2c3c00c43fcab5e62a874cd7b1fc6b6902b8829ec098205e6bfa5fbbe0053d82

Analysis

max time kernel
153s
max time network
181s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
14/05/2024, 18:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

gx.html
Size

99KB
MD5

fea3735f29c8b0e8a600e92e19305a10
SHA1

f150aacd986a7ce69970d68ea10c9646d05531ed
SHA256

2c3c00c43fcab5e62a874cd7b1fc6b6902b8829ec098205e6bfa5fbbe0053d82
SHA512

f3d9820efe9ba6c3cb91d4e39376cd6b666e964c365580d9f0c035daf428bef939182a4f0659f3dbc3319daf30af9428fc69c56e3cbedcc40df25d77deb9a7c8
SSDEEP

1536:lqrerdk+KTdUJw1H2IabkpBmNhW+JoQEHcEuk8g:62Iab7hW+3Rg

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133601861950406689"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2184	chrome.exe
2184	chrome.exe
516	chrome.exe
516	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe
Token: SeShutdownPrivilege	2184	chrome.exe
Token: SeCreatePagefilePrivilege	2184	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe
2184	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2184 wrote to memory of 4896	2184	chrome.exe	90
PID 2184 wrote to memory of 4896	2184	chrome.exe	90
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 1456	2184	chrome.exe	93
PID 2184 wrote to memory of 4648	2184	chrome.exe	94
PID 2184 wrote to memory of 4648	2184	chrome.exe	94
PID 2184 wrote to memory of 3632	2184	chrome.exe	95
PID 2184 wrote to memory of 3632	2184	chrome.exe	95
PID 2184 wrote to memory of 3632	2184	chrome.exe	95
PID 2184 wrote to memory of 3632	2184	chrome.exe	95
PID 2184 wrote to memory of 3632	2184	chrome.exe	95
PID 2184 wrote to memory of 3632	2184	chrome.exe	95
PID 2184 wrote to memory of 3632	2184	chrome.exe	95
PID 2184 wrote to memory of 3632	2184	chrome.exe	95
PID 2184 wrote to memory of 3632	2184	chrome.exe	95
PID 2184 wrote to memory of 3632	2184	chrome.exe	95
PID 2184 wrote to memory of 3632	2184	chrome.exe	95
PID 2184 wrote to memory of 3632	2184	chrome.exe	95
PID 2184 wrote to memory of 3632	2184	chrome.exe	95
PID 2184 wrote to memory of 3632	2184	chrome.exe	95
PID 2184 wrote to memory of 3632	2184	chrome.exe	95
PID 2184 wrote to memory of 3632	2184	chrome.exe	95
PID 2184 wrote to memory of 3632	2184	chrome.exe	95
PID 2184 wrote to memory of 3632	2184	chrome.exe	95
PID 2184 wrote to memory of 3632	2184	chrome.exe	95
PID 2184 wrote to memory of 3632	2184	chrome.exe	95
PID 2184 wrote to memory of 3632	2184	chrome.exe	95
PID 2184 wrote to memory of 3632	2184	chrome.exe	95

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\gx.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd77c29758,0x7ffd77c29768,0x7ffd77c29778
  2⤵
  PID:4896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1800 --field-trial-handle=1872,i,16853295563615178359,12712878273490166265,131072 /prefetch:2
  2⤵
  PID:1456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1872,i,16853295563615178359,12712878273490166265,131072 /prefetch:8
  2⤵
  PID:4648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2176 --field-trial-handle=1872,i,16853295563615178359,12712878273490166265,131072 /prefetch:8
  2⤵
  PID:3632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3020 --field-trial-handle=1872,i,16853295563615178359,12712878273490166265,131072 /prefetch:1
  2⤵
  PID:1028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3060 --field-trial-handle=1872,i,16853295563615178359,12712878273490166265,131072 /prefetch:1
  2⤵
  PID:368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5100 --field-trial-handle=1872,i,16853295563615178359,12712878273490166265,131072 /prefetch:8
  2⤵
  PID:3216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4844 --field-trial-handle=1872,i,16853295563615178359,12712878273490166265,131072 /prefetch:8
  2⤵
  PID:1492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5072 --field-trial-handle=1872,i,16853295563615178359,12712878273490166265,131072 /prefetch:1
  2⤵
  PID:4996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3228 --field-trial-handle=1872,i,16853295563615178359,12712878273490166265,131072 /prefetch:1
  2⤵
  PID:2404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3428 --field-trial-handle=1872,i,16853295563615178359,12712878273490166265,131072 /prefetch:1
  2⤵
  PID:2812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4068 --field-trial-handle=1872,i,16853295563615178359,12712878273490166265,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:516

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2440

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4000 --field-trial-handle=2264,i,15001568551143786084,90255922961447677,262144 --variations-seed-version /prefetch:8
1⤵
PID:396

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\71736174-8979-4141-ab4b-5f7799992907.tmp

Filesize
6KB

MD5
e94ce239bc6c6722fef970cb75f4e226

SHA1
4904cc21749e11a6e53f9e4bcd3b8c779ec96258

SHA256
980b299591e3a93b7aba0743b14ead5f18ebba35b1e20351d9efd759bb74a064

SHA512
291e2924730615ec7438f92bca9645e94de1056de5fc0766e5b0719a7cd675a524bf6633a473b4ae2e88c3b66518af9e6a80b612eaf1c0da45b735a37a760be0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022

Filesize
502KB

MD5
add520996e437bff5d081315da187fbf

SHA1
2e489fe16f3712bf36df00b03a8a5af8fa8d4b42

SHA256
922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4

SHA512
2220fa232537d339784d7cd999b1f617100acdea7184073e6a64ea4e55db629f85bfa70ffda1dc2fd32bdc254f5856eeeb87d969476a2e36b5973d2f0eb86497

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
12c99e3284d71eba5af76993f88c9cde

SHA1
24e9f03f99580ef4ac068c4b238b7a2235e98d8a

SHA256
232216a341433f1f581df23b0f794857089e30ebd97dc05fa11aa6d82b843b4a

SHA512
bca69dd5f342317e069d942bf34d1351c0601b4f3ffb38c9a15a61f3ed5f43581b431521d7cc825a64973ab8b850ddcc195b8454668020596347ad37ef7c6ae1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
5cfbc072d969c2c24a89b5b71911839b

SHA1
d784c1e08c77957669d8f9ae6dac9c4d8c508bb4

SHA256
cc508bc8ee383f7e8664db244d44a60836203192881f9cf9d123268420b7eacb

SHA512
308fa608691f271ff650b04ad3f30e70f22779a25da2e1426951010629882b9e7915ee898315984b13a581582884f936ae51b1ee738577dd9afd771de3c25102

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
4af56d5f24750fbf8975cc818300be21

SHA1
7983308666e5d2173168568ee9fcedede0a068d2

SHA256
f45fd0c5dc39ae815cca87fbb3cd99410b48ac065d65a9fd27ed75eb73d2d2fb

SHA512
ce5945b98bd77634a8e5b7ed7a989e5abe2d914d69fc5f3956ad77671165169eb6d2ebce32ed5b395f51fd076e6ee46cff8c85c662b22104102fe36e7dc258d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\709f81a7-6fbc-419f-aee9-099947039ab3.tmp

Filesize
1KB

MD5
f7d9648f06ebd4e7ed05172a01acfaf1

SHA1
397ae42131aa40ffd84268c35854770eb06f7ce5

SHA256
e268ebb2adb22b0ea3a6d299389cfb998678caaaa146ada8a1ded9df8a0a26f5

SHA512
f3d9d51f61d88c68a4826e25480bb45c3c1400f627adaec4462c6866220601a21ec54746dfe34980c49359c73b4a397ef8f636659e1daee29788a85790350921

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
1949df242f2b28863e80a3db328167d2

SHA1
0431f1e67b7183650d07241061e9bf07ec8bd951

SHA256
bc6329b515544296ed0e70da79c2d431a1dfe852f5d995bdaa30ed42d75bbfe5

SHA512
8109a97507583ed550f5b7e17382b7bd0adaacafe305fc872b0b42b10f2d623cdc3fd90adf407106f6750f9fda314eebf521738d45fa59774ddae622e353f651

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
6d8e855b6bc035f6ccdcdee58023ea53

SHA1
4f57157b5d1e0651cbaaa6c87d17adb8ff77187e

SHA256
7f95a37d3e5974b1ab23b5251679312f06e24e0418e6dbec98986f6c2f6f849c

SHA512
fe300bee72f9bb8b2a39092c5256fdcb8c6f059b52f039553a9a2ca33112d5c1787b142af71e576156601cc154eab3600491986fbabe7c9899157e8a6239ce48

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
05ba0e82f7109f2596257397f00c17bf

SHA1
0da7ceb9aedc964874301efc72838c06511443f4

SHA256
a847cd99b366b4b085095abc03ca829e84a00cdcbe54bd904c8c2192f09f4944

SHA512
4c43abe49a00e007d763f0e2a9004b9240f58b152dcc86b35fc62201bd400fc11e5edad201399369d642ccaddd6c6d46f548b66924e7b275a63e5af2222b426e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
5f0a366d39d60755c7d4964f6c89c918

SHA1
680f56915eeb3ed37ea8120eea0267d48fdb02bf

SHA256
bff1ec5cdc556e2343ac3165d794f5db707277fc6c11568f164277f558003ef5

SHA512
11a85bb0ef815e1609c5f81ac90aafa61ce8347e29cc5c67e17b9a607d87e12b1994aefc11eb4b6c39bf220f544dc91ee94140943a30a433c0b2b83159602b8e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
f0c29d13b3c3a1cde2daa0eba4b126f8

SHA1
98ec303155978480a40867c2703893d4f6fa4faf

SHA256
bbac11b9b8cd533ef86be423c45af2f097f60e68961758c08f5653caaafcdabe

SHA512
dc592b7a0a81cac35976ddddd81274667a6c1521ebfcc0a05f80ad5aa4ed723f6afd97e62370658e8cd62cc3d08a7494f85e8f3c172fec047c3231aac3cba0af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
042eb8848c2851641c3ad8f16b9c6df7

SHA1
1e7b75ae6aa7ea9e9183cdef28738ccdccf28f11

SHA256
a51334fcb5ad159216788c1de8e6c5d8a016fb9d0170937acc187bd65d0a17a1

SHA512
4866cf011e77d6922a1bd829d952dcf7c349f71e9850b0528aacc3fbd32b328b1e879d20f16a69763c3b4e5050b69f79ca76b76049b072e91c7df0249b9bdd54

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
cedf6d126824413316ac4d85f5066447

SHA1
823b24483ef35edd27f49db19f3c1e47282f1880

SHA256
9a55240dda9a815f6705595d7bc1cb9e8acc69540daeef9b770bee60ccb23389

SHA512
73a6e98122c7a9e956500e0653dc3ab482804644f9b61f3569e3ed220bcc51d7f4e6226fdc4cb15a0df3059e62a24a1517fb09d62dcd289bec68e0714ad85d6f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\e914db33-3a9e-499f-9fcc-aeeb75d0cc26.tmp

Filesize
5KB

MD5
b8f98b4f1fbff8c72645e234d34df876

SHA1
20d74c51bee93e5bbc9b5bfe89c45aabb6353773

SHA256
fd9f1fca3c963f914f1c202695a09c082a29f0629d555d90515f4f0febb960e4

SHA512
3911c459a1398f60a65099ee7de9ec12fb0da4b7327ce6244b241a6509d349ab01bd6e57c4176d90da8caf8060aa0f9cdc2d3a704ae9d6a0e3024609371138d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
011d826ceb8e3847703dc6fcdf1f2e64

SHA1
e972e0c5e036b9147a0b8fb13b69350c86b8fac5

SHA256
a666ff060872c69c3de25775d631acc8a6e9470bdd7b181f97d85b2b2eb32255

SHA512
ce22c46ac9ec69ee8a71ec70405f9f898b4660cec0dc4276b8f40bb1953991b39c37bd1138e9c3fdf364ec9938b7cd66d5193c18d1d35615b5fe9f42050a2b4b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit