hxxps://www[.]youtube[.]com/watch?v=-bnVGH62Yho

Analysis

max time kernel
1799s
max time network
1689s
platform
windows11-21h2_x64
resource
win11-20240508-en
resource tags

arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
submitted
20-05-2024 15:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.youtube.com/watch?v=-bnVGH62Yho

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133606966294385224"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3001105534-2705918504-2956618779-1000\{4C750992-384E-44A0-B65B-7F745CDD5CB4}	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1088	chrome.exe
1088	chrome.exe
4932	chrome.exe
4932	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: 33	680	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	680	AUDIODG.EXE
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe
Token: SeShutdownPrivilege	1088	chrome.exe
Token: SeCreatePagefilePrivilege	1088	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe
1088	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1088 wrote to memory of 4392	1088	chrome.exe	79
PID 1088 wrote to memory of 4392	1088	chrome.exe	79
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 4660	1088	chrome.exe	81
PID 1088 wrote to memory of 932	1088	chrome.exe	82
PID 1088 wrote to memory of 932	1088	chrome.exe	82
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83
PID 1088 wrote to memory of 4548	1088	chrome.exe	83

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.youtube.com/watch?v=-bnVGH62Yho
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff95b37ab58,0x7ff95b37ab68,0x7ff95b37ab78
  2⤵
  PID:4392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1588 --field-trial-handle=1716,i,13756782664371023814,5515134867881731411,131072 /prefetch:2
  2⤵
  PID:4660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=1716,i,13756782664371023814,5515134867881731411,131072 /prefetch:8
  2⤵
  PID:932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2140 --field-trial-handle=1716,i,13756782664371023814,5515134867881731411,131072 /prefetch:8
  2⤵
  PID:4548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3020 --field-trial-handle=1716,i,13756782664371023814,5515134867881731411,131072 /prefetch:1
  2⤵
  PID:3160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3044 --field-trial-handle=1716,i,13756782664371023814,5515134867881731411,131072 /prefetch:1
  2⤵
  PID:3704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4148 --field-trial-handle=1716,i,13756782664371023814,5515134867881731411,131072 /prefetch:1
  2⤵
  PID:4540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3308 --field-trial-handle=1716,i,13756782664371023814,5515134867881731411,131072 /prefetch:1
  2⤵
  PID:3872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4424 --field-trial-handle=1716,i,13756782664371023814,5515134867881731411,131072 /prefetch:8
  2⤵
  PID:2188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4052 --field-trial-handle=1716,i,13756782664371023814,5515134867881731411,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:2736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4928 --field-trial-handle=1716,i,13756782664371023814,5515134867881731411,131072 /prefetch:8
  2⤵
  PID:2804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5208 --field-trial-handle=1716,i,13756782664371023814,5515134867881731411,131072 /prefetch:8
  2⤵
  PID:3608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=936 --field-trial-handle=1716,i,13756782664371023814,5515134867881731411,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4932

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:3092

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004CC 0x00000000000004D0
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:680

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
552B

MD5
b741555a553f7fdc06bc0aaaeee4a42c

SHA1
ddd03fbb572cb5fc4cd7a5b7eeb37f31f704a909

SHA256
dc06571933d6d05c25524818a77dc949ec024c9d73a7f4383f9d9f3fd21da201

SHA512
717e1ec533f418a390352973fc28bceba10ec460d53c44f3ad4916b3cbf1a09d5bea8f1e676adaa42f341c3c16f444322e8085f5ac51eefb3d25c225c5e05912

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
2ac33901184b5c6ad8c64b0543220f24

SHA1
5c68a81df6ac35c88609eaaee15d780baf906f2a

SHA256
45f25748dbc9d37b2a97399e1431cd83d7232bbbeae67bd9bff296e3c99889b0

SHA512
ba07271d39a8b8d0ca9076b8249dbf81779d8df40f6b29e7d5aa6cc3df511b03c4a3aa49755e216c1c76b48a0f973bf181f923ea68f4f440fc4e79a75c94f0e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
cde0d0b5fb3d2aede2bec988d33a6376

SHA1
a0a7c03832d76fce27730d00d8a3a5cdac859f73

SHA256
aecef9a57460853fc392bdeaecbb30f84c2edbb56f349502031a334032c69cf8

SHA512
9314d8bda913c3f3de78b44d06f0f7be3b9284e860813ea24d6534164d59f9269c4c3031e9df7a480f0726bec94c922b0171d4a65b05580f1ae4b901b5ab4383

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
a09f7a980b41108b209bd24df3372535

SHA1
7c5afcf189176d91b363134115b61ad67fd11aa7

SHA256
9ed417b8f7b60246580835498d841d34518f4260e088bdc1c5905a11e955fa1a

SHA512
0d8b4c360cfc5a7988dfe067e0daca3a77199aa7eb356668969fd8e5578c4e6a6b94af922f08e15876ce6e5f7e21ddc62d562fc78a69980b76df478c6ba0592b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
980e459cd9824d16bf5121eedc5e467f

SHA1
46fa9aac9d783513312776a2acf86ac676206cf0

SHA256
f2785afadacdaaea58971d62be0819520a6bf6bd4bed3c80297286591148f662

SHA512
dbd4c4785d7a4f04a9f9d0e4b556026f655321c8d58010c178de3a80473377c8b4cd20acf4196f7abfeea86d26d37fa6e8ceaa7b09c6a3fea86fb45f01837707

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
7898a8e1e7283a20626f27b6c7bd5791

SHA1
3fc3858f10ba21fa212d4d04b90747ee6f1a8c13

SHA256
df5fcf8fa3d98c52d6cfdb09a417bb51a140aad97b83cec20ea94ba12ac91a49

SHA512
5dbc513c5d4b0157d0eb4a595e6927fd50baaf7a2c30ca9677b61dd494d2e76e500b05b66f5db6f040a583b4c4efd62060528f28bd4e0684e17881ae96efa5fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
fe72a10a319f8f6b552b476677f7df8b

SHA1
48cf01c575c0f7ceb717d20e6fd0471692c2412a

SHA256
cbf07c6d32b9a99ee67dd056b371f5699fc03a4025eaefe33d8447df8359e0d5

SHA512
40f6ad31d131517cfce9e4b1a1d3975da843275cc8085ac86ed8b20f6910cec065bb129bbdbbc24a7784fc9602bd9a58a4b8b8fe947b1bb8441e397c0ac9500c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
0e3e1c3ed6089371d070796a00df902d

SHA1
476cde957658bdd4ffb44889c65401601df36cb4

SHA256
47b05a7b4ad55a08f6df69f4eb83f01f6a0fcbac9cd9e077e68e04bf189f504d

SHA512
f5e41dfc026f3f8aae084de9fa61801866a459e809de27545e25ccf6d2d36d2f5292384b40178eb3cb9a5021047835b5d8a833c07cdb80f41f9e2311799002a0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
859B

MD5
e1389b720093bec66b5ba4c2d5ee2c67

SHA1
1f9f220f9943176abded24d2567ccdc6e25c12b4

SHA256
8b18c3365dd5aa58ab25eb683d1f0e85023893056856f00fe197cc1866b3d22e

SHA512
64d9bfe67fbcbb9b0bd2c17291fb86341bb54afecb8f6bc5fb96ba41d18fa73d405226c94abc856d684a9b9d3c24b189995fa41ffb92d01160567884e91620df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
fb34c37c793e047ba1d1d90a7cf21ffd

SHA1
203f3e76afe0d9c5d267cfa9efd55af8dfef1ad3

SHA256
078174ac01fffe2e2fda945119948b57288e9a6ce62a5320d4288b7f1252f4a9

SHA512
75d34aae7525435a3dcb07385ac47e275462bbf545cf7f5655377ae00c3637f5e8b87ece2520d3820f2b60a4444b2328cd74c10346f69207051029a214c7c53d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\20c2a3ef-5b46-4dc2-827e-9f9ccbe3bfb5\index-dir\the-real-index

Filesize
2KB

MD5
559e6d4d386f43e7622ac4c12c4109b2

SHA1
fe03414059ccb3380283eb32cb9de97d0cdbf772

SHA256
d4b8e77a10fa1866825d0c40211618c48cc9654ba2a430e4cc40f1aca170eb45

SHA512
02a644d4dceaee18b3878abf1cc9b0609a89c75181616bc5e687922f05223b126ffa7b2f3cc4ab519d23991e41809634f38df40ec4312897d41908fb2bfaf5b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\20c2a3ef-5b46-4dc2-827e-9f9ccbe3bfb5\index-dir\the-real-index~RFe57c7d4.TMP

Filesize
48B

MD5
b9d3b6813e39194ca4c1654a2447561a

SHA1
156a1c7d4ccc834f46c8576f23c4d9a655c4e9c7

SHA256
d46e355a44e086690cd8edebd3c67b5e0f62611ead938adb9097196896cefe31

SHA512
c55e1a27c04667f5a3f0db20cc029a56a2e95a314520fa2c61e31fd8d3190249b1d0795fb5b408ea4092f3eb00256e9bff53c8c18546947bcc070f884af70c4a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
de737ee13f0bdf0b175b0ce0ad0e092f

SHA1
079f1f72636c80cf7aa9180b9c1d9dba210d33fe

SHA256
8d02df0574c84216f10df5552c6fb7c9f8a63d0c6b5bbec73768f66478a7470c

SHA512
007e4c06cf16808d791ceefee3e795a886e5df83ec486ece96ada4733ad47213c84bfc9f287cb8b81695eefbefe331dd0dd8d24fd84b4408f83f748c63d387a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
83aa953608760f74fa2fcde15d2c5177

SHA1
749278d450fbd274faaf91d7335b1d41656b62b5

SHA256
66b551df13f021bf8bdc8ef0dd8cf412ea593d9e9927e38a4b1ef7262e032e25

SHA512
a692b717fa741230ff8892d7f3ca239828de1e0bacec2cf67dce3333ed79a792d1a6bc01274212dd3e9321189767eb94d525d0fdc7b9c4eba0e099d8bbc5e85a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
a31b9c8f08f42d104b8ef2ce023cf1d4

SHA1
2eec1c25e29cb16a29016f8e6afd8719ec25e3e7

SHA256
0303fc248f9dccf8f9a82bf39358000457e358830310ee0bcb47188c03384f7e

SHA512
ca1a41fa3ace9bc35a2d76a75bfaa847900a778cd6b801bb659fdcd056be24a37c68eb52e810f7c85d7140dabab3108ef11c70b2bdbe27b2fe561e58efdc68bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe576ce3.TMP

Filesize
119B

MD5
a61663a0f784000a14eecfaf192f4373

SHA1
f67930531ff3199b166803abcba55067fcb0c90d

SHA256
131359e931b0b9297e5005f846e8ac55653ccff5543633b8d6117899c131be60

SHA512
ede33033dfa6a97d168e8a2ea715396bcccba59981a9094045495bcf56e86b4d65e80faefc2952d00e1b88592fb1b61b05c0a76bdaac6273bab49d29c0203c6c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
7aedcfa1764101892828025249fcf9ae

SHA1
87ea91f7f1b974060afb0dd58663fac2b3721700

SHA256
1d0478942a379492672dab509b1d7cd5429be4d17a69adad88bc8dcca174dae3

SHA512
041b67749f603aa6b89637f8d54d48bdfd7d220a85de3b410692e19c17811f898b85e83d61df6098f7715c4f89b618807059a9edee36f054542a7d4351d20a68

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57bb41.TMP

Filesize
48B

MD5
15b9a26bb5120d86e1e9ed9e3075d326

SHA1
5f5c836d8f8f4e0405a96e415d40fd5d5a0b1037

SHA256
f68247cc4bf2706026482bc9711fa5a103e6e3a660353092a0bc1c267f5c54fa

SHA512
d28c5269a5fa4de823c3d386e1867c35b0f118a13f78c150170ac965c4ce0ab7a13ce46f6dc22f47238b4afa34ec8316666ffc7fdb5af31f2c73bfd85e1e09fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
129KB

MD5
37240aaa0281febdd660f7c689f0d7a8

SHA1
3da1190a455f7c22e555aee6e4d05e49583b5a4c

SHA256
1224c1e2b841e45f6d9ac70a250c1a64897525acf7a9783112cacd7f0e4a1260

SHA512
b0deccce27f5c427ec89bd9d40090cab8451de16f559dc57018580ea7e4703cd4340aca4407f7b1334f7691af5fbd50ab46647f162914d61a452feff938120fc

Download Submit