356bea8b6e9eb84dfa0dd8674e7c03428c641a47789df605c5bea0730de4aed2

Analysis

max time kernel
63s
max time network
64s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
22/04/2024, 19:08

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

7z.exe
Size

1.2MB
MD5

1a7eaa1dab7867e15d7800ae0b5af5e3
SHA1

9e6d344bd8724aa1862f4254d8c42b7cc929a797
SHA256

356bea8b6e9eb84dfa0dd8674e7c03428c641a47789df605c5bea0730de4aed2
SHA512

a12373ec7ec4bac3421363f70cc593f4334b4bb5a5c917e050a45090220fab002c36ba8b03be81159fd70955b4680146c9469e44ddf75a901465d6b1231ee6cd
SSDEEP

12288:GJwq/ZGV1wl40xgxBcOocKjdpmPK+Jhd45q+WYWFuzZj9IbcaoFyQraz74JGMWvK:Q2y5uwhDm45qn47IbMFyxz0JD8UvQY

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133582865245435198"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3680	chrome.exe
3680	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe
Token: SeShutdownPrivilege	3680	chrome.exe
Token: SeCreatePagefilePrivilege	3680	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe
3680	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3680 wrote to memory of 1076	3680	chrome.exe	100
PID 3680 wrote to memory of 1076	3680	chrome.exe	100
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 440	3680	chrome.exe	101
PID 3680 wrote to memory of 1240	3680	chrome.exe	102
PID 3680 wrote to memory of 1240	3680	chrome.exe	102
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103
PID 3680 wrote to memory of 1600	3680	chrome.exe	103

C:\Users\Admin\AppData\Local\Temp\7z.exe
"C:\Users\Admin\AppData\Local\Temp\7z.exe"
1⤵
PID:3128

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffecc22ab58,0x7ffecc22ab68,0x7ffecc22ab78
  2⤵
  PID:1076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1736 --field-trial-handle=1900,i,17207385277449771824,14521995027221185112,131072 /prefetch:2
  2⤵
  PID:440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1900,i,17207385277449771824,14521995027221185112,131072 /prefetch:8
  2⤵
  PID:1240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2260 --field-trial-handle=1900,i,17207385277449771824,14521995027221185112,131072 /prefetch:8
  2⤵
  PID:1600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3100 --field-trial-handle=1900,i,17207385277449771824,14521995027221185112,131072 /prefetch:1
  2⤵
  PID:1688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3116 --field-trial-handle=1900,i,17207385277449771824,14521995027221185112,131072 /prefetch:1
  2⤵
  PID:5024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4356 --field-trial-handle=1900,i,17207385277449771824,14521995027221185112,131072 /prefetch:1
  2⤵
  PID:2428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4456 --field-trial-handle=1900,i,17207385277449771824,14521995027221185112,131072 /prefetch:8
  2⤵
  PID:2688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4636 --field-trial-handle=1900,i,17207385277449771824,14521995027221185112,131072 /prefetch:8
  2⤵
  PID:1824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4644 --field-trial-handle=1900,i,17207385277449771824,14521995027221185112,131072 /prefetch:8
  2⤵
  PID:3048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4508 --field-trial-handle=1900,i,17207385277449771824,14521995027221185112,131072 /prefetch:8
  2⤵
  PID:2632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4928 --field-trial-handle=1900,i,17207385277449771824,14521995027221185112,131072 /prefetch:8
  2⤵
  PID:4320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4524 --field-trial-handle=1900,i,17207385277449771824,14521995027221185112,131072 /prefetch:8
  2⤵
  PID:4824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4836 --field-trial-handle=1900,i,17207385277449771824,14521995027221185112,131072 /prefetch:8
  2⤵
  PID:1520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5064 --field-trial-handle=1900,i,17207385277449771824,14521995027221185112,131072 /prefetch:1
  2⤵
  PID:5132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3148 --field-trial-handle=1900,i,17207385277449771824,14521995027221185112,131072 /prefetch:8
  2⤵
  PID:3700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4856 --field-trial-handle=1900,i,17207385277449771824,14521995027221185112,131072 /prefetch:8
  2⤵
  PID:4856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4580 --field-trial-handle=1900,i,17207385277449771824,14521995027221185112,131072 /prefetch:8
  2⤵
  PID:5340

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:4488

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
69KB

MD5
86862d3b5609f6ca70783528d7962690

SHA1
886d4b35290775ceadf576b3bb5654f3a481baf3

SHA256
19e1a1ad6c54fc29a402c10c551fa6e70022cefca6162a10640ee7d9b85783ed

SHA512
f0746c23a06effd14e1e31b0ea7d12156ff92b1f80445aa46e1a4c65cf5df4bc94f6dabe7aead01f1bd6a6c7b851b577a11697a186426a2c8dca897c48515ef0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
324KB

MD5
c37b434f820e7676a0c6b1e82816589c

SHA1
262bf3ecdd891ff9edc678dcb906ae32704002f0

SHA256
4cd8e489cd5dea088b8818a8dee0ac1f4d56294ead5a4928846130db271b544a

SHA512
9d4d585a2ac22809010b963336e232eeef9b532a848c8458c4eacb7eb31578ef7db604771b7df0fa8fff339ba28c7e86c0fdd49706411bc4679e87ebfc325019

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
137KB

MD5
fb049ff82dde17b82818763dc92b9427

SHA1
c2a96585ef40d7dda4f5781fa42aa74fe0ee20ee

SHA256
234e15017b85b189ed351bf21bf74e8a3689caa9433882cb46d9efdaa355e13e

SHA512
c20a11cfa4211c701bfcf6667902ee37ecb9be7626778cc604805156cf747202887c2afea61c9525867f9a96cc3daab7941397f288cefc31689e71b32b57d4f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
480B

MD5
18f4ae5998067f3538d5c606e48b6251

SHA1
bfc38c07e7aebcfff260e29c4f4969de857667ef

SHA256
1d19ef9ee16ab0c8035605997e8d70e178f7f9647509c1cef93b0c61ae0d7f8a

SHA512
048aed9047b39a126d880194e1605be175be2734bef911c87b27b01186d7c2167698276e073d4b90e0c41368a8743ee2644ac28ed3713af10d66b372153b84cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
7e27de30f7a359d20ead3604a782facb

SHA1
95e2c7336498b95a0e179678b56b5da5a178a0cf

SHA256
4d33ff323d30131be546626ca380f2bf83866bd2c4a90fa688985ca7140aa07c

SHA512
427cc21a30b7cca9025b512d9ef229f3f605cd2a73569a68717d2f892c1c5b49f832064deb8bf985b24c14de6432e7f2879fa973e3e0cfc6c19956b5c4fa8968

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
5338244083f3058f3cdd9123b8be20b5

SHA1
1c20adefc6d6e994a8163f2f1bfe5471fa82809f

SHA256
e7a6f457e2d2058edb46f63247f7310d321170aa7d7b687dabd8b4826236abe4

SHA512
8d39a72fb296d5832ba45284e849a8e221ebedc6cdb14e8c853e6c85a9776b3015545fda1fc7aff30417f2ecdccfa38c489fb0a008b8be5ada64c661fc1f816a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
e76489b403ac080d0eb3871019a583c4

SHA1
6d5de65c31df60f760862131206dc02a9e344319

SHA256
62f83be158d58570d10c71efb9a3b2865e54aa5cdae274ac915c55985ba70303

SHA512
ea80bbc942ab5b7030efb064005c4a0c62a502df7864409d6beeadeb092cccc8c3b0679adb2d5713da4729b001b76f51abd1bc35813d520e7ecc6ab50fff0f9e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
ca1cb28222b0daad4092b4abe7021e4a

SHA1
0e5b096f16c6617f795d5b2cde11a5d3bf40562b

SHA256
e1740ffe6934b70fb51a7b9fcb9704e7b3aaa63b9ca2b8fc12247d3a71df5d0b

SHA512
92f4f9afbe684c3417e0fd91f0db996f53e6133c21423af9ca45fd5b8858b7c5fe20cdeec81c44fbb2dc725654dcb44c45dcf683b4597f2941a4121bd3ef51f7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
136e1ee682f24fbd7474dc62bfb7b53b

SHA1
e032db9ecc4fe324406caed9b348cc1ae76f70da

SHA256
51f265602a5f3eda4d0392b00460debb46db725f5119f21408b7f2a2968c19c4

SHA512
8a059cfd1afbc1380de1fc2808848df6ccf869d791e601d8831271c422d25fa0f346ec2d7b7dc42f82ae7f556ee639fe0d85a442c64ff092b334b7e83ed754c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
b4f39969d6b60f017047435c07340779

SHA1
c0daf73790fc956fad305c022302e62c7703b160

SHA256
4d0d089ec01c3aa7f24d0498f06451ef7a0103a4ae19f1f129678189aaf08bf1

SHA512
7629457a9320d6bdef77db0a2145808269aca8cbafed55d769d80e3423551c1f564d931b28026fa792a4edfb89203e30762bdecb5c02796d90fad39362045367

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
16KB

MD5
42f3890ab1d32bab8e38e2fa3cced8b2

SHA1
daa6c8f3e7d53fcecedb559036c543569601bfdc

SHA256
1c76142030f32eb461b9ee55ed6109d126735c9ff4202c82a8905b56d2873bfb

SHA512
f339708733b213b3d4e437245f2645efb5d0080616b2a95b4ee8e14dc20866878cfbb72868883549a3f5645abaf56947f28306c0296d6cd731f76c9e3a3b3491

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
009f2e41cc6cb9e1d85bbbbd0206be1e

SHA1
3e3a641cbfdc027924f35f1cbe72d41bd28c5087

SHA256
30f22dd3d4d17a31482d696651d25b6f2d229b642eafbc3ae8c0184993751d8e

SHA512
254370a704ce02519e77056eb337d2653685934bd5cf199f03e3e54bd813728693a6fa158015d55e0cdd42fadb3fa50134eec339f027000ccfabc764a61b5483

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
254KB

MD5
e974d8c0fec96f61ce9b132690382479

SHA1
fca90322556b6ec5e2167b2df6ea14dbbdaf09a9

SHA256
0f72971e02d48cbce6e0a5ce2631b6414a76304c98ffdc182f6029ce0aeb9dc9

SHA512
d6294bc220193b13352b9c695b1ffef0b404b43bf102372b029fffebd2f6b79643135a8ef1b13de151bcb2f71e672f055e52865dea91b3a09bbc0139c122295b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
93KB

MD5
d14a91b06842fc1e7d3d1861600ac20d

SHA1
b39c0f638337bfaed9cf776abea603ccba0eecd4

SHA256
e744b98a12de1e3a9a4b4f46ce0938cc18e1efcf3559b1b02a6f57549d90c828

SHA512
7fdda5e829df3f3b7dd0f822791e84a8ad2c25d9b992fd18dfc3c0676702f9648070a4d8128180c1188398301a8558cded37543168a17f0d850c8c17cd6ef21f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5885e4.TMP

Filesize
89KB

MD5
3e46962d74af6383e8bcaff84ddeb3a3

SHA1
25d4364feaddf69569ea56159b0ce753d1f77b9d

SHA256
752767e87c6378bd5fb8f4533daa8c69fc794f060bc5e02bd6a48a38cea83284

SHA512
0942fa7834788868701c1fdb680c2d492a3fb9886417bea1f3f9517cfb717c6bf4beeed933086e8d602d53967d03881727b4a522c87a19bf5340b11ed0e774e2

Download Submit