hxxp://Google[.]com

Resubmissions

24/04/2024, 14:12

240424-rh7n7abd3z 1

24/04/2024, 14:09

240424-rgbv5abc8v 1

Analysis

max time kernel
1049s
max time network
965s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
24/04/2024, 14:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://Google.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133584415799043731"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
1600	chrome.exe
1600	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4024 wrote to memory of 3044	4024	chrome.exe	73
PID 4024 wrote to memory of 3044	4024	chrome.exe	73
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 2812	4024	chrome.exe	75
PID 4024 wrote to memory of 4704	4024	chrome.exe	76
PID 4024 wrote to memory of 4704	4024	chrome.exe	76
PID 4024 wrote to memory of 2212	4024	chrome.exe	77
PID 4024 wrote to memory of 2212	4024	chrome.exe	77
PID 4024 wrote to memory of 2212	4024	chrome.exe	77
PID 4024 wrote to memory of 2212	4024	chrome.exe	77
PID 4024 wrote to memory of 2212	4024	chrome.exe	77
PID 4024 wrote to memory of 2212	4024	chrome.exe	77
PID 4024 wrote to memory of 2212	4024	chrome.exe	77
PID 4024 wrote to memory of 2212	4024	chrome.exe	77
PID 4024 wrote to memory of 2212	4024	chrome.exe	77
PID 4024 wrote to memory of 2212	4024	chrome.exe	77
PID 4024 wrote to memory of 2212	4024	chrome.exe	77
PID 4024 wrote to memory of 2212	4024	chrome.exe	77
PID 4024 wrote to memory of 2212	4024	chrome.exe	77
PID 4024 wrote to memory of 2212	4024	chrome.exe	77
PID 4024 wrote to memory of 2212	4024	chrome.exe	77
PID 4024 wrote to memory of 2212	4024	chrome.exe	77
PID 4024 wrote to memory of 2212	4024	chrome.exe	77
PID 4024 wrote to memory of 2212	4024	chrome.exe	77
PID 4024 wrote to memory of 2212	4024	chrome.exe	77
PID 4024 wrote to memory of 2212	4024	chrome.exe	77
PID 4024 wrote to memory of 2212	4024	chrome.exe	77
PID 4024 wrote to memory of 2212	4024	chrome.exe	77

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://Google.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7fff44a89758,0x7fff44a89768,0x7fff44a89778
  2⤵
  PID:3044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1592 --field-trial-handle=1788,i,7570376168324125151,10760815180256677446,131072 /prefetch:2
  2⤵
  PID:2812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1856 --field-trial-handle=1788,i,7570376168324125151,10760815180256677446,131072 /prefetch:8
  2⤵
  PID:4704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2120 --field-trial-handle=1788,i,7570376168324125151,10760815180256677446,131072 /prefetch:8
  2⤵
  PID:2212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2652 --field-trial-handle=1788,i,7570376168324125151,10760815180256677446,131072 /prefetch:1
  2⤵
  PID:3560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2660 --field-trial-handle=1788,i,7570376168324125151,10760815180256677446,131072 /prefetch:1
  2⤵
  PID:4580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4596 --field-trial-handle=1788,i,7570376168324125151,10760815180256677446,131072 /prefetch:1
  2⤵
  PID:4720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3712 --field-trial-handle=1788,i,7570376168324125151,10760815180256677446,131072 /prefetch:8
  2⤵
  PID:1104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3088 --field-trial-handle=1788,i,7570376168324125151,10760815180256677446,131072 /prefetch:8
  2⤵
  PID:3104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3540 --field-trial-handle=1788,i,7570376168324125151,10760815180256677446,131072 /prefetch:8
  2⤵
  PID:4428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3712 --field-trial-handle=1788,i,7570376168324125151,10760815180256677446,131072 /prefetch:8
  2⤵
  PID:2188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4832 --field-trial-handle=1788,i,7570376168324125151,10760815180256677446,131072 /prefetch:1
  2⤵
  PID:1264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4840 --field-trial-handle=1788,i,7570376168324125151,10760815180256677446,131072 /prefetch:1
  2⤵
  PID:1908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4428 --field-trial-handle=1788,i,7570376168324125151,10760815180256677446,131072 /prefetch:8
  2⤵
  PID:828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5660 --field-trial-handle=1788,i,7570376168324125151,10760815180256677446,131072 /prefetch:8
  2⤵
  PID:428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1464 --field-trial-handle=1788,i,7570376168324125151,10760815180256677446,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1600

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3124

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x234
1⤵
PID:4448

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
5023a5aa8bd030c7adaf38aff20d6035

SHA1
9b9baa6f98d83fdb2ef5715a5bea5a6685456676

SHA256
7af7c9f007d9d16ee6d169d70763d7561bfaf133525737a60fb1decf1851b947

SHA512
61f941a85877002038078821557372576c4a81cbb8fd355f05deb12f04d2a9dc4002f102806ac7feb239effea3d45f1627bbf9cfe9b6eeac065f81f1e4b55c8b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
792B

MD5
a540dfc484da01dedf3f6c81c7d2b014

SHA1
b6207a04e2c1940133160ba7216e51684d3ad1db

SHA256
74efbd14d278d9343c76c40457fe19fcc05dccdff63fb7bfdbfbaa5338db465b

SHA512
b8ebae60e7de94969662167799d0e237d32e83edc896a241691f5eaf23aae978ffd532af917be919b8185f9abbabd2a8a1ea405a5354c7efad6ffd4185ef21df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
e7f443c65ed810113ddc62bae5b06bf1

SHA1
4484590efc8fcce98d2a811bf16001fcfda43f86

SHA256
190802d0fe4e0018234bd5bab04ce8d66a00c2b674cb73a54215602865f79341

SHA512
8dbadbdf98a36d704ef2ebd16d546beb34f9653019781ab71d3ea4f832c176a7edb855734660ceff8d272d67857da87e621797635cd735b444930f4903c40fc3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
03d3d16a972fcdbf55b78294f6229dad

SHA1
a7d8670292dbeeae2a87ec9d298ed259ea980ca9

SHA256
476442ae56cf1050f409e294da0ca86dc7df3629e1eedbea939f0e85b5e98a62

SHA512
a116c6de977f6402d912e5677309d707c59f91fc1fdb1496928e0b237af598278fc2a123141ecaee15593226db233a9ccfe779b47dce734fba32558bdbe3f413

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
737dc9b650983200768d78b1080adb34

SHA1
975ee3eec8c43bb7daf79f04013fddd466428205

SHA256
9ec7bbfd2d2e07f36af2446c98aac98900dc6a4834107a7a0e8a90f1df6b6a0f

SHA512
fed3cf82f899f4306aaf67189fbf3ef4578f0fa12ce0dfd68d764b5f43b8f667527f35807d4ed9d9785dfab20580a7b84284f66e38718f1dfba970b3b2e3c254

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
2aae698b18969c7395e01265cf624411

SHA1
9136b43aefa3ee94ba82cdd2a80ee8100d163ca8

SHA256
3fd3c7c2202759f34ed97c54edee7118d74507113c54fcefb1aabe6a15447783

SHA512
2ef353015ccb93ae55174774193ffac34fae80ecfa0deec9bf225df60abd67fb81936445c8f5c956ca80ff89ce713522e2afc0c6a1e47bbe4a85e5a79041d451

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
b21d9444fc4a0780370fe4728da846c4

SHA1
1bf176b06cbaa167949b1203237ca9011b935320

SHA256
9cea16b6c9bd22d62161fb144ac8d5066a61bc4cd616c4e0163d74c3f074f6f4

SHA512
e390be8e97e05e070eb06c21501c11c096abf81339b5690aefcb5c5b9f6eb240ab26b8954a4f7ec0ecbd916e6839222065888b62835280680a1c2a2986a26f21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
873B

MD5
3c33848cf560f4c338b9457b3893a89d

SHA1
d86b2893aefd72ea74c2a5f0c859bc76aef2f194

SHA256
c260267cb34068b443cc7b742afc423466e1e90706ba1b35a77aaaf74f31208f

SHA512
ac88c1893792a41feb796a16fef93fe6e3f1f3aabd16b552524eb8c06fa5aa901564537e764ddadfbd268e79bc439c0c27df9fd31f427878863b3befe7d40a68

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\b2f6acc8-bb36-431b-9281-52bdb1b00ff1.tmp

Filesize
873B

MD5
e5039fad889a339a03db114c4a9516f0

SHA1
93749e1531785a9fa8c69da290ea0cff52edb615

SHA256
43d4ec688da0b8f07073bcb534f429904cb4eea7388672f68c85083c9568bac0

SHA512
ed423b9258860601bbe5fd495caae79f33a5f48e2862086dbf7497f0d5277dbafe093664ee9bd073237526593939ee733204ca7a1f686280c77cea9f21b06ecf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a98d3fd2f6842506b3a37b2f3429eb5c

SHA1
018ff3646e41e308964c8c796b0a1f209a3157d8

SHA256
be30d179fd3d2ef0d579178f73622c98d667313b22e3cb5a7e7d7c645839d6e3

SHA512
9482a9bb65d142240a5e29aa1b90df2f07582f7370ae047c02addca8342de4d66ac5fde455cf7827d51869698cb8722b79334f01e111945b6bd051e6022f1e53

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
6e08dda6b59f6af355060b43158c12be

SHA1
744b33332007c9297f5cbb3e9b9617fa9f6862ec

SHA256
f9561560c7a261ec56b7e360dbb1693c2a3a4b758e075c8cc6384e035399be7f

SHA512
f2b776522e999615a5a89d876500b5b8249c3787992fed79982e0463a049d2e5be06e1a2690ba045c75750c7898e4a0375b6f96a4a7148b8fdfeaa7b37e10918

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
93627213d409de27d11608d3fbf3cfe1

SHA1
47690e74818591941603f9d96a72274cdc21365e

SHA256
6bbbbd771a30d8f90f9e6384dc595c92edf6a155a4df4990031df7048b2db848

SHA512
188c1218b83446fe801f7b9f18c2fccc34242e7985c5a3e1336790a7b7c0ab7eddd1a4a73915533b2c0a71f79ec4757baec5681266940e72181b45a135baeeae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
3f830a795c5166edcae116ba91267fe8

SHA1
8a4a65db1af4fd8c5f12cae95ba278c6437db4f2

SHA256
30fadb3a0bca3c76143da40c35af4a884c1ac78cd4d866351923c250e5949d68

SHA512
176e4a1e1de67f1b107ab1d7b480e5265f85f9d783165ee082d219a5ff2700757493cada13bf14d3f6f499b2196f796dc447174d46e0e8557ba6fe5df091a00e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
137KB

MD5
118121e7f42899d8fb11a04f25d01370

SHA1
5c69dc4d2b54cb19a4353d6910a086125260b916

SHA256
dbca62645aab6a702939313f37dc53c7eb8857ac736dcc442ae04ce13795c7ca

SHA512
645083b389f27a94c9f56e3a59af72dd6f299d71197c98c95f7c4346bcc2c1e32edacc9c6a09d03c4d21c56129bd0aebd4714bfaf44a1a09e1ca72187309c0fc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
138KB

MD5
d8a2bccec7ee5c81bc6d31e80e45287a

SHA1
413bf03ea570c94bd9455927dc6a4f4bb5da45c1

SHA256
43465f3b2afd5ee07f5764f30bd621934fdbc1e1d288455ef66db62738f4ab9e

SHA512
18aae9bd4014038c226d7b116bca8ec6febb0fcb7c538cefaa426339f8063eb7637681dcaaf353a629d586afb5235f48ddea3f903462a9e2de20449217088ebe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
138KB

MD5
a1d416798c3f35811c15fe1ccc37c9cf

SHA1
74a0dac2b84a23b32680dde8d3553472b8128c11

SHA256
96eed761261b4cf18c2190134a1eb6719dffca52884a409ea5a40f22350eab3f

SHA512
436ddf139365fba21b730956f23f6ffff859c479bebd32d80231c24dedc4e7f264ffd791225667db23a555c778b41c8b15f63dcab9c31d7e0285062a14070bc6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
98KB

MD5
37dee1aa831522d4ad2860f73e832dd0

SHA1
4d3e79d390d7fd8ee92b6f41d7dabc3c361946bc

SHA256
f9ae7e3a8f442f30569f8a1b52b92107ae6a5c63baa3938eb0844e526baf16c7

SHA512
475180fe0f80a9f6f067805f5b9bff39dfbce51e5cd7a3ca56c0f20ec8a230f2d1a66da45ab8d30291618c118d33d1eb8ca205b77d8a7869ff27fc88b4e12dae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe589b41.TMP

Filesize
93KB

MD5
ea97101f9cc50a093053d5ab480de224

SHA1
419a26eede88c75695306ec9321dc4ddc7ccaf1e

SHA256
3b13612cac0bf5d05fd3d5601f5065a8cce689931320bc5f1fdab3be02ffa93d

SHA512
6005ec80d405a63dd14ab48c8e55b7c723c5310f24593fa9ccbd8550253d691088a8d73ac4ca9442d1e948aed3098c739b5e0b5ae1476ef138a3ae906eb57382

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit