hxxps://acrobat[.]adobe[.]com/id/urn[:]aaid[:]sc[:]VA6C2[:]79b4ea8c-a655-4b6d-b979-1573521f7e76

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
24/04/2024, 18:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://acrobat.adobe.com/id/urn:aaid:sc:VA6C2:79b4ea8c-a655-4b6d-b979-1573521f7e76

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133584555505505356"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
4316	chrome.exe
4316	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
1504	chrome.exe
1504	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe
Token: SeShutdownPrivilege	1504	chrome.exe
Token: SeCreatePagefilePrivilege	1504	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe
1504	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1504 wrote to memory of 900	1504	chrome.exe	82
PID 1504 wrote to memory of 900	1504	chrome.exe	82
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3244	1504	chrome.exe	87
PID 1504 wrote to memory of 3136	1504	chrome.exe	88
PID 1504 wrote to memory of 3136	1504	chrome.exe	88
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89
PID 1504 wrote to memory of 3240	1504	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://acrobat.adobe.com/id/urn:aaid:sc:VA6C2:79b4ea8c-a655-4b6d-b979-1573521f7e76
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc3c2cab58,0x7ffc3c2cab68,0x7ffc3c2cab78
  2⤵
  PID:900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1680 --field-trial-handle=1900,i,12730685497286692254,7939334492905457864,131072 /prefetch:2
  2⤵
  PID:3244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1900,i,12730685497286692254,7939334492905457864,131072 /prefetch:8
  2⤵
  PID:3136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2204 --field-trial-handle=1900,i,12730685497286692254,7939334492905457864,131072 /prefetch:8
  2⤵
  PID:3240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2876 --field-trial-handle=1900,i,12730685497286692254,7939334492905457864,131072 /prefetch:1
  2⤵
  PID:1252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2964 --field-trial-handle=1900,i,12730685497286692254,7939334492905457864,131072 /prefetch:1
  2⤵
  PID:3448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5092 --field-trial-handle=1900,i,12730685497286692254,7939334492905457864,131072 /prefetch:8
  2⤵
  PID:2068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5096 --field-trial-handle=1900,i,12730685497286692254,7939334492905457864,131072 /prefetch:8
  2⤵
  PID:4476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4912 --field-trial-handle=1900,i,12730685497286692254,7939334492905457864,131072 /prefetch:8
  2⤵
  PID:2248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4404 --field-trial-handle=1900,i,12730685497286692254,7939334492905457864,131072 /prefetch:8
  2⤵
  PID:3556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1636 --field-trial-handle=1900,i,12730685497286692254,7939334492905457864,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4316

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:1240

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
7eec0b7b725b3313c6cbb2190f95989a

SHA1
ea3589f8536bd5a78ab03d1028f415b9071fa25c

SHA256
50b7d9a5c15ac63396844ae82546774585274836d220b6a7c6d1f4e0ea0d8eba

SHA512
1994592d2ce45fe25e3a6e741a0cf059667cc221b61e9a2a60110c72a6fce91f123a5c214b0ace744e291f017c3b6457434c3b1b3d03abfdad35e5709435e0d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_acrobat.adobe.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
76421e1a4af15a3b76b2452d056badf4

SHA1
393b1fa4f37f7443254c120eadcf0b4813ce69b5

SHA256
f9815f2339330f8a7b075712ff913c7a32bffe1f7710fba38b76d3a5fe155c7d

SHA512
c6bb670449397c72a2ee93671c5e0e33b4f2bda8e78ae6c6b152214180e9ba830b3325a27cab539f5f3381be38f03eac98849a4b520436519830aec523e364ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
95554348626a8a46bb4ca95300a1d423

SHA1
2e81f8c764c8ecb5f224700a86b8a148520f7201

SHA256
718ea13597ce27ea6f8b783d712842db1efcbeabb2f202dba9c9ec2e550f1197

SHA512
1d529055ef0be1c2d4cc465fbd3c1c934df3f4c0c67709be56dd8c1f11ad7f9d23f75132392633e7b2045358742a5dcd9d6ed557c170693f21db514d4c772361

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
020d6080d30e7e8cdd8ba656f278a69e

SHA1
0a68ddded2261ceabe506721dd7f4db3cc05f8e6

SHA256
c9a2e8b7e9e62e4479e32c119c3419387a5badc0d7df27db7d77a5a4e06e114c

SHA512
ad95bd42ec496a2f6342e13a4d38ae8d212ec674b6cab030f5baff2a810d8ae4b09985ccc980d6936ff8b694c79b8c15583b97dd5ed828308731bd28cd6e68c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ecd64b69d65399806a80620171023f80

SHA1
26d426f94f1d0a0fb21e2430478ee37ba97f9945

SHA256
62ef875e4a929c6e5a865bd8317decc7bb2c9c99d7317017ae1054718c892a41

SHA512
d3957d3738cc902a5755ae0b4ba84502b09f9145d772926c424dd60373952f08dfe7cbdd63b63d6a07d4339f3b06cb7b658c47c80b15b3c4d348fd665cefce3c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
9754cf43ce9ecb9938aa606bf9fa53f9

SHA1
0ff25cf1fd6699381ff2876e3f7e51fb0ee68d78

SHA256
6d71f29e76aab8f610dc8d84932625f0af06b18399ca7485fded101c9db476de

SHA512
19f224cc8326780ec0e16f14ab1b219086ae4436d7bf190f9de2b5cce9dc0508a094d877b273ead19c2e2b9b30af5d848d97e4e44862145301c5c5800908de70

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
f54457a91924b433a430171c0e5d561a

SHA1
0083d00653612cf7fbb1cfa44a31113bef00cd96

SHA256
8d1382277b3a53183f2edd0b06a80910071308f73261377e039a5102b1b1bb45

SHA512
d3a290dccea586f2a1260536ebdf9f1997eaf0186fc628fdf56f42e903d969db0afbdbc83e681028fc5127ad2760708e2065f62e9a5b8b5dac32e10e129b63ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
e983a5e59fcb76f9f96ff6a205db28e6

SHA1
621ca3620a18442222c9ea17a2d535a04303fc96

SHA256
a7ac19dad7e13a21d208a1fe2bb44eceb8d66efca1e143b44e1b7b907837d7e1

SHA512
fb212c6c19abdae479834bac9541222903920493c2fa1b6c088abc00ddb2eed2680d24a770fe61ebe3c8a91e8125f75201b8370cba27044aebe13d9cde6765b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
45997002f8899db1176718ed8e57028d

SHA1
2072913bd7ea0e5bbb5890fc87edc20bc5ae93c6

SHA256
813c53059f32d216e42053fb6e3fc013e6d0d2ca81716485e3a49f7e6a1a4121

SHA512
f479f7eb3883abff56c306186c7b4b9612769b6d3fbc0bb640eedd17d7c053ed4478853ea5cb0c6b20c3b372acde3b89a6f9b246cccc769c62087b29622a9164

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
4e024e662629e1c45efa97dbeb729051

SHA1
e231fcf3f5e9f2327e2e35d26e60a472aaed7d40

SHA256
9b608c18c2121c3310debe0a8b31739885e349b652ee745318e8dad818087be9

SHA512
8500ccf61296f0c2ce4a3c0f8b5e5fd6e87f84876b554fe5eff966e6da76a34c592220c093835f5ca39b8e768ddc3c40f69f3d39e302d2c3ca98428a242e58d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
2be59e9ff648bf6a6b64868410f8840d

SHA1
e005c5f9425228d8fd169d60b64e01a1c6a9c6dd

SHA256
2ddd687194ecd5cb6cf537aa8ee930d7e54b53897b69f8382813b43d96041508

SHA512
277f97741002d0a086e8ee6723284c6a4ef62273c2d39854bdb32121d67588d693d172436ab8d31e9e70975339683566fd610bfee9914bced8e23ec56d47d7df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
002a32dd21294b823c270fbd798ccc1d

SHA1
c46a34883e1c4ccee5d76e783e01b68a8b7db521

SHA256
cc157b0fda2c7df3a881c9931c9582c1bb43778bc1618128afc3009c98b1b9a2

SHA512
5428d77d33cd3d140a8f374fd615b0f4e93a06c0c0a71796e84b55831a04821ea2c53e4dca9fb4eb74e5c12f8f60db19bb5d8a2c31ea3d29a3b41fc103b52cc0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\7b539bde8ca0807396a791d6ee4db1189d0e5380\49ae36fc-b27d-4f86-803a-02c1a36880f2\index-dir\the-real-index

Filesize
72B

MD5
aed30233542adfb8ee0a06c92d0a4b98

SHA1
3855ec01f17cbea7d555689191562dd00e42d444

SHA256
370359e4bf4c1b75edd2837e1a765d4867568970f80d841c48b8fedea29d33f2

SHA512
0674522b79b735780928145a9d4a4f07e3744dd83e207d2fc3ff3731d3dfcab075aaaee518a8c802b28ed2de589b8fd2fd5faa66b2c4b8db1d3eef34127f3daa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\7b539bde8ca0807396a791d6ee4db1189d0e5380\49ae36fc-b27d-4f86-803a-02c1a36880f2\index-dir\the-real-index~RFe581d66.TMP

Filesize
48B

MD5
4b68e6f85916d9b68a6fae42ad1dd392

SHA1
e8f4f887454c9e35f7479961e34d49784627a98a

SHA256
acf2b3407b429d6ffba4751f9428f547f9b2c6a7be1e24400942ce29e5f12051

SHA512
2e476ef44f80e5b00de566e80370fc76d5c9fe82bd0e51c94a16875d84e982a8a9339050cb444c6f549e8389a73b75297be8ec504a4a26d83c5d45100e7fdddd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\7b539bde8ca0807396a791d6ee4db1189d0e5380\index.txt

Filesize
155B

MD5
7294eddc4bba656fee99085a8196091f

SHA1
04afb8b890fecf8fb161ba3bc2e6446bbb4a7f11

SHA256
83819f49a458b724ebf2bc2d0861c358a00be6e0a7055d99f17860257c2fc999

SHA512
68f7193a6b3089a39d481ed9e46982b001831c75eb9d1f878de262d7b0ca0038bca718e3a493da58b941e76ba37da2d6ffa4a1843e4d70b3fe614e7fc9fddd18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\7b539bde8ca0807396a791d6ee4db1189d0e5380\index.txt~RFe581da5.TMP

Filesize
161B

MD5
c0843a29734efec4bf9b6ededa007cd5

SHA1
4d5c30757d23f421dc87c580977fa23865710d39

SHA256
9a791f06d980dfb71920cf801337f09c15d908f43b5fa784dba4804fe0c347be

SHA512
a329258b174f6de80bcc2f037a6f6376972a09f36af65e93a43c7643808fd37caa7cba11ecb444ced9251d62e011d10ce1c2bc62e544d41109d782f10ee0087d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
2fe982a877f4636ff6542e2fa794bb35

SHA1
13e468d380308f20483b5ac34cbfea2bef246474

SHA256
8edc80dbe33a67010c30a897db3595ba41e2700144a54044fabe19c7f7b1058c

SHA512
ec95afe7d3fc910de25d4ea0e2a62200e3874a2e49fc1a71afe89f301e54795ce160d53f1c697cb202c5970d4ed5464f3a3cfc4800097d8581406f414daa100a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe581d28.TMP

Filesize
48B

MD5
1ce6ea65d218720dc4daf304abf534c2

SHA1
22b60204cad02dfabff2b37a52803d4eb98edb01

SHA256
946bed1d8fea754b2c03ef899c7cae389fba4eff5141ef689e6998bfcdcfd73b

SHA512
5cedc2bfab2f05d4596fb814ab36ad7960f996aa5c9d7758d9865a94408dc8f470871acb326fa6a34134a4007aad84d10b8842490c57bafe50fcc3695e9614cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
129KB

MD5
8394a0c910cd93c30a71e6f5218689e0

SHA1
92ce4858e115a66158bee1ce6c725a1e12bc8f1f

SHA256
d0b4811f09258190f8d10965940d884bdf4b59d8e6c595d856ea7fae604ce83c

SHA512
3ee3221763b4fbf3c685fcb933269c330e70309188bfe166b34357517cded362f8db84b38d9b53188a673121707e8b633b7a7dda45e230d6056d163954968811

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
037953d3f2a521a63c70ac7ce4475fcb

SHA1
32b9610ee3d78766b094f4c6cf2357e384597e1d

SHA256
254c9086abe7227ae711dc1b02be8807cd989339ad32638a27a9eede11e12d23

SHA512
853116147247fe8941dcca78a21a1df444c86576854f81a023f24a3301e1403c9210dcf9c5dc137aadb8014bc4edc3d70e1095d8ae4a546bbf3aa57616e1fc93

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
190KB

MD5
425c01349e14d0c2045daa932eb52044

SHA1
9e411513eda80e617f51032dc1728005d2163e3c

SHA256
00d59a4e836f5fe6df6346303fa142f11096999ad9919e1aa9fc2a06100a0f39

SHA512
2053f54a2530dd0107cc986e53dcc9eafef81f89fae654bc034bf5abc05c2da52c69a41ed953dc01e0ad44951138a8d1493cbdc7c48decd93ab2a867716c1201

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
f7efbe4e525b98b64592ca32f7aca695

SHA1
ef0f8464206a9c79dd949468fb843c68850b56a1

SHA256
9f189f6e017d783915fc5df48a5130bff4e8064bf49b6b38e99e01e54dbaf71b

SHA512
909c85f2af79098017c801a5427af2d87b106473a68041dd4e5d41d49a8ce4c37295b4458b34d0091653c99e41e5d2f8e49b286c94aeb7d6707f30792b5a6969

Download Submit