hxxps://estadisticas[.]neored[.]com/t/46177743/1636217378/82461449/0/123025/?x=92f26710

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
13/05/2024, 22:50

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://estadisticas.neored.com/t/46177743/1636217378/82461449/0/123025/?x=92f26710

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133601142830101373"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4124900551-4068476067-3491212533-1000\{74F401FF-85D8-4F67-9497-54246136629C}	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4344	chrome.exe
4344	chrome.exe
3428	chrome.exe
3428	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe
Token: SeShutdownPrivilege	4344	chrome.exe
Token: SeCreatePagefilePrivilege	4344	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe
4344	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4344 wrote to memory of 876	4344	chrome.exe	82
PID 4344 wrote to memory of 876	4344	chrome.exe	82
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 688	4344	chrome.exe	85
PID 4344 wrote to memory of 3396	4344	chrome.exe	86
PID 4344 wrote to memory of 3396	4344	chrome.exe	86
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87
PID 4344 wrote to memory of 2332	4344	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://estadisticas.neored.com/t/46177743/1636217378/82461449/0/123025/?x=92f26710
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8030cab58,0x7ff8030cab68,0x7ff8030cab78
  2⤵
  PID:876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1604 --field-trial-handle=1812,i,6007502599730873040,14604670538835617455,131072 /prefetch:2
  2⤵
  PID:688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1812,i,6007502599730873040,14604670538835617455,131072 /prefetch:8
  2⤵
  PID:3396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2244 --field-trial-handle=1812,i,6007502599730873040,14604670538835617455,131072 /prefetch:8
  2⤵
  PID:2332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3060 --field-trial-handle=1812,i,6007502599730873040,14604670538835617455,131072 /prefetch:1
  2⤵
  PID:512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3068 --field-trial-handle=1812,i,6007502599730873040,14604670538835617455,131072 /prefetch:1
  2⤵
  PID:3256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3928 --field-trial-handle=1812,i,6007502599730873040,14604670538835617455,131072 /prefetch:1
  2⤵
  PID:4416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4188 --field-trial-handle=1812,i,6007502599730873040,14604670538835617455,131072 /prefetch:1
  2⤵
  PID:4012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4448 --field-trial-handle=1812,i,6007502599730873040,14604670538835617455,131072 /prefetch:1
  2⤵
  PID:2128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4696 --field-trial-handle=1812,i,6007502599730873040,14604670538835617455,131072 /prefetch:1
  2⤵
  PID:2328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4700 --field-trial-handle=1812,i,6007502599730873040,14604670538835617455,131072 /prefetch:1
  2⤵
  PID:5092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=1576 --field-trial-handle=1812,i,6007502599730873040,14604670538835617455,131072 /prefetch:1
  2⤵
  PID:3100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4316 --field-trial-handle=1812,i,6007502599730873040,14604670538835617455,131072 /prefetch:8
  2⤵
  PID:2320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4344 --field-trial-handle=1812,i,6007502599730873040,14604670538835617455,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:1408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5252 --field-trial-handle=1812,i,6007502599730873040,14604670538835617455,131072 /prefetch:1
  2⤵
  PID:4356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5596 --field-trial-handle=1812,i,6007502599730873040,14604670538835617455,131072 /prefetch:8
  2⤵
  PID:440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5232 --field-trial-handle=1812,i,6007502599730873040,14604670538835617455,131072 /prefetch:8
  2⤵
  PID:3524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2236 --field-trial-handle=1812,i,6007502599730873040,14604670538835617455,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3428

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:2176

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021

Filesize
19KB

MD5
4626dd2198e3a8d724fa9160d0e60062

SHA1
bb5c31745f3898b9fc6f41e730c95cb8b5eaece9

SHA256
b1316a6807a2d403909c179a51324a0d31cb8b3d808eaf991c685c34b6889693

SHA512
474567b529ade6a83363617fa94f81244a7dbd9ca07fa05616848fafe8e449c5313d59f0183054cab7f4323bf55663f7f6182c0b5c6c921b9454d762db492182

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000030

Filesize
95KB

MD5
02d636bdbd660e57abebb342346aa7c1

SHA1
329164e5c36bf81b028d88e692a7d2fc2ea99b31

SHA256
cf015ff8b1dd0132eafbfc6a67b7f0b778a53688bdb66329c2798814d43ed42f

SHA512
b6ed4c06662295d22b6c35588c4c61b7cbbc005d8f7b33ff57293b78893dbbfa686c9d8efd478e516af97ed7caf953d22690ecdb9628348ed774f91f17972db7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
f9aae0c884bc71354aeddd83b437f5f7

SHA1
5e830de2dc10134ac2ae27bba26e073e82fa14cb

SHA256
26def544018b226322772570dff2b82d65ff2c5bb7e92e6f46f8b2e7033e6dcf

SHA512
17fe25269ddc7eae683a2377aba46e81aca6d0277815a2980d0625232f0b8f3977b7fd40f904536551443c2c98c0a613d09fc129cc449d5a3cd240a7094cc0c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
9KB

MD5
1e2cd39abb93597e6907d7270cc04177

SHA1
4bedcf097cf822c6e532718a4403bfddda58b3bd

SHA256
10be3eedbbd101237a4f2375896411709d5b85952c72694d7f4c299f740a91ec

SHA512
3bc43f7c220cdba55b8b54b1861bee5fb43f460060921c4b52ed7e3bde6d50880a488b3434c96fc84e5b7466abc25a5d5e234f6e3bb5eadde728a6002b59d64e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
2ef4e505e4fbaf9d1ca4d9c76bb3ab20

SHA1
3cff70dda9a52399e3c4cc513ac278ec8e5ab6c1

SHA256
66e73260d07360d2bba2b4ab0e8ee5637272210803d851baac676a80cae50a9d

SHA512
b1db02b76171e4a371ec49d376e23c28bff2d814ecc047d596c4664faa471b3570320225171b01b7052a14aa9d4e4b7b07dfa41b48e0fddde78e768f7123e7f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
bf4cfd735a8cfd482d116b79abea78c1

SHA1
16c84283ecde232a251a5ce2170d0449e71b9a41

SHA256
cd38049f439e2a3ad1148a0959fee98e20afaa52b6192b5f8b7bb0488464ef09

SHA512
29863654b576bb07e69efcd1799c71cb0464dc4d7abf6929900001d2e35b8fc8683be9a49f64d2c8c8256abe59b11db95bd4a61ce23868949fd1ed9b1531326e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
bfee67b94433e1191e20d1873aaf884c

SHA1
908b312a343bef57a852b48ec73b29083faf8c8c

SHA256
29e55286dadabb540bcf91f118fcab7b80ae7054ef805857fa030f4844dcecd4

SHA512
9e8ec6c8aa3ac7584b0b5820684e8f41523ca13efe90806fc895d36dd1f50a90798893017e725ec33317144f42b69b46ff83f6850cef37ce088a691c5953e1c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
5dca47a04033a48e2f1e59c322c52e83

SHA1
700a8a1a8319bc58007b79b36c11bad0baa5b72e

SHA256
e3de420b4e7ee90846d97782f9745a448ea66adda1a348da4d1c9c5480b4b883

SHA512
1f3ea192d37c2a063f967400de4e5dfa754804643776421318122db6401cdb71f7b014943d7d325f9b9f0e69c9bf70253e97649f2ec9cd6d10169c0827ac424f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe577e58.TMP

Filesize
120B

MD5
633119ef3e3f9aa01890ef6c834566d9

SHA1
20e4b3fe2b2ca74d72e7d84d73e5fb15a5eb2ad4

SHA256
ccff15c1f7be34e5c3a3c012c325a9c237332a40366ee7606a9fdc3fb6b9f863

SHA512
fcc553873e6ff2ec8c858c0ceb9d50e1e7edeb47c06b34559cfefaceabea1706c0f318e4cde88bb4eb2c1c96c41d35bc9bd4bee1c37a4e7229cce264e3358dfa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\bb54bc40-9f49-4814-b87b-64f754836550.tmp

Filesize
6KB

MD5
cf70636056e60f733e68626b8d69d463

SHA1
4f0e247aeae7318d45989286b0961a2bc1b2915a

SHA256
1a7c850787b322fe54e4c8de75abe274f6acea942697284afe861b2d884562be

SHA512
ff76e5d85d7d4671ae624bf660ab52079eb3ad67e577960cee5198c42874037775d0737f4d1e556605a122de726ea8152f0226e2a13b2857bf5f37b4b2877504

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
255KB

MD5
fbac4407177c14f99ad3a13e5af4e860

SHA1
c7ef1cc83162c9cb2899bcfcb630553a098d8d4a

SHA256
003e6227faf775ad4e36ab9474e7e757353b4a6547ff2c0b266c21c8199bd565

SHA512
fb69526965014358a6cfe29e2bf1726905433a978c8b4bf053146dbbc12b4149c76d8262c1f1db9d0c7ad32c40cf6980c30f8b104742ba98e4456656a3d467b2

Download Submit