hxxps://acrobat[.]adobe[.]com/id/urn[:]aaid[:]sc[:]EU[:]c0f4b3d2-63a9-4d6b-8003-7847caec5548

Resubmissions

22/04/2024, 15:16

240422-snk8tach31 1

22/04/2024, 15:13

240422-sl1kqacf43 1

Analysis

max time kernel
149s
max time network
143s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
22/04/2024, 15:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://acrobat.adobe.com/id/urn:aaid:sc:EU:c0f4b3d2-63a9-4d6b-8003-7847caec5548

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133582724270736574"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-259785868-298165991-4178590326-1000\{A4307559-1822-415F-8A9E-041607C3B5F1}	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
5208	chrome.exe
5208	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe
Token: SeShutdownPrivilege	3068	chrome.exe
Token: SeCreatePagefilePrivilege	3068	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe
3068	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3068 wrote to memory of 3076	3068	chrome.exe	85
PID 3068 wrote to memory of 3076	3068	chrome.exe	85
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 552	3068	chrome.exe	86
PID 3068 wrote to memory of 4904	3068	chrome.exe	87
PID 3068 wrote to memory of 4904	3068	chrome.exe	87
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88
PID 3068 wrote to memory of 2544	3068	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://acrobat.adobe.com/id/urn:aaid:sc:EU:c0f4b3d2-63a9-4d6b-8003-7847caec5548
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdb5b5ab58,0x7ffdb5b5ab68,0x7ffdb5b5ab78
  2⤵
  PID:3076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1612 --field-trial-handle=2088,i,10726226929971286581,8321417186626616106,131072 /prefetch:2
  2⤵
  PID:552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2004 --field-trial-handle=2088,i,10726226929971286581,8321417186626616106,131072 /prefetch:8
  2⤵
  PID:4904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2280 --field-trial-handle=2088,i,10726226929971286581,8321417186626616106,131072 /prefetch:8
  2⤵
  PID:2544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3080 --field-trial-handle=2088,i,10726226929971286581,8321417186626616106,131072 /prefetch:1
  2⤵
  PID:5076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3096 --field-trial-handle=2088,i,10726226929971286581,8321417186626616106,131072 /prefetch:1
  2⤵
  PID:4920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4460 --field-trial-handle=2088,i,10726226929971286581,8321417186626616106,131072 /prefetch:1
  2⤵
  PID:4856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5108 --field-trial-handle=2088,i,10726226929971286581,8321417186626616106,131072 /prefetch:8
  2⤵
  PID:1940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5196 --field-trial-handle=2088,i,10726226929971286581,8321417186626616106,131072 /prefetch:8
  2⤵
  PID:3660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5388 --field-trial-handle=2088,i,10726226929971286581,8321417186626616106,131072 /prefetch:8
  2⤵
  PID:5232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5396 --field-trial-handle=2088,i,10726226929971286581,8321417186626616106,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:5240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4076 --field-trial-handle=2088,i,10726226929971286581,8321417186626616106,131072 /prefetch:8
  2⤵
  PID:5200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5220 --field-trial-handle=2088,i,10726226929971286581,8321417186626616106,131072 /prefetch:8
  2⤵
  PID:5208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4468 --field-trial-handle=2088,i,10726226929971286581,8321417186626616106,131072 /prefetch:8
  2⤵
  PID:5436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2040 --field-trial-handle=2088,i,10726226929971286581,8321417186626616106,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5208

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:1620

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
25KB

MD5
947842cb257a5d5b424b8497d09874a0

SHA1
4fa4469108ba2f7e4687f9ddbaafd154e1da3b7c

SHA256
1a1d6697cf1fdc94d8dd9890bf516e07ef8861bf6e44ecb83695c9fc6e02cd14

SHA512
a36a4fd71eee08fef28b4fdd42d2a2abc1b702123bdd33af931d2d6a2a222a0edcbcc6542489fd820751a77a53ffb2520f0b66523a05ed835e89b266a61db637

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
f121b459887ff9626859b2758841c877

SHA1
49b161e31c62956da52f082265672e04a5c660a7

SHA256
f680e2180bc271a12c9d0fefae074605a0f8a359d77b27fff15219d2d29878de

SHA512
29235e726e2a1d8e5acd155f0d0d1224369e33eb55d0193a4edfd75c107f29d65ce1d843b41906de6af4fdb9c3a392e1f932ba3843715ea36c5aefbfdfbf2f38

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_acrobat.adobe.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_acrobat.adobe.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
09d52e7035a03b9178df828f3da7a49f

SHA1
cb71f875ebebc8398b83b95232d0692982cef340

SHA256
576f0d05ac78240dd3b8d8f4be8d985d79d25c9b8ebfe3c801b1d20059aa07d6

SHA512
1b6f32d82661f373576d60af829e7a135cfc73cd05175bc004bc13fe83a7f223176b8caf998318cf8812f9495bd89f8fed8b3b4c13b0d703a8204cec792d9748

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
0f04d1faeea918264ff1c05f7ce664d2

SHA1
8df77091ff2bca43dda20a3682dd84d66feb109b

SHA256
abae3604312951fed1f50ce52dcb01c38c3d6891f72990c8bdd7dbe984dbf515

SHA512
4c4dde3012777f6b7413e43121d4cd83b2fc4f721487dd5c59026b19f55eda94831fd7fa9e0df9b850d24be2e4172bfb261b34db07b79f36e2711179a247c9c6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
3770032b94f98efa6275eef850415f44

SHA1
fb179a024cf20c0a1940e28da27ea557abc045b3

SHA256
026fa5f9e8735de6b7ca78188f71af9cc89948bf1bb44ff253c0617150fa5b38

SHA512
4feeeb1cc82bc14abcbbeaeb76b24ce4aee6cea78c0589866dc9984dca2aa7c6529206fe1337ab76db765adbd23218ff3fc18abaa201c8ed1761a6328d57d50d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
c53ee635d135477fb879adeea8e1e16c

SHA1
86d49d2662a328bd904a8a5dd3d6ee384451cde8

SHA256
68ef06c4dbea77d04e711ec1dd4486429f07e10dde7196cc0f73b9fa810edadf

SHA512
da02740a1b827c41d702d604e32dcac1cfd09fd6a401f3e1ce33e6db8942e2d970c628d0378a182a49e71fdf745e2b704af9f5daeefa8b8217e332754a023881

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
b1a7a5af33de14f88ea06373c5af902f

SHA1
f1d4d1f860ec3e948e6e23b755331eb802adaba2

SHA256
f55c9f3f40247003d34efab9cf40bb008240dc9a9528869f15d51e6478d4758b

SHA512
cdf69bc3076cec56043de75663acfa1bc1b01365ca7a2c884bcc659e0e08b28c9b0e81f5b6994988948f2245cd4ffa4cf65cdd912cd364cf7a51f949b7635f75

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
a691fd437d70d8857a37eebf4389a00e

SHA1
960804c35bf7ee15719494787c98e7b6564f2198

SHA256
c75b0662090127397ffd62c0695e8834c9b2c704b3862b2181b8034f268152bf

SHA512
29199bdcf7f203547f9bf7d3c83cb4b59db0b4d93ccff966a3099235be94a53a0bcb74172bad159568632cd61d7b7b8ee43cf2fe39d479e156e26c7401e3dc35

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\7b539bde8ca0807396a791d6ee4db1189d0e5380\c347796e-71a8-45db-83a8-d40b949ef802\index-dir\the-real-index

Filesize
72B

MD5
177e810a2a8e1c58a711f5ac8414483e

SHA1
b8efe3c924c8f3457cac49b861f54b844ad54fe1

SHA256
ae54d0a738c0933ecb8700475097f65622c6e8f7e84d8870c1a8a1715c508ee7

SHA512
8955554501068a867d05b18e808f4fd8cf28bec4574138ffb41aca9658369ca7b5907684ef7da9e784cf5df804b182d9fc16580f2b196c271e4d9dcf901f5504

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\7b539bde8ca0807396a791d6ee4db1189d0e5380\c347796e-71a8-45db-83a8-d40b949ef802\index-dir\the-real-index~RFe579942.TMP

Filesize
48B

MD5
4201db5f10dd8f9d8f66b386053d3dce

SHA1
6f6a9305321a5aba9b84d04e8b34881792b09a6b

SHA256
69d7e2267cf177b5b67b860ff41df12f76b9a2c19a65038ff8f480af20b78e4f

SHA512
f52be065c18cf07ab5e762b13548b03ca1f9d2efc610b0fd839a7c2130945fd9bdd627b6bcc49d199be20e882ef06ebd3c32b554e12b17c50ffecb8f74a4acef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\7b539bde8ca0807396a791d6ee4db1189d0e5380\index.txt

Filesize
155B

MD5
ed0e428ae838918fd05d488f67e71b5d

SHA1
e16d383ebccee31a23070e61473dc5cbb30151aa

SHA256
84c6eb115695251d1c5c9567f574b85dbe110717290b60451fc224007589a0aa

SHA512
fee3b8eec853d766e6d2d36da0466b17d701e83956a58acf5843f0a824595f8400f232099d863bdc4508748e049c2f2e55628dbf9f3c8acddea911b20336fcb9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\7b539bde8ca0807396a791d6ee4db1189d0e5380\index.txt~RFe579971.TMP

Filesize
161B

MD5
055cd94ab7dd8e47e25e2b1859294633

SHA1
9ff2bfed5c9dff55f0e98812df5b9e6928b2e3b4

SHA256
534baa88a0082cbb3e62afb80bb7d28f9a526adf950b0a863a85d98d8e56a847

SHA512
53da7381323e788377ff4de9151ac3bc72a2f8621264f3ee1e647c1eb2ef95da5f62c8b7f1d5883fc4f12c3683f0079a10966e6c7e88220aa672ea0b46e0155a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
c70970af8360e458de14c06116cbeada

SHA1
932a11e6c1fb7e3fd7cec19692ddcd49f51bf03d

SHA256
6c18c56f9bbbda9245680027ad7469cdbc0fac7824d15d05ca589bcd9a9b5e82

SHA512
b4b896a08bf4080134a776a9e595ec4a6f7cdb949c7b305f9d747974d7afe3be0fe2063815fb23dbb117a94c042fd6f2ae9aaa5d86ee6afdcfe98b84c5c15ee3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5798e4.TMP

Filesize
48B

MD5
85128165b260b7aa63a7a363c7c58943

SHA1
af304e455b511ad187aa4c0743d43ba9bc983de3

SHA256
8c123a065f19f5002484c59fa6e7a2dceb4396d95b02358b4537f955b5c8542c

SHA512
c529b714efabd85959b0fbf05b2f20765b6b714abc9bd0a47c522a6716a7629b5eb9fbfe0f673fcf6a8370d43d0d751c92dca1cc3f630160a1d68871ba305290

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
891c8d45d6822378e58693a9110c3ca2

SHA1
d0e947dce5d954e355e3883550ff0f72edf42a40

SHA256
70aee9be66277b5d47a504d9a2f28e80dbbba86c4e36b10f5a4964f88fca12e8

SHA512
9cd9d60efb78ad70bdf88207ae850892be0de3c8cd4acd6a301dcb5ef88bf309a622d5f15879bca4fce2d566123c34045a459e3c30a5d96e05e74c7517637831

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
65454e698eb9b1e0e8fc2717a936710d

SHA1
1e7d7aef93d8ebe7afd086c70274384fa5e44e11

SHA256
87bba8e4dc9d0f5a64cad6510b36a930ec54c8a51fcbecc97421d3e8f898e9a0

SHA512
a41d2ec8bc4b709b473b577a32bbedd39db7917a5d627cdb2f399a30e2cc399b479b594f3f6a1746e478a4fc2795872ce69529c50ccd8366480ab4acb84a46b7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
129KB

MD5
ab6c1da06c7e895ae47bade1e3f47b93

SHA1
aab1638aa12db6588364c7120665d7d6d2b91fc0

SHA256
f5a6fa13ae7f7c14984e931189e74b62c03951b924f4c638c0b1d8919d4425ed

SHA512
96e409079510a1b617eddbfc0dcfd9aa61ed80662433e841e465b6fb9681b72729648f8a4d2e4c6ddbe10647951a298c990a621bd91bb5e07f2af11ac3494ec7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
176KB

MD5
b150f22280899de995b71ad0a8ddde77

SHA1
093a0d5d8e10753618378e54dedbd53d8cdd38ad

SHA256
c43adf6ad128267aa870cc44fda2dff72ca59ea94a6c0ed48204a59cf2b10b71

SHA512
3ad35f9dbd0dc62d0c8f766dbf611c94f42ab975812b8cf37f59c7d9d1a9cd71fa9f8c1645f0255e7d1a51dbad97f82483f0f75738867803527ae5b326ae5b5a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
98KB

MD5
c2fdc1ffb5dd5a158807f9f1341007b8

SHA1
427c42f3a8b70162cd1322a992ad622bab33b9e8

SHA256
10249c72eccf2f23deb8d787d4789c2966ff1e89cda719238e3e5f6f536546e7

SHA512
5e3e99140aca1039dcf3451c751eca7c9a0ff2dfb94ddc2194859926a38abee85d0647b6b4db2885d81851418e7dd14bc1ee3911d4047bf3fac08e479ff429b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57df92.TMP

Filesize
94KB

MD5
51a52f8cfa0798a43f018ecbb74f24ca

SHA1
0f9d6b7b69417cdd78a859cd81a39ab87d0fc754

SHA256
1b420af1990e39735c1a213f246bdb7cb95946c2adbdcf3a4a496b482b2c52a0

SHA512
9743b3ecda0ac52881c358fe5a836f7bc6a630c998ff65245b2ac070c910db35626cab492fdf280045acb0edcd862efa95b0963ca6594d1042ed23a00738cacd

Download Submit