hxxps://direct-links[.]net/s?vqUt

Analysis

max time kernel
149s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
02/05/2024, 22:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://direct-links.net/s?vqUt

Score

5^/10

Malware Config

Signatures

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133591632608052694"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
3600	chrome.exe
3600	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe

Suspicious use of FindShellTrayWindow 33 IoCs

pid	Process
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3600 wrote to memory of 4288	3600	chrome.exe	85
PID 3600 wrote to memory of 4288	3600	chrome.exe	85
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 4132	3600	chrome.exe	86
PID 3600 wrote to memory of 5040	3600	chrome.exe	87
PID 3600 wrote to memory of 5040	3600	chrome.exe	87
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88
PID 3600 wrote to memory of 4160	3600	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://direct-links.net/s?vqUt
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffca256cc40,0x7ffca256cc4c,0x7ffca256cc58
  2⤵
  PID:4288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1536,i,16713345894452724269,5125861860631099516,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=1724 /prefetch:2
  2⤵
  PID:4132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2028,i,16713345894452724269,5125861860631099516,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2092 /prefetch:3
  2⤵
  PID:5040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2252,i,16713345894452724269,5125861860631099516,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2224 /prefetch:8
  2⤵
  PID:4160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3108,i,16713345894452724269,5125861860631099516,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3136 /prefetch:1
  2⤵
  PID:4492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3116,i,16713345894452724269,5125861860631099516,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3172 /prefetch:1
  2⤵
  PID:4644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4508,i,16713345894452724269,5125861860631099516,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3664 /prefetch:1
  2⤵
  PID:5036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3276,i,16713345894452724269,5125861860631099516,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4640 /prefetch:1
  2⤵
  PID:924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4872,i,16713345894452724269,5125861860631099516,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3368 /prefetch:8
  2⤵
  PID:1596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5024,i,16713345894452724269,5125861860631099516,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5044 /prefetch:1
  2⤵
  PID:1596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3372,i,16713345894452724269,5125861860631099516,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4664 /prefetch:1
  2⤵
  PID:2360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5108,i,16713345894452724269,5125861860631099516,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5112 /prefetch:1
  2⤵
  PID:4520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5160,i,16713345894452724269,5125861860631099516,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5188 /prefetch:1
  2⤵
  PID:3124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3532,i,16713345894452724269,5125861860631099516,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3348 /prefetch:8
  2⤵
  - Drops file in System32 directory
  - Suspicious behavior: EnumeratesProcesses
  PID:1944

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
1⤵
PID:3076

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4328

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4676

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
3eb4b9188a315a4d30e34f2eb8f8e17c

SHA1
89fde736db70290a849a4b96bcc9f9403763bcc7

SHA256
8032e6f3244a49b43dbbb078e461660f87fd44d342ed2ca5ee0a9b3aa6478e0a

SHA512
8ac9c263000be2607bcf3802c0a7e7cf8e804fbdfb788079019ba9a009816f4fb75275aaae6d119a30af76172a5bfb7b72e79807a17c336930f80becbcd65df9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
53c94ba13f889484e6a1bc4b90d5d413

SHA1
c79e900f544679f3c6e00a8373284d2c09521ee2

SHA256
406f8749a17341ef6184957ac4ce5ea4441eedb4a1a815073e46c77d99c974b6

SHA512
0280c8a7dc22f6bdeef291f8b52440af8e1dcdaaf9fd7a81f96f673cbb8189107783a691312cce32a04591b5218e9742a7941083596cc8bf1bf8d203fbd69114

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
f11a35dd5fe9ef2bc633a08505e53fbc

SHA1
50fce04f01f4128ca0a20fdbda220a5c6d313d60

SHA256
6d330ecf220a3b5ff4c6b62d0a3f7817384603ea1a8a25e9a102943c13e6de3d

SHA512
3b17609827b756a40ef5e56488bbb949d454f5f3eb3d2f8661bbbd62950d8ba745c01c92d0a5d8a576a10177bbd899c5fd7de68801c55fbe14d60662b12dddca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
9c2a1b985ec290a13c6020ef256a0bcd

SHA1
1e892f253848f6d7aa21279073380ca42bd22f43

SHA256
6b65a8f861874d5a0ea601ceb7aad208ded7d158fbe5f93a2ac994db0c43ce16

SHA512
1a8786ce746d241ffdfbe25c64b9d8635c98e98cce0b3361c14bead4ffada34158f68c4b2637ba1af7a6097c283c5e1e01b17c39fb57977218b0c691ff94464a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_jraaf.withblaockbr.org_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
2ff42a559846d19b87d0fcb65ee55bd5

SHA1
e4c46d3ef17368f43f390ed5ee18d9d462bce555

SHA256
75e743cc4fc69d5320052cc9f02bb368d5ad8638bfd7ab6ffa80734298024a71

SHA512
079279f3f5b3efd51cf165e11e13fbd3457e9749e316549c5f8ac7cacc77d4d49f19fcec6e3988d8fb9c83d961885bc4e48aa7819a1070e7e5a058e278c7272d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
b28d0cad96cfe52f4fb1a779407d87c0

SHA1
6aace36ab3e1713691839b4c9fed44291251a074

SHA256
7f5f4e3dbba42bbdc81e9ce06ee0c3f2aeb074008d34ee650305555caae485b2

SHA512
7c16310abfa2ab0a8230d8eb911358f601c152e3fd7c3f51ff29ae5f5142211e8fd924b07c0f53ee4c982c4cce88b372a72d6b3b785c1660ef74a071a294f389

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
6a4b817cb1e93a369f5c9c537940a9a3

SHA1
a16c1305ce6a10831de42d0dd8c379b275fb217e

SHA256
6d5b6e6a9bfc015a0371dcb8c87e21fa08ca3b94921b138501b8e9b13bc3ee32

SHA512
b050d02c2168792ce9db032b9aeaff5ecf414859aaa1428f6d20cba3900a8239ccd61b1e58ff2770c719b6f79df6f364e13d5d692214e798bf29e83825a80985

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
692B

MD5
9bcd61faa36a95063fbe87d679430d8e

SHA1
0ef026037686139002ec12d9659fa9cb9073b74c

SHA256
081f3e9ee72fcfbdff9e8ad0a6fd1822ee3ce05ca51e5b62a8acafd10c1d4335

SHA512
bdf283ad99c039352192513f9e3520f4f823fadf8a56f1750326b6577d2e8b65b6b55ffffb92f833be734d25740cbd3f4c4381a0553a51cb0a49057e4b72cc50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
66c9699e222fa70e3bdee8b51d81e708

SHA1
f1aef14d2f9ea644e3ab225354a03e8d16aab3e4

SHA256
846c72f9e97ef8abe14a47b2783d169b9ff0418d347dbf2b0c412e4d7714ff5d

SHA512
58e12a017674030b778bc8b9f27c6d99b3b32bd68531c5cde0b5f1bcf421ededfb0a39499ed0da375e1efaa61335d12341d8581b80d01c20baf8931d36fb1a4b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
cd4ff0269ff9fee7e42ac11900c07ff5

SHA1
b091fa3a5582d49b43e427fdf39334fe2a6dd30b

SHA256
9834f184a07ea41fde979c2a3baa94899f49d3e827c0895f48b82f0762b0dfb2

SHA512
7683eeffab4ca6512af29b6e878697a9046b5b5555ccca2777b1cd61d1760057d1cbfb63b2af461820734086a2b2547a449a38e58d2adc293ad6c2d0385a39f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
bc26977490b89e7c459190a999502f6e

SHA1
a31fa8fe733cad5caf43d3908a1dcf71d15a1ac0

SHA256
153b95e1cb1889bd31721f90a3b90a969e3a9046a6591eec9f648019b5e62d15

SHA512
e5453f87cf8c3de32ee55ca14a056bd138a9fe3abed99fc12e58d05fc572da74fd0b66bf8c3979b54c7c204c6188292b75f8d1b951f0924da7120433d1cc6a02

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
cb15bea3de5e116bfa091c1e8fb1225e

SHA1
13be3485d4d5aa5c8c3d8dadc4105f784ea1f8bf

SHA256
abc6262a959c842dc8f0eaa6b08afde07432e319f903000c572cf632e1d5d588

SHA512
104e5c5ecf45e16a4711ba610b9fa75d974997e2db89f2ef2e4ecb6ac123d2ae4e29268582c789b90a08a004fb1a040ccc22fdf53cb4e27bf112886d94e1792b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
2a481129eb85e3285ea92751b9f9f74f

SHA1
8a98cf2deb72d5e795e3d0702bb04f7679986950

SHA256
04b67b2d89adde61115132abd61e3a44591f61cc8de3ba77fbc4b108a1942898

SHA512
419d8a76e7d5145fff8b191a7fc156ca5fbca9678d6493a113110a57bd556d3133181955ed3a76f06e17d760134a4b736b88955976569b484c569f596fefd659

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
98baffd9bf8f10da355b7175e492f6e7

SHA1
8e85253377c2950fd4b1d6a169efd60c8b9ad192

SHA256
c566fbe0c4955b17d448a1ec1c9fc23ae5f4edcd5688f2e1ea01d95c95e5c1a9

SHA512
e85b63eba1fb0711b06cf2dc5e5b84fd09d527cf96ed2b8a3b1001dd02e148c07327e1f748e4a41bc79d47caac926bb21461ebb56e0658cd9910ea80088dd0f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
2aa7efdf59d8e202f9aaaf9d8f6aedd3

SHA1
f4d3f7547953d1feb20e3fe10f13ec83c7dbb7f1

SHA256
64c0879d95e7d295a23854238cf4e5f13513519d5c9b9469cfd1513792f2ee7d

SHA512
4002ad2a5c296a0907401316fdd5edeb8db9a996fb0bdeaa46c571d0c62b7ffcf8b883bae35fcedc342bab7347b90f1e5767b036f4b4a2d924130177d4b37aa6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
be545792038843b373cd669812d2c0d4

SHA1
3211aecc9310f99370f693b5ece2feac77ee070d

SHA256
d94430cffb8189efa60579d49cb1af627238d3054cff22de46df36f5375b94bb

SHA512
450cb2c369abdc33a70571909a3e3be4a00940c70dd4adb85f69e3cc05ebb4079e63c48d3de1cdbb38eb8a072a057b9a06b22043b1734f2fbb700237c3a6d730

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
37b7580704f3d52d792d35e4e7834fc5

SHA1
53f89832237743bd2e7e0ec5ca98a062ba3b746d

SHA256
ac1eb2b4eaf16e487390c34e99058fb1079e2a114de60eacccbfa6fc91653b15

SHA512
4afd1d90eaf4f9dfec6df082c75eb82cd9c54765e8543e7ab087f48855d6a242ebfeb36e443ab3b474513e0dc31ad13ed8e11e71907eef409d49f11e90a1061e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
2ce9e670a0bf53a22a62675e21161d72

SHA1
f138e4ca89fbbba7a420b66091aa73db17c550d8

SHA256
1fbfec0abf68170db3aa4b8fd0ecb426eb6fda1145d3cd21b4516dc8034f1146

SHA512
da95fd3586f72bf622ae25296a285f7d6dc28a4c0a1fafb2b511c5a48b02fdd27c923eb744135f4a27c2b4502beba80af44756d5f50ecbde934c0683862c6ddf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
38b506d9325973fe86e2a273624b14d4

SHA1
7888e8a1806c699bb902a3f1ea28fe87756ade53

SHA256
bbe7d656a5ea0f0c22dd5a4708543d8871d1e65dd9f5eba2f9645ea07b6405fa

SHA512
bab4a3b62a070ddfaff432df9c73266f57ff653322ec24b87e73f54237aac482dae08ff97b55a70408ea6398dbc275878449a354045027deb84d7b44b097f203

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
77KB

MD5
ab7ec016f3dd4b6ea54ae0bae465c1d2

SHA1
fa1dc20ca18e6dd7b19aa156fb4435a8d3ac469c

SHA256
4ed50dd8123c7e069d9c4f6094d9f4c8c5e769351c2aa969415197da4355aa04

SHA512
4b3e5148ea7637124470575f730d235a31b91d16a4f893c34fe545e37016462974f5268f53c9dec65530940c4ea8aa53415c6f4d6bf84742500690146fd80984

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
77KB

MD5
6e8c1d6553d759ac7c49a76b8240be14

SHA1
6a4baff63bf67b40fff5c1326c548096d9644530

SHA256
b862ae014d201c5e59d5709832e0ef237bec4434b18af2e288d4ccde5b875a17

SHA512
864e682bdc25e0b68b9708c09c2643776c17dcaee09b8d0288907160611ecbcdc92398b4ce41d67f211fa139f333457c28288745a578a6d4abf373bd192271ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
77KB

MD5
8dd7ba0bd6df6b6906949314b5c6d9ff

SHA1
cc5b4949a2796cc6b29378cb180fd3a2189fd893

SHA256
ef1ecf2df54cef8c97444769ae71223634b86853e5d390a228aa89fbaad1289c

SHA512
81255b1a499bb8d9a26a620bf23e2dbb21b4c4b40973d35967ab72e8abbfcf90480e11afb8ba79d9f273d9adb72cd65787eafaa0c55ab8429aafd531bac11167

Download Submit