33461d788a33b88bed3d489826f9fb766cae421f322b81c5eb861718a1dea7bb

Resubmissions

12-05-2024 18:09

240512-wrsnvahe71 10

12-05-2024 17:56

240512-wh2v6acb26 10

12-05-2024 17:50

240512-we2qzsbh82 10

Analysis

max time kernel
150s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
12-05-2024 17:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

RGF-main.zip
Size

54KB
MD5

7bcc565dfb0ce789f9a984870a64414c
SHA1

7918e05800b7d02be5aa3670259709fde7f5c268
SHA256

33461d788a33b88bed3d489826f9fb766cae421f322b81c5eb861718a1dea7bb
SHA512

0490c139cd781e827fa35e55d21d887990febb2ab158baac005755ae1825904cf8f2971a10e75e135fa350c40ac841815ddeb2fd5c9da2d7b350e9c509f027b0
SSDEEP

768:C2wkbG+ulfxDBcy7hCPWLp7BKgRfIa700K/2x6qKDcqVQ1WEx7HyWKpIpTtKP1ZC:CN1LPBcmKWLp7BTei/qVgRHfKJLYd9vr

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133600099019426395"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4116	chrome.exe
4116	chrome.exe
3208	chrome.exe
3208	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4116 wrote to memory of 4844	4116	chrome.exe	102
PID 4116 wrote to memory of 4844	4116	chrome.exe	102
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 3548	4116	chrome.exe	103
PID 4116 wrote to memory of 5028	4116	chrome.exe	104
PID 4116 wrote to memory of 5028	4116	chrome.exe	104
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105
PID 4116 wrote to memory of 4620	4116	chrome.exe	105

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\RGF-main.zip
1⤵
PID:4604

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=4040,i,5711962389779687290,1245653010537220991,262144 --variations-seed-version --mojo-platform-channel-handle=4124 /prefetch:8
1⤵
PID:2228

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:5000

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xfc,0x128,0x7ffc0650ab58,0x7ffc0650ab68,0x7ffc0650ab78
  2⤵
  PID:4844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1752 --field-trial-handle=1996,i,15317641841052956804,2333787190980136040,131072 /prefetch:2
  2⤵
  PID:3548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1972 --field-trial-handle=1996,i,15317641841052956804,2333787190980136040,131072 /prefetch:8
  2⤵
  PID:5028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2256 --field-trial-handle=1996,i,15317641841052956804,2333787190980136040,131072 /prefetch:8
  2⤵
  PID:4620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3096 --field-trial-handle=1996,i,15317641841052956804,2333787190980136040,131072 /prefetch:1
  2⤵
  PID:2596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3116 --field-trial-handle=1996,i,15317641841052956804,2333787190980136040,131072 /prefetch:1
  2⤵
  PID:4332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3648 --field-trial-handle=1996,i,15317641841052956804,2333787190980136040,131072 /prefetch:1
  2⤵
  PID:4164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4336 --field-trial-handle=1996,i,15317641841052956804,2333787190980136040,131072 /prefetch:8
  2⤵
  PID:3628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4608 --field-trial-handle=1996,i,15317641841052956804,2333787190980136040,131072 /prefetch:8
  2⤵
  PID:864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4676 --field-trial-handle=1996,i,15317641841052956804,2333787190980136040,131072 /prefetch:8
  2⤵
  PID:424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4560 --field-trial-handle=1996,i,15317641841052956804,2333787190980136040,131072 /prefetch:8
  2⤵
  PID:4592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4960 --field-trial-handle=1996,i,15317641841052956804,2333787190980136040,131072 /prefetch:8
  2⤵
  PID:1856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4072 --field-trial-handle=1996,i,15317641841052956804,2333787190980136040,131072 /prefetch:1
  2⤵
  PID:5020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4780 --field-trial-handle=1996,i,15317641841052956804,2333787190980136040,131072 /prefetch:1
  2⤵
  PID:508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3292 --field-trial-handle=1996,i,15317641841052956804,2333787190980136040,131072 /prefetch:1
  2⤵
  PID:4828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4480 --field-trial-handle=1996,i,15317641841052956804,2333787190980136040,131072 /prefetch:1
  2⤵
  PID:2368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3140 --field-trial-handle=1996,i,15317641841052956804,2333787190980136040,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3208

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:1468

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
00196011f6161d87bd4150e4e3597c46

SHA1
238675f4ae18f6594a3b5b405a063cfb18526a28

SHA256
51b4082f5fa48953b910d79e2a81c6204a595e49b029ec2793f3d751af9f5963

SHA512
2d8874a4b6cd916ceec27eee79c22c594c89786dc9d6fc4753f7530c33639abf21822654c5a8f01fb2d9f3b94c8ffa3f9b717c45b1c99ecc331acebbcc1067c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
38c682c868bc452ff45e2c846cf8b30b

SHA1
ad6f434c63d6d96b594a64a694d7fd75ceb8cb15

SHA256
d8b00eadf7db85d7ab591d9a720961ac0d9954c3e066c076ed20907417f640d5

SHA512
3c151ae33316bd3e20490bbcd0b4e7bce28e4cd032353ad50a67bfa47e84994b0299712c03d63a62cabfca59aaa7297e88391d9a1e6e7caf6e1a24e02f15b2c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
9313f83877f6d504f505ad9841bba2e8

SHA1
219f74029f3d4fe3150f6afde6e958af8404e16d

SHA256
6fbbf3928c78ac8a916d9a888e9512f20edc84b8efa9e3fb00b904b2922c325f

SHA512
aa7e40c0ed03ca6950107db91f5851f873208c20b3513638c066d0d0023b4d2dc77bb98e0888369637e46229949b76389d451339eb001eda38308977e66ddcf9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
38a49a6d05e7ddbe976cb808b8116c89

SHA1
4f7f361325f68b046ab7fb76351de1e36c1aab3e

SHA256
5e7d0d8d73dd169c7bb05bcfb41ed58469264e26d4613948e754a1c7b588531e

SHA512
c1d55c43836ebe692b9181a93cfc1e5a02cfa67054eaf831e42ca955a5610147cadcec513c3f6576105a9918ab2d266efa79076f8740226847622c2157d4afbd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
22dfcbea5884393272259e0a515d5106

SHA1
83fdad15de35b7668635b0f7e3c5954bb38d2bbd

SHA256
5d582599a3e8b73e5b6de3c19a164ac10cd1a4697d06b87ee7a251e43d485a1c

SHA512
54cd3c9804ca9884633601cfb72ec90b87da1df665c288f74067527f9bc4d5bf7047ec3496b1cefa37ac8f639b420fc6946c46c480b9cc4ad230b4ebbc22cd9c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
143ad793ed18a9df28f6859cb4cf6c47

SHA1
2601e4c6de2def17473fdf81a021f269a5e4aaf2

SHA256
a15f132bc8a7cd4f534dd2ba484c17a8efdf0d0fa38d0cd397d7c7654ec60013

SHA512
7afbc373a7fce5aa75d8350ee3eed100a483443a41cab0c3621ca0d9e63eb3297cc60b051290334537fd916597f7468a061c2e36d86437b80a575f8917fbb730

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
16KB

MD5
8f2570b4e5776af1d6d863d00e114f8e

SHA1
72a6624996054d23335a755f1d1fbb038a93ae27

SHA256
416486e9ca76a49f8c3782b5d5b602c817ca412fff17ca6dfa77c8aac98a7c90

SHA512
ac1a588a43f55f35b80585a156c3fa4028c1ba18ba52b9ff9186cc48e6b62e3dea02964b3537e6a0c2709deb49aeaacec4d8231d94f893b9f45d45ee1ac6360b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
256KB

MD5
e6a62b549d36f6b1d78001cf2a264a1a

SHA1
2cae95a1d496696c267321aee956ef6e73e2c89c

SHA256
b9d273f2ce75a41d2d92d75e2dde9ec47efbccd1cbe8b70c257804f00bd583ab

SHA512
c37edce27c7a7ed505380d4a2c92d6c650168b476a947dcd1afe4431ad18b8667ddf27190049968d62c86b85c093679ec72a7c91cfae32524bae1538c0a3a728

Download Submit