hxxp://pornhub[.]com | Triage

Analysis

max time kernel
150s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
10/05/2024, 15:05

Sharing

Report Analysis Logs

General

Target

http://pornhub.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

System Information Discovery

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133598271408547041"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2136	chrome.exe
2136	chrome.exe
2944	chrome.exe
2944	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2136 wrote to memory of 4844	2136	chrome.exe	91
PID 2136 wrote to memory of 4844	2136	chrome.exe	91
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4548	2136	chrome.exe	93
PID 2136 wrote to memory of 4480	2136	chrome.exe	94
PID 2136 wrote to memory of 4480	2136	chrome.exe	94
PID 2136 wrote to memory of 4552	2136	chrome.exe	95
PID 2136 wrote to memory of 4552	2136	chrome.exe	95
PID 2136 wrote to memory of 4552	2136	chrome.exe	95
PID 2136 wrote to memory of 4552	2136	chrome.exe	95
PID 2136 wrote to memory of 4552	2136	chrome.exe	95
PID 2136 wrote to memory of 4552	2136	chrome.exe	95
PID 2136 wrote to memory of 4552	2136	chrome.exe	95
PID 2136 wrote to memory of 4552	2136	chrome.exe	95
PID 2136 wrote to memory of 4552	2136	chrome.exe	95
PID 2136 wrote to memory of 4552	2136	chrome.exe	95
PID 2136 wrote to memory of 4552	2136	chrome.exe	95
PID 2136 wrote to memory of 4552	2136	chrome.exe	95
PID 2136 wrote to memory of 4552	2136	chrome.exe	95
PID 2136 wrote to memory of 4552	2136	chrome.exe	95
PID 2136 wrote to memory of 4552	2136	chrome.exe	95
PID 2136 wrote to memory of 4552	2136	chrome.exe	95
PID 2136 wrote to memory of 4552	2136	chrome.exe	95
PID 2136 wrote to memory of 4552	2136	chrome.exe	95
PID 2136 wrote to memory of 4552	2136	chrome.exe	95
PID 2136 wrote to memory of 4552	2136	chrome.exe	95
PID 2136 wrote to memory of 4552	2136	chrome.exe	95
PID 2136 wrote to memory of 4552	2136	chrome.exe	95

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://pornhub.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffea4379758,0x7ffea4379768,0x7ffea4379778
  2⤵
  PID:4844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1764 --field-trial-handle=1912,i,6879568619385642981,13956140135090875557,131072 /prefetch:2
  2⤵
  PID:4548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1912,i,6879568619385642981,13956140135090875557,131072 /prefetch:8
  2⤵
  PID:4480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2256 --field-trial-handle=1912,i,6879568619385642981,13956140135090875557,131072 /prefetch:8
  2⤵
  PID:4552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3000 --field-trial-handle=1912,i,6879568619385642981,13956140135090875557,131072 /prefetch:1
  2⤵
  PID:2124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3008 --field-trial-handle=1912,i,6879568619385642981,13956140135090875557,131072 /prefetch:1
  2⤵
  PID:1548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4604 --field-trial-handle=1912,i,6879568619385642981,13956140135090875557,131072 /prefetch:1
  2⤵
  PID:3216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=5060 --field-trial-handle=1912,i,6879568619385642981,13956140135090875557,131072 /prefetch:1
  2⤵
  PID:1512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5380 --field-trial-handle=1912,i,6879568619385642981,13956140135090875557,131072 /prefetch:8
  2⤵
  PID:664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3784 --field-trial-handle=1912,i,6879568619385642981,13956140135090875557,131072 /prefetch:8
  2⤵
  PID:2472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4724 --field-trial-handle=1912,i,6879568619385642981,13956140135090875557,131072 /prefetch:1
  2⤵
  PID:2632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3984 --field-trial-handle=1912,i,6879568619385642981,13956140135090875557,131072 /prefetch:1
  2⤵
  PID:3088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2524 --field-trial-handle=1912,i,6879568619385642981,13956140135090875557,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2944

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3096

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3376 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:8
1⤵
PID:3516

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023

Filesize
16KB

MD5
48c80c7c28b5b00a8b4ff94a22b72fe3

SHA1
d57303c2ad2fd5cedc5cb20f264a6965a7819cee

SHA256
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356

SHA512
c7381e462c72900fdbb82b5c365080efa009287273eb5109ef25c8d0a5df33dd07664fd1aed6eb0d132fa6a3cb6a3ff6b784bffeeca9a2313b1e6eb6e32ab658

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
1c25b27b0bf57797eb9253ecd0a754ae

SHA1
5627391fa568e11a3795b662d8dd3d135adb33a3

SHA256
b7472e9c37944542c1b91ca17bc6b63957be3c6aec8580196868ee69dbf36f9a

SHA512
467c60a020e60a0b99bf610572577c4ebde2ef7341ea6ee95ed6feebc771a6218f22b7adfd7eef912f2ace910d842b4162c7263248e7e09e83c9409f51359270

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
816B

MD5
f922ad2a1b9ae073a541859567f55eda

SHA1
f5bb6096c798912ee3c0381197150cdff712c016

SHA256
99177ce05dfa381745824500add8cb0ea2dcde6916fdeee05f83a4b659a3fd78

SHA512
71d00b5501cec22e640bca0e6683c57d4723eb01d576871f4fad6fc396c516f89cbedd5ea040c1223d2384e9827b68b838c6caf1c6bdbb4798e564b5e46b0bc7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
98e2df6727cad9c1ca39a475a25c8f41

SHA1
3b992e3eee4008e0b6fc3d5ac47e0c6829e5bc98

SHA256
7c35c94ad858f9d28d206e97539525b2ee4ecbd81256ddc5aaedcd7fdac6bff9

SHA512
95ed7cbe7c0b0a584111faf0b08ff3f1ac28cddcd30a519a3066799ee905178e76c511283a39c789358afe2dd4b99090212a61c3652d5aecb64c1c5afa029d23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
274f324007c9058ed9731f51dee87a87

SHA1
3920e3554c3722d6d8871fdabf2f0903770d2415

SHA256
599116b1adc4268a9030e8bd89a1e021801bc5ad73e3330e168d43e5d2a9e598

SHA512
c56eadb848447cb29098626e8815ced07cf9d6d362d6273220e05f69a4f42476f245091fff81b4ae7b4331953e8d24a855e9e67f362d499d3aff418a39aa1381

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4c9951a3e2e40d89b27f871b6174aa76

SHA1
1fab7ebf565f2c3b20d63a157a66776f87a62493

SHA256
7a6f86194ac0d3f255d93bf9d51ce0e8ce1fccbc09c6f7ef920e2030c8148382

SHA512
cf7a3bca684dc94bd4fc4d681503f1acbbf79e3cba2e1ae480b4823b48ef4bf3333490ac5a2191907c2a975cfdba240e88eb07bc2546e725d69213f5655c01c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
185d7ddc3f733d50bd00092639052cf8

SHA1
ea64a9ea6bc851972d8430f76a65846d0ef5310b

SHA256
53ff9fdce1f21b0f19983f70d4ab79f02968e546f7cb9ba71576acb679c0c27e

SHA512
9fac4b6e50cd5d35490aa49300a78ea001aafa6cfaa64fbee9f463c71e45e34cad8a75548d41c89e3fd9e287a4a534d3b6d1727560c41db7afabc54512b55850

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
fcafd739f5ce90289009c984afa0c287

SHA1
9323735556b9a2e0434853b872cc2f7a9ec1ba4c

SHA256
7f3b3b3be62f7c87e30aa9f9af0d40dc3227e53966a6633d777c421b60db0c4e

SHA512
fd902fe38b2329ef4c536032d58c0500e2b40f59d1adf30471ee9f426183d5a22e924189fd9461fcb7142586bb3bc6b31eb7e9b53263d808a52b9fbd87ce8065

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
5d1248b890568908c8abea5ca81fb551

SHA1
8cc55e1e05da24c592de574b88f53a02e0f1e98a

SHA256
35a7846f1a722c77cfd1a8900ba32c7fcf8de0b9a2326c5f19f93069702ca84f

SHA512
28acab423d18548af86cc375565c21562de7948c9d7d1876708cf9b67e23c5075c1acdb8b7258a030031673c4a16f87b26e8e5ef19aba44f243c3084f233ee80

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
956787de4359725d43d111542f2de0d0

SHA1
0b8e3c2b7fb115274c365317938c26b009ddbeb0

SHA256
57ce99afd8cc74f365e47618d3f814506d113107a95ad958092f79c4831b1c2d

SHA512
f1346291a884a80fe2c9f8e72b2e3a6e77585d96a42f9dc4c44eba27ea7473aa43a1055421f2fcdbdd31ee8f28f212e4c9c30f1d508187230becfa04fccd69b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
78d8bf516a60e0415d1aacc779598e8d

SHA1
7993927b7dcefd493ac3165587d90dfcab74cead

SHA256
d6ec885d59e60679e18f3d0e6b624daa38766324c32bb0102e790a2b021445f8

SHA512
cb898beabc4cfa78ac6c15fb8c5b3ce5c30955a46f17402fee404e45461c8c01515068d738badeece55e040aaa888578bf2a857acc094b3e8a61f813831ae3b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
02b1ba6ed23c53355ed559adc0a99b33

SHA1
13a81bad243a707c16242f26d4da478abe6c6b8a

SHA256
2f5639d4472730caa4343195225411ba22a04ce8e39d71625fffb7f263896daa

SHA512
89a08cd4dcc55f020629b1766cc963e340265e570a085779de95ed7fb6cce86acff49994f6660aaf14fa3307152f81d5819ee6e9a14e23a42cb48d859b1b0b25

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
04715a0cb1674b81d778cc777ea48154

SHA1
287521d54415ab000e1eb3ed917d5714673ee8a4

SHA256
53bfb7741a9552ea3ca89433bb0c35354d60640bcc97392714bef57a437117c6

SHA512
a7979621ed7b9998b42ae47abe8af09d0d3c504a14f1206b4b2e86d1cec5c54bdeaba3281660ae8d43a387471972257ec0fcc15567e818748e922ca1228e6c2b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58266f.TMP

Filesize
48B

MD5
daa5983d108aa8946c95f29533fbec97

SHA1
bc34eeedc5c1c45ba4d84f901af0ee8106253b80

SHA256
467adad865a5267785033e08311a9e55a957d86ca49a316b1a4aab39e755edd7

SHA512
b640ccb63ed4979f283054048464bf577ac315c25907d3dba22c10b439cfbe23909fcb0bf17b54ec7434a41b89f141ad62ece9ed6646c875678df4f8c3deb57d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
2413da0952b4be443d7cf32075b854af

SHA1
e22152069a0d9b2fb94131f4ab90390abcee54e6

SHA256
5f99d28876755a450125c79afa5785916a0b077450baf07f4e3bd06a5c2b1560

SHA512
2cf1eb69ab23a17818fdef8adc87d81b2fd20d6b69e4be7c1c7aa7baee9a802a2fe0ed4f7bade127a8344434f01d3074a641f2139cfe1fa3608a54adc88f2151

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit