hxxps://playmods[.]net/download[.]html

Analysis

max time kernel
599s
max time network
511s
platform
windows11-21h2_x64
resource
win11-20240412-en
resource tags

arch:x64arch:x86image:win11-20240412-enlocale:en-usos:windows11-21h2-x64system
submitted
21/04/2024, 12:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://playmods.net/download.html

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133581745550890965"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2718508534-2116753757-2794822388-1000\{5BB92F47-CC51-465B-BEFE-A4D91A5D7E37}	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
3916	chrome.exe
3916	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe
Token: SeShutdownPrivilege	4900	chrome.exe
Token: SeCreatePagefilePrivilege	4900	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4900 wrote to memory of 3736	4900	chrome.exe	78
PID 4900 wrote to memory of 3736	4900	chrome.exe	78
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 4116	4900	chrome.exe	80
PID 4900 wrote to memory of 2308	4900	chrome.exe	81
PID 4900 wrote to memory of 2308	4900	chrome.exe	81
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82
PID 4900 wrote to memory of 764	4900	chrome.exe	82

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://playmods.net/download.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffa4d6fab58,0x7ffa4d6fab68,0x7ffa4d6fab78
  2⤵
  PID:3736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1504 --field-trial-handle=1804,i,12511887525272006236,15484045456734767911,131072 /prefetch:2
  2⤵
  PID:4116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1940 --field-trial-handle=1804,i,12511887525272006236,15484045456734767911,131072 /prefetch:8
  2⤵
  PID:2308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2052 --field-trial-handle=1804,i,12511887525272006236,15484045456734767911,131072 /prefetch:8
  2⤵
  PID:764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3004 --field-trial-handle=1804,i,12511887525272006236,15484045456734767911,131072 /prefetch:1
  2⤵
  PID:1452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3012 --field-trial-handle=1804,i,12511887525272006236,15484045456734767911,131072 /prefetch:1
  2⤵
  PID:5096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4104 --field-trial-handle=1804,i,12511887525272006236,15484045456734767911,131072 /prefetch:1
  2⤵
  PID:4988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3996 --field-trial-handle=1804,i,12511887525272006236,15484045456734767911,131072 /prefetch:8
  2⤵
  PID:4756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4652 --field-trial-handle=1804,i,12511887525272006236,15484045456734767911,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:1972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4812 --field-trial-handle=1804,i,12511887525272006236,15484045456734767911,131072 /prefetch:8
  2⤵
  PID:4076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4796 --field-trial-handle=1804,i,12511887525272006236,15484045456734767911,131072 /prefetch:8
  2⤵
  PID:1348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1808 --field-trial-handle=1804,i,12511887525272006236,15484045456734767911,131072 /prefetch:8
  2⤵
  PID:4792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4584 --field-trial-handle=1804,i,12511887525272006236,15484045456734767911,131072 /prefetch:8
  2⤵
  PID:1264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4528 --field-trial-handle=1804,i,12511887525272006236,15484045456734767911,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3916

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:1504

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
456B

MD5
0500bf2d0a876939ac3a12960f3bba4d

SHA1
f062f58b1823eae91e40b8b95a295ac22399e398

SHA256
0fa04fad5a873bcc3e90625d7b165c6e99f5ab870957afeaf89b57c2d463079a

SHA512
9a88eeea7a0eca603448b1634dae00295b4a4224dceb7274465b4806f774587a2ca0fd84821e109debb0348041e465a2d8271d2e9ec5001b907de3f20fd9bc69

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_playmods.net_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
8264d0458d7dc3d71087520a680a380c

SHA1
23a70db7c29aef469da8eabe06ac846498c55507

SHA256
c84ba53e05aacae05541b35a41a7d59765fd0b4398a7d240d9a9e10d31917667

SHA512
5a120443d89f5435988cf3abaa981a0d605c7726c96c799f5526578b0eb503baba2f88f68fe7f54416462f5545d518869e63ae3839fa6b6138f9f3d91b299a50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
ba0c872420c619ce81a7a414a95d1b85

SHA1
72c96bab392a08ac8ee5aea49a3972352215c708

SHA256
ddc461ffe1cacda1f54e81bae1d716b95d3e921c7ae5998ec1e1efa20390dd95

SHA512
98b0acbd3f350b8ffd42a7f9ffb437301146fbad75da4c32ec8e56c333f9b78b38eb2b8cc8b741c87616f570622f315373b94fa2c75505b6084bba5a195621e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
ac0ed65e9d6be9a18a00da81a1ae7562

SHA1
dbd7d700aa894f2cf5e51feea818058bf01bb4a5

SHA256
9a0f388dd3b5c5566049d87c7eda60109e250ec6f24128e79596f5d9e9cc101a

SHA512
75d55c06bb841627d965c70e9e8a5707a9267d6e8ec31d6cbd32cd79f4e817389ba0e729ebe7938dce523ca6264bc9067c60c65d205b4a8dda2c43d3cbc83cdd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
b1942d1cf9d16925ab2d8e8a0ee222ad

SHA1
89921108d73cc803c3813b16666bd7cb2842a899

SHA256
4296221c119bddb2c7d3e1b0cb71e08cf97a95ac5cd7ed4f0236245cceea8239

SHA512
6607ddc956af1227943a4150209b1911c1f4ef6d202ccacf8eb182f9bcc7d33f778243c392c07979389fae460de483cd8aef21c367aa7ed3f796cf9fab07e9dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
cdbc12d5e4c69d728c52e99c0bb49e77

SHA1
c398e671ac6273be7bc0183366ac8c37ce792dc6

SHA256
bdb05713f3c61a1c0513cc170a3ceee021ef98eb82cd49278c953563b2d02b2d

SHA512
4aaf441b35a7128e4d13312525ba8cb7f49982ae10473111a52d17cb64f767fa5187a1210b973b096df8bea5f3ff13f9cbcf3d7f5070185d7db78f59e4211081

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
689B

MD5
252e9d1c17d8fd7aa888de195e9ac263

SHA1
4b26e9a026391b6e51b2db0a36280bfbf0db34e0

SHA256
0c0327e9b5e84a604afbb2e8be2487e2aadd581f57bc61c6a86eaf677125722b

SHA512
10b3088c13d4e81137ed8dd03df467e1dfd3aa9aec098d7588cbca2984f88bc5cc410a30451437fbbd8b244ea88695be7f160ef651c778dde92fd2fe11144b5e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
2947d30c1e26685d68370c1944db2dca

SHA1
ff5da036dc9f7b0864f4f1325f50e7c9912d0a53

SHA256
7bfb05db705ee04c1085fa9cbf4d6cdbd11e517f94148b654a17b4371e4046c3

SHA512
e8b62193951e8fc996e28e259b4b1961f1de71ce8939738ad1df30c64d32514793c424420ea7236f6ed92a685315fef67875d0c2e5526e467ab523a28d5bcbfa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
94275bde03760c160b707ba8806ef545

SHA1
aad8d87b0796de7baca00ab000b2b12a26427859

SHA256
c58cb79fa4a9ade48ed821dd9f98957b0adfda7c2d267e3d07951c2d371aa968

SHA512
2aabd49bc9f0ed3a5c690773f48a92dbbbd60264090a0db2fe0f166f8c20c767a74d1e1d7cc6a46c34cfbd1587ddb565e791d494cd0d2ca375ab8cc11cd8f930

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe576e79.TMP

Filesize
120B

MD5
7ec120de9de4c7e95752309dde126c66

SHA1
215c56328359a57c249cdb0ce137889179948109

SHA256
3a8a64658f631364a25269360295e45924ccd2720547557c1f5cf8a32852a808

SHA512
92820003cf936212e25236a6e41553cee6cc455dc8a721f8f971a95c9ad0ef0d75c87e39ab679db431d0a975e4560973d8aae5caf19d01079559b4b92ce28c68

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
129KB

MD5
680b8dcff6883beb429af40b1a365679

SHA1
d7c9da467f9fc141c6b0f391988ded26ea355d0a

SHA256
0ae24c15fe5b2f77619b5e6c791015717323658e37d57a105d552ef0669ddb69

SHA512
08f65549d15c400ae922bf9e3fefca55a08cebc7567640bdab5c03c9d2765571844ca9d388869d5e5dbd528d0b56566a4baea35a916b1728083d5aac1a522693

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
f8e72a38f685e10b7753a115450fc002

SHA1
53fdea5544d0bb70fb49ed49cfe5dc95af3634d6

SHA256
38e0415641bd6e438049a5c8935490e501289a2b0b887df4c4475a94aaa4d16c

SHA512
35ed46e770914e27fd6f11f9c3768e2b3e26990d2873cda1d2e89a8f0240896d7ad0bb744515d47d3b857f90df2a914098024f904ad394663e8351e1d036d221

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
179738794559636e99cec6b48a834952

SHA1
3eac82aff60deed3d9539bb80cf87263af471df9

SHA256
ed5c4f2f17fa2acc77e26f5d5500bdd4b0c102aa0e5211ce1f183740b6f86ccf

SHA512
c0adeca2b550f0d2d08bcdfde7937fb82f846b67a6d0dca5d45e2936a9876f4b1054bd81691407a85cf58febd6cddd2506b55356b9b4613240e27bb2c72d4ecc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
7238b31f5c667c14b7a0a85f6f313595

SHA1
63cd1ef37b9f9170f97f9db1977c0264c513d962

SHA256
22fcebc221f61b0068bb0f67d1431576888335cb039c7bfe299f1920b222b162

SHA512
a20bd277abf8379cbde7eabf7f8e54791b9a9a932486f1aa86023685de313d76ce41cc06e2e34916c53758434ba432b50257cc75539a9df342cba66eaf703e73

Download Submit