b2ac1e407ed3ecd7c7faa6de929a68fb51145662cf793c40b69eb59295bba6bc

Resubmissions

12-05-2024 07:58

240512-jt1e9aag96 10

12-05-2024 07:55

240512-jscykaag45 3

Analysis

max time kernel
150s
max time network
150s
platform
windows11-21h2_x64
resource
win11-20240426-en
resource tags

arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system
submitted
12-05-2024 07:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Bloxstrap-v2.5.4.exe
Size

7.6MB
MD5

dbb820772caf0003967ef0f269fbdeb1
SHA1

31992bd4977a7dfeba67537a2da6c9ca64bc304c
SHA256

b2ac1e407ed3ecd7c7faa6de929a68fb51145662cf793c40b69eb59295bba6bc
SHA512

e8ac879c7198dffb78bc6ee4ad49b5de40a5a7dbbda53d427d0a034941487d13c8bb2b8d590a1fcdd81cd6abb8f21fdfcd52924eb00c45a42ee06c1e4b3d590f
SSDEEP

98304:XNd5DSd5DxTsed5D2ZT00UuOYoHwfLk3vSmaR0+Mc4AN0edaAHDfysrTl1:X+sdtObAbN0u

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133599741742870773"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exechrome.exe

pid process

2556 chrome.exe
2556 chrome.exe
3932 chrome.exe
3932 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

Processes:

chrome.exe

pid process

2556 chrome.exe
2556 chrome.exe
2556 chrome.exe
2556 chrome.exe
2556 chrome.exe
2556 chrome.exe
2556 chrome.exe
2556 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

Bloxstrap-v2.5.4.exechrome.exe

description	pid	process
Token: SeDebugPrivilege	4488	Bloxstrap-v2.5.4.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe
Token: SeCreatePagefilePrivilege	2556	chrome.exe
Token: SeShutdownPrivilege	2556	chrome.exe

Suspicious use of FindShellTrayWindow 28 IoCs

Processes:

chrome.exe

pid	process
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe

Suspicious use of SendNotifyMessage 14 IoCs

Processes:

chrome.exe

pid	process
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 2556 wrote to memory of 4772	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 4772	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 1936	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 2764	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 2764	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe
PID 2556 wrote to memory of 3292	2556	chrome.exe	chrome.exe

C:\Users\Admin\AppData\Local\Temp\Bloxstrap-v2.5.4.exe
"C:\Users\Admin\AppData\Local\Temp\Bloxstrap-v2.5.4.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4488

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2556

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xe0,0x10c,0x7ffb32f6ab58,0x7ffb32f6ab68,0x7ffb32f6ab78
2⤵
PID:4772

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1644 --field-trial-handle=1828,i,15577222404634609938,4288986179560928668,131072 /prefetch:2
2⤵
PID:1936

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1828,i,15577222404634609938,4288986179560928668,131072 /prefetch:8
2⤵
PID:2764

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2212 --field-trial-handle=1828,i,15577222404634609938,4288986179560928668,131072 /prefetch:8
2⤵
PID:3292

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3084 --field-trial-handle=1828,i,15577222404634609938,4288986179560928668,131072 /prefetch:1
2⤵
PID:3776

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3132 --field-trial-handle=1828,i,15577222404634609938,4288986179560928668,131072 /prefetch:1
2⤵
PID:1632

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3528 --field-trial-handle=1828,i,15577222404634609938,4288986179560928668,131072 /prefetch:1
2⤵
PID:4192

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4440 --field-trial-handle=1828,i,15577222404634609938,4288986179560928668,131072 /prefetch:8
2⤵
PID:4216

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4472 --field-trial-handle=1828,i,15577222404634609938,4288986179560928668,131072 /prefetch:8
2⤵
PID:3876

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4452 --field-trial-handle=1828,i,15577222404634609938,4288986179560928668,131072 /prefetch:8
2⤵
PID:3076

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4576 --field-trial-handle=1828,i,15577222404634609938,4288986179560928668,131072 /prefetch:8
2⤵
PID:1584

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4940 --field-trial-handle=1828,i,15577222404634609938,4288986179560928668,131072 /prefetch:8
2⤵
PID:3252

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5084 --field-trial-handle=1828,i,15577222404634609938,4288986179560928668,131072 /prefetch:1
2⤵
PID:2688

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4608 --field-trial-handle=1828,i,15577222404634609938,4288986179560928668,131072 /prefetch:1
2⤵
PID:4432

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4944 --field-trial-handle=1828,i,15577222404634609938,4288986179560928668,131072 /prefetch:1
2⤵
PID:3912

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=2824 --field-trial-handle=1828,i,15577222404634609938,4288986179560928668,131072 /prefetch:1
2⤵
PID:1220

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3324 --field-trial-handle=1828,i,15577222404634609938,4288986179560928668,131072 /prefetch:8
2⤵
PID:5000

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4148 --field-trial-handle=1828,i,15577222404634609938,4288986179560928668,131072 /prefetch:1
2⤵
PID:1656

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3336 --field-trial-handle=1828,i,15577222404634609938,4288986179560928668,131072 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:3932

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:3036

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c
Filesize
325KB

MD5
93725447deef7e3e9cea4aa684237610

SHA1
da88dc10d335c4870fe891d27b00d04335f0cb76

SHA256
0cb59ea89334d14daad228e9616807f26ccea979c294cc0959c2833b61e7b1c6

SHA512
0df437d36b691e7e1762c2075bfed1ab1fe288296b98d07e8fb2b3be98040b02ec5ab222124f04b829182a355f58e4b3c586f1c4a4a8b7fb099b06dd80bcd0d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d
Filesize
140KB

MD5
3dec2a97d7a14ab74d3153c88c2df88a

SHA1
7c038a669e5666182ca554c18b84e3bfcc5398da

SHA256
cf56bb5c6ca4d002961bace355ebd711218ff3130d5c43d90085c6d6e68f5279

SHA512
720c7bc459b2e28e75d7110cd80aabd8667bbaca1e2f6dae74b6e365df1c60fbdd3ceb31750a32db783e961ffa22e7f6953e3d642a98a9b8bf7c47cbdcacb5d5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e
Filesize
73KB

MD5
2b93b22ef8b191766cdb024b696c000e

SHA1
99daea16caa676703fe187f94ecced3a0ea5c69e

SHA256
1158985d2b023e18b4bb63db449aacde7fd6bc112d237206ba0a4254b3b41084

SHA512
7f414b802c388736e8f9e613cf80a32468697302e50af7f432a2275f53d988fa24c4158a9d1d69b2f96d424e94206fda45c02d092aba42fc8158c2a795ff1026

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012
Filesize
40KB

MD5
5ce7bdeeea547dc5e395554f1de0b179

SHA1
3dba53fa4da7c828a468d17abc09b265b664078a

SHA256
675cd5fdfe3c14504b7af2d1012c921ab0b5af2ab93bf4dfbfe6505cae8b79a9

SHA512
0bf3e39c11cfefbd4de7ec60f2adaacfba14eac0a4bf8e4d2bc80c4cf1e9d173035c068d8488436c4cf9840ae5c7cfccbefddf9d184e60cab78d1043dc3b9c4e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000030
Filesize
21KB

MD5
12b3b06a215a92b61047d4d676009d5c

SHA1
bfaffa1420406892f96c14563413c12b22d5578d

SHA256
ebddde1fdfe55665db44af96d9a914ea833d5c74b510150b0aafcc6598c8ec72

SHA512
5f597b93c1bd9e9be7d7aa42ec1a69d1183d164096046af276546f907c7796cd5d1ea80d152ac8cab76f1ddf3a6e3d51ed74c6dc97d467a4f5519dbad8d42ea8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
3KB

MD5
aebd65368d9dbd73bc6026a4db3e546b

SHA1
d3946e6a79ce3c9c54085097ba3047a4c13bcc00

SHA256
f435d19f214d7cbff6657f79a7555e3da4400ded745ee78f6738f8957bd854f4

SHA512
4db87bf70b013ecd32646c0955323eac5ac967289a729e725e18c219339bda5f9b82a58dad1bb7fd37e67f40d2d68d48760ef80773e84b7f936d2b900f240804

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
4KB

MD5
50e1f62574f3d0d94407b007fae466d8

SHA1
bd892ea7f75e6236fe8e98f4fedff005baddaf39

SHA256
5d68bbf57aaf8300620fa30a71d8a022ce601b86edcbe8e8e1af85ed55b6311b

SHA512
622e938d4694bc681872683e6af4ef825fdadfea313cde8148edaab077fa4759a73f27fd978016f588f535cb62988276cae9d33aa9be9b0c1b4c110d6cee4bed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
524B

MD5
62547abb3443038a7c0d9cf2b55e9be2

SHA1
b468f6610f62a42c6b211f31c4b9d1eeb94b355f

SHA256
22738015f8aee35d0a3e81612f0e98006c8874a5de64a4cebdde7fb61797fb62

SHA512
5693387acaf64581d01b00a4aa96d36e87203e907f9cf7ca592a9ba51938a52493cbadd98a40d89256fb97f0db48906243786ac90aa639512276c12e94eb165f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
26d0db80a9f69c87ffeb62a793778cd6

SHA1
1d06eb37032476dd3513f463df50a0d5232c1b6c

SHA256
8805787eca44b03607cb6cba6bcb57648ffaad210bf4bd694c35c17612638f10

SHA512
d201c24645b390075c37c33823959016932dce71e4796e60fda8f437e56fd64915719a3ff008b5727e547f643c7d37a327911c29af5d89d3306448986a9e01c0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
45f1d58cea2ca64a2377b89a8c478349

SHA1
b4a270ed0a52f2a628631d37e5d1b67bc128938b

SHA256
0b6c057353d77ab0ee11b6ec25feb9dd250ad116114e08f2f962016e2285a296

SHA512
3866ba5fdc4d3245395ab3e921677ae85adfe5aa0e81a344a7714bdb6efc318d272a08a1a065fd3d2c5c148ff3d380736dca0abc9f59ce369ac48d660e9a9be7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
858B

MD5
63a464c02e0ea1c106c1e00977d592e1

SHA1
2d91532b89fdf6ce0631b8a26431b7dbe35000bc

SHA256
992c9592b9437312a1b4e104ddacc2d500399db80d88004e76999a86917872d0

SHA512
4d24ef89dcbad8ce96cfcf4da6e250c9961265f20683f30d8c9adbce1473a2f9d69b9396704397875c838d65f9072d086ea118045029caef0e1f6f98346c445b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
c5cb9c90c2e79c2a7a77a084791a1564

SHA1
52ec9bb387e1f6243450d3492e3061eeaa69ddc4

SHA256
d12555a69fe5bfa5be44b9577b6c0c730b5b19eda97f00ebb7dba37c3b00717a

SHA512
577a05bb513c55d58fcd8ac323c9a1348d9b633756ca04ebe29253ca316cde8ade7900a457a76ad88ece560a45c458e33756c693f670172cdec988ac877e70eb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
1e459f4a5deb8f78a80502510332dd5c

SHA1
4bbbba663e89db10e4d58896c0d81bbad3feb239

SHA256
5f4dd8f2d268931b00828cd1051114da723c19fc7d837938fb58656b3d81e453

SHA512
336d20fb1719c70131767871f2de4d66e986f47656d1c193e693a9e4a747952d75e4601507b547a1d9aed31cfb41dda1ef117ad22107debfd8e83c5e87a3470a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
524B

MD5
2c7afdf8240a915c4e478226a54b1fcb

SHA1
6091acf666504113c03802977ce389e22586b28e

SHA256
7ef97074d8cdda339bd968294f30faa1440299f66a71dc2b260aec6c0642cf38

SHA512
181114c6a98cd223d718b26f5a18e465984a096c170c3d524494778ec7f6cce1f08204db6d4294b9d0a2d94aacba39806287d438b35b7fecae68b6bcd8ed0e29

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
5f85978a312cdb99bf7fe9bfb4081785

SHA1
02f2d456357c547bee23f5480302ebd9c002ef9f

SHA256
0f37485008dae5b5ae26938cb5b39f78bfa3ccebf034cca1913eb72e227a366a

SHA512
1951ae12801b365b949311a3dbdae4d050105d293347720a897ff8347b80d8f453233405187cad33b15286dea3cf4994ac99fe29c88b9b5b4ccd1df0e6816d6b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
680a27d7a38192b505590a53a16131ec

SHA1
e67dafcf03a20820a5a9c162a8f3645b0953d421

SHA256
4fc76e2754df510570eb8c6567f35eff5053da592d7b1b0e57aa1c2929eb926c

SHA512
8639b4ff9e9da44bef0cdc2d87916b0685c724552aa2ea9c1e183553b0a66fa66a3f11332d82caf335638caa985d0af59cf1bdef92a50d65f1d9daa39e320a73

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
eacf0ef261392fb32cae96d0982a4fee

SHA1
198947be499eb7fb55901176102b54456099f3ac

SHA256
5309a7ccd456421489473e1aba823bc0163a08575196ba2d9655c4dfb4e18b16

SHA512
e6668ab9a33c1908cb5f9137db1d40ed5655001e29f41d61975979803d83fb04056f31b1fc759102cc12034e5857c1d4092949f7ec54c528c858fb844f7970dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
a08c634bf7ec6173bea360c6a9655202

SHA1
b75b86ca4b7c0464555f25e745d3166be06818cf

SHA256
de686517e53f34361ec112e1221cc90092e9d5ee2ed0db34b6b94825cd96a792

SHA512
e0d1518a06162413a6601655c16b78ba46845f58a4f0d9a1cfdf3deaf7b12c740fe34a0e896d03caacdffabafab7d6eda4dd4b85f95011e07b0b8ecc81a1bd48

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
b7f33d34a7104f9c4c4379bd8ee28d74

SHA1
81bd1ec674c6ccd7f7a2605981536ba7d3c3cc77

SHA256
7bd5a95d6e23f5d5ac6821e0ab5293ad9a54bcdd6f78c13176821f172972eb20

SHA512
7067eb6169260b3666b8925932d1b1b017bd1a387bf388aab447a76297aea260fae94eaa6d959a829dc22bd8748c756eb4925fbd9be28b43b417b5041b888e19

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
cf5730e94c97320039af4d57f39a8a03

SHA1
12331b4f9ed07900b771340eb1edb12af6899b89

SHA256
c1e14b12aea82661b563409694bb2337ca6ea380c48a072995ebec287f143629

SHA512
aa1fd6f4ad70539d3602cb4c05bd3840910a6e2140bfcc575ad3cd8457437b933857a8a1f0a3fe69b5466469f1183262a305dbe0a1af84c1f93da9f178a53c53

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
3b72c333dff1f031e68d84a99890299a

SHA1
8af6a0f7bfc4c36b176eb16a8a0ec7a7ce9ccc13

SHA256
d82fd2d5d615a8ed92a9df875da5191b33ce4522b39a264fd89c8fb314d59ce8

SHA512
98d91abe3e631cc0906910f7cb927906df4ad6cd9daaa2813ede6db3c4bb4a49efb5e597853b161852f2b82aa448b1354df206fada0dcf00b7270d643b76ebdb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Filesize
16KB

MD5
bcd9c336bd4eb587038a5deae4ba2726

SHA1
0a37c319d60847ade1fcf077c1f15b481c515685

SHA256
42e5e383cefa46780f8f10ecb45e09ee4b26fc553f1faf232b575f3771f5416f

SHA512
5d33dd8b2414cd9d3511e390c02d36e10247e830d861a136d8fe1dfce8a8527f1db0506cc87f37323e60013475d9806c5a80901389bc8fe0b5aab466761ba9f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
256KB

MD5
4e1be8f1e98bdcf0a44f8af7fedd8812

SHA1
d9d870b3ba310529493a677199039c5bd3c328f5

SHA256
603d938d3e764e7cf1402ab87bd507d1fe235c89bea8b4a009fe9430ecf064da

SHA512
e6c71c41018b43951a3c102dff3514b61b9325fbe9f9b133be0f12b4b6f6207da6c6696f45b28ce00d57eec90cf9fcdaf2bd41ebc9ff6e74e1d1a13650b00ebf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
Filesize
84KB

MD5
fe40f1d359cab4fdf6054a223618d5a6

SHA1
0afe32befc7a8e151f3b113bbda05a8bb4389297

SHA256
bf58c69d3469301c9d2150efaaba7442b46240598be60d9b8751412d5fb1c632

SHA512
23e6faee2abc9a850ada0e7a040ecda56615292b8f5f6a6e205bba9d2406812827b68ca9a84a7bbed42d27ac87b019d9f59310f657f61f6c0ac5ca0bdef6f8a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe594617.TMP
Filesize
82KB

MD5
d34f99274f77244d9f53222e88cdd1f5

SHA1
c34a3bcf2428a45ed9d25b8a4cfd465a66c2a375

SHA256
a0642d440c0e2d6ed217e1e31eb79deab09a428ddd8b20b71b064ffe957d0b3b

SHA512
e1c8cdf0fc7bd692a29ad6d38cfd791e569ee2e10387505265f40b7b22b1c2355f77dbf26b6199118e890eaa4fb8217a8518507bc600b4e2d3f5480a7c9bf748

Download Submit
\??\pipe\crashpad_2556_DVGNIBQZSKTHSGZK
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
memory/4488-0-0x00007FFB21B2B000-0x00007FFB21B2C000-memory.dmp

Filesize
4KB

Download