hxxps://public-usa[.]mkt[.]dynamics[.]com/api/orgs/73621b0f-9313-ef11-9f85-00224806e526/r/vLQwYub2-0OiFR0uGDiqlQQAAAA?target=%7B%22TargetUrl%22%3A%22https%253A%252F%252Fprinttechsurl[.]com%252F%253Fkvifjwdf%2526qrc%253Drobert[.]phelan%2540adtalem[.]com%22%2C%22RedirectOptions%22%3A%7B%225%22%3Anull%2C%221%22%3Anull%7D%7D&digest=m8JxPXZYOMh7AFF%2BQ9Ypc6jQApSfwQy7Vu4BauWqgrQ%3D&secretVersion=a587597bbd2d4ba3bb4334f6d8be15ee

Analysis

max time kernel
149s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
23/05/2024, 15:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://public-usa.mkt.dynamics.com/api/orgs/73621b0f-9313-ef11-9f85-00224806e526/r/vLQwYub2-0OiFR0uGDiqlQQAAAA?target=%7B%22TargetUrl%22%3A%22https%253A%252F%252Fprinttechsurl.com%252F%253Fkvifjwdf%2526qrc%253Drobert.phelan%2540adtalem.com%22%2C%22RedirectOptions%22%3A%7B%225%22%3Anull%2C%221%22%3Anull%7D%7D&digest=m8JxPXZYOMh7AFF%2BQ9Ypc6jQApSfwQy7Vu4BauWqgrQ%3D&secretVersion=a587597bbd2d4ba3bb4334f6d8be15ee

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
31	href.li
32	href.li

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133609507905654303"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1944	chrome.exe
1944	chrome.exe
4648	chrome.exe
4648	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe
Token: SeShutdownPrivilege	1944	chrome.exe
Token: SeCreatePagefilePrivilege	1944	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe
1944	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1944 wrote to memory of 940	1944	chrome.exe	83
PID 1944 wrote to memory of 940	1944	chrome.exe	83
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4528	1944	chrome.exe	84
PID 1944 wrote to memory of 4132	1944	chrome.exe	85
PID 1944 wrote to memory of 4132	1944	chrome.exe	85
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86
PID 1944 wrote to memory of 1932	1944	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://public-usa.mkt.dynamics.com/api/orgs/73621b0f-9313-ef11-9f85-00224806e526/r/vLQwYub2-0OiFR0uGDiqlQQAAAA?target=%7B%22TargetUrl%22%3A%22https%253A%252F%252Fprinttechsurl.com%252F%253Fkvifjwdf%2526qrc%253Drobert.phelan%2540adtalem.com%22%2C%22RedirectOptions%22%3A%7B%225%22%3Anull%2C%221%22%3Anull%7D%7D&digest=m8JxPXZYOMh7AFF%2BQ9Ypc6jQApSfwQy7Vu4BauWqgrQ%3D&secretVersion=a587597bbd2d4ba3bb4334f6d8be15ee
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdfb52ab58,0x7ffdfb52ab68,0x7ffdfb52ab78
  2⤵
  PID:940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1644 --field-trial-handle=1888,i,11087554120851349756,15552451999499425433,131072 /prefetch:2
  2⤵
  PID:4528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2028 --field-trial-handle=1888,i,11087554120851349756,15552451999499425433,131072 /prefetch:8
  2⤵
  PID:4132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2244 --field-trial-handle=1888,i,11087554120851349756,15552451999499425433,131072 /prefetch:8
  2⤵
  PID:1932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3060 --field-trial-handle=1888,i,11087554120851349756,15552451999499425433,131072 /prefetch:1
  2⤵
  PID:4868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3068 --field-trial-handle=1888,i,11087554120851349756,15552451999499425433,131072 /prefetch:1
  2⤵
  PID:2192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4284 --field-trial-handle=1888,i,11087554120851349756,15552451999499425433,131072 /prefetch:1
  2⤵
  PID:1536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3076 --field-trial-handle=1888,i,11087554120851349756,15552451999499425433,131072 /prefetch:1
  2⤵
  PID:5044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3340 --field-trial-handle=1888,i,11087554120851349756,15552451999499425433,131072 /prefetch:1
  2⤵
  PID:3680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4244 --field-trial-handle=1888,i,11087554120851349756,15552451999499425433,131072 /prefetch:8
  2⤵
  PID:3480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4252 --field-trial-handle=1888,i,11087554120851349756,15552451999499425433,131072 /prefetch:8
  2⤵
  PID:2260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4932 --field-trial-handle=1888,i,11087554120851349756,15552451999499425433,131072 /prefetch:1
  2⤵
  PID:4080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3200 --field-trial-handle=1888,i,11087554120851349756,15552451999499425433,131072 /prefetch:1
  2⤵
  PID:4796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4952 --field-trial-handle=1888,i,11087554120851349756,15552451999499425433,131072 /prefetch:1
  2⤵
  PID:4380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=1708 --field-trial-handle=1888,i,11087554120851349756,15552451999499425433,131072 /prefetch:1
  2⤵
  PID:3604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1660 --field-trial-handle=1888,i,11087554120851349756,15552451999499425433,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4648

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:928

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
295e01d325edb34fd044b155d4105576

SHA1
8992fa50a65b850b2d3f2dd23387bae341908b48

SHA256
6c10ddaf43cd2e245f646f261aca8897c111e84d76db2ecf2937bb4ce5484066

SHA512
f00c99362ed8c3cb584a69292105f98867de892f2cebfd5ae3e220857b4a49bb63445eecad1b66cdfb3e6a14f20a49c2d0f21c0ee5ad61dea0f55082cbe7d511

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
5b0436d4b468f66307504d63a52cbcd4

SHA1
219215c79bc7184da6bfb422fce616d773aa8979

SHA256
43559f0f28e4d0e08fd9e5c4f07a7b2d65d41e97e94b78b5afddb24f3ddd7c22

SHA512
526841394e8632245acbe9376bf54bc29aeaff1629371fd5edf589441b41fb0024676438b2a87ea23919e83c7dc3ba5a418fd409f5501d02dd34f47601bf0dad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
692B

MD5
41666b2d62863f4dfec812156c061809

SHA1
f185abd37e05b61fdf1bfa0323ef27632da9dea9

SHA256
dbe485876bb3adafb0ecccdea77292c513c0aaf1383839adf2f207143807829d

SHA512
dc0082634705464452f80f5fc883a3dc4e2d23d94b025b51c331fb80eb431f30f0d61c4eee54060c933deb24a0b65d413bfa86e6f2f25b51cffa868793cc00f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
d89e4857a9820d3e66937a238ecdf832

SHA1
43efa31acae08487ff5f5fa2614826c2d9c3ef3b

SHA256
deffd8342f7caf9c9ef2706b8b9c33f36f17d86edbf5190d61dd2305a9ca9f03

SHA512
a39a7a88c2b60c3ec2d95f5a47753bd78812edd4312b79efcce5ca7894315ea87f4b967c65d11e6735ee2945744da857ce73e00f79b936b479e29af72e607fde

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
129KB

MD5
b97e278b268bc0baea0f26a52fd3433b

SHA1
32cea558f0d62f2ac7659f6859a422fc5b42fb39

SHA256
051adc1859a497cdd578375818fda6b1163126123009b018bd13532338a32902

SHA512
265ca6c4b6ed9a9eba5702fd8ba1758d27085a2a94d26be24f5b38e583e1cb32185a9a996fbe91e685893e8bbd4333928e1da41f38dc768f3c35b607ef181988

Download Submit