7e1c3dcffb185feb832f89d6f55b23a39abb83adcb56728a46f4785aeb9eed71

Analysis

max time kernel
58s
max time network
103s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
22-05-2024 20:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Dream Basic/client/injector.exe
Size

38KB
MD5

791139bb526c7fc6f35f5a35e366460c
SHA1

230e6531462f131779231b7e876323b0d3f3bd03
SHA256

c9c174ae7c2ad864c42bdada8543296b6d7d2a828b4986bd6aa477431636a18e
SHA512

1c664616f4bc2357d6990760c17ee97f2f3406fba78610f52e000e3ff0ee9061481ab6b80ec0cd9b522fcc4bfad0cfa96fe10f43e6e916e0b72b261540e0dcf8
SSDEEP

384:AmqwTrbZ/CH3l6VdIlrlBM+w+8vmtf9HI2+bGduw1kf+nAyiK9y4WMsgcjZSUSLf:AQTdC1ZwGSde5W/9SeXygWSjt0Gse

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

chrome.exe

pid process

2812 chrome.exe
2812 chrome.exe

Suspicious use of AdjustPrivilegeToken 30 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe
Token: SeShutdownPrivilege	2812	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

Processes:

chrome.exe

pid	process
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

Processes:

chrome.exe

pid	process
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe
2812	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 2812 wrote to memory of 2576	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2576	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2576	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2336	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2060	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2060	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2060	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2684	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2684	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2684	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2684	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2684	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2684	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2684	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2684	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2684	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2684	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2684	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2684	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2684	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2684	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2684	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2684	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2684	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2684	2812	chrome.exe	chrome.exe
PID 2812 wrote to memory of 2684	2812	chrome.exe	chrome.exe

C:\Users\Admin\AppData\Local\Temp\Dream Basic\client\injector.exe
"C:\Users\Admin\AppData\Local\Temp\Dream Basic\client\injector.exe"
1⤵
PID:2972

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6609758,0x7fef6609768,0x7fef6609778
  2⤵
  PID:2576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1168 --field-trial-handle=1308,i,5394381296364057999,12904772758556035392,131072 /prefetch:2
  2⤵
  PID:2336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1432 --field-trial-handle=1308,i,5394381296364057999,12904772758556035392,131072 /prefetch:8
  2⤵
  PID:2060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1600 --field-trial-handle=1308,i,5394381296364057999,12904772758556035392,131072 /prefetch:8
  2⤵
  PID:2684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2168 --field-trial-handle=1308,i,5394381296364057999,12904772758556035392,131072 /prefetch:1
  2⤵
  PID:2880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2176 --field-trial-handle=1308,i,5394381296364057999,12904772758556035392,131072 /prefetch:1
  2⤵
  PID:2884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1468 --field-trial-handle=1308,i,5394381296364057999,12904772758556035392,131072 /prefetch:2
  2⤵
  PID:1728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3252 --field-trial-handle=1308,i,5394381296364057999,12904772758556035392,131072 /prefetch:1
  2⤵
  PID:1740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3492 --field-trial-handle=1308,i,5394381296364057999,12904772758556035392,131072 /prefetch:8
  2⤵
  PID:1020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3608 --field-trial-handle=1308,i,5394381296364057999,12904772758556035392,131072 /prefetch:8
  2⤵
  PID:1996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3504 --field-trial-handle=1308,i,5394381296364057999,12904772758556035392,131072 /prefetch:1
  2⤵
  PID:1904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2472 --field-trial-handle=1308,i,5394381296364057999,12904772758556035392,131072 /prefetch:1
  2⤵
  PID:2176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=2704 --field-trial-handle=1308,i,5394381296364057999,12904772758556035392,131072 /prefetch:8
  2⤵
  PID:2768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3924 --field-trial-handle=1308,i,5394381296364057999,12904772758556035392,131072 /prefetch:8
  2⤵
  PID:572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4004 --field-trial-handle=1308,i,5394381296364057999,12904772758556035392,131072 /prefetch:1
  2⤵
  PID:2608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3232 --field-trial-handle=1308,i,5394381296364057999,12904772758556035392,131072 /prefetch:1
  2⤵
  PID:452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4156 --field-trial-handle=1308,i,5394381296364057999,12904772758556035392,131072 /prefetch:8
  2⤵
  PID:2032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=1996 --field-trial-handle=1308,i,5394381296364057999,12904772758556035392,131072 /prefetch:1
  2⤵
  PID:952

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1912

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\98d4cd4f-4d7b-4830-a5d9-a6edbb7aa64e.tmp

Filesize
7KB

MD5
65c1de1d2a619bf3a2b1b4c93933b3fb

SHA1
14aae313b696d4034783dcc92a5385f75a9806ca

SHA256
489bb4054f81187784d79a6fc3957a805cb75c8afb8f7b2abf5fbc2f72c5fcf9

SHA512
fae99c347b4417ad74e0c221b1f657b783150c9f03c19ba1279f3cf0b450ee59721e93a68979eeaa98792c5602907510e8d8d2c36af327328f051450fe68923b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf76dbaf.TMP

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
854B

MD5
cfdf7e0c5a8f086d8f0abdac9c0f639c

SHA1
5c7f1448d3275290fbd40199bc4b59b3b0b8de43

SHA256
f7440a4738d2c2df845c7ca83ad942f2048bf75235f030a81cb367983acc599f

SHA512
18e418861bf653a3c83d6109e53d1f90491dc0618112226cb7a95b1b6e0a5e49fda3899ec4b0eb65f984b831f4e4950bf63f6e6a39437a47d7ca0df8c413dad1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
854B

MD5
5be363adad3d64bec5ef276118899c1c

SHA1
05a7b640635bc5cff5a6760cca9b50bb36040141

SHA256
96e1b8fb1854090583b87b0f3088b70947b52eb1d20b2694784a249d2b46efa3

SHA512
2d7512d0e321dd79c758e6088c8adbfd77442339f82eac86d17a767bdbda1eb5161dc2e344b3317190afe52a8ffae8f451c4363602b7fa7867767ae486d40c67

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
854B

MD5
2110793b92de6f0fb09868427299af2e

SHA1
833df6dc53902db6f8397bf352e2a0dfd24dde02

SHA256
77624b763c90f889317798b289f0b2cca0483dc784d341549aa02ac25c8bc0aa

SHA512
564a4495c4561ea05777a6c94f6bd2d77f6d290a6ee057fb0d3c44e0e770ad937b87fa62fd0cd6a274ff35a02e0e965ebbf0d6d347dce9e97166eae214c72765

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a198080d0bc5d56a161da08d1209a8e4

SHA1
b3b597861769401ba1714848dde0fb514d428ca0

SHA256
6229f7a4c8ecebacffc66d8759ae447c6cd3a2e959e8564026204f543fb0e456

SHA512
25d595a246b8d53af0980a0f73fd801c8e01600bd65b172938477dbb0d1121d9a1e5cb8ef094d1b64137b2c93a5fa66b7ba127a6ff793f0c81d2e847d203d726

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
478c0d5deefd21568d9f129bb8fcfc25

SHA1
78925a98b0b86ff44a8216f95d189c4b6f6c96e2

SHA256
2dedf6dc65582a7ff9dcb4d5da43d13b0fa1aa5d5967c13d06afd7ac87e5bf3e

SHA512
73fd8661237f58532cac2c7ca642b07e787358a9eda2129473ac0d4c071d471cc50ac09e2a1d45f476f9f7db24a46163167b83b5b0f91df203acb88f7e901bc5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
1729a47277786e7edfcfad906e3c05b4

SHA1
633357687b25207a8e463f4e15ec71a9857a5fe6

SHA256
8d590941522e4e043bee7e6ff31d2bc2990d58b7d337e2381ea3a70aa719a71b

SHA512
9da5b51c5a5a4fbace6d99772d9952125682bcb2b44f337c6881a7860378509bca74a4a69397aede8147fd2c7bd797fdaa40a419c3932af1bbf4698b5323e487

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
0093ad5d14c0c6e5180496c44029b9d5

SHA1
34a21bf76750a858c5ca5acd59747366e4054b72

SHA256
571c2113f836119dd66c50ece2cd73b055984a140dd5d370c18c4ebf893d1c73

SHA512
2714ae0102b1d2b4c21f8aa77d40666e89ece13b6a97d4e0918776c98b2805664223cdb3e6733e552e1765a5cf94a6514f660a48b807b9637d3ad42dcf2833e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
7f57c509f12aaae2c269646db7fde6e8

SHA1
969d8c0e3d9140f843f36ccf2974b112ad7afc07

SHA256
1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

SHA512
3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir2812_601582409\Shortcuts Menu Icons\0\512.png

Filesize
2KB

MD5
12a429f9782bcff446dc1089b68d44ee

SHA1
e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

SHA256
e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

SHA512
1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

Download Submit
\??\pipe\crashpad_2812_PAUQVHQKEZDKYXEG

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit