hxxp://85[.]190[.]232[.]132

Analysis

max time kernel
299s
max time network
300s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
24-05-2024 08:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://85.190.232.132

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133610129335989756"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3036	chrome.exe
3036	chrome.exe
2856	chrome.exe
2856	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe
Token: SeShutdownPrivilege	3036	chrome.exe
Token: SeCreatePagefilePrivilege	3036	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe
3036	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3036 wrote to memory of 1632	3036	chrome.exe	91
PID 3036 wrote to memory of 1632	3036	chrome.exe	91
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 3500	3036	chrome.exe	92
PID 3036 wrote to memory of 4388	3036	chrome.exe	93
PID 3036 wrote to memory of 4388	3036	chrome.exe	93
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94
PID 3036 wrote to memory of 3448	3036	chrome.exe	94

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://85.190.232.132
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffff4d4ab58,0x7ffff4d4ab68,0x7ffff4d4ab78
  2⤵
  PID:1632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1592 --field-trial-handle=1812,i,864457305976910175,14375297988129271306,131072 /prefetch:2
  2⤵
  PID:3500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1812,i,864457305976910175,14375297988129271306,131072 /prefetch:8
  2⤵
  PID:4388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2216 --field-trial-handle=1812,i,864457305976910175,14375297988129271306,131072 /prefetch:8
  2⤵
  PID:3448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2820 --field-trial-handle=1812,i,864457305976910175,14375297988129271306,131072 /prefetch:1
  2⤵
  PID:3288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2828 --field-trial-handle=1812,i,864457305976910175,14375297988129271306,131072 /prefetch:1
  2⤵
  PID:1232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3604 --field-trial-handle=1812,i,864457305976910175,14375297988129271306,131072 /prefetch:1
  2⤵
  PID:2092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3368 --field-trial-handle=1812,i,864457305976910175,14375297988129271306,131072 /prefetch:1
  2⤵
  PID:3840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4512 --field-trial-handle=1812,i,864457305976910175,14375297988129271306,131072 /prefetch:8
  2⤵
  PID:2268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4704 --field-trial-handle=1812,i,864457305976910175,14375297988129271306,131072 /prefetch:8
  2⤵
  PID:1440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3436 --field-trial-handle=1812,i,864457305976910175,14375297988129271306,131072 /prefetch:1
  2⤵
  PID:5672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=1792 --field-trial-handle=1812,i,864457305976910175,14375297988129271306,131072 /prefetch:1
  2⤵
  PID:2576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4876 --field-trial-handle=1812,i,864457305976910175,14375297988129271306,131072 /prefetch:1
  2⤵
  PID:5380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2396 --field-trial-handle=1812,i,864457305976910175,14375297988129271306,131072 /prefetch:1
  2⤵
  PID:5576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3352 --field-trial-handle=1812,i,864457305976910175,14375297988129271306,131072 /prefetch:1
  2⤵
  PID:5036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5020 --field-trial-handle=1812,i,864457305976910175,14375297988129271306,131072 /prefetch:1
  2⤵
  PID:5688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3372 --field-trial-handle=1812,i,864457305976910175,14375297988129271306,131072 /prefetch:1
  2⤵
  PID:5908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5036 --field-trial-handle=1812,i,864457305976910175,14375297988129271306,131072 /prefetch:8
  2⤵
  PID:4648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4120 --field-trial-handle=1812,i,864457305976910175,14375297988129271306,131072 /prefetch:8
  2⤵
  PID:2032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1456 --field-trial-handle=1812,i,864457305976910175,14375297988129271306,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2856

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:3580

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=4356,i,4686244434963378549,11462511444150484980,262144 --variations-seed-version --mojo-platform-channel-handle=3652 /prefetch:8
1⤵
PID:5584

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
c1e661687a202a4f505884070e8ef66c

SHA1
2aa33e50b4105407b82a813f1c9f23ac4a5014f5

SHA256
66993ff6cbfceacd39d336ef64385dab7b06ec3d3290266b0164add9e7647ba1

SHA512
f058374943e51746a2ef4f28d198e1cb460eb9aecf9a3289aed669ad69f70be2a48913832d6433404738f1ba602d15a34f940e9be607d128af48cb2fdff595dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
98501ea50adfcf8a38bbc5570156957f

SHA1
e186129f139fac281034030a8e4db816cc698405

SHA256
4f16cd629d0870495ab60d52047b22ad8688561f754ce03d960dbe1ad3c4c950

SHA512
c5f3ad9814ce49815f0d09e44ebb8714b27fb93f3191678369afe3f82b3c5a8ed975213599d1e141d618ffacce5fa9978cb2363a3cbd9810890b68479846b292

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
a49c8daf331dd2888aac1d55bafb56f1

SHA1
3a41c5bd5a21720a76f4204bdf3a84530944b4ba

SHA256
732f7bbe84ea17152a0c22b7ab70cce682ec25045dc603e368b2274a618c9177

SHA512
47636de458d9b6622acdc9bd2ec59b4b8ae8a22177e015392daf650d8d6fe26a3f40e327ee708ccfee07d108b08b14f70b1de5c352b48755b42156024dee1b81

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
6cab6c6dd761318b7a16699e6398224e

SHA1
93a7ab28ee65e777ab34497c2add02793736124d

SHA256
5024aae9f7f31c3b5e79ad6eb82d11229c805da6373e324fa25fa4bf1f02459f

SHA512
35f650708e861dd0e4b031522b1be9e976fc4fbed6db821cbfbb8785d7bb0b8c70034b2139b35bebb1732158f52e7287000639dc8cad8243bb78dc8c92ab8871

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
e7272e7d4fa2534120a8c874fd94745f

SHA1
a3f864bf478feaf1b7929cbb8dff1f3d05ee01f4

SHA256
3b1c96d11e86aec3a7eb27489f88e8257f3cc868672b21aec831e651e5f191f0

SHA512
1422ff306b9ad753a5f11a7e60c4603c50750cc06917523b88a48fcceca3565a5e21b3ba0b6920e78898d6662d803b3c090c06d34dfc4ce1c536dd3c4c99b539

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
255KB

MD5
fa7010e953a6c492d9b01221287972c1

SHA1
d4feb33982754d68b2cb7da37d2d2f119ce4dfa6

SHA256
3e4bb2e23c67340f3f7252abd399a4507258f1e9a93e0af5eb080dead081a5b8

SHA512
d5800f8aeb178a109b3b1e295f6f0bcc0172d5ed82df6bfd8d8ba65496d5b4fd625e9ace2b6e534c2a87dda912a7a41851a836c09db4afed3001d3b9b7dc1c37

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
255KB

MD5
3d6318c480cbd585449e27addf38faac

SHA1
384852e45efbe35e53ca7a3aea1d3c977d5f8a2f

SHA256
e182a0584ab16b3c95d0122686a34342d3e58c2fa857cfe0d921aed335bcf7c5

SHA512
bc09fb56aab7065a03a634aa5a9fa1c05826980a31de26e9923125edaa7de46419338cd67cfaecb0d1505a9c201a08c6127629a215fdb1c17fbe937f0cb910f6

Download Submit