hxxp://banks-canada[.]com

Analysis

max time kernel
59s
max time network
56s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
26/04/2024, 17:48

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

http://banks-canada.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133586273605154128"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1716	chrome.exe
1716	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe
Token: SeShutdownPrivilege	1716	chrome.exe
Token: SeCreatePagefilePrivilege	1716	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe
1716	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1716 wrote to memory of 4112	1716	chrome.exe	72
PID 1716 wrote to memory of 4112	1716	chrome.exe	72
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 1408	1716	chrome.exe	74
PID 1716 wrote to memory of 8	1716	chrome.exe	75
PID 1716 wrote to memory of 8	1716	chrome.exe	75
PID 1716 wrote to memory of 164	1716	chrome.exe	76
PID 1716 wrote to memory of 164	1716	chrome.exe	76
PID 1716 wrote to memory of 164	1716	chrome.exe	76
PID 1716 wrote to memory of 164	1716	chrome.exe	76
PID 1716 wrote to memory of 164	1716	chrome.exe	76
PID 1716 wrote to memory of 164	1716	chrome.exe	76
PID 1716 wrote to memory of 164	1716	chrome.exe	76
PID 1716 wrote to memory of 164	1716	chrome.exe	76
PID 1716 wrote to memory of 164	1716	chrome.exe	76
PID 1716 wrote to memory of 164	1716	chrome.exe	76
PID 1716 wrote to memory of 164	1716	chrome.exe	76
PID 1716 wrote to memory of 164	1716	chrome.exe	76
PID 1716 wrote to memory of 164	1716	chrome.exe	76
PID 1716 wrote to memory of 164	1716	chrome.exe	76
PID 1716 wrote to memory of 164	1716	chrome.exe	76
PID 1716 wrote to memory of 164	1716	chrome.exe	76
PID 1716 wrote to memory of 164	1716	chrome.exe	76
PID 1716 wrote to memory of 164	1716	chrome.exe	76
PID 1716 wrote to memory of 164	1716	chrome.exe	76
PID 1716 wrote to memory of 164	1716	chrome.exe	76
PID 1716 wrote to memory of 164	1716	chrome.exe	76
PID 1716 wrote to memory of 164	1716	chrome.exe	76

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://banks-canada.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffe30759758,0x7ffe30759768,0x7ffe30759778
  2⤵
  PID:4112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1640 --field-trial-handle=1832,i,12236899885423830183,8027096355628303063,131072 /prefetch:2
  2⤵
  PID:1408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1864 --field-trial-handle=1832,i,12236899885423830183,8027096355628303063,131072 /prefetch:8
  2⤵
  PID:8
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2120 --field-trial-handle=1832,i,12236899885423830183,8027096355628303063,131072 /prefetch:8
  2⤵
  PID:164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2696 --field-trial-handle=1832,i,12236899885423830183,8027096355628303063,131072 /prefetch:1
  2⤵
  PID:3680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2716 --field-trial-handle=1832,i,12236899885423830183,8027096355628303063,131072 /prefetch:1
  2⤵
  PID:200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4416 --field-trial-handle=1832,i,12236899885423830183,8027096355628303063,131072 /prefetch:1
  2⤵
  PID:2840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4552 --field-trial-handle=1832,i,12236899885423830183,8027096355628303063,131072 /prefetch:1
  2⤵
  PID:4772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5036 --field-trial-handle=1832,i,12236899885423830183,8027096355628303063,131072 /prefetch:8
  2⤵
  PID:4340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5004 --field-trial-handle=1832,i,12236899885423830183,8027096355628303063,131072 /prefetch:8
  2⤵
  PID:3044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4956 --field-trial-handle=1832,i,12236899885423830183,8027096355628303063,131072 /prefetch:1
  2⤵
  PID:4700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5152 --field-trial-handle=1832,i,12236899885423830183,8027096355628303063,131072 /prefetch:1
  2⤵
  PID:3236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5260 --field-trial-handle=1832,i,12236899885423830183,8027096355628303063,131072 /prefetch:1
  2⤵
  PID:2296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5252 --field-trial-handle=1832,i,12236899885423830183,8027096355628303063,131072 /prefetch:8
  2⤵
  PID:4020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5668 --field-trial-handle=1832,i,12236899885423830183,8027096355628303063,131072 /prefetch:1
  2⤵
  PID:4236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5480 --field-trial-handle=1832,i,12236899885423830183,8027096355628303063,131072 /prefetch:8
  2⤵
  PID:4656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6008 --field-trial-handle=1832,i,12236899885423830183,8027096355628303063,131072 /prefetch:8
  2⤵
  PID:2464

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2216

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
9642c045bc84732d89bcec8371d281c1

SHA1
3cc7c6cc332f27e3caf4d89edc78f7acb73b9953

SHA256
fb0c2ebc84aae82de1f1f094efb8251066d2fe70198cc0c5d1dd68701369f0fc

SHA512
55153f920a6cf78b6bb89f8f449068842b2cb2187958d3e1f81d8589886cceaa44b877ea2bb2fb11cd331030d2be633d98f82011c900307e66b7da29abcb4e8f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
8cc0b33d4fddbc27b0361743b3db483a

SHA1
e6e826db4384172fee7db0dad2ba059cc33576e2

SHA256
d7d2cde3b2587ca4585d8e9150091ff3980695ffb2c97f1f7385a1482609eb67

SHA512
1ed999c2015a90e76df26604724e112116bdaa8b0f4f7702879f18d841c201ebfec9723a8d58bf4cd71d6303422d5dc21b844f647887f701b86386c81d537c3d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4e6c9d4d2a35efb4181e65c140878a3e

SHA1
8bed1d451f07b2e1865bed8c245173350294bdfe

SHA256
3195d480bb0a8584b4edb6766026389dc97e52d444e165e02929880d66db93e5

SHA512
e91b7d4a5f0503eca0e59093ddf9bfc414633df107b9f8b7c82c1ba3220e64b2fbc68170305690134e88274b1ba16c48790405cf4fa8131f5cf5358f04bbf728

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
f103f2d58b655ba12aea90a5fed75e19

SHA1
57c43fcfe5b181c6b90aadf61e42803a72a7e8a4

SHA256
71e02082693c963f54929866d0dc1c3eda4f460c423d1658b7c61bffd1874e5a

SHA512
7aa58f6e968be31328d9e764061514aed22b056c0f1267da34b662f16057a6a66951cadbeefaaef207a593a634e5f9dac0e15e2659ff5baa870a4e6e4a2dc3c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
f1af2f71fe3073f180e4dc7403ad59e6

SHA1
8b791952576aa12a830e04ed5266f8be03ce4f42

SHA256
72c14dd1fe0a75fc1e01ecfc1a99de3dbd85a9d54a60d61c66d9dcbc9605d72d

SHA512
96602ee2371b771e35be996d93ba36a773ca31aee7b86a16350193b5ebeb99e6676a626545504e2a88be16a8d0ea32a3f6c7985ed37e27c181794fef4b79575e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
138KB

MD5
73d34a717d7873835efd7502736a1722

SHA1
fd09aa2bb8b5a20040f70e655d01dc1d0c7d486f

SHA256
0939be5e78f4a0e2bcd60bde3e73a4859ded53584aa9c66117c03336f17cb623

SHA512
973e928f02378a1e52b79ee26e0cd6827f524dcad45a3d0af94ede1352e0ff911bd923cc4b085c858fccbdd11c81056cac21b8be6c798626a4ed257fb811226a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
137KB

MD5
ebe19547888a06ff5bda14d7e8831537

SHA1
6c88dbbc3a628c2118e039da32ffdb17290e0fbf

SHA256
ecd8d1cf72ee6a5406ea4aefb489d01f62af8eb12cba49436684631a689f6258

SHA512
73158ded4d72ab6a1fda73c3c5614840238865a0fdbbb7d12187e79c0ee7050c83d1e7a3b4a79c3a4b750accfd8a86fb6fd6b512226fd3487051a4c2cf35acba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
99KB

MD5
cabf48f845525c4077fca0ac031836b3

SHA1
16f45e7e8df65541d70b7d981a623b4ecd572bf4

SHA256
b2caced6db015c6f37cb9100a48beccb6b09cc5b5f99f6300fbe7fc359ba7159

SHA512
1c7b828a964e36a5f68e948992b86a6bf362408849cad3d1308172cdf9b7fe4e901cba15c40566b94899e1bf4c14d6e5d5e32222eeaecbff397af35a2a1dc825

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57e1e4.TMP

Filesize
92KB

MD5
f63ca1e80874b0a4e8613f33dcf71f7f

SHA1
4406e5ea76160364d9411296f006f4345e18f480

SHA256
d5f544a90522ec03bf79d8b8f515fed7cc2f5cec3604970cde091dc36f6f1608

SHA512
29648d0261e5bffd745a16b19cd82449c2fbc729be7820a510394f7dc5864b7ee135f8cc1f4b98659fc40ec22d1c839bfa79a83b111458634605401f09960d24

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit