hxxp://arc[.]net

Resubmissions

18-05-2024 23:38

240518-3m5aeaed2w 4

18-05-2024 23:38

18-05-2024 23:35

18-05-2024 23:35

18-05-2024 23:33

18-05-2024 23:09

18-05-2024 23:08

Analysis

max time kernel
1199s
max time network
1180s
platform
windows11-21h2_x64
resource
win11-20240419-en
resource tags

arch:x64arch:x86image:win11-20240419-enlocale:en-usos:windows11-21h2-x64system
submitted
18-05-2024 23:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://arc.net

Score

5^/10

Malware Config

Signatures

Drops file in System32 directory 2 IoCs

Processes:

chrome.exe

description	ioc	process
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF	chrome.exe
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF	chrome.exe

Drops file in Windows directory 1 IoCs

Processes:

chrome.exe

description ioc process

File opened for modification C:\Windows\SystemTemp chrome.exe

description	ioc	process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133605529446580700"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

Processes:

chrome.exechrome.exe

pid process

3768 chrome.exe
3768 chrome.exe
4520 chrome.exe
4520 chrome.exe
4520 chrome.exe
4520 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

Processes:

chrome.exe

pid process

3768 chrome.exe
3768 chrome.exe
3768 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe
Token: SeShutdownPrivilege	3768	chrome.exe
Token: SeCreatePagefilePrivilege	3768	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

Processes:

chrome.exe

pid	process
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

Processes:

chrome.exe

pid	process
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe
3768	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 3768 wrote to memory of 4816	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4816	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4772	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4492	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 4492	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe
PID 3768 wrote to memory of 3100	3768	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://arc.net
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe7cc7cc40,0x7ffe7cc7cc4c,0x7ffe7cc7cc58
  2⤵
  PID:4816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1916,i,1360583700698748769,17129628381557767330,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=1912 /prefetch:2
  2⤵
  PID:4772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1668,i,1360583700698748769,17129628381557767330,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=1948 /prefetch:3
  2⤵
  PID:4492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2156,i,1360583700698748769,17129628381557767330,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2204 /prefetch:8
  2⤵
  PID:3100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3024,i,1360583700698748769,17129628381557767330,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3040 /prefetch:1
  2⤵
  PID:3120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3232,i,1360583700698748769,17129628381557767330,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:2492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3704,i,1360583700698748769,17129628381557767330,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4400 /prefetch:1
  2⤵
  PID:4248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3340,i,1360583700698748769,17129628381557767330,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3292 /prefetch:8
  2⤵
  PID:4436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=976,i,1360583700698748769,17129628381557767330,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3292 /prefetch:8
  2⤵
  - Drops file in System32 directory
  - Suspicious behavior: EnumeratesProcesses
  PID:4520

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
1⤵
PID:3860

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3800

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\78f2ba4e-0bc1-4fae-8ba3-91bfd448683d.tmp

Filesize
9KB

MD5
3fdd75626ecc981c88a723b989217850

SHA1
70d9c0c4fbfa7e01ee23a4a6f067b534974868c7

SHA256
c24a498ad09ec1f523d3eafa3eb34eb83840e3bdfd0e1e9424fedcd33efbe867

SHA512
725156eecd273f8f2fe45d0991b581819545f1ac24e8832ba2cf33f8570c45db32b7d597588288aa235cb911a8bae7cce010171531bd71d6a0305b7819304e68

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\9a5adffd-8ab2-4484-a96c-cdefc73bc65b.tmp

Filesize
9KB

MD5
f10fec28fb133f6c9853625b4c578072

SHA1
b9c581b570ecc74a3129d08092e71bdae73de404

SHA256
e864b769f64929d8e8238e30b36712a3678aa96a03b489b1a665c195e15b3476

SHA512
7fc6543a155735b92f4fa890defd25d2a3bff685f8467192144b5dea318ae70d7b93ee601fff2b7e92125177bd5c7676b0784acee76eba7727c0de1f5ac5e739

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
b885dfc7189819f36f13257136062053

SHA1
c5ea39465add852f781852a885a403d5f082481e

SHA256
012032ac36464927ba48eca6d4ca95bd211a85f81837fa951448d2f26f99cdf6

SHA512
2e0cb10ae8299d8e3de50e34a09199d29716cdc792ba20c0cec8d2959d86064eeaa9e06ae0710caf5f3c1e59dba217482cb83805a2b98d3ee42932535475587d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
336B

MD5
79cc123347dee197f97ec84e11bb190b

SHA1
5601ab9ec4f7435cb610dae2dedd6e33e93846ba

SHA256
01e24a59209c7e7a3b3a1b7fab3aceca74af5cc07f889fc8c794ebdd8ae602e6

SHA512
cff87557248dc223042de61dfd40973a18338369c5147e805205e27b2ba890136cbbd9115118b4732fc8b964acb071163ac6f274d1ca09a817bae2087de6a67a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
99ed2d7774c745b9c9fe2093f3b037ce

SHA1
bd2c98b20e88511f4ed8d9a14e0ae3c7371c3421

SHA256
3332f2bef958f2aa1070e13fb8d058db2858fb933b887300367ec15089158e82

SHA512
51884c4f254b5d945621cbe22589edbd48caa05f02108d6a8df120385dd183ace9490da9384a41ea47a75a7b66873682ca220d7b7f19e1415334bb50f000c921

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
522B

MD5
000826c3f9fed915de30cbe78103554c

SHA1
d7b864b9ea1c64137d90c1905bf382dd64c2a0d9

SHA256
6ea1e30a060ccc545c1cde18c9ea878dd833b5f7680eef3238ecb77bc1c00ddd

SHA512
793b995fb1a33d464df6740d1374f8cb2d4fc965052f7f824fb279af84d28e946a1545d99ece5e062fde79774a5f8a682889636f0773e6fda5a268ad067af9df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0f4a0b8ab2dbf17362db55573d44cab2

SHA1
f662c9167a9c4a5a7ac7b17fff944deb328af590

SHA256
b334fd024d3919cad1a0f8246ebdce4b21838f14d645c8cdc9102e816cf9bb27

SHA512
4c198347082a3539db1371aaa21bbf9cee87eb17e4bde6a546208413fac94c26428af3e3328a6c6b79cbd2af3f97c13c3f99e5f035a09661581aab91fca32249

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1e0eac59260551edaf3a3b0b5e41e2ea

SHA1
3dbb0a5a344498bac43422dee9f652b4a5bc5bd8

SHA256
081d47aef12638f888c72772b7d9c349fb84136629042dbaab95d4aab4787b91

SHA512
c381177851c4cdbad1d60bc76967d3b69213b38ee72bb02b1fe066a5aea7e61b7d9652ba400ec218e395afba07964fc2766dd2e7844f94c986ab56fcdd00c320

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7e825585f8b831597362e58b5f654a81

SHA1
0eaf59c916a6b802eb2c670bceb0f7f46b1940a3

SHA256
cede4ac881faa1cb592c7f65ccf58af9bf45cb82cb8ee807897ac015cc42f0de

SHA512
f6f744ff87fa46b93971f0344e3692b5800fd648ca72acae6c49203e27452a648d7d83210f9946138d2f85bc58d8eef7594fdbb19578e1d543d9a89aa7a5233e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3f3a38a97855b1065a1942aaaa7f933f

SHA1
724061273608fd077fd41bb397627e5f2baced42

SHA256
0c1760dd9cf7131e1b2c66e037153d614efcdd483d6c33b4a64b017a3373b597

SHA512
6d2cae93f3d867e771959730dd3a5bdff61645d69f107bc02d503441fdca76f258dc894322ea834400a5cdc5593ac0e8dc4546a606c1da39b3bad8cfe66b987e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
25dcaeda035e347d53a6aa675f914bac

SHA1
c42d19e3027670e04196ba8170fc2763f4c4ba4d

SHA256
4713e7bb15cdc037f3ae5be1ef33e1abcde88af12da086ed537d3d24ce7dcc13

SHA512
d0ddaf33b691daf80e85250a5f418aea8a7f0e48f5514a39e7c204e7969b092f27634ab14fee654166979ca33eecc13f208f1430e86726809439da17998ff738

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7afd9302dd467134c3af9884a2402f66

SHA1
acc3880f64715801e090a5466d872ae503e1191f

SHA256
24ef89b0c4f26e4ab60407ecfdaf50becb6da7f69ba7de20d52876a8105dee58

SHA512
ac67095226ff610105b200c686925eb2e8f60822c42f4a167880d289d7060c6f859b30ccbd27c5a27e1f360dd029641981aa6f16df1fe796f0a243eacb362630

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a637d54b5fb4e6188a97f68cb79d37b5

SHA1
c58bbec5bbf32392d62add06357fcb81c1af836e

SHA256
4a3062e3f380b149ff0dc2e68d93778c101cbd48ef2696d120d06b619b068086

SHA512
a91fac288f5be12a99d9be40ec1613aeded9a74f67e5315148f1f68afb928173c932cba45cc470b25d752882fcb6b09d8fccc4bf69cdf49e4d3d9fbb88fedc3e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
de8978ac6e19a31d72c876223d96dfa7

SHA1
8347b2f6e5dc16c7140ca4b8e2077bd5246ef204

SHA256
c064e02d6507681392f56dde857a5eaba3e9e0bf27b6de8d721811354039528e

SHA512
aa0e361a4fa2f1a106d1fdedc026b7af7e6b983ba8ba29525d1fa181b58425dc765f6e18b070c8bb923f13d56550dc3a83bf98693c3c95b01999d0681d71c31e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
82062647d240063f8af61b297f3d0649

SHA1
182a1f252a6aacccc384369646cac33c277969c3

SHA256
5bc3689b8b61840fede19d3a71aa931295048ee8e798ff967c3e7d1da7bf7a54

SHA512
a67fa6f98d524346cb45fe271be872097e0c7b5e56cbead5b25ab625bad1fe03a1b7dbb07f418d561b1a89547fbb08cc908951930f409d081f29457f620914c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b83c6a8224c4cc423461b504587b6989

SHA1
e173666fe7c8ec8d1d46840632459c39976bac4f

SHA256
9cdbd3349b3636de0a41c186bc744b90f577454d9ecf1acec1e51652643cefd1

SHA512
ac7cfbe1bd6032479930eafcc72dce9036927dcc9c9516ad76dd03171ba47748952b222c010589e37f68816082db07e56e4faaace0dbf7681595d49fe8234ef8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
8d44c55778001929cae290a2607144b0

SHA1
cc373e8007463174e1033e1b08f22c9b3fb79eec

SHA256
59fc654d97f31534e023618a8fe2f3603b1d1f6b0e0163bd8c24c747f6a7af4a

SHA512
192bbdd42a3420306985c7975fe069f9939ccd7bf886bf7584a931729b0ae14119cdef4bd48671dd8896b7584b6ebc30d5f2f8a1b95a29d83ba35ec6891297a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1c042b6829f6f154b134619b92b13be0

SHA1
34e07c8a96e018d68f354ebf5adee8279ba6d218

SHA256
911df8e7c28a9ea3c8792e9b0ea11797e9ff443c6e802b259a34f50b10eaef76

SHA512
c157b128cfbfc0bddcf2f182bfb8aa6ea32c1141a4bbb959bed9aa7179cd8fff2ff9179fd481252139b556fe7faac6c777ba9fbfac9b535a383cb4a6c2a48e03

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
40b13dd528a8043c23955f7d5c89799c

SHA1
09215169d2e65e732ae6d77816884f5f35592548

SHA256
24bcb9a5c805099ac8112e1910d0d65da8257a1bc8329d28c780f831e5001481

SHA512
d09d51e2efc3cc91c17995a824da949921a51edb91e917c1872500ef03c927d0be5954457e31330a57df72fc6469a7d4b2928c77fc35fd2cace38b788953b4fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
2e934c010caaf0ceda72ed5481346f69

SHA1
967684a44c1af38dbd5a6eca65e8469515d80bbb

SHA256
4fb4b3aaa7204b2fece2e2eb35ee973a07592a182de469411f77f68a98a787f1

SHA512
f3cd5b4e1350c0e1f5e0bbec8a1b226ed2b3c85ae97371166d40af3a1f1996e9449cbd3c81a0c63c426fba89984846da28e01033fd603fb96714ba8e8496679c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
03cd54e636a9f9ca15c457781155ec89

SHA1
8856f37674ef822cf932b7ee2b0bb4878640e1ce

SHA256
d674b3df4a7a235bc343fcc4dec1b8228c1c50abb70aa2ccff7a987cfde4d0b1

SHA512
be120df1b32a96cb7e852c59213a453a897ab5599c12c49dea9850ce3e1d8e13e322053b73e90dd1bc61170134c92457529d722382900a7428b9be617f4d8faf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
18db6679ceec5fc044f71cc378b55960

SHA1
07874871f0f9b996061db88aba50549cec5fb43c

SHA256
3f8c478bfb8b136d5608b82d3bcee8656aa54a62423ce7c2172691cd4411bb4e

SHA512
1cbd5273b7fc9aa0f0f4ddded77d1063975974521422ea0de44533bacc42688bb3f4b6838304f2f4fd3303eaf2d72a9eb5ae950dc7e7d9dc05b991a4739d459a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0fc7f146e8f9235ca5e25b597ae11435

SHA1
e357018857b5ea747cd923d0900acee86db4c5d7

SHA256
9ec6ba8c403198d8b19a84cc4cc29e6c1f753eb3fc23cb2a716beec20b5fbcc1

SHA512
673a2c9c124ebdcb4fc9b713fc02ffb829cb7921419cf2a126ecd978af431450fca697ceaffb9ab4f6c1aee83b45fccef7ce7aff0b91a6f0ebb1a1747499b603

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
32b89faaa109cbf768fc8acfd5d79a16

SHA1
85e587c54d608b3f71e13bdd8e908a11b8ff2bdf

SHA256
00fdab7ebcd87074e1b669e75104cb184941db550518fb59aa737d0ddfa7b119

SHA512
1026aa4b412a7e76f05c22c429b7e82b2b551c9430caa907ec4aeb4fa67f4b77acbe0c3b7dba7d61e3559285c5c5abe79fb86983cba0b81483aa52130df44e81

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
18ecdad3384f1b13f2810211e7e49e1b

SHA1
9fe2d49bed9226d2cf9de8b48c03cb8704627347

SHA256
95a0aee7cbf3f019f6b25321db9c70cf52f56bbff33850e21b645b94bd4d6045

SHA512
7620158ece093f3967c2c726934ac6655e07fc8fdda60bd28233a4f1ad9d0940df5e694afd6d4d644faef34cb09eac6b325bb5d30317b6caebd0e1d04441749a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7e5dafbc2dd9bb1fd28b6c596f36be5f

SHA1
b8a426c1628dea8446d32834a25496a3860618a1

SHA256
1b94ed80250874e9f0127a8593d53996aa2d8a7117c1b4f89753e275dcc3c39b

SHA512
f4de1970a6612d993362061e2555637f3ad93302b51f1519924a8aaddd531c043880705e2f3e97f8d930b29d486650b235f048187cf6b83eb27832584991490a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
639a8ea31378415380465ab67e8befd8

SHA1
ef3cbd1a8bada128fbaefefa3053cab8a3c3fc6e

SHA256
39c09baf36f97926aa72b172dda8f14ca6417011e499f69accb29ec4cba5a5e3

SHA512
e30474248144a08b7459dfebf550732491ba4247adf6d35fa992cb10739e2e87067d98d71d763a42b5c9baa8b5cc1108aeb56f0df9a476fe2864e8324035536d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
9ca4746d641fbeef044ae18cb89d6ee8

SHA1
5c0f4d137fbbd443c88c02ff521663ecf787636a

SHA256
da814e354a60da7d3c639a3df280d811bd8a754387e9f4401fe4941dd6ad3748

SHA512
645ebe7b0947c388547ab943362609de386cfeff261a5ed89b6239473612602f910fa7d07b5c65e8c3d163b90542c02eee8aeacb4fc438788ba342ae1419a511

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b7b73ae22739fba15236091b54ed0821

SHA1
0d88ecd0ed13f33d2b639e1d05332399ea2bc91c

SHA256
b95f823c60c41998197628c725752e8f66cec9e7dfeaaa5bb28abc3e12ade5f1

SHA512
774b22c354a5b46d3722494515bfc7e702bee138ccd10104f8d02866bffe5cc000c99c16ca33228309d2e7c03e5090c58d9832aaa22d0ebe79a1592887bd9fcf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
59fe3b97c58898b668e525715fff411d

SHA1
437e2294cb2597424c28ae405322bce9f209e932

SHA256
d5d64ea67969fe473b9d2012e2f834221e8af428718b88a6ab183f31b9a9a3d7

SHA512
a06d164961dfd36565fa5f55df06c085aecbdba5019a9415362fa66a29851d8da81cd3f9aca5207b6b338adb922a2880fb3aa7708be442a79fc6a2c4815efa5c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\cc9f3336-5c84-4c02-8d8b-b2ae7acaad41.tmp

Filesize
9KB

MD5
b0cbd162f61c01c7ae2ceea963bf63d2

SHA1
56ae49fd6e056631bb01e2f8264395857a6905f7

SHA256
9ea3fc73e405602d7c4b0b4f797a238c5153c183900b7344758e77fbd27a41cd

SHA512
89c146b4fae8e2125ae1c0860a5c9007841e940b3b1016823c9dd52ec6a2dd02f26f63725915931a8b3e9fb3d93fa50e242afd5e987911b09b911f92646a67a1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
77KB

MD5
66b0e8a3de137d6af22a050e2c892667

SHA1
b08d6f3122c201b97b51108afedcb228d5e1a9b7

SHA256
1f024f4001d87af84a93bfb8051eae97d7bd50429181e62e2f84e99b6be100cf

SHA512
f4861ec1f148d1c3d37d6b283983fa680d8ca8c6e332eb96a9ea3c5d90c8817a519f8e0a689c7fa2ed66f72805be27cf8e4d612b4cac141dab3d20f1c8a513ac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
77KB

MD5
2256566c7e70405bcbd741d0f6c5f7b7

SHA1
5121341a3a56693e73401b4b3e3afb19bfde17d7

SHA256
2b6154ebd069451e324d63f78b87a115ad491e7aa22ce01a825b5315559f4670

SHA512
218aa7f475571f0985577505617f01511f55e1e1a6781fb369f4759716f4869a4abf2ee8badb2d407b66bfba26dcb5afddbacf0fc9e7abfe0ae6157fd5a1f479

Download Submit
\??\pipe\crashpad_3768_SKXOAJGGKNRUVTSF

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit