hxxps://github[.]com/Bximenos/Minecraft-Vape-Client?tab=readme-ov-file

Analysis

max time kernel
95s
max time network
96s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
22-05-2024 03:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/Bximenos/Minecraft-Vape-Client?tab=readme-ov-file

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133608224447797738"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exe

pid process

4024 chrome.exe
4024 chrome.exe
4024 chrome.exe
4024 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

Processes:

chrome.exe

pid process

4024 chrome.exe
4024 chrome.exe
4024 chrome.exe
4024 chrome.exe
4024 chrome.exe
4024 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe
Token: SeShutdownPrivilege	4024	chrome.exe
Token: SeCreatePagefilePrivilege	4024	chrome.exe

Suspicious use of FindShellTrayWindow 46 IoCs

Processes:

chrome.exe

pid	process
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe
4024	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 4024 wrote to memory of 764	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 764	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 2976	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 4704	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 4704	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 1952	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 1952	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 1952	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 1952	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 1952	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 1952	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 1952	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 1952	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 1952	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 1952	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 1952	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 1952	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 1952	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 1952	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 1952	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 1952	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 1952	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 1952	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 1952	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 1952	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 1952	4024	chrome.exe	chrome.exe
PID 4024 wrote to memory of 1952	4024	chrome.exe	chrome.exe

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/Bximenos/Minecraft-Vape-Client?tab=readme-ov-file
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4024

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7fff44a89758,0x7fff44a89768,0x7fff44a89778
2⤵
PID:764

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1548 --field-trial-handle=1776,i,11503081376540670751,8119290172083746732,131072 /prefetch:2
2⤵
PID:2976

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1832 --field-trial-handle=1776,i,11503081376540670751,8119290172083746732,131072 /prefetch:8
2⤵
PID:4704

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2100 --field-trial-handle=1776,i,11503081376540670751,8119290172083746732,131072 /prefetch:8
2⤵
PID:1952

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2852 --field-trial-handle=1776,i,11503081376540670751,8119290172083746732,131072 /prefetch:1
2⤵
PID:3560

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2860 --field-trial-handle=1776,i,11503081376540670751,8119290172083746732,131072 /prefetch:1
2⤵
PID:292

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5188 --field-trial-handle=1776,i,11503081376540670751,8119290172083746732,131072 /prefetch:8
2⤵
PID:3668

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4912 --field-trial-handle=1776,i,11503081376540670751,8119290172083746732,131072 /prefetch:8
2⤵
PID:3516

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4884 --field-trial-handle=1776,i,11503081376540670751,8119290172083746732,131072 /prefetch:8
2⤵
PID:4680

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5276 --field-trial-handle=1776,i,11503081376540670751,8119290172083746732,131072 /prefetch:8
2⤵
PID:4684

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=880 --field-trial-handle=1776,i,11503081376540670751,8119290172083746732,131072 /prefetch:1
2⤵
PID:4628

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3488 --field-trial-handle=1776,i,11503081376540670751,8119290172083746732,131072 /prefetch:8
2⤵
PID:1836

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5256 --field-trial-handle=1776,i,11503081376540670751,8119290172083746732,131072 /prefetch:1
2⤵
PID:4748

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5524 --field-trial-handle=1776,i,11503081376540670751,8119290172083746732,131072 /prefetch:1
2⤵
PID:3708

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5560 --field-trial-handle=1776,i,11503081376540670751,8119290172083746732,131072 /prefetch:8
2⤵
PID:3868

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5024 --field-trial-handle=1776,i,11503081376540670751,8119290172083746732,131072 /prefetch:8
2⤵
PID:2992

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5908 --field-trial-handle=1776,i,11503081376540670751,8119290172083746732,131072 /prefetch:1
2⤵
PID:920

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5372 --field-trial-handle=1776,i,11503081376540670751,8119290172083746732,131072 /prefetch:8
2⤵
PID:912

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:592

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
206KB

MD5
f998b8f6765b4c57936ada0bb2eb4a5a

SHA1
13fb29dc0968838653b8414a125c124023c001df

SHA256
374db366966d7b48782f352c78a0b3670ffec33ed046d931415034d6f93dcfef

SHA512
d340ae61467332f99e4606ef022ff71c9495b9d138a40cc7c58b3206be0d080b25f4e877a811a55f4320db9a7f52e39f88f1aa426ba79fc5e78fc73dacf8c716

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
d26229c9070f7cc1872faffd74854a93

SHA1
768c51617385a41d3e5017242ffd5d0b2a82bbdc

SHA256
d08960f25dff7ce806f07e29c7238126ad1a348f1694113aba4a8ab79fae34a8

SHA512
a5665755eca43665954cc83402d67fd6e0f11f7d854936dd7b853e1a89a980ab378adff1ecc882500a4e668644bc67a855f7d4aec822e923cd2e7cbb06fe0057

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
648674c70c7decdbb38a1d5b65e2b5c5

SHA1
1472493979232b04a0780b57543133e9997aa5f0

SHA256
6e904603fdf4c3471e264882a758e3173c0702932b1a57e7c734cd81fc81fb5d

SHA512
1e0937b3c82602b275fb8466dad15941ce5e72a99c5352d161565b082beccdce1ad0b0f4508f13dedbd4f7b40bc15a4ea29be93ca6af8e045e13c639736764e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
76a61f88e16245f0a1db614afa9f5e4a

SHA1
a0276be41dbcf67e9430a90a305338d3cde75b6c

SHA256
b58d532c622b81417c07288a8b549c35ccd016932f40f3aeadf9bbd79276c040

SHA512
8a962adb67049e23332f3ded9acdf16d46154fb42f81fc8c07e70d568545106abc3072167458f0befa4e5ec5cd6ed803dae851e9ed4ff04f16f77310bc2ab222

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
5fd67f3fc6ef2063ebe3d48a37de2fd4

SHA1
cdda4c26a4519c13afed7b896b5bdac8052b79a8

SHA256
a5412aa015dd3404a1cdfb77da0cc794e3f1441493677dc56c926b340d6f877f

SHA512
b4d52231a326fe7f639328373249d1aeb2cef0225efbca855b963cbfd9129c28b185cd81730588f0f6fce179d2a7d78188f1d46db6a9ea52800e33bd9431c4fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
eba637f46673a9753c3576ee96a8472c

SHA1
2b370380faa19d6415910071ada9fac6131810b1

SHA256
1af78fa74ec48e5ccfa300d2f35234194eafed56d324259dcbf8091131be0e4b

SHA512
006f6d55f00fb24900610d1faec5f832c3914f8030cfedfd7df68209898394de3303d11dc46234e5548f65c4586b8beb5677e7bda3a2fa8f29e5d70548bab6b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
bf39f3f8a31a48558e4b508f6d493384

SHA1
93435172ce8dab25c1d05942959aba36dc335baf

SHA256
ad9f786b332c6d6bbb5a5cd427330702001094094c65594038f3446d83a7dbf3

SHA512
bb88ee31ce2bd1bee7afca4f4bcf755736e06c2703e8f837b78e236a965d3b1ce89115c332e37a19d03ff8bcca1636c83af4b6be13d643a0976599b50fa579b7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
83eb25a1eb63a001372fe99f288d9fa5

SHA1
33e0d570448f4f673e528ac89ca9a8f14744fb41

SHA256
3e8efbf1491129db86a86a7738387e78f3c37ce672402368ec6351fea25b7bc8

SHA512
f6ac811a3badc7e4def0e918061b6ae9abbb124b8d7a21970a0baa28f115039634a5de21a5a62e29261d90859ece21318cd1baa9f309d3cb81283aaeefc7e4e7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
703f3ab9198b71b2def2ea39cc6c755d

SHA1
6ca8abe6ca498bc708e566514f7bb1eb0ac82878

SHA256
7663ee8c991540c05c72081a502b2594f7599ea4ed3c77aeb600005b25347644

SHA512
6e343b46b761ba7db4d898aefaaeb8a77d33c1267877a4dc01a2a3aa60a79a6f4da36965d002a528173a20ac1170473540c3505c4468cfc0476829d00d0b768c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
961cff7978d5d4741c5b4593be99afb3

SHA1
3cb89670311e2fc13c011fff4b0cc15d1100482e

SHA256
e87fcae587626435cc0c6c6081cc9264944b4f22fcedec3a7ea0ae13f9544aa5

SHA512
70cfc11df8bff6486e077e82faeb3b0633bbaade58c7c15b5f205d723c48eeec7c90980e5e9fecf9237f3bddf6fbee88985b09fc9ed16fc6c2ed695c3d1974e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
138KB

MD5
6481986d152e86b88c889615d1af448c

SHA1
9f4fda0f50992f649ccdc2bac90add97ada60de4

SHA256
e8eacfbc4f77c84a730424085ba2b01f4dd61c59579402727601ae79f7656e8d

SHA512
a05db71b5608c443e290c54180054c56d03a13827228cfd362437855c0bec149ebc0490efa4a7ef67e0958186b58dba5d83bb8908620db597c0068533568523e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
138KB

MD5
0853b6933d56cf5db381650a14985aeb

SHA1
a14e4f80cb92e1a60918cc917ed9e3fe323fd5b7

SHA256
d68f3b585513b503fa3ed4089b6d73b3d414cdff5b56e737831795b19624106e

SHA512
1222b8f582139dfc7a81a59db0d9f8a8f9dd3a42021863663c9f7e0a3f93f8c4812081f62079229b4af642fa30c49c5b1b752b0a0d90bde855d6a5a6dd71aca8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
137KB

MD5
10fa8ddaea134809460111bf4ec75607

SHA1
d95ac48c2776885021f3e9124c5179e67130216b

SHA256
8f7e2d4e142550c38c68196bd829a7e7fa086bff67c5ec0de581135e96a9e961

SHA512
a73bb22f8e4834b1ea648ea59db4fc265ec59366ac45e288b57f2df06a4224b16e96e3b782ad3d9aab0ab5aa051695d47607467edfa7d77fa9851610229e0d19

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
157KB

MD5
9bfcdb6c1f238979a210c3793f2963c8

SHA1
19e11bc9c715a4cc43b266b87b7d72c1647c551f

SHA256
9aebc106cbd374c229cc71a21fa586086c75fe3e2e79111268678db566542bdf

SHA512
e6d743345d3432c9b6f23be9bc6a5f36e81c23571661442110f437cde98cb3d2f303451eb0719262ee964db2fbd0ce8835555ff02a3dafe5f78ed476ec291b21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
138KB

MD5
27d50131d75ccdf1089e1ce2777c4db3

SHA1
e0bcc08d702b5f2f8563691120d93ec9bae03198

SHA256
41bab23b0e214f4f68e5b15c66881420f1f8827231754090f1a9c2bbcb9d05a6

SHA512
4ba135915ce4a355b387dd36592c9f213e965cbc50f7bcb52f3d36383a5aff63ba46dc5e7f535b31497ef8267b9c18110c6a6b76d11a58f433c8156252bf03bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
105KB

MD5
02ac94e8c730517a2e39e7a5a4bcdab8

SHA1
d07c5b8898d657a7a7100b8a424136ae7925244e

SHA256
3c751f03ae1124cc165bd3c6d5af7299b2e767cd92cf37a7c847dbd0ecbe8823

SHA512
bded9d51098a8b0702f831a481beb2ea486d045e93816ba6aba71448eb41a532be9faa2791da809f154b4fb4ff55271455f2a004a1d60a508fd5c08e5b2f2fab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58293e.TMP

Filesize
98KB

MD5
9b84a53dea9628da9c28997ba77e8c58

SHA1
4403a5aa24d8c79effde9b8ccc66d28e781772f4

SHA256
901fcbb72aea76e3a6d13e91e7f363ff093eb22dfd554b1dcd1830c065d31842

SHA512
65ea03859b243572b09a6440991820ca1ab514cd3e5c6f00278cbaabf83bb3afbc9bd5d7689064736cd868c9905d2dbd3f8ab694ad35c23bb4c05220e2069edd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
\??\pipe\crashpad_4024_SNMSBLJVYDVHIMZU

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit