hxxps://tinyurl[.]com/STUDIOPORTFOLIO2024

Analysis

max time kernel
299s
max time network
297s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
15/05/2024, 12:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://tinyurl.com/STUDIOPORTFOLIO2024

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133602513577524981"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4912	chrome.exe
4912	chrome.exe
4380	chrome.exe
4380	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe
Token: SeShutdownPrivilege	4912	chrome.exe
Token: SeCreatePagefilePrivilege	4912	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe
4912	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4912 wrote to memory of 5028	4912	chrome.exe	72
PID 4912 wrote to memory of 5028	4912	chrome.exe	72
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4532	4912	chrome.exe	74
PID 4912 wrote to memory of 4324	4912	chrome.exe	75
PID 4912 wrote to memory of 4324	4912	chrome.exe	75
PID 4912 wrote to memory of 4728	4912	chrome.exe	76
PID 4912 wrote to memory of 4728	4912	chrome.exe	76
PID 4912 wrote to memory of 4728	4912	chrome.exe	76
PID 4912 wrote to memory of 4728	4912	chrome.exe	76
PID 4912 wrote to memory of 4728	4912	chrome.exe	76
PID 4912 wrote to memory of 4728	4912	chrome.exe	76
PID 4912 wrote to memory of 4728	4912	chrome.exe	76
PID 4912 wrote to memory of 4728	4912	chrome.exe	76
PID 4912 wrote to memory of 4728	4912	chrome.exe	76
PID 4912 wrote to memory of 4728	4912	chrome.exe	76
PID 4912 wrote to memory of 4728	4912	chrome.exe	76
PID 4912 wrote to memory of 4728	4912	chrome.exe	76
PID 4912 wrote to memory of 4728	4912	chrome.exe	76
PID 4912 wrote to memory of 4728	4912	chrome.exe	76
PID 4912 wrote to memory of 4728	4912	chrome.exe	76
PID 4912 wrote to memory of 4728	4912	chrome.exe	76
PID 4912 wrote to memory of 4728	4912	chrome.exe	76
PID 4912 wrote to memory of 4728	4912	chrome.exe	76
PID 4912 wrote to memory of 4728	4912	chrome.exe	76
PID 4912 wrote to memory of 4728	4912	chrome.exe	76
PID 4912 wrote to memory of 4728	4912	chrome.exe	76
PID 4912 wrote to memory of 4728	4912	chrome.exe	76

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://tinyurl.com/STUDIOPORTFOLIO2024
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffa8b599758,0x7ffa8b599768,0x7ffa8b599778
  2⤵
  PID:5028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1548 --field-trial-handle=1760,i,16175298209944704143,10745039808948146264,131072 /prefetch:2
  2⤵
  PID:4532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1832 --field-trial-handle=1760,i,16175298209944704143,10745039808948146264,131072 /prefetch:8
  2⤵
  PID:4324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2088 --field-trial-handle=1760,i,16175298209944704143,10745039808948146264,131072 /prefetch:8
  2⤵
  PID:4728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2912 --field-trial-handle=1760,i,16175298209944704143,10745039808948146264,131072 /prefetch:1
  2⤵
  PID:3004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2916 --field-trial-handle=1760,i,16175298209944704143,10745039808948146264,131072 /prefetch:1
  2⤵
  PID:4984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4464 --field-trial-handle=1760,i,16175298209944704143,10745039808948146264,131072 /prefetch:1
  2⤵
  PID:4756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3836 --field-trial-handle=1760,i,16175298209944704143,10745039808948146264,131072 /prefetch:8
  2⤵
  PID:4724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5324 --field-trial-handle=1760,i,16175298209944704143,10745039808948146264,131072 /prefetch:8
  2⤵
  PID:4164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5364 --field-trial-handle=1760,i,16175298209944704143,10745039808948146264,131072 /prefetch:8
  2⤵
  PID:2072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1644 --field-trial-handle=1760,i,16175298209944704143,10745039808948146264,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4380

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4620

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x3fc
1⤵
PID:4716

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
648B

MD5
772c200416689da2e540bb99fe36628c

SHA1
9628da4da4e699e7c851ed64b64e87a5fc6b432a

SHA256
99909000659af8cbf4fa84f87ca75421756d6f0606bdd8fb1af19a5fd308aea6

SHA512
3a080092f3602b4869e9948900d4b75e9adc26bb4622bd5b3b53dbc0bc0f54d4e77dadc46b532703c03a3c07b30422e6f42b3a18aef3a6c82c296ede00332d4c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\09b43e31-92e5-4fa1-b2da-9957496300a7.tmp

Filesize
1KB

MD5
269068f1b3228e3d0e2d38c22ffb8a37

SHA1
e8a2911d2fcbe3e9ae4a9d96993ada2f8642b01c

SHA256
cf78237bcc87c5f66b2397a8ea94a5495cfb51e17cf051cefa9d84811a83d2ae

SHA512
6cb75052687f3953b2acaa6243c8e4a53e3d37cabe1981df9e9f3b4716ed6b208dd1a307e83b008b39bb5fd44c24152a058fb44dde1a9b142a3e54f66c75f95d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
1f34f7c7210f5f4eadba94edf132a2b4

SHA1
76110119ba924ac4c6f4b81a6577311c6966cdc3

SHA256
fe08c9a3761d41183d23001ab42e86d87bc04bc1588391fefe897e458d9a3591

SHA512
37d866f3357dcaa67d469e6537153429d4ffb158d20a23a0dc5efb5100b1d64a0e077f8b95c6bb9f40abfd2880c8677806ba4397bca47c716d67146370b7256d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
b82cc7d82fd3b23f4def3ffb43b3cab1

SHA1
b48093b529544bdd96021dbfeb664718817615b6

SHA256
37ed9282635dfb17503b8d01a489b01503aef093eb31ba0ecd64644d3a9f3324

SHA512
95cd90b7b37160d95ca075fe91b98148faee23f1c8ce7eb7ac5680968aeddf141e2279d75331a53de3b0d65ffbc80be5f1089f8b40af7221773a7929ee0ebdc3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
4e52b4c858a5510ed6f27bb62ae2146b

SHA1
d72b0b553b93573328bd31529c86fb94b0198819

SHA256
3185e3660287329979d40704539629496de26d06360dfed2bcaa97e2ff0cd91c

SHA512
8bd901a7adb0ebe5ae578b0b8676f5c95b3b655bb508387e3df3f08a29b3ec4c05b1adfe0d9556a39c39e1a833482382622478a6b8b211cf14338813d43e9e2c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
9c06b7c38c6753407770aa934341d43d

SHA1
e41facb1eabca26cc809eb6f517a4e10e10d2690

SHA256
f4dc83fb6b488749267f6a64f131483450fdcea8ee27905a989ab5fb7bef081b

SHA512
c55d191cdfa344b8945834fd34051544cf06b4143771bba070e87f2b33be086dfa2d7c809cbb3c28b7b0d5ca26bafae889e899aa183190884ad209d3b346bf04

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
d0f1034f6f43e84bd1c4f616cb40da2a

SHA1
7647f3d1f433e7990eb494499b5d1b478f454c71

SHA256
d3316e08dfeda1e13e78e716e510623bd67125de3274f3362571b267e3e15b24

SHA512
92ef10967c2a4288286bdf4a9c72ea842ffae09bc26f9fd9befd8e885e71159e796bc57648cc3af9470c7690f5dbb77f3f967b4461a635ed9fc67860f141fca3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c2ebe139411a183f59a74faa7b8b351b

SHA1
247ff5ef82653fed5c9bf6099a78abfbafc96863

SHA256
356073133cf58deb4c9aa9788cda2cdd48d7c561f459de137a4be2877428dc18

SHA512
2c113a8fe649eee797a1c1f2c4fe60feafd10d277b4fb874d445eb2374ca7844554827bea4fc6209acd17a818fb908bbbcf222486be4826a3a212eefc39b8416

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
f9470ab0b5dedd9c415cf6ad7c25d748

SHA1
af0ac33022c00395e86a1afc2e1437fd2ef544fa

SHA256
0e3edb1eed8463ce8fa6c45e3d8dcf43497b31537da38247f85558ff5c904d0a

SHA512
41fa9a3dea2fcb5f68a4ca08062274bbeba6c37649617fa39bd7a991fdb1b3ba41978a9c9cfae017feb3a93fa010bca4d6fa0f78c1cdf06f063cfd28eba78771

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4c0716e2b2a8d034add063c9d3b4d4bc

SHA1
548226928423ee28703ad3572d1e1f8c2dbbbc95

SHA256
85b371af9f7e18853d4b1bfc957bd7172d21e71b6961cb93c0c3cdfb4f6ad0af

SHA512
3b1f553fa0ab99b3a80292b2ce78aee3499c189a941ff7d92dd12c9b08434c17deafa43e2d9486bd001fe5db902690cd749fa16bee53140757933df493fac39f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
2ff03d3a3139cdecce2cde9ae2e5c78a

SHA1
2f4f6d10478fb1135b542d87c8739d4db1f93dd3

SHA256
8884be2aaae18f8d4b12b8530ae448581fc46d4ae9f2dff3b4571f4f6c2500c6

SHA512
5db996afcfb67c275ff5ba47a26d6ab40dbfd0e11c7fb0ce781b162a0a8ec9e25927ef8725eef60bb6726527d278e45fc33f4410183c9185d1405f9b82e267bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
961cae41e22eb728789f5d282d940aa1

SHA1
bc2d6e8077b498316f0b7f85a0a4e0c8f804fa2d

SHA256
0e2c5df5e345abcc9eca036a9da793f3ed129b393659314d5c64b816c6c4e651

SHA512
bd3e991efb712bdc4efcdc217d2acbd3cca5922560d420954de6ece759aa8626cf59e0cec6a48d12b5feaa224c5272923b577d1f06797dd14f8299830e64ad40

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
aab38dd29ce60451ba6f0242c9f6fa89

SHA1
8ac83e3cf7d0fa1b5e22fe31da4b7b73c8a39b8f

SHA256
3bcea2018535fea147e93a35f11110dd83215498347c6ac3e997304329612b24

SHA512
fca16180fa443bdd20c8a3a216130fba99ef122cd97f8f4195a6ba457c2f9c206019c47c4181311f8f26a5979d0a13c9095a2b6da5959f5caa122eccbbadcf4c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ec903decf11e115047581d9e6b8d6370

SHA1
126b0d77a8f8c10ff220f05cfaefcab381129c0c

SHA256
9949cefd5ee54a181df4abd257181d47ff3720f1c7d65c63a5f1086858ef7ff7

SHA512
3f9d0300c5389a2513c2cdc7b26510a5fbfecc44490fc03d6b9e96a48d49df222c1a127baf127de25877c5663c6e195a538748adcfd04158e3891a8f430b966c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
1df63f3886a9cf22198d245cbe6823e4

SHA1
12e54f436d887000a291f90656b3091ff5954520

SHA256
5d7b40c0918ac97c85a0b624270158525edcc4a57722287afea9ae6c8aefc50b

SHA512
f3881706f598db588f284d52441728686b7ec7a5aef50b54564c547c73818811ce57f1f3482621c7cd2323c1357862c2fa104a0c3f220beb3f7aac9dbb21f186

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
9b2e37dd2b9f06b31243ca71c54c6433

SHA1
450654905860443c2d8e5670c001a44a77de5f57

SHA256
ecfa1f5c552c152881286eb0930132458169eeac501cb43440b115f1987c18ae

SHA512
6818e073ad0b057c4fd5355d919dee134eb151914c450d2131e2760b0b54ae8eb61c570c939374415da7626fa5d8df6ce22e44ba864eef5cd3805385f1b4eb55

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
d6db3c6f5bb6558d48655ec8308cbb8e

SHA1
a9ba0510a3754cbcfac8d7258b6c6fb4dc01b227

SHA256
090f90670eb68e56fdf8e3bcfee6c96ec637dc978943011d4ee4d1a33054ecd4

SHA512
e871b4d223d68ade3f39645d851729594dc03c652b4fe0d30387e323a064927ef89bb5444380e48f3cdff4fb086f742be4078061ab406b7cf1aec52e22f71151

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
c6fbe91fe07c7f38dce0c4ea11602646

SHA1
81b689c7547674ee873320d189beb86c3119cb4f

SHA256
80599c22e61d08ff76ec49e2b679a5fc898f92d0e9d16d3c1f4a069a246f01a9

SHA512
5a4df0739d98441bb4ad83173e27b6a4d916c2111b1cd6511ca2fbf98c0370f8af6d59b70c9d237a42d8f6d50ad0fb6cd6737a01c11a7f6cda898403f56f91e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
1f26ab0d9ce700a29e2fcdb42ca858e4

SHA1
504d0a46d2ed19a0fac6821abe689c4600be70f1

SHA256
a1dce21af237d0958a87e954aadb28266d989721cccfd3626ae3a7bb6e4c17f4

SHA512
f7743c9fb9865b8621ed47c39562881bf218fe83a806eb9e6b25c0b14f8ffa3b365e8220dc042dffcce10a75635f03655be2352a92ba4a3ee31909c7e7b85388

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
192B

MD5
44b91ce355f1e93ad9c7b21d65335451

SHA1
0b1ffea177f419e90d174cfd22436d7aba2b163b

SHA256
e1a5979089cd0f4c62082ead6368c7a0a8b2e537e9bdd71ad51f300680815b29

SHA512
b095ac902fefe1a267581bf0458377e421dc4cc44a59eedabebc1909e6043a4e0d0d718d00a52769e8d8c7e9a91f62844bf2beaa51c6d4de8d577c4df469579f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe599178.TMP

Filesize
48B

MD5
99862fcf725406270dfebb780a51929c

SHA1
27c33f62b6aa5bab33cd6e8cc9e78b2225736b29

SHA256
b2ff7f0eaa7c4828c2e7bd9759de8841920ee9160929c0b25eaabe5bb788a96b

SHA512
7cb07bd85f21f82aed432dfee4810b13859d233b62ffc7689a67f8b0d722ff7a9bcbfdefe63d80a12ea8e353add73eb78d940c12fbf3cb6e39f56943ceee900f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
136KB

MD5
56408b086dfb3d970a9e1188618686d9

SHA1
55df3a0ec53a9c3e0448398ac3a1048873df79ae

SHA256
57e01606f4b430a8276525d81b7d21b8fc0d03706cd6db8d11e7f551c8c7438a

SHA512
95b55bd331fd77243c21c04084391d83ee8b3fd5aa4f872a2c09a41376cb52ceaa994e7e439615b3b09fafd1fb8a470a0d1c117d32f90574b3dbf0f3c4c54c37

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit