hxxp://github[.]com

Resubmissions

08/05/2024, 14:11

240508-rhjx5aag36 8

08/05/2024, 14:07

240508-re2zjagc5y 8

08/05/2024, 14:03

240508-rc5mmsae26 1

Analysis

max time kernel
171s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
08/05/2024, 14:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://github.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133596506522867715"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2080	chrome.exe
2080	chrome.exe
4424	chrome.exe
4424	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe
Token: SeShutdownPrivilege	2080	chrome.exe
Token: SeCreatePagefilePrivilege	2080	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe
2080	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2080 wrote to memory of 4816	2080	chrome.exe	82
PID 2080 wrote to memory of 4816	2080	chrome.exe	82
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 3312	2080	chrome.exe	84
PID 2080 wrote to memory of 2628	2080	chrome.exe	85
PID 2080 wrote to memory of 2628	2080	chrome.exe	85
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86
PID 2080 wrote to memory of 3568	2080	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://github.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc76f9ab58,0x7ffc76f9ab68,0x7ffc76f9ab78
  2⤵
  PID:4816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1624 --field-trial-handle=2084,i,11877246454131174190,17447866964560062453,131072 /prefetch:2
  2⤵
  PID:3312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1920 --field-trial-handle=2084,i,11877246454131174190,17447866964560062453,131072 /prefetch:8
  2⤵
  PID:2628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2240 --field-trial-handle=2084,i,11877246454131174190,17447866964560062453,131072 /prefetch:8
  2⤵
  PID:3568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2992 --field-trial-handle=2084,i,11877246454131174190,17447866964560062453,131072 /prefetch:1
  2⤵
  PID:4836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3012 --field-trial-handle=2084,i,11877246454131174190,17447866964560062453,131072 /prefetch:1
  2⤵
  PID:668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3948 --field-trial-handle=2084,i,11877246454131174190,17447866964560062453,131072 /prefetch:1
  2⤵
  PID:2996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3344 --field-trial-handle=2084,i,11877246454131174190,17447866964560062453,131072 /prefetch:8
  2⤵
  PID:3120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4728 --field-trial-handle=2084,i,11877246454131174190,17447866964560062453,131072 /prefetch:8
  2⤵
  PID:3176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3312 --field-trial-handle=2084,i,11877246454131174190,17447866964560062453,131072 /prefetch:8
  2⤵
  PID:1832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4960 --field-trial-handle=2084,i,11877246454131174190,17447866964560062453,131072 /prefetch:1
  2⤵
  PID:1340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4932 --field-trial-handle=2084,i,11877246454131174190,17447866964560062453,131072 /prefetch:1
  2⤵
  PID:1804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4792 --field-trial-handle=2084,i,11877246454131174190,17447866964560062453,131072 /prefetch:8
  2⤵
  PID:2380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4164 --field-trial-handle=2084,i,11877246454131174190,17447866964560062453,131072 /prefetch:8
  2⤵
  PID:2532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5164 --field-trial-handle=2084,i,11877246454131174190,17447866964560062453,131072 /prefetch:1
  2⤵
  PID:3132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=1596 --field-trial-handle=2084,i,11877246454131174190,17447866964560062453,131072 /prefetch:1
  2⤵
  PID:628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5072 --field-trial-handle=2084,i,11877246454131174190,17447866964560062453,131072 /prefetch:1
  2⤵
  PID:3212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=3240 --field-trial-handle=2084,i,11877246454131174190,17447866964560062453,131072 /prefetch:1
  2⤵
  PID:2068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5164 --field-trial-handle=2084,i,11877246454131174190,17447866964560062453,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4424

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:4808

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
48KB

MD5
0c2234caae44ab13c90c9d322d937077

SHA1
94b497520fcfb38d9fc900cad88cd636e9476f87

SHA256
d8e6f62282e12c18c930a147325de25aef1633a034eaf7a3ce8de1fb8de09912

SHA512
66709f74b19499df1e06700e1c257e14a82ca4287194e4b177b3f333748d927f413c8c459a35e7e5a2f92d28410b0129f106d94e3dd85bc0dd0b986add83b18f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
44KB

MD5
798c6dc9626aea11ab3b59c10f46bad6

SHA1
9d32252603598432bd050e5ee4e4670b883cb55f

SHA256
8d4f42645d29fb1bf1eabf27716dd38b01db15876c81bdfc742e2dd4d2b172bf

SHA512
821720abbcd111b8a4e877c5082cc620086e98c5cef36c3674db26e3e0e76468abcdaf54c95bb42c0aa1573f9ce306c4c6326138e8d155b5455fdfac7ceac175

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
24KB

MD5
54a5ca74a6d9c531ec2c366edd7be658

SHA1
c4d01c1cfd3c190fd9ac918eb5a3bebaf41b29d6

SHA256
9f3cb2edebc4754956da013e3e4fa9735d5d5cdbd5f02a7c9869a8ada5bf190d

SHA512
b8670bb7a6496e8e6a09dbcb974ace55451be9c937f178803891129bd33f9545119924dffffa84f13dc87a753df0e9d66e104e5df72f9d6911c619c835d78e2d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

Filesize
21KB

MD5
12b3b06a215a92b61047d4d676009d5c

SHA1
bfaffa1420406892f96c14563413c12b22d5578d

SHA256
ebddde1fdfe55665db44af96d9a914ea833d5c74b510150b0aafcc6598c8ec72

SHA512
5f597b93c1bd9e9be7d7aa42ec1a69d1183d164096046af276546f907c7796cd5d1ea80d152ac8cab76f1ddf3a6e3d51ed74c6dc97d467a4f5519dbad8d42ea8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
04956dda32c9b5eff10b627c3310f0ca

SHA1
a79a897d8e49c7aa4fb791a52f4329b86f235b3c

SHA256
3e118c53392b99ed27accb3b9e319710fe7dcbb281a225e4c07b760267d873af

SHA512
1f0d6a3505d6061bc717d8e358622fab430973809495df77180250878c5a2c838906a0a68a05e5d6b5b15044ea21c0908d5abe8642a196856606adc7544830c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
d61960bdb69f7f0c1b5d1cd49343f9d0

SHA1
62eac436128d014a6eea78dba8b438718b39a9b8

SHA256
40cc83a017a1b0d05cb2a6a0b792b338930a12b304c0b9091c79a8155612f055

SHA512
63c51d4927b3a0bca0a4503ed344c6dd930e847ac0902cca3bff4ae405eff9a3cc2973851e7b815ed4ce6f0c2e0e7c01733928fdc7724c4e2e2389fc25f043a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
5e9a2f7f05e1bdb5bf021694a25c136a

SHA1
849fbaf182f13f8f7d0d5505631572edeecd35d3

SHA256
e2e9e2c623cda74d0731e3980713ab2394a315935c30791f762ac78e0820deab

SHA512
ffe2e11fe164bfb50203cb17f41be9a37a5990ae53b989cce039d59356512347b57197182fc789eed3cfc05c5cd2031a1e3a192b0f2e4dc92396bb03a2110e2d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
e2217af4362b7ad8c60647a5d8bd5484

SHA1
cc735441186c5d81f5c2ea5e755a4de1a1f4ac96

SHA256
e717212c36cdca096084a3bec7fcc4f809bb7b2baaace66b1f26da48c24a42dc

SHA512
3298005a2b65860499b7728d6d0673ac0631ca5194ac0e194ca391bd5d4d2583dde601f07a5ba9db2f69db9b07f777dd83c1de8215dd29ad4abbb91fa459836e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
eddfbe2c1e399cff5a4f6c1f4bb7ee54

SHA1
c2dce95668b82e44dfc3af37eeb68f06d343f9c9

SHA256
1d9e1432e86cb1f4a9abdb22f6d229412547fe9c48656382b1f7c79a8ee31d6e

SHA512
4853ef44784118b7a22f472a4982f2a908400de39c7586439359621ee8990013fc3c7602a3e2cc0d090d3c34c267863e05708459ba984b2436a95025e44afc0b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
a5f7cc031543598daf060e6b5e5ad7c5

SHA1
3d633b74fc1f5d4cab727fdc521433757c93dc94

SHA256
2a1134acfdbeaa2f818b781fbc994bbb5063202bb9ac6acb8a38cee21932d0f9

SHA512
242717870ed1ae1072b76f5a355d1f2e0cc27448414008d469f6e005533cdc5660acfe6943a52cd86aa6afa1c2fec59dd5f9ecdc71174c7fcf47617cc0c85091

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
f70ecc4bde264fb47b1a9fe164ab89c4

SHA1
a603157fcf0f7d54de4f6b62cd78abe1bb358cb7

SHA256
786cee24db824c7e5ff37b5cb2820f761204b5301f4af9eb9d19bdb1df71d2d5

SHA512
e3a48c4be37bce6de229474d512052224e42c10466a1104e5937f5e1be6f96be5db971d213e327b9672a9131ffe7115c5422b4e5b5ffae10c9a3afd454f25450

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
a2071e7a8cec8db1e09e867abbf68c4b

SHA1
0f98b82fce21d6d0ee6758d0a7176fe649e58806

SHA256
fa8bdaf7e71508d402bb8b96ad713ac0887935159cd6595450d9b9802481269e

SHA512
d9a01eb445ca089ed7d3ab453930ab652089dc33c2f52596683447d0a5696a8a3affd08cad3640b169d4b904f0966b746fa5c344e8e60ff7e8ca42e1d0498538

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
551673646dfa92a4549e78aa6a7e7fea

SHA1
4644e4e3ff9cb8b99d236407cade1fd3fc706d05

SHA256
dcd86405a24d339cc5bb5398f14949dee6e98ac3bda787b461dbde3ecd486ed0

SHA512
7f3c6f976a9e170aa91570d6598c3c538c9033b26ea1675a7285d250cfa6af85547563e387b0d5eb3eecd911655fa26b70719694eeb4da04df53f14b073fc7f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
9a2b2a96f889b70bb46f94d8a3dc5814

SHA1
f7694b9fdfca5121bc5c56038541425bc59e9039

SHA256
fb39729008ce774cc8b7addeddce5c47fd0b692680a109f38bce295827699b35

SHA512
dd215ebd76cc775095c0730d09b46912fbeaa6115f759f0e2357cb219f106297607fed1e44f9b25bb0a7ef54d358e46df2f62befd853ff2eb02a0bfea08ed584

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
1eece68b75dc2d3ef7b103c606796295

SHA1
e053c1f63453767cd574105a6866dc791f8ef6f1

SHA256
652b449a24c1da6105705bbc4eeee850f97a7ef73da1f3dfed233f910819d147

SHA512
f62ba5699b545da538d881fe30f8422f631dd5bbbcc3599753f44e94b161375b0fe315fa33624c61619a0fd7450fd8d890ae3a32efbd6abcd873e6e86e2f7ebc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
3d9fbf410f775658b6389a7450223a7f

SHA1
ac406a82d4a5240f46a63148673e5d0cc262bd9a

SHA256
e861d445df91a35d030065896063e9d0f434ee559c80af160018044465ba2fbf

SHA512
021ae848e79b459dc0612c617f6cdf29aa542aa3c6623d049741848c1ffcad32de7b37e5ff717b620d464f2ed1b35085685bfff9ad2af73eb719e2fc1b6f4f74

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
6918396f7a19cafe03752eb23788d96d

SHA1
9e18da5ae20d0059a21d4235b1816f66b860256a

SHA256
782e7aef506aad036df1c133fc12c5cc67235bbb4ed151eb3877142cc7676e96

SHA512
6b73d9dab5910380cf325eb748c84f3753b2172684f4bc3b92aa31fb24d1b89828c682a004de1186b58ba4cccf2539a3dd633503af07a9206dc972491f108131

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
700747d294c057e7239bda6adcc9ba2c

SHA1
3e3d5de726c9a43adb9b68807aac1bbcf003cba1

SHA256
308b8e312e0edfc46095487315ff59e4a6b6e59b5cef7db0fde96554a9bc81e3

SHA512
76501fa4cabe7310e63d8cdbe46950bac789b54091ca9bf40d6f1f117b5988ce085082cb2797fbe1fbdf62dd6f7c443567d6adf44df46b6e69842fe441560b0c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
26ce66cdd4e4fa4994528ed6f6e5486c

SHA1
4e269a19ff590d116dc2baeb213a869bf093151f

SHA256
1d70cc40c3a986920ec6e6faef078da77805c9180c8384ac6e4b27f1e83c1b32

SHA512
e5a0097ecc1fd5ff258bc75dc8a41ab6b807a69361d69840f8ac955bd095f93985c42417c1e4aeedcd7fe20e93e788f7aec6cfaf6051e1c84a414995ae46c71a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
0f9978080765702a17e9116a228123e5

SHA1
37a1d557c79e0f9b50af48b1090fb4fde8b9d816

SHA256
99e36220b1ddc6b9dd7c003cb2a8c5f9f296bc2cb21bc843035e8b0e78d2bd15

SHA512
36dcfef2edaae8a187cb12fe6355a6ce609891025d4847bcd083f9a882c0969426174dae7ecf8f6141c85f993065b868226c86788125e7862bab4381b4161c7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
9bd111cb45f0c4dc3f6b342ce031955d

SHA1
7608385d49a3313853a2f78fcaff59d7b91fa706

SHA256
09eaebfa4b51fc6f91da4981f9a8ab6dc6fc4be861459e24cd71d48834a49d54

SHA512
8eb78ecab9b28ac79971091dce99d67e92927e70431df4e92022c8c92a1aaaec9ab3db39c207563fdd50538c7f0429b16564ddf4f4d24dc8036b423fdf722e3f

Download Submit