hxxp://servers[.]com

Analysis

max time kernel
83s
max time network
84s
platform
windows10-2004_x64
resource
win10v2004-20240508-es
resource tags

arch:x64arch:x86image:win10v2004-20240508-eslocale:es-esos:windows10-2004-x64systemwindows
submitted
08/05/2024, 15:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://servers.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2539840389-1261165778-1087677076-1000\{3C64C88B-B289-4961-8FCD-F3375DADBB55}	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4348 wrote to memory of 2956	4348	chrome.exe	77
PID 4348 wrote to memory of 2956	4348	chrome.exe	77
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1676	4348	chrome.exe	78
PID 4348 wrote to memory of 1936	4348	chrome.exe	79
PID 4348 wrote to memory of 1936	4348	chrome.exe	79
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80
PID 4348 wrote to memory of 2420	4348	chrome.exe	80

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://servers.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9c13eab58,0x7ff9c13eab68,0x7ff9c13eab78
  2⤵
  PID:2956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1652 --field-trial-handle=1916,i,3078421051002167426,5937181645023890739,131072 /prefetch:2
  2⤵
  PID:1676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=1916,i,3078421051002167426,5937181645023890739,131072 /prefetch:8
  2⤵
  PID:1936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2216 --field-trial-handle=1916,i,3078421051002167426,5937181645023890739,131072 /prefetch:8
  2⤵
  PID:2420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2984 --field-trial-handle=1916,i,3078421051002167426,5937181645023890739,131072 /prefetch:1
  2⤵
  PID:1484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2996 --field-trial-handle=1916,i,3078421051002167426,5937181645023890739,131072 /prefetch:1
  2⤵
  PID:1876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4276 --field-trial-handle=1916,i,3078421051002167426,5937181645023890739,131072 /prefetch:1
  2⤵
  PID:4932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4432 --field-trial-handle=1916,i,3078421051002167426,5937181645023890739,131072 /prefetch:1
  2⤵
  PID:1656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4840 --field-trial-handle=1916,i,3078421051002167426,5937181645023890739,131072 /prefetch:8
  2⤵
  PID:4600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4852 --field-trial-handle=1916,i,3078421051002167426,5937181645023890739,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:4444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4688 --field-trial-handle=1916,i,3078421051002167426,5937181645023890739,131072 /prefetch:8
  2⤵
  PID:4852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3320 --field-trial-handle=1916,i,3078421051002167426,5937181645023890739,131072 /prefetch:8
  2⤵
  PID:4556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4672 --field-trial-handle=1916,i,3078421051002167426,5937181645023890739,131072 /prefetch:8
  2⤵
  PID:1060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4776 --field-trial-handle=1916,i,3078421051002167426,5937181645023890739,131072 /prefetch:8
  2⤵
  PID:680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2976 --field-trial-handle=1916,i,3078421051002167426,5937181645023890739,131072 /prefetch:8
  2⤵
  PID:3860

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:4580

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4a8 0x414
1⤵
PID:2480

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
624B

MD5
31eb3057d6ccfe7659fa5320ff1d9a51

SHA1
a5e777b3666e850f4d995e14ee8eb74363f92010

SHA256
2514dae9dc6471f50ab9e7e3f85b00d0fcfa2ec1cdeb91d9c2148000981eb159

SHA512
ae3ce897d0dc47bd63711008db09ee0f9ff682cc81326a1c622a4be0d3ea9b03a824e34dc12cd7141073b51765c787cdbb16e1fc27ad9ce79b569b6650afbb52

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
43c56b76ec239b51a69ceefc9a6cc24f

SHA1
02b1c45b745bc031d4862fe6dddf823793c9ec91

SHA256
334e719ea542fe535433fde538c67f996ae504e185e7dd2323c05079e9732f3d

SHA512
70e78c5bfa74765246fd73d14c39c45c93a68c60cea667b947faff116e8cab2f61eb2653b5313512fa41f2799e7d050d95e159b3eb6e156cfce14884b40771c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
30e4688b6c0f74a3ff31f8b823e294b3

SHA1
54a0829cf115d2f876687cec2c6363df0db25beb

SHA256
350d5494d6868f9b099f63fb83deaa448eeef835598c4977949ce1b2fe670b42

SHA512
7902b1bc1bf443e1a6699e18a4940f33174fb7eb5716f23b16b45f2ef8a1f100e1f4a29bc7a532497e68e8fcae483e38d0fc8edb18f0ade57a29ebccd12eb4ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
3a6a6c2a7328f92e08e540de39fe4c34

SHA1
025118edb335a389e5399c7b215ca2e0855372c0

SHA256
8e43ac1b0921ba0f2ddd0f097cbc7e0253b1444682769c54f891135b5838416a

SHA512
2428f31f07d5d322cdb1d8a953d9ea641d4639b56b5339c9e01ca643f7f5fa4e1d8196ea949374c534bbb82539549f35d00a716a972dc0c1fcf977a247f592a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4e9fb195af3d5ceef27927d7b062560b

SHA1
57d7afc6e95c8f0dcdf5893e8c0fbd27e5efedac

SHA256
a0f74ebc821d66b1d64d6209664ef2ac1429b797b0fc046c257e3cc0499b1b16

SHA512
6cb0fee48a70ea446da8ec087ac89797b60f0a41aa193af8d0ba146ff3fdbf0450eaa2aadcadbd521fc5ce9f69c0fb93a923eb61bd33f18753ae739a02c01ed4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4575db0494c4863bf26e168def511072

SHA1
07f42b14e943cd40e53492475832e7d3b07bbf1e

SHA256
65e91d4407dc7eab0ca295e93776010fa480143efe12f31d600d989e3eee6a56

SHA512
a4947a746ed52a9db35bafba1836587a195945212dce136db6d31e25e6b12fc69673adc5a9c22d0c0e442b10058b3b6bd31fce564ef76769e32a7ed591da6e9f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
f54923ebde5c10f6781e920a14fc7dda

SHA1
fbea0b14894dd183e2794537e99e383ea717ed7a

SHA256
15a3453e095059cb3a0382c61406fb7c4bb471ecb71c3867c583605ff8984db5

SHA512
bddbf43f8e8145100a1a5bb275a2b448beafb4d218e6ca0ca320e1ca2429afef3152fd52c469f2173ab46578d706a9be1005beca74bcf0438c46f1111aa9ff68

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
cf60e5108742369af2ecbb2395d9e652

SHA1
5b7cb4172f49c52386278b575e268e8fd08eb9b9

SHA256
4e4c02acedc903994e07a8e7035da878c2a1c784c1755c8cc96e0a900d7588e0

SHA512
21aab64683d76014b7c5e3a977b37d1be5e6c4c48c5a7b326968f1b9b755ebd2faf3ff0646a861ca3f05979e55d6b18c1eceb5709c0ba61a2b0567a9fe95b0cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
f63b60abfd84fab532a101cfcb73a672

SHA1
ff0be8cde30224a36651620eb9e08f77f74fc5d8

SHA256
84b90cfa0d2d5eb3d728bc4bbdf282282c1c3da2236d838975014c18f4f8d7dd

SHA512
6396887286e3b59276f976eac7a49ef2af2a15889c6e366d025e6d8be3c91a0cb7ea21b0f48b36bd2896798259b28bdaa6927f08dfed466a2cfada662e125ede

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57467f.TMP

Filesize
120B

MD5
2991e1e628fff03779cdae066e61be4b

SHA1
18fa5be933cf3ede04321b05fd441d94df502cac

SHA256
0a6b8460e24861e322a7b8bdc88eed4801ffcfbdc90454146a140b4f3d2c45d2

SHA512
18921bdf53e5f2e4266a6c75c2dbab70bc760b86a89776ccff2f99a2b84bc66b9f4ac8778b7615705eea29e3f8883bb5a148120304d4f2bbcb0f8f8369c82617

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
257KB

MD5
d35a2613cefd6072a67cd9f57bdc972a

SHA1
cf37ca3afa3e0c27b22a4f3ee59799073be1eb7e

SHA256
ba2e34f6c9108e71a7a6542394e26a4d569994487ea0f8420fd1fa564ff23a01

SHA512
5653724d155a38cd233dc5a1858d2ef29427b140512fe0d3dcf7d3043d9c9c084278ef29a1aba8d36b1a24ff70fa2ab05a25dc4be5ec2920642737ef65d71457

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
257KB

MD5
a51cf599938d95a3cc6225f136ef7139

SHA1
d42c7c2d938e160b14caf6f8b6a7c543486a349c

SHA256
b0a3e4af0859ccf3180cb0873fe4cec6bb5668347d41847364e15574872b9682

SHA512
eee7cacbe411849d27d1b8f7da391748d3bad48a05b8b477e8183968f5a28171133da186671dd8ca0d3037b4698e17c6608ec739c868397fca2167403f4917cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
93KB

MD5
0930d4decbf948a8936773792bc2fe41

SHA1
6592569d3ef777264607924b5e9a9d4c3565379b

SHA256
d0b7a87fc42c036648a31d0d9d3c9a0e5d9da56f51869c81b858608cf647b8ab

SHA512
aeb815eeb0b5e76fc7adf9bffb6940ed673fdc7104eae31ee03ab52432ac0fe42e215c3deee0bb518486325f4e314bef3e4cbc265a364b659900225c83caf50c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57dc08.TMP

Filesize
89KB

MD5
609d41c785053663035884d9e1861293

SHA1
56adc4f081546f3868ee87afe390fc8c0df131b0

SHA256
9520dbcfa1d4a6917ca1dfe4696777087e168fd89db93de1eac6026edf196f3d

SHA512
8eb3cfb823c1e2cc0f278302b1cdfdc57d90a50b5074d643cb3c0158a9aae8ca72ff925ed00483c1c6f2acff5122dd6affd71702bdc0643b2a98510304d93eec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\c3223716-3c91-48aa-9a25-9d519f62a222.tmp

Filesize
257KB

MD5
392d7bfd036e7dbb096693980e14dc50

SHA1
9ab9bfc9997643513c10d0856d38df754f1bc29f

SHA256
76a29426e387b95355be86b488d6793e1fffa07cec7c03e7c41840aac82b7b2b

SHA512
2b98584d09af8a9e5976ad9bb9e883e97ad868edaee46c636f1ac8512fdb2f7a93c321c0d7ded334451ff3e980339bc596bbb4ce8abab08437bcb384c59cc7a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\d4688c0a-cfa0-413c-ae90-4b8855680261.tmp

Filesize
277KB

MD5
a6819ca22df078b38833084fbc3fd49c

SHA1
23e4d942bfc2cb07cc7c0be32c2437ce5e02aa31

SHA256
5c5c0b43015c8a3d7c99f090e36f6769c18bcfb51842c856637dcb163b6afadb

SHA512
0380e22c8f931a03185589510291df4304fa57c77abf824b926fe08e3273df369b3671cbb5dc83f47ab64c617943b139aeef8eefa85156c748132c3fff1c2397

Download Submit