hxxps://github[.]com/RattlesHyper/TrafficerMC/releases/download/v2[.]3/TrafficerMC-2[.]3-windows-x64[.]exe

max time kernel
92s
max time network
93s
platform
windows11-21h2_x64
resource
win11-20240426-en
resource tags

arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system
submitted
29/04/2024, 21:57

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/RattlesHyper/TrafficerMC/releases/download/v2.3/TrafficerMC-2.3-windows-x64.exe

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133589014311254639"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2994005945-4089876968-1367784197-1000_Classes\Local Settings	chrome.exe

NTFS ADS 1 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\TrafficerMC-2.3-windows-x64.exe:Zone.Identifier	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1000	chrome.exe
1000	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
1000	chrome.exe
1000	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe
Token: SeShutdownPrivilege	1000	chrome.exe
Token: SeCreatePagefilePrivilege	1000	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe
1000	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1000 wrote to memory of 1956	1000	chrome.exe	80
PID 1000 wrote to memory of 1956	1000	chrome.exe	80
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1040	1000	chrome.exe	82
PID 1000 wrote to memory of 1332	1000	chrome.exe	83
PID 1000 wrote to memory of 1332	1000	chrome.exe	83
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84
PID 1000 wrote to memory of 1436	1000	chrome.exe	84

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/RattlesHyper/TrafficerMC/releases/download/v2.3/TrafficerMC-2.3-windows-x64.exe
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffa1d5cab58,0x7ffa1d5cab68,0x7ffa1d5cab78
  2⤵
  PID:1956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1648 --field-trial-handle=1776,i,4415235348138150654,8289511936015523740,131072 /prefetch:2
  2⤵
  PID:1040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2008 --field-trial-handle=1776,i,4415235348138150654,8289511936015523740,131072 /prefetch:8
  2⤵
  PID:1332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2116 --field-trial-handle=1776,i,4415235348138150654,8289511936015523740,131072 /prefetch:8
  2⤵
  PID:1436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2904 --field-trial-handle=1776,i,4415235348138150654,8289511936015523740,131072 /prefetch:1
  2⤵
  PID:968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2912 --field-trial-handle=1776,i,4415235348138150654,8289511936015523740,131072 /prefetch:1
  2⤵
  PID:3188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4360 --field-trial-handle=1776,i,4415235348138150654,8289511936015523740,131072 /prefetch:8
  2⤵
  PID:4520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4656 --field-trial-handle=1776,i,4415235348138150654,8289511936015523740,131072 /prefetch:8
  2⤵
  PID:2904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4692 --field-trial-handle=1776,i,4415235348138150654,8289511936015523740,131072 /prefetch:8
  2⤵
  PID:4592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4700 --field-trial-handle=1776,i,4415235348138150654,8289511936015523740,131072 /prefetch:8
  2⤵
  PID:5064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4352 --field-trial-handle=1776,i,4415235348138150654,8289511936015523740,131072 /prefetch:8
  2⤵
  - NTFS ADS
  PID:3996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4956 --field-trial-handle=1776,i,4415235348138150654,8289511936015523740,131072 /prefetch:8
  2⤵
  PID:1688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4704 --field-trial-handle=1776,i,4415235348138150654,8289511936015523740,131072 /prefetch:8
  2⤵
  PID:3168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4940 --field-trial-handle=1776,i,4415235348138150654,8289511936015523740,131072 /prefetch:8
  2⤵
  PID:4820

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:4700

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4616

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
48a4dcb7469dd4d22045337f27131f7e

SHA1
bb9f7893924150e42dd6fc42d47a0f932a699380

SHA256
76db6fa2b01fb01ac0520e4b983277101e306342403bc11a95fdee586acd3497

SHA512
fc02dc4e8d99367c945f67bc1e0f3a7ae5c642e7e4decb0178cf8616f8382b5f9183acb5c5c8dd4a601c600307c14f96ccee6c931e56ff610161fe5e493591d0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
5565aa4529e4ba3202dba7f24540cb0e

SHA1
dbc507542f053a2bb5e5e7d5ee37c2c607a88ce9

SHA256
32b1207c9d7fc602b472fd29d944b1bc50b37fb88fb5baa3706fca9d2a26daaa

SHA512
a907db57e259182531a37d98a5a0b31b3f196995999b74c163f2c814122bdb90d3e01c75d221990ce76621d5aa34810bad7fa72c106f93fba3e14bf87c79a215

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
523B

MD5
e3f9604dc31870c603bf00c7cdfe47b7

SHA1
75fe284fce2580119f7eec2d7cc56cabca55eede

SHA256
f35796ab3dfbb5cea263e5dcce8ccadf267da0dbae3d9f96e61e35cac5d0fbfb

SHA512
a4b5445ec607cb30dcf0084b147c4c577eeddd199cdbf0a9607b757dd9288d4fab05719a94fdc228fa2ee4b4625ac2aaabf31af32641ebb5f5ef4635d078aefb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
0ab6c5bca154a38a670c769575dbb8ae

SHA1
abb8db5062618a8a2f4a7a467fc4449a37f6a1b9

SHA256
7fb72da462ff8210a97c7c06611d733e092271d9b241064930d7b7b5f6afd2e2

SHA512
391261db43d1f6eb35587749c16441694adc8c0ff81df121ad3ce6a84ab1348a8fcf0f86a80eb4d5a45d202fb931916b844d9fd75e65e674296595cb14b73069

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
2be7a18f862c2e39520a9ce5c9219372

SHA1
28f40656efdf32c790f3f99d5d3d3b6be7f66093

SHA256
a03705aa5b24d8fbb04efe0b2374d0bf79d01a269e16c05589d4abdb53f3118d

SHA512
ace61a042dcefbdcd232779fd1bd5e44f37df54ab1b4b858cf40eeb88a2e11fa108af0cffd33ebdb79a7761f0d0407ffbb2dd884e5f6303c507b945dc57623e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
4d38ec34442dc7b7f6d27d4b76faf4ce

SHA1
e575ef9cf9b7fd86f9e6151c41af62487f7ed517

SHA256
74d1022ad5b2ec0605563093b60f768ac0add4ebdc4ee5c2753df835798e67b3

SHA512
684f851d479e6ad2a7736d1f4a35c069673c13ce116acfda24a27bfc615d9d95b5c5268c2577da321a673cdbc3b1ff44c46e96878e52957f2492a4aefbce343b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
bb14214cf33b12bde1490709a112babc

SHA1
0ff60d60a31788d84d2d5ae27b02ec684bce391b

SHA256
2036b8216a67cc386e4a44d1e6fb54444ece8212bbdc8bfb58c19c079c500738

SHA512
07f0cdd11eb6465eca1d304bee2017dda27bf370870e4459d686bb71fa16a4acf05ca7695572039bf344026cff43b4c5455171bdc322c3e159462949a3f5b8b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
459d82063e545b6c8435230b7aa0f317

SHA1
ddc4f1b371fa783aef87bc40c100a831f1ec8146

SHA256
3dcd28123501c98c4ce2dc56a3797946518f0ebdb84743903811a24d53cb6881

SHA512
9d41268e5e1d820dcf5a9dc7209068b8d2e4cf3ccb310dc9243990982a04bdb79fd45a5a3ee4f13c8da151fabaf8091143b9eea4ee26e8ad97fb2ec4c22f82f5

Download Submit
C:\Users\Admin\Downloads\TrafficerMC-2.3-windows-x64.exe

Filesize
62.7MB

MD5
70d4f52e92fba5bddf692e02816be980

SHA1
9f38408f9bf353a478d72b693ebc2d6d49cee49e

SHA256
30bbafdfde81f71dd3c9dcc1dd1a9767ef7e1a7e6133af8ef766538b9de6c33f

SHA512
4ed2cd2ce814d45b3555993ecb7250b1862adbc9c4f96ea8b6e9631058ecfedc8f3602771c1edcb365384bfda916b47136239031772cf98a00bd88b56313c6d7

Download Submit
C:\Users\Admin\Downloads\TrafficerMC-2.3-windows-x64.exe:Zone.Identifier

Filesize
26B

MD5
fbccf14d504b7b2dbcb5a5bda75bd93b

SHA1
d59fc84cdd5217c6cf74785703655f78da6b582b

SHA256
eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

SHA512
aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

Download Submit