Analysis Overview
Threat Level: Likely malicious
The file https://t.infomail.microsoft.com/r/?id=h6341f17c,5f634faf,5f634fb2&e=b2NpZD1jbW1hbmlleDN4MiZwMT1AUlc1UG1qVUFPempVWWVOT3pocVRlYlBTY2l4eXFQckNWc042ZnhHZWhMMWlrQm5uRTk5a2RGYkpRbW55a1F4b09mbWQteENtaFhPcnNaSjZBdk1kd28yS0x6TzduRFkyWVNaTF9LSVhuOWExb2pWVA&s=1N9ILf0BzZDl7KhqiLy191fDCoINzcN_QPdPQqG9-qk was found to be: Likely malicious.
Malicious Activity Summary
A potential corporate email address has been identified in the URL: ocid=cmmaniex3x2&p1=@RW5PmjUAOzjUYeNOzhqTebPScixyqPrCVsN6fxGehL1ikBnnE99kdFbJQmnykQxoOfmd-xCmhXOrsZJ6AvMdwo2KLzO7nDY2YSZL_KIXn9a1ojVT
Detected potential entity reuse from brand microsoft.
Modifies data under HKEY_USERS
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-07 11:02
Signatures
A potential corporate email address has been identified in the URL: ocid=cmmaniex3x2&p1=@RW5PmjUAOzjUYeNOzhqTebPScixyqPrCVsN6fxGehL1ikBnnE99kdFbJQmnykQxoOfmd-xCmhXOrsZJ6AvMdwo2KLzO7nDY2YSZL_KIXn9a1ojVT
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-07 11:02
Reported
2024-05-07 11:05
Platform
win11-20240426-en
Max time kernel
136s
Max time network
139s
Command Line
Signatures
Detected potential entity reuse from brand microsoft.
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133595533667623367" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://t.infomail.microsoft.com/r/?id=h6341f17c,5f634faf,5f634fb2&e=b2NpZD1jbW1hbmlleDN4MiZwMT1AUlc1UG1qVUFPempVWWVOT3pocVRlYlBTY2l4eXFQckNWc042ZnhHZWhMMWlrQm5uRTk5a2RGYkpRbW55a1F4b09mbWQteENtaFhPcnNaSjZBdk1kd28yS0x6TzduRFkyWVNaTF9LSVhuOWExb2pWVA&s=1N9ILf0BzZDl7KhqiLy191fDCoINzcN_QPdPQqG9-qk
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x104,0x108,0x10c,0xe4,0x110,0x7ff85ebaab58,0x7ff85ebaab68,0x7ff85ebaab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1608 --field-trial-handle=1784,i,16247521002276802872,15282502171724245807,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=1784,i,16247521002276802872,15282502171724245807,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2152 --field-trial-handle=1784,i,16247521002276802872,15282502171724245807,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3120 --field-trial-handle=1784,i,16247521002276802872,15282502171724245807,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3164 --field-trial-handle=1784,i,16247521002276802872,15282502171724245807,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4328 --field-trial-handle=1784,i,16247521002276802872,15282502171724245807,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4236 --field-trial-handle=1784,i,16247521002276802872,15282502171724245807,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=2724 --field-trial-handle=1784,i,16247521002276802872,15282502171724245807,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4516 --field-trial-handle=1784,i,16247521002276802872,15282502171724245807,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3160 --field-trial-handle=1784,i,16247521002276802872,15282502171724245807,131072 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | t.infomail.microsoft.com | udp |
| US | 20.97.219.252:443 | m.infomail.microsoft.com | tcp |
| US | 20.97.219.252:443 | m.infomail.microsoft.com | tcp |
| US | 20.97.219.252:443 | m.infomail.microsoft.com | tcp |
| US | 8.8.8.8:53 | 252.219.97.20.in-addr.arpa | udp |
| NL | 23.62.61.129:443 | cdn-dynmedia-1.microsoft.com | tcp |
| NL | 23.62.61.129:443 | cdn-dynmedia-1.microsoft.com | tcp |
| NL | 23.62.61.129:443 | cdn-dynmedia-1.microsoft.com | tcp |
| NL | 23.62.61.129:443 | cdn-dynmedia-1.microsoft.com | tcp |
| NL | 23.62.61.129:443 | cdn-dynmedia-1.microsoft.com | tcp |
| US | 20.49.104.39:443 | cam-pixel-tracker-prod.azure-api.net | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 20.97.219.252:443 | m.infomail.microsoft.com | tcp |
| US | 20.97.219.252:443 | m.infomail.microsoft.com | tcp |
| GB | 2.17.6.114:443 | aka.ms | tcp |
| US | 13.107.137.11:443 | onedrive.live.com | tcp |
| US | 192.229.221.185:443 | lgincdnvzeuno.azureedge.net | tcp |
| US | 13.107.246.64:443 | lgincdnmsftuswe2.azureedge.net | tcp |
| US | 152.199.21.175:443 | acctcdnvzeuno.azureedge.net | tcp |
| US | 8.8.8.8:53 | 185.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.21.199.152.in-addr.arpa | udp |
| US | 192.229.221.185:443 | lgincdnvzeuno.azureedge.net | tcp |
| GB | 172.217.169.10:443 | content-autofill.googleapis.com | tcp |
| US | 20.44.10.122:443 | browser.events.data.microsoft.com | tcp |
| US | 20.44.10.122:443 | browser.events.data.microsoft.com | tcp |
| US | 13.107.42.22:443 | signup.live.com | tcp |
| US | 13.107.42.22:443 | signup.live.com | tcp |
| US | 13.107.246.64:443 | lgincdnmsftuswe2.azureedge.net | tcp |
| US | 13.107.246.64:443 | lgincdnmsftuswe2.azureedge.net | tcp |
| GB | 172.217.169.10:443 | content-autofill.googleapis.com | udp |
| US | 52.167.30.171:443 | fpt.live.com | tcp |
Files
\??\pipe\crashpad_1224_EIHWCTVRWBMKGLOJ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 9eef8aea38634974b212985b27d9ec59 |
| SHA1 | 5a9771e96fb945796d67deb5a7b0fd894ea50495 |
| SHA256 | d83fcfabaf3101154516c4d377dccabca2caac0136dbbfbbcbf489d82a0343cd |
| SHA512 | 44fa1de7576179b326d02be65fad87e149930b8ba889b0c5a537279c56b85ae3d6ed3739ec95b8ff40ac88df0e584cf54a31ccd941c34437132586833afefdf3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2a994a09d1521afe797fd8f6770b1daa |
| SHA1 | d9ef2140e1ef2925f641694977cde0caffa0c994 |
| SHA256 | 8938b99e438cff904aa6364e37fc8475f26582712eae5bdc0a72be88f7e37079 |
| SHA512 | b47b750bd782771eb8e54a2448ea5ebe71d5f0841fe9ba20f0d5cf40493fc4f1a0c8496e20d3de35d33dd9e7e810bd9abcada79d9b588b171b18b4cfbbbffff0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 871dd7b4cdd97593e4fcba23791c89ec |
| SHA1 | 8932f7d33027bb0851b0e3ba1b62e03be561fd26 |
| SHA256 | 5c3c0536a90b0fc7e8b34c4ae911c2ec661d488dd0b3918f91c2177c7cd6a42d |
| SHA512 | a01b3087c44ab41596c5fc35c426d44b850c0398afb0312e1897950f5310dbbcf1ea9364cd0067adca435b352ec663746e1d6dde45a1e96512288fcea72447de |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 023dcb3b170e9bcb7ecfb291a3e42f6f |
| SHA1 | 3dd4263a21cd0fd62e89bacf868271fc5835c368 |
| SHA256 | 86d661dee0c7d27191294062593a3a638a2124c132efb2dd45607cb0b3f720de |
| SHA512 | c8cd43959699d9aa4f38a5c6c5d04cdaeda03a59b539de5356bfe55f339870a9d11c076ce75c130d95d631824a321e32e542140254587568f0643f3a6cf172d2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 2b80fbae51d5f053f96cb56fe2b6b9a5 |
| SHA1 | 4b599b43007d71ffa80e8d60f893f57caeb75249 |
| SHA256 | bec3849310f3a7b18c95c5b171074d6a206d00e9f3ca0e0941dda34ab569080a |
| SHA512 | e5498d428e304ce5dfc124dfd5fe93125f14d7e622edfdbbe5da580baa8ce319b75a71d405b6bf6b39add8e1c06aaf5d0219ca58c9dbd080723867a7d40eeb55 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 09ca0f7e2e17e626fb55b0a8e43bba53 |
| SHA1 | 55c5af7177a7ff99b28ceec0805cdadf64551a0c |
| SHA256 | 75904c0d5fc24c7d127369f8dd78f226524472ff323e842021f704e27271541b |
| SHA512 | 5053e9e3f3547cff807b2b0be9355ee03b8cd50c995c70de88be618f5a78d1120c69a7b2a6fd613c2355f2cea8adbe351c2372aff08bb0136dc044cea00ac75d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 8fb9c269a149fc3506b2eb7816c71623 |
| SHA1 | 9bf76aff217e4966daca3469a23cbda3e60cd0fe |
| SHA256 | 4e37e93eff97beed7e0b1ca38462588d63c37b2c326c9da1201dd5f35ca1d12b |
| SHA512 | c68ef0119f187a681a20eb9b8299c663783584c0831ec0e371414e638f3efbc186f08d9d55e860447be0d28a38cc289e0c97a839746adaba3330987ffd53ecd0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58314c.TMP
| MD5 | 8177c43e6365fec73a4422f0a846cd26 |
| SHA1 | 80a5f3a01a3de76a87ffb2a76f32a767808a1163 |
| SHA256 | 5bd1aed75cf38770416b4fbc545ee8ee869c325e8954e96ccd910be79f564a11 |
| SHA512 | af51d8835dbc6ad056f5fdc4739ea6134438aba5b3fda9d78ffd37972c3f08befc2ff96f2b930ab13a7fcd96e9737ea3e8768663aecbd7086fafcc0e8509063b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 855e578183586a42d220f2d6a23a650d |
| SHA1 | ef9391ea40d3e8e9c9b8553a0a8dc34c82fb03c0 |
| SHA256 | 75f4cc3b261d32a91c75857cf6b87a3043edc1bf0333cd0c3936a4a72d76e888 |
| SHA512 | 759b39b87f293e1b3e987c0bfc9ef098a0497883d4cfb4f93e5720c31ba4e2c496b529f92459c6ca7c5db002dfea2750d6051b183c14249df4236837a988a42f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 15c47d5f0f89f39221d109ea00c5a12c |
| SHA1 | 48116d83ba19aa111d70ed92376bf27f35fb1133 |
| SHA256 | adefef1ac59a47d63234f37c11cb48084d573ca2a29be9f6692bc81c32d3f874 |
| SHA512 | 8feba62abe5857892befae52606447a7f37937f4b079d523eb6781b0c3683e8d428329dc5dd76ed10c9e18168d67ff9cdeacd4e3915860d481e5edb6c86caa71 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 12fb17efefa0a99fc9a04ecf8a171850 |
| SHA1 | e7fec5368676c85806d08db9aa4e36dc5412ffd1 |
| SHA256 | 0e52271cda73dcb05aa53dca91266d5f8ea56214d0b1926eec40c4ab918bff9c |
| SHA512 | 5dcf39ba9c498754f1f375d04cc07c9c4ca43ef489245edbb8826679612813562336488d94bdd04c7a31bbd81f1ae6b4864256fd4472c4707240eb2e188177f9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011
| MD5 | 12e3dac858061d088023b2bd48e2fa96 |
| SHA1 | e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 |
| SHA256 | 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21 |
| SHA512 | c5030c55a855e7a9e20e22f4c70bf1e0f3c558a9b7d501cfab6992ac2656ae5e41b050ccac541efa55f9603e0d349b247eb4912ee169d44044271789c719cd01 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f50ba07abf1f363187beebf1b1ea7945 |
| SHA1 | 5f37a061a419389703e22d446631580812d3e84b |
| SHA256 | 0279cbb9288219aafbdbd2d6f6cc9e66ecb020159521011ce1351f15f0501628 |
| SHA512 | 62b1ea076f86927eefbd8641cb9909decf5cdc390807cb1439ee4b7f51fac5aa8a2cc1596b9683257c902b7722d68c03f2d7478ee1402e80c7c69434a400de34 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7f02f4f9d5c400984fe277a166ea7058 |
| SHA1 | e3b74d78cde51ef1dfff60dea2b3ea64b59fc99c |
| SHA256 | 4c2461aa088bc3597095314680faf00cdc5a9590ea9b77faa312110d91d02431 |
| SHA512 | 86a4ab8cecac0c122e84de537bd6bcc6aaea24573f1d8d5be4e768c56c862a90d62761f29117b5c6b10cc97e0f9d5001a6c32c3abd46176d1eba3f78407383cb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9277223eb9bd64f441a0357f3f317e79 |
| SHA1 | 8b7aec0fe8bc1191a7dad482f5846f2446de696c |
| SHA256 | 7dfe84393765f29a87e18f0fa7f3eeec563eb3089e0cf5b7028fdbd2f1cb7a77 |
| SHA512 | 4db393138270df5beb40806f9527c913060742d0deaffb3a21ca673913732770f8208e671c6ed9304bfd636e0e70eb04b9b8b4123d4cc30222e9f5ef65186447 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 75ce0ba115dc513bacd5c676087e0a5b |
| SHA1 | e1e557356de5c6b8213ee2feab1282dc6c5590e8 |
| SHA256 | 659ba41ca41dd6abc39d7b9e3342984ac5e76f818da0bf66bb35664fdc0648bc |
| SHA512 | c2fb364a588f0a71206470659aaa86bef47899c98e62bb7f60cffd3c43a275f44c3ea8e36bd5e6a3569933f30c469ef97307c258d51eae1866aec39cb8e7b085 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | dc12d90a6870ea18956ee61c2105755d |
| SHA1 | 46c6691a86bccb915e96dade7e467452343649aa |
| SHA256 | 426c68a600156584e08beb48e7365df8d159021f1595ac3312ee309e9f166bab |
| SHA512 | afe47f9b28774a40b5b9381995fd952f10bc0cf7887bec6bbd19506e67fd3948aaaa62511057a6b749f3309183e4059435311a5cdef6f2e56e1981ab4e1e7764 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5a95cc6bb7885931ad79e073b2a53aeb |
| SHA1 | 5622e9d7c4413d4324e57dfe1d451e03167462fe |
| SHA256 | df753ca7e4e622f70a761f65d274b7e497e4d06c6e395cc6659144ffbcb35897 |
| SHA512 | edbb554f543e553d3c185179c1d8fb46e7b99a5063afa37991e4b48c0487f4843014c3d072dc5c182f16a7bd0da7bfd1270c686ce9197be8f13ae262711df354 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 6061df5254ce612ec32b45890955624e |
| SHA1 | 5f1c0bfccd13316d45ba898f84f59c9429371fba |
| SHA256 | e1bc1e8fa86c1871d2147620334f8b7b399a750ec170c82c0ae517fa74b268cd |
| SHA512 | ef7db5e023af8f131a145fd2d284ed46a4f02661e067d2348f1ee0f638c67ef9cb63cfc9b7bcf380c8f1f91b10e5798fbee00af5e16fe8ee7d39851bfffc2d6d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 24f3793db76c7cbeb7da69708a8339d2 |
| SHA1 | e1df6c46b33244710a801e592e529f74dd334809 |
| SHA256 | 231a465ae820d32a5f51deaff7aeb25b8ff0341dc8a68028a765cc915b162d7b |
| SHA512 | 277cd0fdf1eaf22d0080046b7a99d944b26a12462c56b9c058af617bad7dec24f1fd0bcdb12e87f00c6db6e2634d10e496a5a6261e4dd8f5fdbe2c0595b9bf2b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 7d044021ffb83ef87a95f79fcc7919de |
| SHA1 | 0a4fdeb8d4050c76cd99402e60eb00bafab19a32 |
| SHA256 | 212243c2b90a30183e6aac79f3845e90cc0e5dd337d249f2a9253f996a5a0635 |
| SHA512 | 2026a59ae509173c431640c2c9282d44669cc696518f54126873f170ae64b73039435081666717e7a2f780025dc8d89a70a61c3aa5e437686502580f820f55c9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6dabcf5d1de7562a0c627ad312883a84 |
| SHA1 | c42a1ff6d39d4ad915d3e6d61016f31691e73595 |
| SHA256 | 9a593ab49c6095ab892404dcf0dd5b5651242cc647e7a0dee51f104881d32882 |
| SHA512 | b74cb5a2e9b587858b9a1febbdca503ba3a7ae2939e359c402a0c355eb6d270281d7c59a5f5c60275bedcb6adaf8bb9534a1950e426139f960a914e4c6ad509a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 32b5ca715cc51f4a615e3c2feca5f437 |
| SHA1 | 4345345480a8420a049049c6f4576724491e6615 |
| SHA256 | 08ea61307c2c1d24a13193cf8b99ceb7f3f964c325ebc68b9a6251aa740db81c |
| SHA512 | 1e4e892895fb98271a852e7a5d7e5a4a58a04396451b248625953e12a66ca9b7893d870437425f42d0ad98b91d8390c9ac9fecc3f5ec0cf4e17dcb1836d4ac1d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
| MD5 | 96e6f7551c8b91c4bf7ba4825453cd31 |
| SHA1 | 5909fc0b345c9c2c7fde5948ab81f76c0972ae65 |
| SHA256 | 1cbd44fe4d5df9d3f58729bae2e6cbfa30ea1c8ee0289d805e535d0202c23199 |
| SHA512 | 2e6933c996fbb52e249698ed60cdd2aec2cd83e2aa066a1fbc032f31dccd104f3b9da7b5b81ffae012a6461a4638f81eb03b028071e01f67880fe9b3ac11d5dd |