hxxps://youtube[.]com

Resubmissions

25/05/2024, 12:09

240525-pbs64saa42 6

23/05/2024, 14:41

23/05/2024, 13:11

23/05/2024, 13:11

23/05/2024, 13:03

Analysis

max time kernel
1799s
max time network
1685s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
23/05/2024, 09:04

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://youtube.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133609302634160628"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4124900551-4068476067-3491212533-1000\{78FC2D30-0741-4719-8081-647E2D5972E1}	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2960	chrome.exe
2960	chrome.exe
4364	chrome.exe
4364	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: 33	3768	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	3768	AUDIODG.EXE
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe
Token: SeShutdownPrivilege	2960	chrome.exe
Token: SeCreatePagefilePrivilege	2960	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe
2960	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2960 wrote to memory of 4352	2960	chrome.exe	83
PID 2960 wrote to memory of 4352	2960	chrome.exe	83
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 4068	2960	chrome.exe	84
PID 2960 wrote to memory of 1488	2960	chrome.exe	85
PID 2960 wrote to memory of 1488	2960	chrome.exe	85
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86
PID 2960 wrote to memory of 2240	2960	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://youtube.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8030cab58,0x7ff8030cab68,0x7ff8030cab78
  2⤵
  PID:4352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1672 --field-trial-handle=1880,i,10520638471659325454,11371949856950482954,131072 /prefetch:2
  2⤵
  PID:4068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1880,i,10520638471659325454,11371949856950482954,131072 /prefetch:8
  2⤵
  PID:1488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2228 --field-trial-handle=1880,i,10520638471659325454,11371949856950482954,131072 /prefetch:8
  2⤵
  PID:2240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2944 --field-trial-handle=1880,i,10520638471659325454,11371949856950482954,131072 /prefetch:1
  2⤵
  PID:2936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2952 --field-trial-handle=1880,i,10520638471659325454,11371949856950482954,131072 /prefetch:1
  2⤵
  PID:3256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3484 --field-trial-handle=1880,i,10520638471659325454,11371949856950482954,131072 /prefetch:1
  2⤵
  PID:4568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3848 --field-trial-handle=1880,i,10520638471659325454,11371949856950482954,131072 /prefetch:1
  2⤵
  PID:944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3180 --field-trial-handle=1880,i,10520638471659325454,11371949856950482954,131072 /prefetch:8
  2⤵
  PID:2984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4548 --field-trial-handle=1880,i,10520638471659325454,11371949856950482954,131072 /prefetch:8
  2⤵
  PID:3564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4644 --field-trial-handle=1880,i,10520638471659325454,11371949856950482954,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:4364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4636 --field-trial-handle=1880,i,10520638471659325454,11371949856950482954,131072 /prefetch:8
  2⤵
  PID:3212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4952 --field-trial-handle=1880,i,10520638471659325454,11371949856950482954,131072 /prefetch:8
  2⤵
  PID:228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1736 --field-trial-handle=1880,i,10520638471659325454,11371949856950482954,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4364

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:4612

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x41c 0x320
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3768

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
480B

MD5
ecdc9462a35200d0c39a5aa4c8ff6b6f

SHA1
768161fbc127d0d5fd4c4c38b22aba881d724ac8

SHA256
21510fd1b48e808035255e89bf1d341feb3053925ee9fa6c91e854c249452024

SHA512
ec2af48f192183f495b99dd705413ca64d8dff378a27842a341de2f06d8a6ddd641ac357ee9d8d81af43dcf933b8ae5384d4db4729bac2ffb9d04a4ada4161b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
6232c59b313984cef91cecd4bccc21ba

SHA1
c941d9ea928246531d706b72fa6d2387f8e4fe25

SHA256
809952fd506eb73afd3ff0fa65ee2fe143f312262211e1fd5f1c6821495a9a14

SHA512
524c2d464ffb50aeae970f8965332310d5a9956748764bb45bef90ad52bdd8822d67edd26ff43a190628707becb10374ad709a1c735ebf8809e748f59be1cfec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
fcbfbd35155651f39ad7d60aae35e1cc

SHA1
cecdf37cb857f88f436f167d975d6eb03e541532

SHA256
84a22fecdc1fb472b65c4775342f34fb8abf94672b5cfd195d8713b64b32c3a2

SHA512
70f55deabfa6dd444d81dc3529e977ba4e73a743bf5523a479c3c334bdcc171985bee3e9893595a3b7103097b603cb0a2cdc9c7745c578a583df415b5881d84d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
7651cf83cc65b7c7a2e32e0dc6c562be

SHA1
8bdd881643223dacbbbd8349f24d481b4f4ed664

SHA256
cbd8d8fa1a80ec8e329edf6b231d1c81dfbeecfc11725694d343deda02f082bf

SHA512
82d12c55e8de1ffe6a2bf837b5be26c5cfca0b2517527844fcc4e90cee9fd4c99363d1de32525ef0166500a787b48b3d200f0bc1d84d26f79d2e4cdae85d5872

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
6b3bd68cd2e2cb3e9718e4b089a26121

SHA1
5e66cbd29f0d74f3fc4b0526dcdb922af6824f3f

SHA256
7df6a522f875295e518b55a2780c0a397f53773405a77870dca73cc6a431e2fa

SHA512
fa43ec0fde20aaac3c21f4f5bb374eda6a3b851385062a8a8c236361ea74213824784bb240a1eb4303da31d3619bf87f5295141e0f597de739d67184f9365a60

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
89ed7d4b308550e7aca85569390b545b

SHA1
1009f0cbf57e6f78b93fae0f15412d13427b1f63

SHA256
efb1a4648148ba717956a7f7834b90761ed58daadf44e5b9225cc3c9f602aabf

SHA512
da9efeb6304921ba3b5b1042c11ca2c08f744076a5f2d5776f35e1960af201eb3b88fc97de135c736bd51d8fc9223490c45c435ef6c03af0a71fe72f46b32e93

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
859B

MD5
78a52abde45cc0879a6950f54c302aff

SHA1
820b85b77b74fef73cb44ec353fdb1eae327a4c1

SHA256
91f2fc903efdce08b918597e3113112d67e1a43bbd2147625ac2ae797d6dfffd

SHA512
d0aa16f3642567cf2de85b9ea6a3e850a526a719631cf05065442690400a08d0ba1ab5545263bdc26976e09939089492871030f8ef6e67a5bbac04f84e88139d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
477434af3c556718defc1c8b566c15ac

SHA1
e1a945df9eb52d03cec12769f39255760f85271c

SHA256
71a75aca3ff84eb0fde26884fbf2f0be9063d809be3ab3b05b1372244e4dc89c

SHA512
5d2f8cb98f4336e6146bfab912f30261c18defee2d9bd1ebeaba7dce306ddd3b9b79958d186c291ffa2bdba1f62c68b21993130b0de5941b9539c8fe90b6db76

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4fc46e0b-6b5a-4a4f-8b8d-f522dc90e100\index-dir\the-real-index

Filesize
2KB

MD5
2869eea8ba552efa9422de9b61531c5b

SHA1
6e056a5f7413477a41f1739098b09b5da7be349f

SHA256
40d79377a8bf114e20720afb89e7a0b3127f2bae54cc76a8bc8ca7f4f34ed267

SHA512
afc0fa1e0ad29e6771f6441a96d4b2f24daced473037c11a5edbd1f01af2d1f8c868b3fb8d03ba5b6047e40819e65817b7144390f9e6e5c79691f620f8c1a14b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4fc46e0b-6b5a-4a4f-8b8d-f522dc90e100\index-dir\the-real-index~RFe57b602.TMP

Filesize
48B

MD5
8c8c64783f9f90f32ec69f8941116f1f

SHA1
e8b6e29dba7a504c96b4897047fb55c3a6936d59

SHA256
f11517402a1f2c0c90e1c42ae4ded82b95f0a88c80f27ba6524b2c11622cff58

SHA512
74b5a426d81736c3adcf542c7fc76e10dd6dfbbbb17137c727a5399b540768309e8b1441a1a07010861be1b09aff14a6c1bab7fd3a2d472492c2461697094f17

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
cf0e42589df324273ed1315190993a02

SHA1
21e2eff2f37bb25efef2b5577050925bf6b83b33

SHA256
779ff7dae1c58054faaf3faaa780c72ca4ad797bd4fb1c9a4b024d53e735acd7

SHA512
a140457d4851a59d68443ed44f691a97994fef903bfe02bdcc76ef50f0bb32641c97e3ed4e225b630284008bca1e55a5fe51dcebb412dfc72f6e306f311f42e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
a7add1841a9e63c82bf2f70cce67f241

SHA1
9958e5193a6ac13b32616b92a72eba44b713dd7e

SHA256
b4664e8924a7a50f4143d49d722a873b345e876d4be6a1492977acbb963c7716

SHA512
380d717f04ebc8e063a667be1939c7b8847ac5f0b3d3b0e74c6b59c9ef29c95c4ebb39ef93f3a98a2dc788782500b1bd16efb1d25c4a7a144312f7a5fbeb430d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
d0ffa58e1a4551af61a423f3294ecd19

SHA1
d71b43641a0bbabac35923ea95019b2a8f22c80d

SHA256
b31e94d32ba2b525dbd17a7515cd27996ca3422ea268a8e54d65aa9d13d0748d

SHA512
8642a774f3a94f58eb913875f14d103c721d91d5e6eaf09d7f6f2d1d89920d3be7ff9a3046e31c9dd4ece59ecd209fadb08567e4433a987b95ef3572cbd61683

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe576012.TMP

Filesize
119B

MD5
986469ec45ce772f54a800a53ce0eee2

SHA1
915d30267051ba1de437d24d81800bbcb0099e2a

SHA256
412c5f939c2c315457e02b3ad1fce81491fafd582a5e4ea4e5dce9cd067a432a

SHA512
ac7dde60f4cc81932f153ef3159c707a0c76cb61bc153cfe42ffba0ad642e8e4b7bd250650380874c98be9f668b748f9ad6e2bc5d860ecfad321777dae950ea6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
54b4b87ea3e21ca43863b405a537d921

SHA1
f0396292059a9c71c61acccc9810f28114ce6cf0

SHA256
a41f020939d78e48d0b5b60edb99c455f71ca3a639fd447b41a8e444577cea3d

SHA512
1325290793c360295fbb976b28a69df800371f028ae7b2ec22ed5310d99465b8b357da1f8f37087f29c1d6f7fe16acafc321a1fddd82242a27c467dcb5ac82c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57b21a.TMP

Filesize
48B

MD5
37920aaffd80f51747833297b84831ec

SHA1
bd8135d377e4a03414639a40b7643428b13465ed

SHA256
498d77ec3036b63b905615e84182c3816249163e80e40dda39aa2f6337e9f138

SHA512
05b16f0d871c8f60c415f9619dbcb441cae31cb4e3fdde143c687539913082be816fe7f7164d48ec9e6be24c3b5f7190d9ba14428024951565233a120c567090

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Icons\32.png

Filesize
673B

MD5
88dfa96f9642297ff88909ca4e0f7330

SHA1
ed8655bf13e6cc49395da4c760168c4148454b7c

SHA256
5e5eb084cf1a650b2e122f53d36f85b67ce6e39069e399a46a25dbd34f7be286

SHA512
cc2deedfeacf9f26e48cbb26e222a219905888b95634c7d91d6393b84248305ce8940816bdb3bff0f5384b9dad90f4e3905b229e06ce4b1023a1439293b240dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir2960_1251257231\Icons Monochrome\16.png

Filesize
216B

MD5
a4fd4f5953721f7f3a5b4bfd58922efe

SHA1
f3abed41d764efbd26bacf84c42bd8098a14c5cb

SHA256
c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3

SHA512
7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir2960_1772115636\Shortcuts Menu Icons\Monochrome\0\512.png

Filesize
2KB

MD5
12a429f9782bcff446dc1089b68d44ee

SHA1
e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

SHA256
e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

SHA512
1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir2960_1772115636\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
7f57c509f12aaae2c269646db7fde6e8

SHA1
969d8c0e3d9140f843f36ccf2974b112ad7afc07

SHA256
1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

SHA512
3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
255KB

MD5
f4468d6186339c9e8800e3101f1cb434

SHA1
524f738129710e6d8f8e1840f3088c33059773cc

SHA256
ac98e3525ec5e976fec81263356db24ffd63bb6f53ec50b48354cc42fa62a203

SHA512
8cdcdfe5779ef8e36b34b240ce2e6e6c580740b86bf3ee8437feda1b48f3a76eab54d9807700dd6b4dbad4a7c6d764c84900a15c0a6bd9b19ec78943e0377137

Download Submit