hxxps://www[.]mediafire[.]com/folder/gpb4mo8iwzu61/ValorantCheat_v2

Analysis

max time kernel
78s
max time network
79s
platform
windows11-21h2_x64
resource
win11-20240508-en
resource tags

arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
submitted
23/05/2024, 17:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.mediafire.com/folder/gpb4mo8iwzu61/ValorantCheat_v2

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133609572402058101"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2457560273-69882387-977367775-1000_Classes\Local Settings\MuiCache	MiniSearchHost.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1912	chrome.exe
1912	chrome.exe
4756	chrome.exe
4756	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 25 IoCs

pid	Process
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe
Token: SeShutdownPrivilege	1912	chrome.exe
Token: SeCreatePagefilePrivilege	1912	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
1912	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe
4756	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
4676	MiniSearchHost.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1912 wrote to memory of 1340	1912	chrome.exe	77
PID 1912 wrote to memory of 1340	1912	chrome.exe	77
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3100	1912	chrome.exe	78
PID 1912 wrote to memory of 3580	1912	chrome.exe	79
PID 1912 wrote to memory of 3580	1912	chrome.exe	79
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80
PID 1912 wrote to memory of 2224	1912	chrome.exe	80

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.mediafire.com/folder/gpb4mo8iwzu61/ValorantCheat_v2
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x10c,0x110,0x114,0xdc,0x118,0x7ffaf6bbab58,0x7ffaf6bbab68,0x7ffaf6bbab78
  2⤵
  PID:1340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1664 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:2
  2⤵
  PID:3100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2000 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:8
  2⤵
  PID:3580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2148 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:8
  2⤵
  PID:2224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2808 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:1
  2⤵
  PID:4724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2816 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:1
  2⤵
  PID:2784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4260 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:1
  2⤵
  PID:1144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4776 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:8
  2⤵
  PID:4248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4016 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:8
  2⤵
  PID:2420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4316 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:1
  2⤵
  PID:1612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4380 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:1
  2⤵
  PID:2984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4464 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:1
  2⤵
  PID:3400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5152 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:1
  2⤵
  PID:5040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5488 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:8
  2⤵
  PID:3344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5804 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:1
  2⤵
  PID:3608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5988 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:1
  2⤵
  PID:3396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5736 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:1
  2⤵
  PID:4004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=6296 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:1
  2⤵
  PID:3036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=6236 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:1
  2⤵
  PID:920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=6292 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:1
  2⤵
  PID:2872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=6452 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:1
  2⤵
  PID:3332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=6684 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:1
  2⤵
  PID:4972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=6688 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:1
  2⤵
  PID:2880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=6716 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:1
  2⤵
  PID:1216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=6864 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:1
  2⤵
  PID:1072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=6872 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:1
  2⤵
  PID:5092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=6340 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:1
  2⤵
  PID:1412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=7652 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:1
  2⤵
  PID:3108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7108 --field-trial-handle=1812,i,16611744376249285215,5421264794745503941,131072 /prefetch:8
  2⤵
  PID:4480

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:3624

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:4676

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:4756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffaf6bbab58,0x7ffaf6bbab68,0x7ffaf6bbab78
  2⤵
  PID:2896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1732 --field-trial-handle=1716,i,10847635983189806375,16673206725360883360,131072 /prefetch:2
  2⤵
  PID:680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1716,i,10847635983189806375,16673206725360883360,131072 /prefetch:8
  2⤵
  PID:1928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2176 --field-trial-handle=1716,i,10847635983189806375,16673206725360883360,131072 /prefetch:8
  2⤵
  PID:2124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3080 --field-trial-handle=1716,i,10847635983189806375,16673206725360883360,131072 /prefetch:1
  2⤵
  PID:3012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3132 --field-trial-handle=1716,i,10847635983189806375,16673206725360883360,131072 /prefetch:1
  2⤵
  PID:4104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4312 --field-trial-handle=1716,i,10847635983189806375,16673206725360883360,131072 /prefetch:1
  2⤵
  PID:2252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4344 --field-trial-handle=1716,i,10847635983189806375,16673206725360883360,131072 /prefetch:8
  2⤵
  PID:2344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4516 --field-trial-handle=1716,i,10847635983189806375,16673206725360883360,131072 /prefetch:8
  2⤵
  PID:1460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4676 --field-trial-handle=1716,i,10847635983189806375,16673206725360883360,131072 /prefetch:8
  2⤵
  PID:2336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4508 --field-trial-handle=1716,i,10847635983189806375,16673206725360883360,131072 /prefetch:8
  2⤵
  PID:4796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4828 --field-trial-handle=1716,i,10847635983189806375,16673206725360883360,131072 /prefetch:1
  2⤵
  PID:3956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4680 --field-trial-handle=1716,i,10847635983189806375,16673206725360883360,131072 /prefetch:8
  2⤵
  PID:1376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4440 --field-trial-handle=1716,i,10847635983189806375,16673206725360883360,131072 /prefetch:8
  2⤵
  PID:4140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4492 --field-trial-handle=1716,i,10847635983189806375,16673206725360883360,131072 /prefetch:8
  2⤵
  PID:4044

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:4564

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
7a924cbf0412e1de06b0e38590ecb6a6

SHA1
db32fdf7c23f28a2fd3350dbd94ee25ce78b615c

SHA256
6ae5ffbda60d117944970cb446612309126b1f131f52f904847281ed4fcb8e54

SHA512
7feef2199bf9003eed113aefd0d28f0cd359e26daf9bde23d918a39af0a9815c641c3befb1650b86cd121bf98d3b899c852cf81a89dc1e416ee3f7a423fc86c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
11726fa7ea4c57db0943fdf2aa2c3f3f

SHA1
c7b8a485e75ccae7a99c87f164db568586d9a5fe

SHA256
29f3d54f0ae63257e33f85129940cf223dd1cf41af7a5b2b75010ac13ac4a8ff

SHA512
b8efc0fc3772ea9619cdfb4911797ba3cffa7d8a31b9ba3de74825a182cd2ea3f178b6b431b3de101cd6198675447a51ef3d7afac95a9ee26aa84cc9293decda

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
4879f227fc90502e182c01427c50bf7b

SHA1
a7d0400b35e7b64a9480618f8d899899bb4dd1fe

SHA256
6a1aa1094392088e1974544a752f3eb82134054fd793e4c37fd6e5d8d60b2271

SHA512
814a3705d35d9ee30f0f614adf1ac29b417a7b287005154a629127050d66fcec95c4469abec908dcf1abc22ead138651ae7775b2b97ce4671282e185712bbc67

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
f20b7d5bb430431852af1bf48adc55be

SHA1
e819c5510b247f1cb8371d08db6d1b705cf9db2d

SHA256
737eff944fbb7ec0d318e0017308660a9938c3b13d13e32a4eeb489286579444

SHA512
e4cb079d0419032e698eb0f66fc43bb08d0177529d1f20284bf75cab860f7ef2508810de8e89ca89f0b2648362a82aace1655ba96b3a284c96f13847b2ccee62

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
78f0871dcda4884044e1492a5c8f3977

SHA1
e5cf2c923a1884b9c793851ac71b3d8e2368c28b

SHA256
fd561a39609d88820aebb0e263cb86156ab1502799f4bab2974a8292a00c641e

SHA512
a40e14741714cf3afc2f3c72623e425caaedb94e58c7668b08503b63bb18b84ce95ce2bb315e3c79ac43b74046d72331fe5d04097723ca9b24cd6199aa261dc8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
33KB

MD5
d989f35706c62ce4a5c561586c55566e

SHA1
d32e7958e5765609bf08dcdefd0b2c2a8714ce34

SHA256
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716

SHA512
84b9347471279e53ec5f151caf47fd125b9c137d4bf550a873c8f46e269098ea5e2882b1dc1fe3b44095308df78f56d53674928f44a1e76d3bd7dc9d888d91dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
51KB

MD5
6e2df673cf4661a6709df74b340a712e

SHA1
78951ef50dd7d443f8480af8c8cbe8f2a00aba5e

SHA256
5adbc8850a787767d3726dc34e3cc71f4d91382f2392a34ca9c97f7aa411f182

SHA512
8ac2e49e092f03ede6cedb19418c4654b12449bfc4b34d4ef1009f74b171f4ff244f0fa0b4999e99b257eef2c8337e8e87b1a803030c986da3f3a3b198f51fdf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
25KB

MD5
947b7b96c830b83cc2f06bb27f4be73f

SHA1
a221e5919af446393acc428b9a781b413f7776ea

SHA256
82cbfb11944684c9199402b1eacc05984d105c872517082ba25b2c74ec0e4944

SHA512
b2e3eed0274b1a7689b6a7a94778e7534f121c94d50a43e8bada832be5785e3ad1dcf8f150750485dd323a1d64a609880d2d19bd0867312a25bdbfd1e9347d91

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
42KB

MD5
79cbf5b6645638246cb94c0fe4b59bc7

SHA1
7edc0b05ee0d9e945f74742e46c20cc83de2b3ee

SHA256
2dc8cb2fe5802944f5a378daa649ccaee14ce3025b76447824c75eb26fa78936

SHA512
9e7a5efa1a0d6ceebae3db6c90b2c0bf59162fbe6dce5b7695dc46636fb7bc631dacea71c5e4cd8c1192a610a23ce4d8e154eb26c9423917bf69a056ec640dd7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
206KB

MD5
f998b8f6765b4c57936ada0bb2eb4a5a

SHA1
13fb29dc0968838653b8414a125c124023c001df

SHA256
374db366966d7b48782f352c78a0b3670ffec33ed046d931415034d6f93dcfef

SHA512
d340ae61467332f99e4606ef022ff71c9495b9d138a40cc7c58b3206be0d080b25f4e877a811a55f4320db9a7f52e39f88f1aa426ba79fc5e78fc73dacf8c716

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
21KB

MD5
660c3b546f2a131de50b69b91f26c636

SHA1
70f80e7f10e1dd9180efe191ce92d28296ec9035

SHA256
fd91362b7111a0dcc85ef6bd9bc776881c7428f8631d5a32725711dce678bff9

SHA512
6be1e881fbb4a112440883aecb232c1afc28d0f247276ef3285b17b925ea0a5d3bac8eac6db906fc6ac64a4192dd740f5743ba62ba36d8204ff3e8669b123db2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
69KB

MD5
52db7ae8dc8b25c04be5cdce177fdead

SHA1
a8c7a7b785018350d7697f6efa8689bd3d1584c8

SHA256
00bc1b7ff15963b8a4264d5ca4926bcc5a2ae719d2cfac38cb39a7dea7e508d1

SHA512
d0f1e3ecf5bebe910271087934bbe4df28171c24da281de2e7fd35fb894b02c6c113728af1c88447f98a0ed9e1a6b7771ca807f9afb7cf7acef11bebc9a9538e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
89KB

MD5
13b2b5a221bb5abc54e3df699aec1159

SHA1
3eaa376fd586342448026f163da4e2fbfc66b8bf

SHA256
1c10c04abcef16755977d7124c9305748419d6b2bf8f1d410f4ca7929cefe9aa

SHA512
fbf8c2c4f7dc45ec38d99269ce386dd8184773edb021c31b2299e7900337ae70d9710e1761edb1b765454c725cfc0c6be29ff50e1c70e51c45d685acc837a2b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
148KB

MD5
f785f43e3293564019ebb6507960fb45

SHA1
100e4100693e84097f1e441e0aeac030af0d6e6d

SHA256
e3321c1359990e75f29b8676c449719fae1b545d89506cca3c280de1ed5b2736

SHA512
d4d30c850657f9e5fea15d3f81cdf816ae5908f7678a91eb571cf9d95443f18517bfb2c4bb78cbc19196e65a5a01df52b35ada444f5450d5222d05e8aa3f7021

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
106KB

MD5
54bfa2ebcc854e09842e3ea69fd98e05

SHA1
7258bd8da229e2802fa6fb64cd23362f4c09d1c4

SHA256
415692477dc80a7c0eeca1d6af80ef012224f37da2151399e701fd89b60e0b71

SHA512
b7a688351624e537a3360aa6adb2e003413cb8da6969f760a12a96700efb755330b480e9e845de3d99ac51246ed46a89bde5b53ba79174e02deeaad40b19a985

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
63KB

MD5
d34ee02061caffd5f0870483dbc720e4

SHA1
23ea706ac3c3bc335690ef0d05d61c660e30b45b

SHA256
17d8801553bc4253c00dffe318d585de9458e03d304125548143c5d0e3315c4b

SHA512
061237af287cda9e0d781228fb09fabcf84cfdeebfd6e03821d54ddacc173160bd007457ec9b7a3cffd2c746c54bf6b1a2161ca7fb68c2fdc7b097b0c0efe321

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
85KB

MD5
24722ab6a4f9c8f35efb9756ff59c8f8

SHA1
b9275e909c99c90f837fdf24ea7fe4955720f17d

SHA256
9972d04a2d2a1d1326a5b38d118aed687eba23c77a824e80ccf28eb149f1109e

SHA512
2a4ad1f0c1eb46579bfbd65e99710bfc0dcd98594499f76efa7b811451af6ba43cbe19271c4446fdf03316c2399f22475e814b2fc8f1279501362ddd7ff9778e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
47KB

MD5
015c126a3520c9a8f6a27979d0266e96

SHA1
2acf956561d44434a6d84204670cf849d3215d5f

SHA256
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

SHA512
02a20f2788bb1c3b2c7d3142c664cdec306b6ba5366e57e33c008edb3eb78638b98dc03cdf932a9dc440ded7827956f99117e7a3a4d55acadd29b006032d9c5c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
71KB

MD5
5576d2c8433d323617d26980ba788542

SHA1
881c8409be9fd8f5319e1397d51841728c9802b6

SHA256
587a3100da449bc153e37c84f3120400e164d430bb91aa87dbcc2c17148baef8

SHA512
05ee1a2e84ba6345dd91b7192df0376ca2326645143d769407a7856727db68bdb01e94cbd2f58b38c34a99d7c9deaccc5ddfa9b79f9d3db7fbd2dea8837ecabd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

Filesize
96KB

MD5
d32e36e9b1024ec2467edd585638da0e

SHA1
8defcc5e5a34a37b5c60ea9fa0c79d81361e038b

SHA256
e5867fbba21bc439860430837f2297cc6b91fbfb2df73023e8fafd538ee6ae13

SHA512
4c5a9cde0673126158af5ce7ca98fe69734584d64bb81028d9e225e8c65023b7698d40ac31cd27561bd528f60d8acf59e48d5038fcae3dad475b954ce8257b6b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
40KB

MD5
4947987831bf03f78a44e7b3328eec66

SHA1
6894b118c693744cb326673c7a9f3aee6fd5430a

SHA256
feaa8eca71ae4230e3d7d0e87b9852285cdfe0c78cee5cfee04406b3c6e7ae3c

SHA512
5d6804104992248a237bd6d062b2be83a510a793b817802880cb6161084a4fc34c0fa0a6a8e8ab3ec3d5b0ec98fde012cd71ee5e39075167246aa72bd362c3b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

Filesize
54KB

MD5
351627792644ab9efb09c0b60bf6cdfd

SHA1
af7ccb7848b0dd36333b6243625a0d504dbeda55

SHA256
ad02f2117951950b09db5b4270e090182af8b1fb1a25d2965183a5fdf2679427

SHA512
760b9a2821b36346c349156cb185a85e98bd825bbf39ef7b153506bcafae8d1d513f6a3d6e52f2e5e526344e8d6a183cb8d7e8821f1d187f04cf389a39995a6a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

Filesize
37KB

MD5
6b864f27fb9b007ada4f575edd525ab4

SHA1
4861d60b79a7569a02335232a4a721ac3bd7c54b

SHA256
02f8bd29ae254b5122e920c53f13175844a186e0ced3e8cd417d09f5837f27f8

SHA512
69c0a05d473593fe80db1281b41aaf87aa8c09c23e835c3788e0d153434e8c60dcf1d39bad65380c28b416462e46c3c4e514d40f2cbc2ff92a46a6f5fc4d3920

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

Filesize
256KB

MD5
0bed0ce2e43ffc999880634c5c029115

SHA1
00fc8d181fd50f1d16ea275d3db7e784a7f879fa

SHA256
6f7ef2c1e63593b6356b042954ba14113e45c3c24d9804fe4a201b1a9edd8bf9

SHA512
99a3b57c8875f1a79a14ae29b31a5394a58d1e1cbf6bc3029d57badebea45a83612f97351001e0545384d2d74672da3f422876fc3ec648d68b9692de88e2b429

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

Filesize
29KB

MD5
95c5400f03a5237ae8aea2703e8c19a1

SHA1
663899c837ce9ac44d49db5b0148c658f0e744eb

SHA256
534547c49255f3535dac4d97e48d66c1f7cdab920c5dc8677a659bb87c44dc8e

SHA512
293fcad3bc7a2d37f59f5537c99e5b3cab812a632414882cca339e773dd5c5296b6b43c17266e640f3415721b081e7b09e55c6571fd45fcc47b267f432bff0ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

Filesize
22KB

MD5
616c1973b45ab0caa0d73f9b607056e3

SHA1
c04f0e9092d42d6daf7705674708dc27ec1c2daf

SHA256
5fabae6da87e6e43179198700e41fdf9a4b15fcc23de7741c75462d5d96140b1

SHA512
59728e7eb97e250c6f7a4b5e0440d3e53943b8928f75933843fa8dc7d49bbfd3deb8c87271c56023aacf10af765e77866f7d5c064948391af69c5aea3901ae0b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

Filesize
73KB

MD5
5c51a18f77ad1fde17162ed3e292cd64

SHA1
95e64fd57b98eed67f360269b9ac22e0b99a75ad

SHA256
86e9f859b799a7a516f3425c3fa718047ef8a25added2f583e7d6b8239457f0d

SHA512
f5ba2ffd4dec99678a28c7eee18e0b11d2ee52a123cde156528253cfc2773034d10003798cece3d72fc86080da41ad7696d1a77ef7e13476da4bc20415c043e7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

Filesize
141KB

MD5
6716c44d44fbc332e14d70ba0164f70b

SHA1
e1d7007d8cdc85c33e50ddd1441269f170017dde

SHA256
5266c5e463bde87ebbc7c9cc3d312ea3cff4f94b2b4dbaaf2f35ff246278b79b

SHA512
3937527e5b003641fb453cafe271264d888fb583aa0ed49bd5d715055dacf2e0f4701f6b65b8f2d301ee2cda85646bcec9a29ce22238cde97e700884e945a479

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

Filesize
20KB

MD5
3e65a3d288c0e4b1951c61676184f7b2

SHA1
564a605a43ece5a7f2e7e0d6295b7daf0e96580c

SHA256
3a7d6dab68a406eba55369a784dc9e2b2c5e8f73079d45df2b8041044472e1c9

SHA512
faf634d27f2422d373a1eff66c4e125de7f3474af01c2b6f419e69ba7f537224d3428f8d2cb402f5ebc9ae1d44d3e23ece01117bb156733f6abf9d8c2a0e3bef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

Filesize
26KB

MD5
bf4dfd7188f21de3f39f4756dc1e471b

SHA1
31f81c064d53858e2ed48e18ae6da690824cf7d0

SHA256
4719170f5ea4c8ad27d161b39ff351c2a5ab28c22a27859dc8184717a044b22d

SHA512
9ffdbebe0cc8fa1b4dd1c61953f259df8dd134d3c58b5f3c2d794f874a63604031aea05581c7c0d715baf5225de0c3f00b56287218458b0acec423bce2be4dfd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

Filesize
19KB

MD5
b776233322697ee26b8834e35359764d

SHA1
327a743d304c4b27f243a5d4738c401e5dec3e24

SHA256
15e5a253f62978e07e4823d23bb97d956099ccde8704fdd38aba02b11cf7e40d

SHA512
73eec5c89887b99f089c610826dbe273a86f9f4c0f5f0f987d87b7d9ed12e78a1cb5741d30d23d21aff6536dc34a1258cb3eda9a811d2294e96af4fcda1637a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

Filesize
18KB

MD5
fcc974a027cbaea0f85b49c2871aee04

SHA1
fca9eadecaf46dc55cb3972706fd1d2a7dcf399f

SHA256
b47a8b8eee7378dcb03c7d3041d2324c3a87af5f8e73cea066b80bbb32271ffd

SHA512
44b0883cfdf5d8df664091481b3c77e78c0c275f46e0952e1ea19afaecbe54f6a90a369241aae3be04415da75db316a704c1b947cdf4ae1a4e3ea0691dda1acd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021

Filesize
64KB

MD5
dd587a28389d1d4d3debb2a3ba2fed96

SHA1
ec98441ad31d7d02f8c1feb62c25c69ce66b77f7

SHA256
35a4c4d2433007b2f286af5cc579ba5579113a0f91c6939ef1a764aedfd8b915

SHA512
335b362518f1243384e4879caee87be002ce807949d004dbc3c7a9653947379ace26c73a9f7e0fd9a4416f11b43c30bb7205db551dbe3e8ce42646ff2634ae15

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022

Filesize
135KB

MD5
34d998b1b76e49cd55098b9596f4a06d

SHA1
89ae79d1c147da897edd43ab8fba030711b24de2

SHA256
b187780e0492be65fd50e601a85f3bea3e5edf0e15a8563b0fcd95c66e3e4cab

SHA512
9c734490da2f67609d09e35d271a212f1ab3b5ff8cd0d0b5dcdf6ff3363943be150bb0034ad61fd0e190e0137aa10b727ed31181abb9582831ecc3ccf17dc93b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
30bc82c52ad4b15a19aaba16a6051748

SHA1
474b3fc81016afb44371f013e33cea4e80323ef1

SHA256
4ef8f65a6ae605577ce9127fd13ea8a73fe91ca488628aa42ca26ec8c9ab8424

SHA512
c6c0eaede20093e8e59bb959f8fe93467c5a8af7e41544bf9af85acdf00ce67c5e41d552ba72185f1244c78c62ee349a087d170c381c6f9ef265f2b51c11a3e7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

Filesize
20KB

MD5
ca2c6cc5b07052a93274869e9f5d3c73

SHA1
7b9dc6576c80e0cb6122ce677db0fdd4e8f27376

SHA256
aa3ea619eddda6a75f569bdd9df0880f747c12c977f4ff9e6d7fa12f1658a531

SHA512
6c642e3422526eda98c5531493d0071c23423fbd7c960ac4cebb8836ba2322bd6b29d49b8c997646da65861a87a500c5d89f04e90e8b83dac3c9a84fabd3d2d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
fdef2ddc2cbdf84faa8df13c87c244d4

SHA1
ce7c478629371d4f06726db4ea9e86d8332589e7

SHA256
25b6ca105abf46e082ae953e11161fb3208466bccbbb68067f0692bf3858919e

SHA512
3f13aee59ebc9d0b7b7c9f74798f1f4d643675c5ae271307407f6cde932aa0d202e1850f6e48b0778c7c97e3c326d879fef81650cbd1eb37e2763b8e3605841a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
192KB

MD5
ad0b51510b05b2d595d7216c144a3cbb

SHA1
58e60762b29f1c41b437a7eec60b78e4e8f6e87b

SHA256
2f3904aeb7cbbb0d9ea0f07bdb88ee28cd34a4b450d00e99e6df1bcd3f4467b9

SHA512
9674f95c37e12024599386395427d7e5e7f0449c2f1f615c030fbb4602fbbb1f32f98a2a7612ecf0e00e90be5ecd2c96b6ed69c8aab26d2c3c5c22d8d14aaa0f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
1b3c3eab1d6447335fce050c311d7194

SHA1
e0fb3c9a2950b16645fd67cb560289e5cc563230

SHA256
613978d56114825a5298c4107515c23a2012141f10473ecfc00e8f7d83869afc

SHA512
03061ff996e1ee70fbc2291d2d993ba47f149ac830281daeea5b7358c85d5d9e80e8bb2d2ba7892f41210aada798e4aa663b660b32a6231950c4286d96080f12

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
14KB

MD5
d2ca363d4829f52f2a9f9f66ebd443f4

SHA1
594317b55df6d5262bc6873d45e35283b39e688f

SHA256
dedff911a6a16bf100a99b6dce2031df55d6bd5fbf2cd577e070cd24604571ea

SHA512
0e39a1460485eaff6f70cb729288fb8f483542d3bd20d2f3d24e9502f97c9ee28aec54031f0905d922bcafd2fc6e3ddb98e0e7a381ae5a4b36d4796c6eb84ece

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c4ef964445d2126212ad606c3ce36234

SHA1
7e106c46d7f0d024c381ef191be06c51cf04f057

SHA256
832215ae6e234f9fa6310240208dbee31f8f20a2a351d61ad42a50357025c420

SHA512
cdfad09bdd9903e05d8e623351c5227580606469358f0c1521be008f98e6c43b385af7b2f6205fb5f15e609136679275bc83409aad96aa49855eced0ebf44836

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
922ae52a68075e7dda856366e6b1cff9

SHA1
85ca79ef841e2bac98cbfe7f034bd19cdd12b108

SHA256
4264b4bdab1b6ebc4f626a7ee9e683f090ad57709922729cf2c4b94d87d16011

SHA512
b43ace2489d770f8ffaf86ac018f8c68cf0ba4021f268a6249bd3b88ed295bbbcbea65efa1ab9418dd6bd4f650d23f35533680ed55f1fe5b231c83a876daa7ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
64717c37a17104ebfb25cf2c4e695ef8

SHA1
2b0f728992f7802bff5368e012afef1cae2057e1

SHA256
92fb4d8274c4a3d9761d2cf9171c6cbe46fe3dbad91b476f0ea17fd89c79fa07

SHA512
6a57a674d3bbac57a1c844780d09b3bad0ae64d16f0b2f273ab708a80d1e08deec58515deb80d99803829ea6ef6cc9a4f068bc45edf7418cf9cd9850284c9728

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
1bb6ac1bdb03a935630e3353e3e2ceb9

SHA1
421943301eef87ac0d8ba7818e3aa6302aec06fb

SHA256
bce09518617720feba6ed4e654c0b46e291e9b814dcabe385e4954456f0c91cd

SHA512
71312eefbf5fcf6ac90afe2fb74f0f35e695ea7e83a8368d68fe0aae978e189f0728771ba80a09b3fad8d4ae921234e08dfccfbd9b12b554019a5bce52d90e48

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
d3e620b68d4f188fe2d0ff5f57157580

SHA1
d840413e86276c58b77be68220287cbe301eed6a

SHA256
29c2b6a6f6dfd383b1f3f3f51531a7ed1d7efdb505a795e3276e0b3202351a4c

SHA512
52c0066e10500c77166243c467cd9e24cf95f8ce457b9e655bfbebf8ffceff4ccffbbc28d82d6867d572dac57c48e647478361e43c3a7f93f7498c5c30a5af23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

Filesize
128KB

MD5
8a66691a99dcae9a891896c03e14dff4

SHA1
42cd885ab9dcaeeeef4902d79342b09c2204663f

SHA256
69053a04b48e044a97b2df70069633f9245d8a4cdce200f792b6bc5312b2c904

SHA512
65127cce6cdb1d073046e0b79d06ff25e01cba321b07aab0e86097924b5e07ceee992c0c45e526c09ad49efdbb326c34122d6dce363e96b2f1617d14d8e977ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
009b9a2ee7afbf6dd0b9617fc8f8ecba

SHA1
c97ed0652e731fc412e3b7bdfca2994b7cc206a7

SHA256
de607a2c68f52e15a104ead9ecbaa3e6862fdb11eac080e408ba4d69f1f7a915

SHA512
6161dd952ae140a8fb8aa5e33f06bc65fdc15ce3fbfe4c576dc2668c86bce4a1d5c1112caee014e5efa3698547faad3bc80ec253eedb43148e36e1a02ce89910

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
129KB

MD5
fe2c448fd80689c566098bef879684c9

SHA1
5a7d89909b4689017bcbfc41abd2e23b8ce7fb1b

SHA256
aac3746258f79c0436d7b5216f31cf7c5ea8c244e658ad3f5134536acb18e5f8

SHA512
8a04bd0f0c360a3d3bc5429fd2cfd8f14fcca176fd8f8d92d999cc1e242a353db48d55e858e294a3ef1b7523d457e07a57a9cea588bc5c60619ff7db736c8b89

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
129KB

MD5
0da16e9b7423edb1a19253ba7c5cd4e1

SHA1
c7f055d56140b7712ada287cdba1e09ca48ce6df

SHA256
c8f1ff930b4c20070e1e5b3ac662a6d817fc740d2d70f7e3b93ae04cb302ef94

SHA512
e0e8db41f406157fb7a70ed4e378b19b3eec42981f669c37b2ccb302457c3b39f9f06a28652e6625af772fc3723d58bd5ed1c2ff512363807a2e4fafd50d6256

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
129KB

MD5
5272aaec8e0cffe86395575cd05e2893

SHA1
ce32b8ca9ce884ca213d1ec5d91686497d828810

SHA256
178336265c44acb9b41822bb3e1ba105ee5f70a4909df01c0f186df14978a9af

SHA512
676042e7468906f2c97b8a89276fa96a4100f49eb6c7e3f3189bca36a8f1354c73875571b667e8c4b0fe59b5daacc12e968e6452083dc1b2392c6c7e3ea8f6b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
88KB

MD5
50a39aaf16fccd9f161962f7b4a2a67c

SHA1
117b1ae6b5b090ac3586ef0a9f89d79ba94ff6e7

SHA256
39d395d0b6da1263fa2d770d6c93e8fa28bf9c6e2f996aa76f4bf1b79a403a11

SHA512
331673c93550d7f42d782b5c643265e9304a45ba89234d5804f78a1dd7ceb00f2a38ea5b8a334e495dd86e239854865383c58f45b6c0b136a8c8c0c3ada4ae36

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5820f1.TMP

Filesize
83KB

MD5
1c8eb109d892c2a065053b5d110cf17f

SHA1
0a7dfda64e29a9555392d639423de4764dd9db75

SHA256
a099062e84c530ff9145013c13fd6c9f4e7099b7ad27ac6d248905caa85e9cd0

SHA512
c4381005c52ce96cc76a5374fadee70e63fe55b851e5e46d3fd4f20590b6c0bb3f852bfb21f4cc368510556825f23780bc120a43b26563f59e1620301fba9e7f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
b6f182bb2ba65c91742e85f2049f0918

SHA1
ae8a9117ee25c457654b87c73671901b71a1b903

SHA256
5a80698a86abe93ac6bf3e7ebc136a90be0b2c1d68c137cafce06a7604bde7ab

SHA512
ec93b1de0a7db81c4c9b6dc5edcb749458c32f54adadc630ae17708800ba925ad6d5cfdb2a313664fed000f790ef3b082ca76b9452a09105a4e5361272c31477

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

Filesize
10KB

MD5
a71ab244d565671f741686cb2c5ed11b

SHA1
b6e766a85f1f878d512f752df2dd4873971755e2

SHA256
06a5716962f3b50a8aa3acd30e33d6c75664465c3d795196ad6dce5e33a80faa

SHA512
0826c8e52b0f5dbcbda745f06390fd59ce9eee8e0e845cdb007f4a97b19065f2544ca63226b34d361adf9e1cf26644672abfe5dcfd75651cd2aeb1ae27f16f84

Download Submit