hxxps://www[.]dropbox[.]com/static/fonts/proximanova/proxima-nova-regular[.]otf

Analysis

max time kernel
269s
max time network
269s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
15/05/2024, 15:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.dropbox.com/static/fonts/proximanova/proxima-nova-regular.otf

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133602604782722092"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3571316656-3665257725-2415531812-1000_Classes\Local Settings	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3892	chrome.exe
3892	chrome.exe
1352	chrome.exe
1352	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe
Token: SeShutdownPrivilege	3892	chrome.exe
Token: SeCreatePagefilePrivilege	3892	chrome.exe

Suspicious use of FindShellTrayWindow 35 IoCs

pid	Process
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe

Suspicious use of SendNotifyMessage 26 IoCs

pid	Process
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe
3892	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3892 wrote to memory of 2760	3892	chrome.exe	85
PID 3892 wrote to memory of 2760	3892	chrome.exe	85
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 2740	3892	chrome.exe	86
PID 3892 wrote to memory of 1884	3892	chrome.exe	87
PID 3892 wrote to memory of 1884	3892	chrome.exe	87
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88
PID 3892 wrote to memory of 392	3892	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.dropbox.com/static/fonts/proximanova/proxima-nova-regular.otf
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9fad2ab58,0x7ff9fad2ab68,0x7ff9fad2ab78
  2⤵
  PID:2760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1792 --field-trial-handle=1580,i,17434224684496884425,2083963378061101630,131072 /prefetch:2
  2⤵
  PID:2740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1580,i,17434224684496884425,2083963378061101630,131072 /prefetch:8
  2⤵
  PID:1884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2248 --field-trial-handle=1580,i,17434224684496884425,2083963378061101630,131072 /prefetch:8
  2⤵
  PID:392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3040 --field-trial-handle=1580,i,17434224684496884425,2083963378061101630,131072 /prefetch:1
  2⤵
  PID:4044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3048 --field-trial-handle=1580,i,17434224684496884425,2083963378061101630,131072 /prefetch:1
  2⤵
  PID:2820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4768 --field-trial-handle=1580,i,17434224684496884425,2083963378061101630,131072 /prefetch:8
  2⤵
  PID:892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4844 --field-trial-handle=1580,i,17434224684496884425,2083963378061101630,131072 /prefetch:8
  2⤵
  PID:1860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4984 --field-trial-handle=1580,i,17434224684496884425,2083963378061101630,131072 /prefetch:8
  2⤵
  PID:1832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5080 --field-trial-handle=1580,i,17434224684496884425,2083963378061101630,131072 /prefetch:1
  2⤵
  PID:3676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4788 --field-trial-handle=1580,i,17434224684496884425,2083963378061101630,131072 /prefetch:1
  2⤵
  PID:1016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5156 --field-trial-handle=1580,i,17434224684496884425,2083963378061101630,131072 /prefetch:8
  2⤵
  PID:4352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5312 --field-trial-handle=1580,i,17434224684496884425,2083963378061101630,131072 /prefetch:8
  2⤵
  PID:4676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5516 --field-trial-handle=1580,i,17434224684496884425,2083963378061101630,131072 /prefetch:1
  2⤵
  PID:984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5572 --field-trial-handle=1580,i,17434224684496884425,2083963378061101630,131072 /prefetch:1
  2⤵
  PID:3636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5056 --field-trial-handle=1580,i,17434224684496884425,2083963378061101630,131072 /prefetch:8
  2⤵
  PID:4392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1628 --field-trial-handle=1580,i,17434224684496884425,2083963378061101630,131072 /prefetch:8
  2⤵
  PID:5088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1064 --field-trial-handle=1580,i,17434224684496884425,2083963378061101630,131072 /prefetch:8
  2⤵
  PID:4736
- C:\Windows\System32\fontview.exe
  "C:\Windows\System32\fontview.exe" C:\Users\Admin\Downloads\proxima-nova-regular.otf
  2⤵
  PID:4312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3084 --field-trial-handle=1580,i,17434224684496884425,2083963378061101630,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1352

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:1104

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
502KB

MD5
add520996e437bff5d081315da187fbf

SHA1
2e489fe16f3712bf36df00b03a8a5af8fa8d4b42

SHA256
922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4

SHA512
2220fa232537d339784d7cd999b1f617100acdea7184073e6a64ea4e55db629f85bfa70ffda1dc2fd32bdc254f5856eeeb87d969476a2e36b5973d2f0eb86497

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
1KB

MD5
954fa29e363990d3e1f9b22f62039a4f

SHA1
39fcf104a0595dc9b18b7183df52c36f9e723d5a

SHA256
32fd20ad57265e5001e3c0a93081c6a5f42ced8dbbfeaa258d8c154f44ca947b

SHA512
34c2f55fb28db67bf1dd534b61970ec1109a57ade1d1f280cea66d4ff53644e645e4182e38a88dbe23176758414e884c8b1ca9f05dfa2c6bdb2e815a086c3b52

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
2240f2a31131ec3de03ca982325766e9

SHA1
2c225975e3e304393bcd1a4bb8aa476146048779

SHA256
a41cfb11e302658dd318272cf05463526ff111c0a14bb0d9dada81d9b9f131a0

SHA512
b7d7ca4467e39db8de07cc11f7acbd3118f417e495b479dfb852141218822d67bd9386fa1dd0564a410023f3fe81fcaccd864842bd5450d44773b4ebd2a2fc50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
201842ca2d04ce5b1b520c33cb8dadec

SHA1
6ce20d84adbb34b5128a78eb5549d57345795efc

SHA256
4293c6bf2d1c7bde37a0b800220bf8155cd351c69e602f6a702410d2d7481a88

SHA512
a90b18d373cc79bf8ff69467c5f376da103c47215152da03f5444a51f634e2eada93d848c1ef176864b098f4928ae961b872894f56444082495b63c6dc37848e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
8e9ca273aa007656e3f180c6d07b6cc1

SHA1
075193e6fe33eac2b758f5d03c799dcc4fd7eca6

SHA256
6628fe7f901003ab087cfb7f09ae92111c39702a58e2fbf2c8f069067df1d46d

SHA512
ed201ad5751e3d5781c168367c8efa48763f32ae1beccdceb8ef2cac38d6815cf6eb9880ff7955b998da5eda7c86529658c8ae839b6b383ca6f2ffddcabba985

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
a94214cbc09e92f7edc1761c987cdf9e

SHA1
fb9b2e82a09a78331808fb4dbbf876ea4391e7a2

SHA256
a8b54bc6a7f4b54da8f15169b7966229603bb03bb25ed422c1d33b73c3608799

SHA512
c418224f01b5a6d824e45a499b09b8cc153d2fc265e156ba35a8967fc924a91d69acb9790b7b39b39affe221e7ae560f26296f6717b9ac4a6da48ba8ca63b173

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1023B

MD5
788438a98e153f3d0ae8469665437563

SHA1
0bdd7300556a2ebf29bc64a6c5862d6e847db8df

SHA256
4b16189c94ed105df59d9bd16be2d779381c4332b4abd42441f4be698e2d9e25

SHA512
1adab1e303e13eb2bbe95d9b0f9ac865354dbbc8c71f97f54b099a739d4e683c2d552108efbfa54f8a647be1b64a6a666b7fb56103dfc066a119fd38ac29d72c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
521B

MD5
bfc854ed51de5e80086dfc2bdaa31ea6

SHA1
2b159725538a4b416a17ce1a5559efc246e54be5

SHA256
f7a4ded49dbdcff9876c115a0c841e2210d88482522e643022d4e0f45a2afb1b

SHA512
4066171539a40bd0da4a5bf128016b9ad03ca8e05710f8f4347d1f4ad5b9a44fdb808db35766e62ff26d8fd812e673d7e9ab86e26b0a7268b8fd690dfd2b079e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
521B

MD5
072e56b18ba06c5cd507dede165a6d73

SHA1
a855845a9e697f3300d15db63f157ee116746311

SHA256
0ed3624fc2c32894396853f869d057611c9d3c7a150430e235dd51a2c64dbb9c

SHA512
56e289f1a6d36a9ca40fa760dbd0c13eecffab047e8fdc84cdcf02b96bfde9fe819858f114189528d15a43b4d4645d02db594f53f08e28bc7b3d900f11a6d59b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
5e3799c510bc0f4e0d1b623b43c74f27

SHA1
ad757d53b17aad8307081e73661f6d7f688adda9

SHA256
9054b138d32b54fe18daa58bf1d130d186ae606e65e0c23697e7f30a3f57185d

SHA512
8f172498f39e323cb0209e20951629e02757ee71487b2db27ee2c4eec7e2cc0c09d47fd8154ebfdc9ffe8abd4b8b5f06b556e353a49ea69645de629167e861f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
e96ece13a2155f813fe549a070b61190

SHA1
8e165f8728b55ed5ff6c98c3e21ac8b4267421c5

SHA256
0c7ba8c25439bb823d8b771c2d7ab19f28b468f200d7da94ad210173e4f8829d

SHA512
ed436e0cadac226d93d55dc5a2ae2afd7221e6ee11cbbd6a9bdf8c4d18b5acfcef1888d579c77c4cd43af6843a9f5c2edeebebecf940a621707d1a462234881a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
a18d31abc2119c77dfadedd3da324798

SHA1
70aabab007204b7c87231f5102cd245513c1720a

SHA256
0b4eb7840b3e70f736892712e7b1df655107d4c129cefa09d09a2c3a9078ad52

SHA512
18e98fa9c07237295cc1554e73287e73b8834c795facff82ab09d74cbc1b9fac24ac10099be56b02b9bc3c7eb5de9dc6aadb31f443b034f21e38b8f3e0284693

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index

Filesize
96B

MD5
2cefa447e4365edeee6a12d28308058c

SHA1
53da3c43183d641e653573e43b2baf8cd6c6c413

SHA256
70d725db597b846b45324988e7a409b7af282cca8cdcac4f3b95925a67c14ca1

SHA512
19aa406535edd7eaeefc58f2aac74ea86155ddfb8b6f9b15242559194af2f16c4a004253e837d4ead013e46ef163dad029747e761ef027bbf638dda1ababdd69

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
f26595fa6c848ad0dc3228be227bdff0

SHA1
8ccd68b3d277bfbc6d7a59d48afa777624c9787d

SHA256
db76e605cbba4294bc5252c1396af1dd42ef9c0a2f4bc0c98232094867c4210f

SHA512
1715892ebc17144d493bcd83ab0efad0dd234ec59587b1f0299c3555f0b26a4071166e53332922a9b060b9fdfcb7eaca1aa532d20ff3ff69d618557f222454c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
6b3ad4a056f39f4734217de7468f4638

SHA1
5c31a15dc4310ca198e69ca7793f000df224e241

SHA256
c2c5a71a128493aa545c583c05e0fce4d31ef09cdd799cc659c9132ae528f79f

SHA512
c3ece8ef6a5bec5231047893df15acb83dd10703ac3c444c20d52ebd548978cd5678f369cdddbc7c8ec4b65af9247715e7e70a8e3999f360ae75b4abb49bd5e7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
94KB

MD5
a33ea609dae337960066c916ce241bb7

SHA1
675fa703a125916d127e29960f081b0bd227c776

SHA256
71fba8c4dbd7727614fa8373d7d0c39394c3092965ec0623cafee1277c305b67

SHA512
676397f4532e2412959d0dc10deef35ec5e618b6e8097da2244c5121972bc1135e72b73e1d0dc5e3d326f1323a1cfe893a5e6b04372ee4c1f3f5825518ebb4e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
100KB

MD5
72c484dbf50fc735d6a3ceab02892d37

SHA1
0f3ae22ff3713cf5e1509eec3f2f1d894c26a880

SHA256
ebf9b02c755c8ba1e39b616486094470f90be408b582850acf7905e6859e9e29

SHA512
59b01e0eceb8c3fac344c295682befb8ec0b05141bf7192fb504d663fa35b7380dfcef60107ccaaa6bc2b65a2f76072dc09d6b7aaa8cda0b4d4062b697973d95

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58218d.TMP

Filesize
94KB

MD5
e8f9e54f1a51c4deacc210ab8dc729cc

SHA1
7f9db1f7b4e3ba686ccd42f47fd6250762299092

SHA256
eeb1adc15532afc16aefd5a6b7527a2c3c72159d68a2383e9b9f113a08a8f3fd

SHA512
02c08ca00bced4c7ee377b7343117faf59fcdf43a80f07a62fb0c563e72209d8fadf8e0f5616ab0cdc5d3e99eee2bf9bf1eef72ff7417ec5f1bc9358669e6ffb

Download Submit
C:\Users\Admin\Downloads\proxima-nova-regular.otf

Filesize
92KB

MD5
410504d49238e955ba7dc23a7f963021

SHA1
28d04eb938c05b5158a69a709682d4f0517a59ab

SHA256
36b59421bdc34fd9869a7541c47d5f157ff19eb183032efff759c4d5be5d9cae

SHA512
66364693910e72394b9e8c8711d72a0ed82d58d5d8fbb0d2200fc9ba0bdf07601b8128a0560b30e1b6bf8a567099e68690641b99e6b5cce27c64269766b55735

Download Submit