hxxp://m2[.]ghost[.]io

Analysis

max time kernel
149s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
10/05/2024, 23:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://m2.ghost.io

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133598576731099263"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3312	chrome.exe
3312	chrome.exe
1212	chrome.exe
1212	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe
Token: SeShutdownPrivilege	3312	chrome.exe
Token: SeCreatePagefilePrivilege	3312	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe
3312	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3312 wrote to memory of 2468	3312	chrome.exe	83
PID 3312 wrote to memory of 2468	3312	chrome.exe	83
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 1404	3312	chrome.exe	85
PID 3312 wrote to memory of 4628	3312	chrome.exe	86
PID 3312 wrote to memory of 4628	3312	chrome.exe	86
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87
PID 3312 wrote to memory of 3508	3312	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://m2.ghost.io
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffe8acab58,0x7fffe8acab68,0x7fffe8acab78
  2⤵
  PID:2468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1836 --field-trial-handle=1812,i,3421884793516769549,16311068132863681421,131072 /prefetch:2
  2⤵
  PID:1404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1812,i,3421884793516769549,16311068132863681421,131072 /prefetch:8
  2⤵
  PID:4628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2228 --field-trial-handle=1812,i,3421884793516769549,16311068132863681421,131072 /prefetch:8
  2⤵
  PID:3508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2984 --field-trial-handle=1812,i,3421884793516769549,16311068132863681421,131072 /prefetch:1
  2⤵
  PID:2848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2992 --field-trial-handle=1812,i,3421884793516769549,16311068132863681421,131072 /prefetch:1
  2⤵
  PID:4176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4356 --field-trial-handle=1812,i,3421884793516769549,16311068132863681421,131072 /prefetch:1
  2⤵
  PID:2892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4528 --field-trial-handle=1812,i,3421884793516769549,16311068132863681421,131072 /prefetch:8
  2⤵
  PID:2716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3216 --field-trial-handle=1812,i,3421884793516769549,16311068132863681421,131072 /prefetch:8
  2⤵
  PID:4712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3968 --field-trial-handle=1812,i,3421884793516769549,16311068132863681421,131072 /prefetch:1
  2⤵
  PID:4612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=2396 --field-trial-handle=1812,i,3421884793516769549,16311068132863681421,131072 /prefetch:1
  2⤵
  PID:4984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4860 --field-trial-handle=1812,i,3421884793516769549,16311068132863681421,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1212

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:1680

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

Filesize
634KB

MD5
3f83109e8d17c304650da3b57fa87eac

SHA1
10d97b2318a5b6f70a3a38645eda1878f47ae346

SHA256
37d2be73aaee0ec0331d023e5afce44c907afb5b3f1a8eec8fb6bd121b5ed99e

SHA512
ba13b38e6832e1bfa56923195d95e33b90bd7de87d31c19313ad092e347e90ed0a6b44fc0408d89f9a9b1701163789e575f9ee5b2101d11fc797526c083705d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

Filesize
1024KB

MD5
803ef0d0ad36055d0590d95dc5980e32

SHA1
d4e8d9b6f749ceee20ee6e304498af2c92e266ae

SHA256
f985d2af078eb858e0ed88d31daa1f6a0501e91d477d37c0ca1c02e126bdc5b6

SHA512
baeab31780187da34c6d5ffe589b0c7507123ee7cdc20bb96767975544818009a3f8a22c631fddeb8e1cb5baee8ba2d60fcde27905a7b12bd4ebeabecea07394

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

Filesize
1024KB

MD5
e43541441cac0472ecfec54d2970e2d1

SHA1
e91392019cb3c17174895cd5fe93df7219b4c015

SHA256
e0980c7f36c42884084ef7c6e4e68f67083181a21bf6e54306e9bd3e5a5f8342

SHA512
ac7f164555d2d05a2a30cf4483e6fa6982549cd4def84fd6389088aa6e8ae7865b47897f523636d2d08ba2d4adc3af0f0ee8da41fb0056ebe7187bbdb82122b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

Filesize
517KB

MD5
375531ffc15b355cd782f011f929d84b

SHA1
e7b27c308a4896e9b214eb09b273efd0eb1d7067

SHA256
21216bd9b7402c60956f074c7c4d4e33595f2ef6df364cae12eda2a996a015d5

SHA512
82e49034ea51a47cafb90d4420df1c292ae01b0a80af5677817dd799d29e682b333c523450ffaf5665628e84543bfc4346033c7d5bb7fcd2e238966b2949c35c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

Filesize
1024KB

MD5
aeb87091344f3cbbacfabd94374801c6

SHA1
b5c3d9e9f5b4018508a6f0bd4a2d5847771415cb

SHA256
026e4d2b0f3b372eec340af99d4eb628f421278e7d9521ed5ec111e9724d91a4

SHA512
1a8a67fe2be7fb146282e5cd526e113a45f8877e04cf65fcc8667224755fbbf0e9d876e889ef1106d639f8703e5a786706395a6dbd4bdb227747f20d3856ccb6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

Filesize
53KB

MD5
0c165a55df91fbbaee9067fdf9602ce0

SHA1
e2da5ea6d3b1e344b556485fa7bb7676b043aa45

SHA256
51ec724d42e6d6c3c722753440d641a7d8cfd8814844f4a5d266f725f74fec13

SHA512
b0c1d3403d481dac0f989ea9ee33b2ef12f21534df69b0009280914178655c0aafe059414bbc8b514aefb8709e04e876acee10e63b55cde12711c2c1794851fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
c68596bfc3e49353bb59d44bda06a750

SHA1
185f927b751742ff8f22a9f343546868a0e4e07c

SHA256
d0036e99dc2e5b5f39b2ff5c0b27499ae4540df7e351853ff29568edac216269

SHA512
c785d14565ebe73181027b3d304bd2da39f557dff4c009df54c2c0231759cb5f15ffbf051c43baef819e0c8f6f9dcfc64eb9fad4214b571e08c4179a2ccaf4aa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
e35b207f9d4f65770b46e05ab7220923

SHA1
4bb3585ce10c213007ef798b1dc9e8ef401861a3

SHA256
e11ea5046e40a72569e29560cb1cead1ffb350ac17fa1c1194747d169551fbcc

SHA512
871e9462c2ffda46030546afe60a0e745fcf970ab5dcf7a6b60fa8e0149f6ba7a1aea11ab327c75dd3dae3ef99115a1c447f6c507d30dd65275bc63c5fadfae2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
690B

MD5
a19ad45afe6514f8440f743835fcd191

SHA1
2700fed90be02b73fb5637425ee4f10e081da574

SHA256
55ece7a7a073df4f8eb995c1fd8528bc17df5b4c38be5c0b31e83c2b14cb6cd9

SHA512
c4d6e0141b774d07a55692a38dbee434a344c126a8723f86422aeff07287bf8a42ab6f347bf86e41d499644080422e91ad542ded51e0de8f25e6b12f8682a8d5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
8c5bcb5845c06eb3d4c9f1728695750e

SHA1
0987ebe6996bc6ef32541fa35d5f7c61065e4ff5

SHA256
a770226a2e5c19c366d9bf55d03bd6744f19ea1a8d4647fee70c4ce8db118ac7

SHA512
2c7e0d9cd8571d567f0f3534aaa4a98aa48418e9467a4d79bd51b972bd979fb3434125815b24de00dcc416bc9134bef649771c903989b7269966935d07d7ff87

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
2f41e08b0bfd725775cac5af097378e1

SHA1
39450aeb5554c78483efd6a11187ab7776b2b47d

SHA256
6128e193f4cdef845e63101d9c25966ab8bcc7dad99397f8ca99b89625eaad2c

SHA512
90087a69a31322f5b3e44cfd256ef1149fda66bb5d512ba952ff328c1054a224bbcbda0092d483a27e33cc7e37690f9d5c56c580186399f2f10d43211348acd3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
c2a9e02832d7fb36f46b792c3e2173d0

SHA1
6eebed64590602f8c2907573c22f6586e3978abd

SHA256
176c4e244c50faec1486b2778a914186ff0cabb8796c5fe1e0938180bb7bb610

SHA512
e698f185b179ebedb05f9fc8a7e4ebfce8853cadd9298defc2c08931e090e84cfd7a11b48ddf06c0d52bc3e90b0ed09862a43b444e386bc336ab24d4c977c1a4

Download Submit