ec59

SHA256
6bf99988fc50a7c8ba5930a3278490fc59e89eeb93db8cfca74a45f3110c12db

SHA512
1c8f76ec56a6e02a9ca14b556b34ddd52d4b36658beccad10deb16e35033b4649482decd1eaca6c29e08eaa28af687298c28907f19739e8919f54fad59051672

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
65dd3ac9ba6a3bde1bb88c718a7b4851

SHA1
e48eb99de444a248e9d1aa824c46dcd30d0cfe9b

SHA256
2bf684306667bf7f0415fa442c2341f4a74e50cd87d4ac64c1047a5c3af86d0e

SHA512
5150d4d4b5d9dc89a3921a76bb863dcb5e6f3207a6c836c0adf734a8fedc9d2e4858ab90d8f1ec54681bb5a1149c385230628884ade2047ee30a5411e0d4f8b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
c22c16556fc5fd51da188a6fdda9386a

SHA1
86551a673fa37d765bfc44faed6b467219b452ed

SHA256
99fda0c4194359001cfb4bd6a6488e1bd7660d955663f6f8f0215dd3d5b4dcac

SHA512
4af9763e9be947c1e5c5363b39881762aa6353968acc5160aba57cbffaf8733aacbe066f39292e9950c531ac6174079a8959553046819c9bfe41df98c3262ef8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index

Filesize
72B

MD5
aa9605f4176bac8e731ebd1c5daaf4af

SHA1
e993efac9f4b96b0399c552a12e9df31db538f5f

SHA256
99080bb013772620bfd21d48a87dce691c514cc4d880290000ab0f50c5e4e8f1

SHA512
7e5587b4a01f152d91e4772c525a25d2e0912fbe3e876efb764417b9cdb31ecab72ef685eef9b9597d20c6650deffa4d4e7c27058a857e5d853305bc20e18c21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
91f6ea314ab5e8435e280fbffee30c9e

SHA1
87f005aca3cfe10b39a3d1b34ce6d9aa1c71872c

SHA256
bf658867a8ac1ce21edfe06e1263d577572adaa05b7dbb001f54f630c9530783

SHA512
f2397ec81002ff488cda6b64f1c6ebe2461baffcb52c137c50301e12d7f73e49816151b4f40ce0c27d1cc90cda8ca3bb141c0021b6a93830a095a4f94cbd5906

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57d9b6.TMP

Filesize
48B

MD5
25eabaf1f673f7e40788d3038e8ab5f7

SHA1
5a653efba93cdcb74d9388341e09225015c6aecd

SHA256
c3c6b0ec7cea46eb2efaaa158cbcc99f82a8ee06cfc719942736d344181753b9

SHA512
1d7b4fcdaaff3d8d9c7b6f7f99999429cf7ab8d87963ee3918bb094b2b65fddb98de240494b46b027d0996678cc1e6cc7391b586632db8b20592b2766f0fe5f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
250KB

MD5
1a3d7ec5b240ccd756c7c7113d46a932

SHA1
80519765c50547232031e9df95183af509afc35a

SHA256
96ad9e5a38318e9a01e181051431f1e6d8537aba9bc4b7a661cdfcc7fc292603

SHA512
5797ae5d3ed20a3a3ad495c6efad1ed9a8c73c167069f18cdd6bc7029f136fcfe1dfef67241d0abeaefa0a7105438055b9792ddba0d6ac71a789828b96394488

Download Submit