hxxps://goldeninternationalcorp[.]com/contact/index[.]php

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
21-05-2024 14:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://goldeninternationalcorp.com/contact/index.php

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133607767673069830"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exechrome.exe

pid process

1560 chrome.exe
1560 chrome.exe
2108 chrome.exe
2108 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

Processes:

chrome.exe

pid process

1560 chrome.exe
1560 chrome.exe
1560 chrome.exe
1560 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

Processes:

chrome.exe

pid	process
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 1560 wrote to memory of 2308	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2308	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 2728	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3104	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3104	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe
PID 1560 wrote to memory of 3028	1560	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://goldeninternationalcorp.com/contact/index.php
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffea6ecab58,0x7ffea6ecab68,0x7ffea6ecab78
  2⤵
  PID:2308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1684 --field-trial-handle=1904,i,72924499881433647,9837902908732588551,131072 /prefetch:2
  2⤵
  PID:2728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1904,i,72924499881433647,9837902908732588551,131072 /prefetch:8
  2⤵
  PID:3104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2172 --field-trial-handle=1904,i,72924499881433647,9837902908732588551,131072 /prefetch:8
  2⤵
  PID:3028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3060 --field-trial-handle=1904,i,72924499881433647,9837902908732588551,131072 /prefetch:1
  2⤵
  PID:2892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3080 --field-trial-handle=1904,i,72924499881433647,9837902908732588551,131072 /prefetch:1
  2⤵
  PID:2928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4340 --field-trial-handle=1904,i,72924499881433647,9837902908732588551,131072 /prefetch:1
  2⤵
  PID:4936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4480 --field-trial-handle=1904,i,72924499881433647,9837902908732588551,131072 /prefetch:1
  2⤵
  PID:1228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3312 --field-trial-handle=1904,i,72924499881433647,9837902908732588551,131072 /prefetch:8
  2⤵
  PID:3644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4152 --field-trial-handle=1904,i,72924499881433647,9837902908732588551,131072 /prefetch:8
  2⤵
  PID:5108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=728 --field-trial-handle=1904,i,72924499881433647,9837902908732588551,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2108

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:1692

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
264B

MD5
e136405ad349bcd42359a5391678b607

SHA1
5b8ae5c92216cad71a1e0f0b35fa1f0ebc3e523e

SHA256
e48137937309be3599f34a8c75bf334c0a59832365c39c2c72b5a53f4a115a66

SHA512
81fca8e2aa42c22440536f5f629ef2a375e9d4ee1368f85afa7eb09c8e5913d5f64c2d26f8c53bb0da2e347edf1e6c32cec1cc351c4eddea6862af9ccb2aa514

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
e5ab2f13f39aa64a05ef911738df8d26

SHA1
f205369072eb769ae1df3d961dbefc27e8e3094c

SHA256
7cfdee8ea1ef1c0ea69d4c94f0433b6615626dd8d5f8ee7a8ac0fd1bf54389eb

SHA512
ccb3b01005dc82daa5a2371bf2042627e47f76188db43c67a637be4d98e8e31bd297fcf007591d0177cf24ec0fe3c37f7bb362b91051408aebeb6a117de63e31

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
19b0a818358bfd43e5e60615e62de665

SHA1
72694845040d7268193392db3bc3354f580b6d70

SHA256
e4b50cca317c4f170ee18e0287e57fc73ce37e0bd2236ebbb48a5eae99e3dec0

SHA512
3255bebf7b827ef6a57cb33d6c2bdf8d1d079034bc62d6e0cff280e01d1db0363fc5d03adb0401e47d37cde7834726b53eaa87d7b07ef0d3b1a4ec44c7540bc7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
1a9a827389e31b95ee0784419ec46c99

SHA1
d7dc398555d8f43d37e479e58c399f87b7f5d783

SHA256
a2ed8416c08e9719237d66d35a382b2adbd0733efa4c1b88acb20a185bf5823b

SHA512
7f918a1c06f3f78e39da2e64ecd4ee2eb22590b58dea721ad338315082c1f0d267193619889d5bfef841d5ef488ca019d19d094ac61a2ac33f113304960d6e9e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
57907711a09516769c171aa227148c81

SHA1
387c4539dc1d1c7280821a86d9378c03db13b7ad

SHA256
5d721807ab89cdff71aba9d3175929fca2c3582457749fdd154fe637989c722f

SHA512
53ef8dc4396e5c9fb86e8fd8d35f538595c06579c6cef03b23a27bb30ddc854178a031b40b81820588b6f7c983f7a49d9524ae9da3424f55c9f01fb748808d7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
233bbeb33b558820567b865399b47f9e

SHA1
57fbd15506dfc39b38ccf4dc76f997a65d51535a

SHA256
c72a7640d7953810182dc69a218749dd469b3648d3984c27819e447098d39e8f

SHA512
573b2326f783ae6b24b025a77e71f489ade5cedaa1e087b85f032a207e65a42ac5c18600b85a0d35bfbbdfc368348a395516ff2b5a1d57c7d2180e93d6d1bad5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
11818d9c4375016586b1be72532c63f7

SHA1
3a0c5753a0133bdea122b179f7fe895c77429bb3

SHA256
893c2ce3d5e0a342a02a5a68f9c625e3a3f2d3bd427b438220c808e53a0c0ce3

SHA512
5290a53f6b49af3b0f89b429595a10e4fc47f655a7d7d4cc333aba18be3185bf5ad976738315954cc73c3b9e1321f8326f3b349da18f118c4311ff6cae9960a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
f141b5c5064f495830e31dbeddbcdf3a

SHA1
6c2b48e8f2371a554ca37a636df6d8f1bd5b0557

SHA256
62b908ff8759fc7ebb70a2cab4a1bb395ccd312a5cb5bb3497085175d3cdba51

SHA512
33b67ace841e2bf7447b8579335859896271a743fc89eb3cd63c2ab013c09d52888ade57713dea330ac934d9ee615201986b4c37f0d8ece75c6e391490d53aa2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
bd41695bb8e929338cf7b6e3478c4c8c

SHA1
fe58c2140cdf5cd8af08e68849e7ab63615c9178

SHA256
86ce79eadab0d81d7a2ec745441fdf46e0d9c060db8fe8fab48110ea8a3466eb

SHA512
50453f6fb87eae745c087dba9f89f4aa3e868d3ae1a06af7e999032d96023d4ea7fbb70e7dcc9393717eab126713a557bd9d388d769e3403c9ae9eddd794f33f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
d808b0830e8012d30f76912e4b8a902e

SHA1
0ef70686ddf6be02a0e859cc06effd3dfdd76c1e

SHA256
d6bc9b28cd9a13313dccd8b52dce2de864bc16f7ba9cf908b3147f7dae3ce63d

SHA512
5e5e6eddc721413c84059f571d76fb8738437fa45407eafa3a77ddde40193cc084283b8bbb2d2bc7b9461bd06515b47754200567b98e2f363e4aa4b79b7f339d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57b18d.TMP

Filesize
48B

MD5
0cca5032f11e5663c7b81ec1658f95eb

SHA1
fa314483010cae0bb1e7095c09c40fbdf0997f6b

SHA256
6159c67d5107754b22c6bf6b190b28c93373667397b4a0ab27ffe722e0158129

SHA512
ff78375de5d2fa55d98685da0f88c2282e9c30f455686ed7803503cb301a6f0082767cf321ac7bc0093cf274df62223229917752dc6619c0c9b21441838be03f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
255KB

MD5
6301dfd25e568f5dd974e3e71ed68db6

SHA1
d86a7bd3e9c3bb5d03ba5faf5ee9b50cf5fdd6a3

SHA256
a13c77fba053ab4371d00a014c2e19c973d30cbd822528a6ca60df8cf13296c1

SHA512
ea0966752ae8996b909f06a017ecebb8860cf8d6af20aaba3e8c241c3171ca6739d852c8587e4abc62661055c3f3339e9883633c4ae925ef303a0d4f2c34563c

Download Submit
\??\pipe\crashpad_1560_MXOWZNNBSZOALEZG

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit