hxxps://www[.]youtube[.]com/watch?v=LeX1tN9h5S8&t=0s

Analysis

max time kernel
1799s
max time network
1685s
platform
windows11-21h2_x64
resource
win11-20240508-en
resource tags

arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
submitted
23-05-2024 01:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.youtube.com/watch?v=LeX1tN9h5S8&t=0s

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133609010561219702"	chrome.exe

Modifies registry class 1 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1672260578-815027929-964132517-1000\{198475BD-7D3E-4944-89CE-9B9EC4F62935}	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

Processes:

chrome.exechrome.exe

pid process

112 chrome.exe
112 chrome.exe
112 chrome.exe
112 chrome.exe
1440 chrome.exe
1440 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

Processes:

chrome.exe

pid process

112 chrome.exe
112 chrome.exe
112 chrome.exe
112 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exeAUDIODG.EXE

description	pid	process
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: 33	1244	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1244	AUDIODG.EXE
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe
Token: SeShutdownPrivilege	112	chrome.exe
Token: SeCreatePagefilePrivilege	112	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

Processes:

chrome.exe

pid	process
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

Processes:

chrome.exe

pid	process
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe
112	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 112 wrote to memory of 224	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 224	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 420	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 1652	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 1652	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe
PID 112 wrote to memory of 4968	112	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.youtube.com/watch?v=LeX1tN9h5S8&t=0s
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:112

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fff3311ab58,0x7fff3311ab68,0x7fff3311ab78
2⤵
PID:224

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1596 --field-trial-handle=1744,i,5250385852570012119,18204904862874135387,131072 /prefetch:2
2⤵
PID:420

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 --field-trial-handle=1744,i,5250385852570012119,18204904862874135387,131072 /prefetch:8
2⤵
PID:1652

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2184 --field-trial-handle=1744,i,5250385852570012119,18204904862874135387,131072 /prefetch:8
2⤵
PID:4968

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2904 --field-trial-handle=1744,i,5250385852570012119,18204904862874135387,131072 /prefetch:1
2⤵
PID:4008

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3076 --field-trial-handle=1744,i,5250385852570012119,18204904862874135387,131072 /prefetch:1
2⤵
PID:3068

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4100 --field-trial-handle=1744,i,5250385852570012119,18204904862874135387,131072 /prefetch:1
2⤵
PID:2356

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4396 --field-trial-handle=1744,i,5250385852570012119,18204904862874135387,131072 /prefetch:1
2⤵
PID:3320

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4528 --field-trial-handle=1744,i,5250385852570012119,18204904862874135387,131072 /prefetch:8
2⤵
PID:1688

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4648 --field-trial-handle=1744,i,5250385852570012119,18204904862874135387,131072 /prefetch:8
2⤵
- Modifies registry class
PID:4440

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5152 --field-trial-handle=1744,i,5250385852570012119,18204904862874135387,131072 /prefetch:8
2⤵
PID:2656

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4936 --field-trial-handle=1744,i,5250385852570012119,18204904862874135387,131072 /prefetch:8
2⤵
PID:3120

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4952 --field-trial-handle=1744,i,5250385852570012119,18204904862874135387,131072 /prefetch:8
2⤵
PID:2024

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4596 --field-trial-handle=1744,i,5250385852570012119,18204904862874135387,131072 /prefetch:8
2⤵
PID:4060

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4752 --field-trial-handle=1744,i,5250385852570012119,18204904862874135387,131072 /prefetch:8
2⤵
PID:1880

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2668 --field-trial-handle=1744,i,5250385852570012119,18204904862874135387,131072 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:1440

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:4964

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004CC 0x00000000000004D0
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1244

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
552B

MD5
ff8c6dc4d8cddb6e62dc0cadfd5a9225

SHA1
d2a2f58b9aeb4c89a58c35cda9a2b1a4bc47d009

SHA256
869567de26c4a6797accbe4b1e5db42021e58906ce969673af39f7c66507fa41

SHA512
511f569c74b09cfb845e74c0b3db698d12d05af218dad93d67710603d0ada545fd1027f1e2cb4f81cd01a5fa95d8492ad0244f065d0890bdfc308408b4fcdb4b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
9e28a2c411303ce6ccfc2a5655595066

SHA1
4f99df5234e8cb14c7096ead4cf95d6c90ab7ba2

SHA256
732d7ddc9032e4c1d89c2fdc1fc46510d85b7d40f99bf73b234ac0f2ef073d74

SHA512
4d75d9609eab507ca1772b06ef715125300bb45ba806da4027234a089f56474e53e232bffa104683d2fa9e72f0892efe9de4253188adc69b8b0271fd6305045a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
82e5dcc955cbf4e95efc4428e53e6f2c

SHA1
7af0f19121d94041a0a86f026ff5da8ea22c3da1

SHA256
b6c8a778a10ae57adb565ecbf1c28b044eeb41a978302ea2c37b4fe6a26033f8

SHA512
18a51f43a414213e436106d3c3169660c3f5bfa727d42ef1084e8c48843ddccfed0d3e62bd4e7435034a0340fbea7d6410c76633c1bfe714d1e8d7392fd7791b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
e6eefbb6a9b2be71fdacfbd48f75a0f5

SHA1
c7c062b7d47717b36a2746c4aed1346c945e6e2d

SHA256
418d2c1c25e0f87739f06b354495108d9f5bb37bdafe2f7b47cb500ee8c4d1d3

SHA512
c56b13f3b8582d8a82ad20ec4e6cf07fff25fe03b93bc2a9efcd0b6f5aabd992f96bf2e5cd3dea6d476d75c65a59fd66905e9a78be44cd26d982c53ad6c6aaa4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
606a5f599e60bf4437cfa8f130f23403

SHA1
1f7a18c1f01542c7c35e74c0a5e2838c198e33cf

SHA256
69d725bad7ffbc796fc275c6bc9ce8a5519252660316f1df8df14699a165e810

SHA512
faf0535496554cb50bb6019832f9ef55226d9bebba4ae93f64d8e17ef7cf05b24b961d2e6edb742754ed1a906f9c8793ecc6787061455fee906e50492c9bf1a1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
2a1846d85bc609c31b057281b148b032

SHA1
44ce127319aaf17243ed32630ad9980ee00ebece

SHA256
bfc3a0dc224a547315dfa15a1fca2bba75d3ad7a66a5e2897556e09fe3b786b2

SHA512
cb80967374c33d1e24ace4e3813e1bd70b5235858a1bcdd52b1c2777160b6d96e6fa79d5225543ff6758b5601c16e7ac6799749d3bf4977854d817ef784dcc9c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
a00cb3ff526233aa6de1bbac89d92dcf

SHA1
498f7531555e86ca4c853eab7d14a4036a4abcac

SHA256
f802966440006119428424adfe0bbe18bb937eeee2a9108b12252ab9a8f5335a

SHA512
729c5f246b837a2c43bb06fd66916323c7bc1d52d8d968ffef3033a3cf989fde5ed1041c64df0cb714e9211a8c33aef7ae1be115fac86b21d9c27271bf204e49

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
859B

MD5
7f179b426c65710c7cd577030a7078e5

SHA1
fb604f9adefc76af6178bffad068f1bc8fa44a9d

SHA256
838e1dde55e833f62970899af333d1ed2056009b9d8be646f6a8c270a32e8cf5

SHA512
4826e684f0f87265af1df67a9f1c1446f619d6000bc9c973c642953029da0d51c2d13cff97589ccd645e7f68c5e8ffa5901e4667a71c052c9c3bfbf661c0812a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
442ef77d3ff6bf090126f699f95050da

SHA1
7836f160b4906276d6dd756bec79d243e7aac4f4

SHA256
a03b7c93646c2e5dfba868b464071d4f4acf2e845def3555ede2e2ed88d558fc

SHA512
f059f7c87583f94e427c0e4349e9a375a7a2310e0500dcb7abae6b9b02f1cdf05cf3baceddfea5fa14e61f84aac2894075218a442804ebcd043a93bf74c56b44

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\65b7a243-cc37-4a49-810b-57fb29359f21\index-dir\the-real-index

Filesize
2KB

MD5
a66a0656b93d5e3a26f68f48ddc401d4

SHA1
340dfcd430c2a24e18b639f4d52e743e817c4c9e

SHA256
efc71e03478befee00c4e858d8fc83b92d9fb14ee44131319850fb62880ab8f9

SHA512
1c4334907e6531a953c8d3ac78dddeca186ae032519bf4a7d6ee94ce80110ed400a1ac83d9854967c5888d89a6aa1f7be9ecfd5d6260c730b1b75a964af5b5a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\65b7a243-cc37-4a49-810b-57fb29359f21\index-dir\the-real-index~RFe57e148.TMP

Filesize
48B

MD5
224d9cf39bb1984ada55497bef7dbc2e

SHA1
a01db51a50dadd22001c3acf9323808096adf582

SHA256
4ab05ae63c96d489535612c4d5963a3fc45df254f2c0e39a71b590f675f22180

SHA512
391362476d80169e833f9d7e4a411e82c03bd0aec5dc2ccf589147a2f73aa0f2451aca40b1b01abe7460e4fc1c61e7ca9173756e194c1c2ce2b07ce63127e02e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
17b1baa086e70ae78570adf1c641a75a

SHA1
aaf0eb2f617f435ed5e987f0ecf9a6bd54dc421b

SHA256
7316b5e4cd8969cf4dbe0a7441ff1f45021a802b5bd803b1192ba1877eb6c1fe

SHA512
23dd1677e85df593bdfedf31e0194019963ea21d9b037bef30ab9bfefa3e627567c7277b34e936f3a1fa7d8869a131584e6862a98147ae72c099865a0adfa31d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
1f6b50f3b312df6de5a99f6deb34d63a

SHA1
7161f044a36e22657b40c9ed41d84ccf89a5459c

SHA256
e9be06453bf234c554d735e8a3b0a56837f62b04c91f1d2e37e270efd25f6580

SHA512
ddf5ce7d990ec2207fdb6bbbc46119ef698a8854c3deec8f0f262109a2f1c61d6a0cc216b0e63c2daabdf975cb8eec33b83f0cdbcbf604c7440077ee82611f02

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
b8dc86e5b556d9ebafdb554e9de3ad43

SHA1
b0bf58bd2d79dadd6ac098cdb2369c6717df1a69

SHA256
99607731842c1e91ae62fa81ec493bdc1f5424ae26b22ed3eff667c59085a229

SHA512
e9994d8d7eec667b3b8e9e0330b08893d7a3d72f33c8d3b2d92c26db22c4f6cbfe12b2d5a342363f35fe51d8990c27a93dfe937142fa7fd5dcd8ebf7c95ea600

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57882b.TMP

Filesize
119B

MD5
0c383ddfe5c9f335bdbbbf21d2438c7e

SHA1
aecfd1aa5e4ea573975d37b9cce3572e8c4b8704

SHA256
4ba65c536dd3b53eeeb0819b867d9d27f6dfde7c5f24f9ae1f304eddfc97b3d7

SHA512
d8753699b2634eb99de54bb603bad6bba66e17cd01379d381ca622170ceaf219e8289720f6f765be5a15327ec90456d6c67944cdda632b5d47f1b5165184e481

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
c080635a9cea56d56bc5720e08823d60

SHA1
b22408adb57c82beb713588440c5d773eba80a88

SHA256
0bbc4f996ea527be997a2a24c0e84673b05247b0b19e64a384e8590b56a4ce51

SHA512
3cf411e41d43ebcafa32d99f0ae8993a1450bb7cffbe7dc05c117ca8bdc45581d50f12c3109592b3e5c5ad700bc881aaa95d62ac0195433560a23e2ff3927215

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57d6a9.TMP

Filesize
48B

MD5
d1c945b4530abd250717ba9d55fa9c39

SHA1
2c09054f442fe82c7cf79951fd2efee248417394

SHA256
fb2fe7a6d33b82499a3c3cc0896b91490a752f9e2c6f57058ef7c0c90ef45542

SHA512
2506bba2e700c6e66a6bb3e95822e0d1ee1d28be5b7f4d2e45b57930ec29828f3f6cc48b6bda2090ac58747f02105fb53c8891acf831719bd82567609dc2409b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir112_1662444274\Shortcuts Menu Icons\Monochrome\0\512.png

Filesize
2KB

MD5
12a429f9782bcff446dc1089b68d44ee

SHA1
e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

SHA256
e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

SHA512
1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir112_1662444274\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
7f57c509f12aaae2c269646db7fde6e8

SHA1
969d8c0e3d9140f843f36ccf2974b112ad7afc07

SHA256
1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

SHA512
3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
131KB

MD5
22ac4591219688993425e104c32cd8bd

SHA1
67555603a23b9f3e718a588eeb0abf071c3fd65e

SHA256
cd882ca7dd1ac84d74435c51756521fdde86070b02051fae5712fad333674133

SHA512
71d341f7ab01499cf2bd40e0b2dba8fca5cf190837ddd390029c0bf2ec1a267fe6acddc88815ff203e1fac264415926e3709e50f59e8239cc5e859390d1864f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
151KB

MD5
a4c9310e95509b14ead98d17160ea089

SHA1
ea490b8c7f71c133278f7999ed0f5972464b7903

SHA256
35374612448ea6af9af9127068c8c3663fca7e505d41a3555d62952fccc0470a

SHA512
1b127f6130ab652bf16e6a690f608edb63d0493e71eb4c0114cbebb6ef6ae26bfb9c1ad93c9f39924a51b7c7d2abbf89a7f766414922898a504d71779db8a57a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
131KB

MD5
efd016337bcca096400f20f0863098a9

SHA1
8c6a5b3a7f7eb136b2c9d878813ee1d79327949e

SHA256
704e7d76f8f477fc8a87da1a25973f6240e7dcc1f05cb0751be44518ac52085f

SHA512
bbb20b192c595d068b04871289c000bc5406a547bfb5a1769198adfa8e61200a4117b0908895b79ce4698acb2f6086d2e752a843df14f4814e92f71cf9fcb37c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
131KB

MD5
cbf6261388ca8c1a111b138cb1c146e0

SHA1
2a1ec004125742213eedfa9b46924ba4d3c65769

SHA256
a14b1e128236e6db0dbaaa75ea6d73a55e041e1b01c8d98b397d3676e825ee3e

SHA512
562df203e5192ee91531c09f8f17c9c4270864bf49d497837d399afe764163a468eefb480d06fd4ab03cc33dc51dc4c22c83b4a34e09e3b2294bb53b7db0d288

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
86KB

MD5
a8c4ddf73b4ad99307565425e9781015

SHA1
9c38fccc4c5991455c49e3ec2b613e1c75da80c0

SHA256
dc29b2e84716e43b8efbb03f34d3e1051c667340b36114a40f52bf0b5a4f4aa3

SHA512
5ac11925de10242ea0919078028aec76361f3dc4199845dc4efd72a9530d72fa2a9ecb3aa5653265ce34e7a24d38194c637f870bc5e37d853e0c8c117bdf677f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5816a0.TMP

Filesize
83KB

MD5
0cca7e73b438df9b4c2ff4ce7a3151f8

SHA1
fd43f0e20af41d1f6290369adf0903dd76f21731

SHA256
35f8050a0cba5ef1d68c7a7dd4c871a96415d20fc5ade05ef5772a6440059718

SHA512
2b3d570654f59aa0b29d42e53852fc49e7e49335493b9f29f20303a93bcc2eb4b5ea2b12ca98678d11220b9008a546095c479e5fcc5da0fb1e0fefbda73af2fc

Download Submit
\??\pipe\crashpad_112_DBKLHPFROCNBKWDX

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit