092129f26834f0f3453c3c0cf6fc450c8d9c00e8521a464affb3b5696ae7263c

Resubmissions

17/04/2024, 16:38

240417-t5dqqsha6t 8

17/04/2024, 16:29

17/04/2024, 16:16

17/04/2024, 16:13

17/04/2024, 16:11

17/04/2024, 16:01

17/04/2024, 15:53

Analysis

max time kernel
150s
max time network
151s
platform
windows11-21h2_x64
resource
win11-20240412-en
resource tags

arch:x64arch:x86image:win11-20240412-enlocale:en-usos:windows11-21h2-x64system
submitted
17/04/2024, 16:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

settings.json
Size

717B
MD5

9524b55958a0e976a0b97cda97c12516
SHA1

c27592c0c683be473ccc0f1299a1a464f9f4792b
SHA256

092129f26834f0f3453c3c0cf6fc450c8d9c00e8521a464affb3b5696ae7263c
SHA512

cf122e2a291baa58a753bccc0f7cc0d93ab35f62bd39ffce5cba29e9455f904727d7496f70154254c154481adcd25f59137d993b81c0f8d7c2642a6624ec5407

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Executes dropped EXE 1 IoCs

pid	Process
4092	MEMZ.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
6	raw.githubusercontent.com
59	raw.githubusercontent.com

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133578440336459682"	chrome.exe

Modifies registry class 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-8492748-3358837828-1435473090-1000_Classes\Local Settings	cmd.exe
Key created	\REGISTRY\USER\S-1-5-21-8492748-3358837828-1435473090-1000_Classes\Local Settings	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-8492748-3358837828-1435473090-1000_Classes\Local Settings	chrome.exe

NTFS ADS 1 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\MEMZ.exe:Zone.Identifier	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2324	chrome.exe
2324	chrome.exe
4076	chrome.exe
4076	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs

pid	Process
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe
Token: SeShutdownPrivilege	2324	chrome.exe
Token: SeCreatePagefilePrivilege	2324	chrome.exe

Suspicious use of FindShellTrayWindow 62 IoCs

pid	Process
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
2324	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe
4076	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
3568	OpenWith.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2324 wrote to memory of 1000	2324	chrome.exe	86
PID 2324 wrote to memory of 1000	2324	chrome.exe	86
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 2220	2324	chrome.exe	87
PID 2324 wrote to memory of 1396	2324	chrome.exe	88
PID 2324 wrote to memory of 1396	2324	chrome.exe	88
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89
PID 2324 wrote to memory of 780	2324	chrome.exe	89

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\settings.json
1⤵
- Modifies registry class
PID:4944

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:3568

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff8a1bdab58,0x7ff8a1bdab68,0x7ff8a1bdab78
  2⤵
  PID:1000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1612 --field-trial-handle=1812,i,3775790456696060827,14988703675246312529,131072 /prefetch:2
  2⤵
  PID:2220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=1812,i,3775790456696060827,14988703675246312529,131072 /prefetch:8
  2⤵
  PID:1396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2184 --field-trial-handle=1812,i,3775790456696060827,14988703675246312529,131072 /prefetch:8
  2⤵
  PID:780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3064 --field-trial-handle=1812,i,3775790456696060827,14988703675246312529,131072 /prefetch:1
  2⤵
  PID:1972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3148 --field-trial-handle=1812,i,3775790456696060827,14988703675246312529,131072 /prefetch:1
  2⤵
  PID:1704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4244 --field-trial-handle=1812,i,3775790456696060827,14988703675246312529,131072 /prefetch:1
  2⤵
  PID:3612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4348 --field-trial-handle=1812,i,3775790456696060827,14988703675246312529,131072 /prefetch:8
  2⤵
  PID:2404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4488 --field-trial-handle=1812,i,3775790456696060827,14988703675246312529,131072 /prefetch:8
  2⤵
  PID:4704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4448 --field-trial-handle=1812,i,3775790456696060827,14988703675246312529,131072 /prefetch:8
  2⤵
  PID:2432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4652 --field-trial-handle=1812,i,3775790456696060827,14988703675246312529,131072 /prefetch:8
  2⤵
  PID:2096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4652 --field-trial-handle=1812,i,3775790456696060827,14988703675246312529,131072 /prefetch:8
  2⤵
  PID:2060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4760 --field-trial-handle=1812,i,3775790456696060827,14988703675246312529,131072 /prefetch:1
  2⤵
  PID:2492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4700 --field-trial-handle=1812,i,3775790456696060827,14988703675246312529,131072 /prefetch:1
  2⤵
  PID:336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4360 --field-trial-handle=1812,i,3775790456696060827,14988703675246312529,131072 /prefetch:1
  2⤵
  PID:1052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4740 --field-trial-handle=1812,i,3775790456696060827,14988703675246312529,131072 /prefetch:1
  2⤵
  PID:4452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5052 --field-trial-handle=1812,i,3775790456696060827,14988703675246312529,131072 /prefetch:1
  2⤵
  PID:4220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4080 --field-trial-handle=1812,i,3775790456696060827,14988703675246312529,131072 /prefetch:1
  2⤵
  PID:2300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5060 --field-trial-handle=1812,i,3775790456696060827,14988703675246312529,131072 /prefetch:8
  2⤵
  PID:3204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3320 --field-trial-handle=1812,i,3775790456696060827,14988703675246312529,131072 /prefetch:8
  2⤵
  PID:1444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5232 --field-trial-handle=1812,i,3775790456696060827,14988703675246312529,131072 /prefetch:8
  2⤵
  PID:1652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5252 --field-trial-handle=1812,i,3775790456696060827,14988703675246312529,131072 /prefetch:8
  2⤵
  - NTFS ADS
  PID:5080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4412 --field-trial-handle=1812,i,3775790456696060827,14988703675246312529,131072 /prefetch:8
  2⤵
  PID:3980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5064 --field-trial-handle=1812,i,3775790456696060827,14988703675246312529,131072 /prefetch:8
  2⤵
  PID:2432

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:3824

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:4076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff8a1bdab58,0x7ff8a1bdab68,0x7ff8a1bdab78
  2⤵
  PID:2004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1508 --field-trial-handle=1852,i,11445906526654703756,12068309750900334623,131072 /prefetch:2
  2⤵
  PID:3408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1848 --field-trial-handle=1852,i,11445906526654703756,12068309750900334623,131072 /prefetch:8
  2⤵
  PID:428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2196 --field-trial-handle=1852,i,11445906526654703756,12068309750900334623,131072 /prefetch:8
  2⤵
  PID:1284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3044 --field-trial-handle=1852,i,11445906526654703756,12068309750900334623,131072 /prefetch:1
  2⤵
  PID:2396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3084 --field-trial-handle=1852,i,11445906526654703756,12068309750900334623,131072 /prefetch:1
  2⤵
  PID:1656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4292 --field-trial-handle=1852,i,11445906526654703756,12068309750900334623,131072 /prefetch:1
  2⤵
  PID:3984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4448 --field-trial-handle=1852,i,11445906526654703756,12068309750900334623,131072 /prefetch:8
  2⤵
  PID:2552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4592 --field-trial-handle=1852,i,11445906526654703756,12068309750900334623,131072 /prefetch:8
  2⤵
  PID:4220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4260 --field-trial-handle=1852,i,11445906526654703756,12068309750900334623,131072 /prefetch:8
  2⤵
  PID:1044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4688 --field-trial-handle=1852,i,11445906526654703756,12068309750900334623,131072 /prefetch:8
  2⤵
  PID:2280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4448 --field-trial-handle=1852,i,11445906526654703756,12068309750900334623,131072 /prefetch:1
  2⤵
  PID:2244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4904 --field-trial-handle=1852,i,11445906526654703756,12068309750900334623,131072 /prefetch:1
  2⤵
  PID:3204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5064 --field-trial-handle=1852,i,11445906526654703756,12068309750900334623,131072 /prefetch:8
  2⤵
  PID:3592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5184 --field-trial-handle=1852,i,11445906526654703756,12068309750900334623,131072 /prefetch:8
  2⤵
  PID:1312

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:5080

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:2112

C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe"
1⤵
- Executes dropped EXE
PID:4092

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
3263eaec172ec2c5c05cc98f764477ea

SHA1
930cba7fec3524b1bf6b1d9cd41bc6c3e10e3164

SHA256
5bdb157b57fdb836bf155037704954eabf34bee763497c7f6c75f5fe547625d3

SHA512
c64d93e24d99f78670d5dca96ae2371cca7a3cc5d066126ce380c3cc96768cbbd529184f10143fdb3aa7ca82d2285c9410ba72890005539bfbfd0513c75dad4b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
460b26ea9a1eae18aa80b4fd20c74591

SHA1
fd67f55018d3409708edd7358b6d0ed4751e879c

SHA256
c0a4993cab6c6640c142c277de9f82d1578686a417a42aae9448cbbe7b71f5f6

SHA512
190237506823b8f7fbf326c6ec2fa5c17343ae4c1b5e71961f3ff35e170bb962732160c3c19e319c188f7cebe1d97453dee4117aafc4f6db108381309176c57f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
f847db3c2679e95860090094b58e653b

SHA1
3662439a041a558f77df17cda94637369d256036

SHA256
f88b1ae9f1797e91033e808d90f8e21bc32c61389b9e50516c891a3a9865de04

SHA512
7ad84589c08eb7eca06467440279fafb30a7f4aef33f84c1c7c5f5670e7cf4d38c7557e97b783ac778332743153c89e430c06155defbc5be14345b3c1595d8e6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
507b0779dff32454022ab18c61663577

SHA1
90a3f9b6d72046ac6dd3507cab94b185ca5588c6

SHA256
138a038e6bbbbb0873b55a06ecdf871cc8c81d0f7b05c34d35c79a8c980350de

SHA512
0e007528d3e0bc0be98f6c15ec65cffe5e27b3e752fc60cfa48a998425c8a4980d5c36af627851da5ba46fefb10afb801770a295d9c270f878255bfa94814040

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
8.0MB

MD5
13dc70b29a3f6d727ebd98ff849fdd16

SHA1
5b53d86bc4fbc6eb4b70980753e82580f142935f

SHA256
f6dc3664c510461b098594b224ff10f73e0fc2797e8cb7e27ad61daf39013b8e

SHA512
659a756c92953f5b10ab9ba2644d4763538d512109d44128b8b3101afe8d0dba5b32fcb47d8bbf716164f82f4dac624285e4f22c46ae03b04cb1a4cc3d3e01ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
35KB

MD5
b2f2f11f4ff8ce86c428864fe647cd55

SHA1
c2dd8f0fda72c6930a117b16b89e42f012c4c911

SHA256
251ec2c0cf38e9d4518fba10998039d9190ac871e950612640051fd1ec001fbd

SHA512
9163d64a5241ad11241c7f48e5ee03dc381a7a38287cfe3e03ff236bd485b9e2452cf9b2188de2f18e41b2e36bc876389c0e7c5fec6b20807c61832b4699cdfe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
58KB

MD5
9b603992d96c764cbd57766940845236

SHA1
4f081f843a1ae0bbd5df265e00826af6c580cfe7

SHA256
520408fec7c6d419184ec68ad3d3f35f452d83bd75546aa5d171ffc7fe72cb2b

SHA512
abd88ee09909c116db1f424f2d1cbc0795dbc855fef81f0587d9a4e1a8d90de693fa72841259cf4a80e0e41d9f3e1f4bf3a78c4801264e3e9c7d9635bb79ccf5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
20KB

MD5
923a543cc619ea568f91b723d9fb1ef0

SHA1
6f4ade25559645c741d7327c6e16521e43d7e1f9

SHA256
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

SHA512
a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
99KB

MD5
60f9f26ab80b1a95c9f570765e739c3d

SHA1
e5c973dd5369d7371f0c75a999467b4c7cba0ecb

SHA256
1a3818042f334d2366d7e88dab203fa1de8fb6f9094e55e263fdf4a24170bcaf

SHA512
c06409edca7f1735edd720db8db28b14c41a33a279ed8d1dc04fed9752c22c68dddb61f4a05c32a1a120b0a36ec2d3606bbe5e2a6db83e4f7a718c3758f1d181

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
69KB

MD5
86862d3b5609f6ca70783528d7962690

SHA1
886d4b35290775ceadf576b3bb5654f3a481baf3

SHA256
19e1a1ad6c54fc29a402c10c551fa6e70022cefca6162a10640ee7d9b85783ed

SHA512
f0746c23a06effd14e1e31b0ea7d12156ff92b1f80445aa46e1a4c65cf5df4bc94f6dabe7aead01f1bd6a6c7b851b577a11697a186426a2c8dca897c48515ef0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
324KB

MD5
97ce94f48fbd93429032a61fbb9666b3

SHA1
0ca2667695016a0b26516c6bf7a7576ed1f26a11

SHA256
d551017c232f6bb8663d397510b783bb64af6b2f9d4c5857d385e265ae64f05f

SHA512
dff9bd02cb0a2dc8049df532aeb8e91d6c9cdf2aed422d80990a056384429b8954a9d6e0a409885f1274d6a649d4e13d7753f7892032bdb92c6a26a6972fc6fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
136KB

MD5
ef102675849461ba3608eeedacb4e269

SHA1
54aa18251528db78e0bb2a142ce347d20a455005

SHA256
1a3282b7fdce3413d180ed522d67537726763ff25bab6f50897ab9a4504215ce

SHA512
6c5c832f178f144f2bc50a9225dd6d5f2bb1964cb5379d0e1d9f0dfb42d96757446438925ea4d05956a468bf5b950ec9fed880f49d51e5840a5004909c653927

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
213KB

MD5
b1853318964f347f19738f0d661e68dc

SHA1
3e8de6c9e335a36fde53372efd2d2d9c4905e7f8

SHA256
bd9a1110fce4468932a4de24f011f35c34459d462014629647ed9242de0d7fe5

SHA512
84f508e2e20d5d255ade9e5f4125d794e6a4ed8105b454977f9794e014cbd25f5cbfb6fc1dae45fe3c271d06317ddddc28ec888b0b148435bab0f27a50ee4da0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
95KB

MD5
a41d5b8b320ad8498da0234743db35ad

SHA1
9248c928010ec9c6c1744a6aee24842aef811690

SHA256
6ca8883391faca9779f7622dc7a8dde78043d3b187e1bb2d71ddccd656195171

SHA512
beb48a39539feb5c9a6c8df8508b9fa12465f05de849c86bb092662e84a0f2839556115e73f647b1764ea481ce111dd5db3e2edc0eea08a39f52b84c847a298e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
23KB

MD5
1bc54e3c70f1bf9705f81504907eb94c

SHA1
e43369b897797241d3676f21f48410947ce4f477

SHA256
5edf2f1050c4c4672970e64d5f152d3afd327deaec54133cf188e9209aa890f0

SHA512
5d1ffdbdca9ee324ffe777eb38f8328b882666d3d6dcd9f0501514f618ce62f6c63494a96fdc9da9d72d51165394c9ded96df818e44ee316e041c1da014a0586

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
249KB

MD5
f5ab3a05ac966b22e9dc2abfa3895b31

SHA1
ed6d6998b953740de14703d7353efceeaaba85fc

SHA256
68fdc933c38d5109136a661149baf52e086dd46edb4a93a3f0cf7c4204ff914b

SHA512
6ded1372c669f346e6b610306fe421741a01cd8cb33e99336e74db264514699c6269059e57a83fcb830dccfb69614dbc41f538517a1a6c5ca398cba75e400d6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
169KB

MD5
84091fd5e8e6076f1390b478a6fc1aa6

SHA1
6e814133f44fdfcf5061c552db4a2e4490e3ed76

SHA256
31eb4cfd6b115a4809b0d678b0f18f0ae5d3ef706283c9eafe057194ecab272f

SHA512
f718d5c5aca99c8cc5ca7bc916a59504675b5cda0b19d18088f4550c108121a211e11b620f59065b1ead98b186e37d86c6523d1c0750c57f2d2373ba5003b14a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
213KB

MD5
5184a95893e4e83be187b8d8114655f3

SHA1
4b5a1e9188b2fde01de47352d567fcaf251f0193

SHA256
73bf050c1b38804f6363036e49123557146be844cdf9900f2d97d84ed963bd69

SHA512
034043c09e06be624b6e091a257e5176a5931ffd8218def25603204650627edef58ba101fedeaedfa7097e85d3198b47a7bfc27a56d80cf1e0a7a6d560305fe9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
41KB

MD5
e02add751d41a1c3af6f2f7bb523cd49

SHA1
19d0206af4c11303a43c7997850d914291cc1537

SHA256
1b77e1aa3224366e68c46746c564c9bf497ce92e2ef09a8c7890e61d440e387c

SHA512
723b8deff033c215f7b93062039e1b9e73bea66286aeea3fe8f8bf46247cfe7e8a55218281fc74e52c2a10ceaef7c7a2f82e859a97be6b8e4860ed52e35f5d99

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
52KB

MD5
1c5e97766355540b10c9558540e382bc

SHA1
c17cc4c035ea2e9eec9dae39240b0dcf5764476c

SHA256
393598ca8637d287663cd6211d16aeda25f600e753e9d00a2143be6c96265dbd

SHA512
89689b9309d44ff270a74d58ccca2e3745e7c84570c5c5cf37ce9ce47af10c09eb8ee9452522d801d1a1e808be3a5c697fece6c32ae8e22d470c83c8bb7f865d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

Filesize
46KB

MD5
40649b73e8d6423b9131049db6f6395e

SHA1
a18d4081df4cf24f27fe34d503062dab1a7b6823

SHA256
6d5cc42f6a5d9b9083ff8112fb63d1af4932608217c896537b33dd429537451e

SHA512
4fe43901da60d054787386bdba9037a1054be9250de821aeea1186ddbe4f5dcf175ea453179d4f0fecbc61462d36d7d764611a2260cabab0457df42d65670bee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
68KB

MD5
2faa8be7e8b3f900dcab3b7b2be4565b

SHA1
0331adc3c770044c95fa6b0a0bdb5c7e4cbf85e3

SHA256
f0d72955f56890b9660bb087d362488db42fa45f48847bcc85d06df36c43fadd

SHA512
bbac3c905a7a4631a5c21bf6c2c262b3c5d5c8aa0b5bcbea9fb4a59eb9d5a597af32e527273238fa01d1070ade24c0fc6f0023ce6487133cebd24af2945b6b13

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

Filesize
29KB

MD5
fc3a54126b60aabb257a03ee7368bccc

SHA1
2a52d4a13d6025b116c7e2670d8f15b00731100c

SHA256
2403e1a1abbaa8f911da32a55052a95352a23250d3caf33cfd9246e4084fcac2

SHA512
9ad6ed709ca7da4609e33758d4fcfeede77b7a56f5f8fa2919073695baf49211fabf6905be9ef778e0a060cd11260d0e6eadf4fc0f056dedcda23140640a6622

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

Filesize
66KB

MD5
6b9d9b377ec42e899ba6c8adea01e34c

SHA1
7a11e38749e05773c6354319b10ac16f837a5974

SHA256
fdd8986eb65b0097c430928ad5560446f9c06f3dcd29411fa7c9e8d0d3c71384

SHA512
f781635ef7460ffd39921b41c8c0377eca8fd56f609f29165797413891779f6ea5035b93d8533e5651bdbe502c7e725819e42b2e8e0fc2c8759b79d8450cd668

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a

Filesize
47KB

MD5
24edf43fe24e0e2e7352dbf325da6d4f

SHA1
26b8244d8366e748da623305c3640f7067c3c22a

SHA256
26d41b24cbbeb3c94bcbb52078ba4604564b15244e1f7a519d835a46101a7db9

SHA512
9660c8e0aac4c9061c535ffc8058d999b614e891b00bb60de16ba80a4910c79525538875174c7a6cdf430676fdb403ae63be39d2cba81518bb82e48cccf4af64

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b

Filesize
17KB

MD5
0aaabfb16820b1594148b33a34733ef3

SHA1
5d55157e70a819e514681edd56da37814e565f45

SHA256
8ad52b626eba1e4a0ff0853e3699c41513041e90e5e6e2da32998ad0ac75f97e

SHA512
80d9083ad9a855b66870196851805dcc708354cfb81e7d3397f0de34b0baf0c3e9bf721350ad9450a79cd577e72d40d2d0d5249d4f0b6dcbc97b06062c3fa5fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002c

Filesize
95KB

MD5
fda9e2c67e4de13cfab86fabb12a2112

SHA1
e55b759d74f348cd977b913dc235d9010ddca9db

SHA256
d0d36247aa1580525b6328dc538077a9d47aae901933fdcd991cb9ab5b72fe48

SHA512
10bed8eb9e82aeebd79e96d5ec5fc0951f13d30d9448412773140e880233ca98b7c36e86c17fc039047cc4a4c5676449ca9196264efac3cd448ac953d671b8bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d

Filesize
789KB

MD5
db0cfcb08efd9a0a0e89488d1fd18353

SHA1
41631cd823755ed2c40e063da274df9514ca1141

SHA256
e4829eac0d23f9a3d18504b81bf9af94b1faf815767ffa5ab0e7e0f38c1ff8f3

SHA512
54d9940ce434717483d326dfbf2827d218cfdc49f025e554e2850d40ba9d05b95f69928bd8fbd65cc49e4492ab64d9395f4944d7bef5db77a5ce69112a4dbc88

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002e

Filesize
33KB

MD5
a0ae0d9aa4c048077055996bc1a6bcda

SHA1
5825279fc1f7ce7c90884d4df3a436bdd6eb9d8d

SHA256
062b2449a3d0306a78fabd8bfc3709a1c7a7c5814f88bba2f28d3fe91ef6d5d9

SHA512
9e1e0d1b9011d9c7598ea2903504324ed9294201ccce527519dde47645becea4da5979d8c42bb887dbf5d429358089d8ed38259930e82b6079471121508828d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
84eaebae7692896d563d3bc055d1a574

SHA1
32929a4f0b789e60619c1d9e6955d73005d63b17

SHA256
5c679510c8a86bd3444918f37f4cb0f43bdf7daa9e00ac909d4376da3e77a8c5

SHA512
41e1fe8d0de025f41c78ab21fd6c03eaff0cdb99230f31f9abed8d34150ef9bbb9656d995fb943678d176e370a0d27ed7da3adbbb372367ddbe0cc798b95a098

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
c0d222644decbc54d18f55d547021fbc

SHA1
04d108f278ac77c67f3d87892ff27391360690b2

SHA256
adee503029ed4d3696eee60fbb435b827775349397b4f5ce1ffc16fb2c9f3b53

SHA512
53258121414e6dfa997b6ec6a80a4d808eef2e80fe8bc098ed7b475ad1d5bcf2c1b6fe9948c79df88bee6bcfeb5a718a0e1b2bb832b01b004ec0c5ad8bb25f59

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
95ea171a0fd1329f354bebb9240876a9

SHA1
847ab68daa701c4b973f5506da74fc7e205b3bed

SHA256
685c4324d652bfc2912f2b573502ff226c70591b3977ac543d926b00c71eb0bb

SHA512
9732a0ed8d7d1bfbdbe57362b7bf2ac4bf89c3588e53fb5c0e7d086f2e8f6f74346684462c7fd1a683d6870f743eefa36a5c9525dab08c5f3fc4a5233db44506

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

Filesize
36KB

MD5
9ccf2181533ddaa1207e5b1de2102042

SHA1
4fc717c7b72167c35c5916849f21655bec763140

SHA256
4199cb143eab9b927d7f5455d58ed1dfd38b094c3549bca38ced7da934a7ac87

SHA512
a5e95c020811f0f408e33937e138888bc31e6ed94e29343f3f5f3c2c6d2d86e7ea3d940cb46c8ed1332c8b5b209df3964b2c2227e24b7041bf2399ef9dd7114b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
6850a33e49a8e7b2c4d858153b435ef5

SHA1
81bf6c12e71fb3d7d51b818149ee6c362fa15312

SHA256
96d6724c0878357d633ac5a686aa8b06af221d85d2161603c3faef261a1abcd9

SHA512
f3b6aa1dfda05f6c3931b8030556599784049b15ae29ce6b4f6339ee34d20f3db9cd65029de18871b1a944741a74804bdba9978f51a420d61b2a67caa7d6a511

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
160KB

MD5
c5bf1c610228c8ad2e79583848a1ff61

SHA1
79a4762db6a1fb82e47fc6929f1da6f99caf95fb

SHA256
74c067c56b1f62178c41103a0e30a416de66980b2023fd2cef2b5ddd009d675b

SHA512
029db542b05a5dcc03954f2c9c55c2cf957ce3ba6061d96c829f24e6ef9455e2176536c9c5b7188ec25980f2bdf8a8e7a7ed7799f7602d5cea96d19e9d9e1667

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
948090b5e05722a53febd98dab9f4546

SHA1
b1c469253338523ab62965f1b78b62a1884390b2

SHA256
8c9b7d12ad899040794ee857ad4f40e10de15065d91163f5828437e6d72053e2

SHA512
b50fa55f26278922813a101d885e81bdbcbb112f1e5845d6712c12801bae79d497d71dfd6e9ff9939b2356ae92671c320457fe3153b55fcab1eea091c4af0595

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
63d30490db9d392d3da20e1128aa9b58

SHA1
2a7229a058c8bafa5114d1baec9d85407682e729

SHA256
5d6a1d1fa722460bbb66d6401c384872b2788f596bfde533a8fcbdcefa860277

SHA512
8ad4347a5a61aa7fa794bb4f6639e7dcac1199185a9e817e1799a3cc18e81c43cc113660af96132b2c1bef4d7c4bf8e36ab6810f5c25486c484fa92e3b979900

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
686B

MD5
f849b6f0a47965ac454d53545ab272d0

SHA1
8154ccfbac43ca06ac2f90de4f5ad242474c7ba7

SHA256
25d90ba8591a4bca55ddaeb76111198086f3de6f50f8981784e4c5ebf21a4bfd

SHA512
e0392a3f44be038c80ca5079b1a6f20a392d27f841769a8cace3328e8f1c859e348c1354f9603eba101860f8aeaa9c7707ce62e3c16335b407d670d2edc14dc3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
688B

MD5
91e36bbb924284f57c3402a46b52a38e

SHA1
9bb1855124fa93ef3bd754365dd02c3edbd3d873

SHA256
a11b5c370e37c69494a1187f5c9cc5f28f49b0902949d79bdcdcd05675df0444

SHA512
70e4f542d6a0ab3b3d59f1cd2bb0bf60713fa01d86956a80af72507845d323283cfb5b69bd5834d1d874585bd9ea2567659f64838259b6334434825da9983a9b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
856B

MD5
a9409e2f0160ef1ca0c63e61a233d533

SHA1
42b7be204a3af50896d7ea6ec77a948178b3bbf7

SHA256
b927655e518ebab727c0331cf6abda999edda027400991d18c7aac82a7cd0703

SHA512
d8bf5efef083f3917aad40fa712145254ed047e384d0f71a7633b3a174b1d85ba6b90c26474879fbfe67d576fe48894cc0d904cec3907c0cfaaf4f25a3e82a79

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
1e3e0c68376d25f484964ded0862f32c

SHA1
5f979f96b996341d4896650ffd070bd64285d30b

SHA256
8371dff8ce2ccf7ce50d51d09c474ba4aa75577f0b2e3a00b6d494e778e18df4

SHA512
b9ad99f25ab11bc6f76d7cab91364945f3f0e36da7de44a4c523dc3a367431ac5aaa8cd27bf96c562024901631ddb35823ae4a05e534a03216f5000c5fe6a821

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
6665451e3f629dd6c427959096c2b39b

SHA1
5f82406bd81ee3218f49d0afa704a2a3b5b19f7d

SHA256
f7035e5179f53d426c8d4a7f7987685e900c972ec842e7e3952ecba89c78f6ea

SHA512
7942bc07b1c90c6b0660e81db12fe6746e6b2f794ac72f799cf4b4ba06b6792cc9acb0c00a2bd65512299af761904c72d8bfd2516149437bffc47770be617b9e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
354B

MD5
0b1d7bede1442a603e4b95faaf948900

SHA1
9105b7ca6c84ab837ccbbb69e8c9975bd3d540ee

SHA256
584b19958a1e990d3b9e7b4dae9982f69cc3e34d625d507fa406342aff385398

SHA512
972e59c2fc0151b88b7d5827e33314bc7fa971fd619632fb6ebfaf7c8b416700ae891539c5f757583c291fd686ff5a667682eb03eb506fad6c5aa5b11def660e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
bd69e49a868f6130757c49ac0cea8702

SHA1
27d8b6718ae092a7b061fcc435ec505b68f581b0

SHA256
3af45cca561ccfabf08d6de3ce43e324c3d7ebf03fa22f7df90999d3d55dad46

SHA512
7e9bcf0aa95caeba1cbe3ad337e1e6d9dc7cbed2f07a352b2e16c7a7b368fe10f16aebbc6e0492c7cafd41d24925bf8c0b79113675eb70a8003fa54715e5a09d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\a363e4ca-a6fd-42e9-a7ac-a2a06a467412.tmp

Filesize
2KB

MD5
341812e47831455bb3fb90375fc9acd9

SHA1
34fabca357e46129f07ff3650e075f715a08f641

SHA256
d3f29607d4c31f1a4864f820c174526072b459af4bbbdbf290134deeef14b1d2

SHA512
df28fd9b9b77d078b448b9b49ca2d362dd443fde15e5c3f80c7ad732e52e02bfc89d5db728b41313b5d6f4d904e5c6249d492d7893314dd9b9f01dc0dcab2e28

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
0b2378d0914f7e0ffb10b5a9fd065baa

SHA1
1711ee9a3b4800bbc0d8be59b2d4558e73086304

SHA256
dcaa6fa37b9a9cff7c53fe4fdde54d23e44915ff5d26205b5f7f1ae005b0f1de

SHA512
3dcc63404d2e4f0157ef4a89d3c4ae9e42c49992aee77d16d76fe047c3881b5ca759ff50eaa8ab877fa92a02ef384b40df42cd9ed95cbd9854575448cd1e0eda

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
7dcc3550c2f5b48131820651c62b8dc5

SHA1
040ed7d32d6509f4632f3c300d16b65757fc5ef3

SHA256
9608b95643ba196cb96bd0ea26b00b5ef40a7b86dec89bbdd96b6b08f3753239

SHA512
f12aae5dfec1d2e7ed700ed78c6708bce33bda532536342f05f2fb38a5c68248f06cde393f9dd2dddcb3f9ece60c110c020f75aafc9847b159f1bac8f94578b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
df4f42f576ac4fc037b15a3328d5579c

SHA1
9b19f3c8fe11ec4211d651c97847998a89736a2c

SHA256
22e78389099cda6c0ae579464e60a0dfe52f9ac3c56f935e97dc475bc3668720

SHA512
a92e2ad04aca7e9684803f7b6c8b9e45ec58511360fa526537c9edc381cf0df0dcaa3d85b2d27708e0ac9b7bf48367890d04d921f274368816bbd9d2bb2a40b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
b4651be045627a32b41789bb07f13fbb

SHA1
7e71412c26590444abdc4a2d77e60b64523463fc

SHA256
2212579a0f00fac9299638aaa102104cd317ab4da25914bdff449c6abbc5132f

SHA512
cf0ca115a48580a7a7a4ce012d6d8c572c22dbc485e1e89b7665015df30a9ad385c850d9a864dc2310ee0145415dfd01fca27e4ee27f40113da8010b5b6d014b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
95f5d032673c981fabedc162acea04c2

SHA1
57bf40eac9631bd3d7c74c06e881454b36f71908

SHA256
80b8d3006d7259677b7e5d5453d5cd12384eca1342245c67ac61f96bcca14780

SHA512
49f093dc56282b67ddf39407a058d8707e5b6d7b26d19b9fdf4490409f0a99b03e4da4b0d3571dea003e157f94178a3da9b376bf483511e3b2f3fca67d6e4a6a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
78b580e4cbff19dd3b8f09ef5d7a30aa

SHA1
0a4142044f553898ea77909deab52f132b4ea499

SHA256
2ad72ef83c064bdde31110064b630a49c9fd4012992fa8d80645b61406145451

SHA512
5403fd8c977e195b6df804f06b6de139e2f1d685ec6be6db22a20ce3dc8c2542564f7f962a17d521ffd3137fc7a277a4d555ae3ddc78edf0b0b8d76a668ecead

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
dd1c9a08c466fdd38f77398372a29649

SHA1
6c2e99efcdbb7e5204e65c4313ebe6f00e41d41b

SHA256
fd4eee5a0689b1fbf9dd9b92c359069cd083c821501ff2e443ecabaa86ee3103

SHA512
a234c107fafb4ffc658fc307057dfcd62ec50c6452586286dcf4955a6bbd44557ad6c78ed397a9dea7ab7d4bdebef3ae7dc5052fcb98da49f2e1c5002091d5a0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
13KB

MD5
932589f4506282538912a769d7a3ecbf

SHA1
0d8f492c9485723fbfd23469e21e0ad4f91ca4a6

SHA256
c1217e2a711ebec724dd7b1ad8726d7b289aa6ef2e938ecbd1e36af7dfa9bc47

SHA512
312ed9dcd12f76e5a1090c05c9b76e4dde307b2bee0911c9435f09561f8ba8bce46694f45077105ca299668b68a46896935e4aaea34e5f1ae3f7cfb625d7cbc1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
6246ed283d3aa8cb0021c658bfe1fdb9

SHA1
f97df8c504494bccbb376c59c5696b60ac536b4b

SHA256
728180e98fd23736178f39d4c21222d0e00271869d5dc77dcb22cac4c1aae1e7

SHA512
8ed684b90762d4bf6f2ca44d397c420c88bdf6a346b336ddd6b245599da1b0fbcb8668703498f7385740eaf055ed065bc82a8c3da46fe666de21236ef79bfda2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe58b561.TMP

Filesize
120B

MD5
c82eeb8dc6c43a35134f195956df1726

SHA1
f6367a8546e3babdcce62850709e83b09bb5fb11

SHA256
525f650067c55eb1675a98061c4413d71f651ebb05e800a0bab08385c2237e08

SHA512
25853809b0dc0215f95fbb027d3410a1e7cc7ec73c56f583753f1c67c0b13449a665bc59556e44f76be8d75f60b6ddeb8e960b7eee2c763865a1feb398f5b912

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13357844121790686

Filesize
21KB

MD5
4bc5701a0c3f10793d1efaba3868a1c2

SHA1
0a2d7ab529dc9ab77a58c3721c947d2a22b6dc81

SHA256
6b7af3f53c25b09b59650a323c2968abf47003d9a2be7b7c79d51a6674a247bd

SHA512
0ff2ce892cef38c8504024e2a1d1e7343cfa32e176f2d027bbbe9d0f4d5eff312ad84bf25ca82b9df69c98cb623736d39cd72562184a0f4cdd997a1886858d43

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log

Filesize
232B

MD5
b95c6e06ced1e9ff96eb886ed734b93b

SHA1
1b22500ffdd7f83cfc86e69d4c9b52db3ee5752c

SHA256
e4b3d0717f8d6f3ae7847c8b77bfc365a10b3c72547ee97d011dfa7617723cd5

SHA512
eb1cccc3cc5888b27f1c962874db5243df2e8c831446a89a6de28598f6ca6c2f2dd6b6dd24e86a329bbb7a73a64f59c0124dc521904aa243f674aafdd794fcd7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
345B

MD5
e6a3020f46174b1fa7b5810b146c79e6

SHA1
549a5dbeed3a46979dec792a070d68b6cae0bfad

SHA256
9cb7edd8df7486b62f86b0d9a25e7425c8c753b4698686d21a9d37939c9a354e

SHA512
5281a60b63cef0d2705d58698582b6298634041527fa5941048d3b3c5d84a6b0efe871105e7e01c8410b081984a04ecdbae18a297934539e33372dd3e6d8b494

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log

Filesize
15KB

MD5
01860b260ddfdd5160493739a97892d5

SHA1
83b7e15a1e068ad4ff2e03efa3575ed49017d829

SHA256
55db8a73a365278fc6608e3f1036d2dc2a99c0264b7d94fce197970547c1776f

SHA512
97aeb98d009b9ec4d2039f4d88caa2dcec65514cb93a10d63fbe9be9501c9171605b32457d1cd34e1880667c709ee1f66b42cab6d3afddd8905195da55f94a72

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
321B

MD5
dec5b86740c278be81db3f5a11592cac

SHA1
50a4258db996ee275736026775405f82413bca08

SHA256
3735af2cd8de01032678f19f310c2da0d64fe8ed166d31bf7a52ad83b3d6046a

SHA512
60126f4a990187eb80d79fc3da945bf562339c5fef02bb6d57c0c2b815a9617d829825a95188854df36b994830da0cc8fee4ccb7a5b54ac98d6ce1798edde683

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

Filesize
128KB

MD5
f12bc44efeffdeec70b4f58003b8c683

SHA1
f4632f0c5bd361abadfde8ce79607e96edb757c2

SHA256
fd68af480130feee935f9867cc786d86efbfaadf13d979bb9eaf1a014707e8b8

SHA512
f8f5516319e71a4e336394f8df9723a4ee71eaccaead52275d963a074c6453fabd3fa3a195efbe8cbba31993b4b1dd9d58eea859f181b354b24f07ebc59f9ae4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data

Filesize
100KB

MD5
0445629c0dd03f468e9eee892d072e09

SHA1
cec7ce706bccefd3bbd49794fec7514ae738d3fd

SHA256
1f200f5687dfc7b6f9863c982e0ace5965716011fc0c2d185d7e7ebbec870d1e

SHA512
fbabe6987f032327f26af66ae1af375c3aeeae4a1bd1c4d4d612fc6e898e18b6537d4e204140b9e2f4d34caba942f76a143d99422c6ebb458d86392f322005ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
009b9a2ee7afbf6dd0b9617fc8f8ecba

SHA1
c97ed0652e731fc412e3b7bdfca2994b7cc206a7

SHA256
de607a2c68f52e15a104ead9ecbaa3e6862fdb11eac080e408ba4d69f1f7a915

SHA512
6161dd952ae140a8fb8aa5e33f06bc65fdc15ce3fbfe4c576dc2668c86bce4a1d5c1112caee014e5efa3698547faad3bc80ec253eedb43148e36e1a02ce89910

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
251KB

MD5
3aecaf5bffac369583346c8836325dd8

SHA1
e7610d1f4e8150b497ffb40c875a546fba1c2cc7

SHA256
7904e1cdb573ae1ab8915ebbf012c24657a5446c5052fb2e6b5e72ab3a237cd4

SHA512
b6f055c50a1b37060b7c694962ccbfa2d55b6de3b84a0d5602461cdc34423ac6a576b6dde7000c9f00ba6137c6edf76c7b04e35da48e1dad8511e0296875d62f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
5293f4e7e96050aeabf2e362fa79d956

SHA1
0c5c45ce49ee9fa7f97a44189e1bd79f5e3a91c4

SHA256
a92dc418650ee25f19939bdaa1a83348719997d1f227b9452783534103cb3c28

SHA512
f9925f8deb7bef826bdec2a57d42a334c6a816435a2ad2f7cbb4a4739e39b381c8e5b2b1a40b426bd2fd6bf99554cb1aeef83aaa078c63b28e29d01c0cfb4abc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
61aa9554add0b7cfbbb2ff4b6ae532d9

SHA1
33a6cc38387b0f6185eed0c1a6c0963b2d90f5b4

SHA256
520f1fd06c7533583d452ed6b057f903254fe062908530eda993e9f5cadd7273

SHA512
2468d644f1e6be9aec1e6c41b823db88ca3749d3c447ae7f2b5382e744543c025065bc721af6f8dee20d26d5bcf7d3148b0845cf2e6bb3b39bc20ad5764f5706

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
251KB

MD5
c3998827e51d81661cb3bfd3d4cf6e23

SHA1
94f911343fa2b16e4c472447447302e7ac877186

SHA256
1d35c8d62d2083915d2ccfd1f6104a602dc1280e08a886044b78ab3352426d93

SHA512
c00de5b1f7b772b16786513366c3008486115adefcc305858351eef171fa5ca399395a79543d9f74adcaad1423a4f4f01fbd0818ba163b83abe554b523973c57

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
a346737d962325f3bb47fb5602461fc4

SHA1
25b2d0cd2c3a65a76afc87207f47ccccd112207b

SHA256
1287b39648d815394a2779f8191a2f3c6ec2c814a6e12499643b47f84f808f8e

SHA512
8816d76d497fb12a88a6a88cd26e516734ba2fc62f8dcd630cfb73b0b89ea1438de5c8ea5d8aabf42053d3496e68eb3478646a155ffa0c7d4fdfeca104690def

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
C:\Users\Admin\Downloads\MEMZ.exe

Filesize
16KB

MD5
1d5ad9c8d3fee874d0feb8bfac220a11

SHA1
ca6d3f7e6c784155f664a9179ca64e4034df9595

SHA256
3872c12d31fc9825e8661ac01ecee2572460677afbc7093f920a8436a42e28ff

SHA512
c8246f4137416be33b6d1ac89f2428b7c44d9376ac8489a9fbf65ef128a6c53fb50479e1e400c8e201c8611992ab1d6c1bd3d6cece89013edb4d35cdd22305b1

Download Submit
C:\Users\Admin\Downloads\MEMZ.exe:Zone.Identifier

Filesize
26B

MD5
fbccf14d504b7b2dbcb5a5bda75bd93b

SHA1
d59fc84cdd5217c6cf74785703655f78da6b582b

SHA256
eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

SHA512
aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

Download Submit