bbd05de19aa2af1455c0494639215898a15286d9b05073b6c4817fe24b2c36fa

Resubmissions

19-05-2024 12:56

240519-p6vneshh8x 6

19-05-2024 12:51

240519-p3zg7shh2w 1

19-05-2024 12:48

240519-p14zxahg6y 1

19-05-2024 12:43

240519-pya9tahf8y 1

Analysis

max time kernel
277s
max time network
278s
platform
windows11-21h2_x64
resource
win11-20240508-en
resource tags

arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
submitted
19-05-2024 12:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

42.zip
Size

41KB
MD5

1df9a18b18332f153918030b7b516615
SHA1

6c42c62696616b72bbfc88a4be4ead57aa7bc503
SHA256

bbd05de19aa2af1455c0494639215898a15286d9b05073b6c4817fe24b2c36fa
SHA512

6382ca9c307d66ab7566acf78b1afd44b18b24d766253e1dc1cb3a3c0be96ecf1f2042d6bd3332d49078ffee571cf98869c1284c1d3e5c1c7dc3e4c64f71af80
SSDEEP

768:hzyVr8GSKL6O3QOXk/0u3wqOghrFCezL1VFJdbq2QTJTw02Q:hGx8DKXE//ZhhCirFi2cwK

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133605967456640527"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2456	chrome.exe
2456	chrome.exe
3504	chrome.exe
3504	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2456 wrote to memory of 4560	2456	chrome.exe	85
PID 2456 wrote to memory of 4560	2456	chrome.exe	85
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 4636	2456	chrome.exe	86
PID 2456 wrote to memory of 2524	2456	chrome.exe	87
PID 2456 wrote to memory of 2524	2456	chrome.exe	87
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88
PID 2456 wrote to memory of 2260	2456	chrome.exe	88

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\42.zip
1⤵
PID:1860

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffb5023ab58,0x7ffb5023ab68,0x7ffb5023ab78
  2⤵
  PID:4560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1668 --field-trial-handle=1828,i,8336310498756470792,17772756912853561845,131072 /prefetch:2
  2⤵
  PID:4636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1828,i,8336310498756470792,17772756912853561845,131072 /prefetch:8
  2⤵
  PID:2524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2196 --field-trial-handle=1828,i,8336310498756470792,17772756912853561845,131072 /prefetch:8
  2⤵
  PID:2260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3084 --field-trial-handle=1828,i,8336310498756470792,17772756912853561845,131072 /prefetch:1
  2⤵
  PID:3516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3164 --field-trial-handle=1828,i,8336310498756470792,17772756912853561845,131072 /prefetch:1
  2⤵
  PID:2028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4208 --field-trial-handle=1828,i,8336310498756470792,17772756912853561845,131072 /prefetch:1
  2⤵
  PID:3488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1680 --field-trial-handle=1828,i,8336310498756470792,17772756912853561845,131072 /prefetch:1
  2⤵
  PID:2932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4744 --field-trial-handle=1828,i,8336310498756470792,17772756912853561845,131072 /prefetch:8
  2⤵
  PID:4044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4884 --field-trial-handle=1828,i,8336310498756470792,17772756912853561845,131072 /prefetch:8
  2⤵
  PID:2284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4032 --field-trial-handle=1828,i,8336310498756470792,17772756912853561845,131072 /prefetch:8
  2⤵
  PID:5000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5012 --field-trial-handle=1828,i,8336310498756470792,17772756912853561845,131072 /prefetch:8
  2⤵
  PID:2728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4360 --field-trial-handle=1828,i,8336310498756470792,17772756912853561845,131072 /prefetch:8
  2⤵
  PID:240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3800 --field-trial-handle=1828,i,8336310498756470792,17772756912853561845,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3504

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:2744

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
204KB

MD5
41785febb3bce5997812ab812909e7db

SHA1
c2dae6cfbf5e28bb34562db75601fadd1f67eacb

SHA256
696a298fa617f26115168d70442c29f2d854f595497ea2034124a7e27b036483

SHA512
b82cfd843b13487c79dc5c7f07c84a236cf2065d69c9e0a79d36ac1afc78fa04fba30c31903f48d1d2d44f17fb951002e90fb4e92b9eae7677dbb6f023e68919

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
a2f51acc982950cd0bfc4b86f6e18112

SHA1
0794b444557e791dfe9055821632543a36c2cbe5

SHA256
cb5efe1281aae464355cc8f3239c1c11fe27bc55942ce5d932c65376d5906ded

SHA512
84f2b43beecb0cab198a31d38243881a237a011d6ed6b460720957619043ad4b12bc850628035a44c6496b2c8c0ce066e67945dd056ce83eb9fa6936f9d5aa8f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
324c52ed92449fa76d579c4d6ad280ba

SHA1
8ae7a091468da325bd1818edb6db406914456d8e

SHA256
6903f5b23758d098388149f3abb84a87790a0b573dd462cb4692612bee755f53

SHA512
3ddf0bbc63dfb68ef2cbe2878c0b5a0527d165cd93eaafb25faf320bdcfeda343d16a00c839638bc3262075b70100e09f84210ca4d83071321d75f63992c0048

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
04086b0423c1312ac1df4af92c4c62b0

SHA1
5cb3dd68a9130e7bf4f01b430cdefd93c05e328c

SHA256
b14fb7c378cb4abb9921756bed4c244c55e02cc854876d46396032096d9f163f

SHA512
fea185ef1c6b6c9cd586a23fbe2149c734a091960656e272e04119019bfb523debb11633a3f96f6002099d663b9ccc99f301996e07222dc86eecb6fda9ae8ec0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
b9d918dbfc8633dd0f2106c696305115

SHA1
5b69bae0e9346915a9c1598e70869dc8a808e28c

SHA256
6c29aa07a947212fbda5bdc807a71f31e804dbc007af4fc831abccf760eb181a

SHA512
8e4c1f07f330803c4381e5898d75b11a9c1830dd731741c9ec76740ea31eb341c26976e1f1d60d8b8999d41488bd39885b3e6f61b372a4b12c5884d14cbcca87

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
ffe66f56ac98495bb1ab26f9f6815a2c

SHA1
981b95fe889e7b2b1ab9088eb861f96d97763f0c

SHA256
a9ce52822adf51f33549255d70489915e5026e13d2ae816841042212789b4236

SHA512
9ef72fbaff40526712891f80efb90eca92a14fff9dbb6a94fa416939fc1d598a8bb10d91985f26749553a8f464e1c100390e8e5c337cdc51b005b08eec869a07

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
94f46e824b25170dd5df30d083ce0164

SHA1
c016dd6bd2661ef0515a00ce72ae9cf4f129faa7

SHA256
4a7aaa1063c7d74e7d345b9323d785aa79838151e12d46f73d5cadf1edc374b5

SHA512
f32ba61a6061a56794af0c50c911d2a439a87444c8747581f1bdf7657a776fe8cf11f3f68d760436b04911ec9b1df51d424f49d527459d1a7f8ac32d9669d5e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
b2f696f4b97a472150fe85f4f4702eed

SHA1
57e9f674b0e6cc5ec799edd22f6e8e7f82832e67

SHA256
80e20cd5c43bfb07157bb033719144c32df47f1092ed288c254751eb71a49a98

SHA512
26d1a86ac3446265f541fbc5d259085012a6c269a1ca72099d81d6d04c1ddbedc90333fe7dbeb8fdda4323a96112d01cc483e6c5f1373b3ab74b90c4c2709bdb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
db4049bf71c9ddc4c1e837d8c84bcdb6

SHA1
081bf7a535716bb1bb36e398717d8be77f754022

SHA256
8ef4599872a1bfb52054dfce3e80d990eed651e88f0e4f6477ca0b3c8a150516

SHA512
411cd647f9a71288847e6afb252553fb168a8a4cf5f46fcbfd5ba85acd51629f7be27bff9043b86eca880ecf20d44c45bdfe21c5943d8756d84f3476296f2c8b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
0a0e32770e4c55f5979cf485ecdfe4fc

SHA1
c8a5b8d5d643389f2c0a1c79ff19bd0e18be7dfc

SHA256
f6fc974d0cab1a20ce874b56703fe0bd1aadd2d83c3faad72288453cb653daba

SHA512
01a80e8f61eb86cde26568cf436d5c4e631a94e421f3c5ab065910558256207202c953478e0f4da4d129eadb59b060b46a4049095ecacf886890cc4bb97a13b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
aacf2546756bdfc807c06c2c0c0c64b1

SHA1
9c97fa4a9716b282949961ad64b5fd1c7147b88c

SHA256
318f6ce5ed317d378433ffaa9eba95d40cc4a3ac80d2171380bd1fe765112af2

SHA512
ccf15e91398b4a3d35c6b80e1e6ec5af84e03e84c9ba2310de8e1e995518a9d437702b445c773f81dd4aa01edc0c308fc60912c65a251f16a8deb83264fb7319

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
bcba2be6a77bd25868ba9c0bf1d34407

SHA1
06aea29aee568245684659b06ba4637361e60655

SHA256
5c4976c24de4c162dd58499fe8e84f1838516d864941d33b73dba326ceb777bc

SHA512
0a186650d8ba6ed9d8d350861d26aae6ef64b99ba7208dc376eb168e7f477d5c839486139ef2e1ea2f41bd726dbf6bb649281845d43e995e84453f20315c55cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
b1b655f6d9b21257a3d3219dee4263af

SHA1
c1680c4491fda637d6d0e7d036fea98d22161033

SHA256
518868b92502f51b99b345cea4e86664fff5761118a54e8a15055942e621689e

SHA512
376f4087737935b6c561b9513777923007382334d2f5a2c03cc5cecc43e6144f2e9bec7645a536f8b6a873ccd4c9562359196b915331c6607bce81ca4c6f154b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
7c11d3b406a3473d2352e1b0b7af5c62

SHA1
40dbeb767d76b045291ab2f2f09c0ceb8cab0dfa

SHA256
01fde31d4b864770af74cfc18d4a4b52605126a067bdd00debf581a69efba9a3

SHA512
c01566a097fa7afd0f7a4769c343d15fc1de77c11ecd60075cd439ea7e1847dd52c79c4bc3de3391f671020f7a175fa4099116af6cc38bfe43d203e372664ef3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
e5db3de72f007fa9b1be7aba3cdfb444

SHA1
fbf39bbc8a0f10845b3944ee7b5e9fffde5167f5

SHA256
2e81f513789d408c918b02078c23be0f0500dc5f93e75468f3b509c9ffaa9703

SHA512
7ab7467360bb79c16d4c8f88089e188663179906e97263a120c7ec3d98d63a2f6d97c91e834e98ac3244146d4430f4601cc64a4d85573c86e2141a98e8dc8159

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
c8101b03cd7b149c9e740abda2bb6c73

SHA1
e56444db602394e0d925b23d9fde1de120a55a9e

SHA256
85d85ba5e122ed44f50b2a693b761262842e20f11070a6d9603237fa671f65f8

SHA512
bc160f8847845eb0803bce0d4d4f756e9eaca6deb008a4411af9377bc1f485ae86c2f4c2368d1d559f74c971f90e85d9b58838e6b4c42c45e2905874ce76d9a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
16KB

MD5
729d4441435fbb037e99b28b0cfbde93

SHA1
d0be87bf1679c07a13348710afb0831539784d6a

SHA256
5e895d9142f5c0fc7195fb4b48cc8ee849346541417e88901948b8b95271db3c

SHA512
8c9964564f15b412ac14d8f27cfbbdf4855593eb950e238a2c22c23bb3c91215c994aaa465878887493121553d3c732b4cbe0ac43ebaf5f5782e4fa3b906da31

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
259KB

MD5
0970f12e61deb31bf52e29f69d13d42c

SHA1
02d13c1160ddbd84326e18b454e7f67687434fa7

SHA256
c217e960b8c633786702171b88db36d1c50bb8cf27b12fde33523c29774bada2

SHA512
af4cdabf81be98e52cb0ca193bf6b695cdc9de7f2471fe3bd7451b810960af29cd4bb37e0f696183ef47a03f9ac5044e77e0d7f509d058722c1aab8543d000ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
259KB

MD5
0ac48e84ee2b9dbb529489b8d74bae2d

SHA1
a57e6047ef0792edc8abcbcb403f98f27f3ebaaf

SHA256
6c6d87406ccb0fd17febd69b8512df1bc505a2ef033b922beea23671f75b7426

SHA512
36675697b81f05fd0569529a653df425bb75e51b760d35b4bbacf98f8fd6afae4ba1ead26d4de5a5963f654f31c5d8b9e6fa00a21c3617355f3e18286766e7f7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
98e51156a76d395762a4f130bf135095

SHA1
227c3e5b8114b7fafa7439bdd88f72084c690fbc

SHA256
7cffda43432439562743d3676ec25f9233c466ce7bd1d51a840c6839176d1435

SHA512
5def2a51d7107253bf146d43be36b517deb7b41edac91ad2407688fd2f9cea0a12c445b3d5fec1c5198d129d3bf413b301a849abe3cb14a43bfc1576afe000ba

Download Submit