hxxps://www[.]youtube[.]com/

Analysis

max time kernel
1799s
max time network
1685s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
24/05/2024, 14:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.youtube.com/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133610378331888229"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2539840389-1261165778-1087677076-1000\{5A0AC55E-C84D-43A0-BEB3-4650B38BA145}	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
2376	chrome.exe
2376	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: 33	4836	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	4836	AUDIODG.EXE
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe
Token: SeShutdownPrivilege	700	chrome.exe
Token: SeCreatePagefilePrivilege	700	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe
700	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 700 wrote to memory of 3028	700	chrome.exe	82
PID 700 wrote to memory of 3028	700	chrome.exe	82
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 1460	700	chrome.exe	83
PID 700 wrote to memory of 3092	700	chrome.exe	84
PID 700 wrote to memory of 3092	700	chrome.exe	84
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85
PID 700 wrote to memory of 4472	700	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.youtube.com/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe8e00ab58,0x7ffe8e00ab68,0x7ffe8e00ab78
  2⤵
  PID:3028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1720 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:2
  2⤵
  PID:1460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:8
  2⤵
  PID:3092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2176 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:8
  2⤵
  PID:4472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2844 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:1
  2⤵
  PID:116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2852 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:1
  2⤵
  PID:4964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3904 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:1
  2⤵
  PID:2484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4396 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:1
  2⤵
  PID:748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4632 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:8
  2⤵
  PID:1972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4772 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:8
  2⤵
  PID:4832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4780 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:4796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5036 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:8
  2⤵
  PID:632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3408 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:8
  2⤵
  PID:3248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5032 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:8
  2⤵
  PID:4272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4816 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:8
  2⤵
  PID:1960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4196 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:8
  2⤵
  PID:3384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1784 --field-trial-handle=1912,i,14268597674889923721,5448584950524673554,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2376

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:4112

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x518 0x31c
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4836

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
480B

MD5
d945022154bd4b1c8b5c9e2dbe5340d6

SHA1
cacf529fce327ca4c6662aca46a949c381f3e800

SHA256
6cc0564fcbf9b34ebb2645d7bf10164cdae32e0f71d78021fe7fc1c7857d0c24

SHA512
f8918922157d6394cfe8a1077a0a6f0bb700ff2cbea10ea83d558a0ce52bdf23d19816f96b87676ebc97a7d0d3575d7519f89afd60eb6c0ff4cee33d6c520088

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
ac9537eee69969d1e0dfc44fb9f9c123

SHA1
b350052f6bc4f50a0d8de9aa07dfcf16ba92e126

SHA256
58f6450be9ebadd13390b317e47174b5366510a9524d3a9ed9e7e4cfb4f513ad

SHA512
0605d207d56017ee8aec6e3e6d251e99d2b72d344d7e5726f1f62dadad379dd53597954bb47a2f18eaeabf0599a25ebbe09dbadc4800fdb677d74c9b859ff471

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
f4edb5fd070aab8c35f58acfc96be11d

SHA1
7d74e8cfd1a5eff5ea36d6635c543dac1af5039b

SHA256
4105d6b8595ff6c0b6de8154ea80474128ae1914d7f78b74dad9b69fd3bb4223

SHA512
b3e15b930411779ec10ad59610a695c9a5785e543668178529d8aec4528a628490a3562352f6f509144d7f4062fcd72f465a504316b6fc9772e051685c62401c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
5d9ed799c2d2865419235475ed28b15e

SHA1
879a9bfb0cc52010cd0131957d51d301665e026f

SHA256
4ec2484dfba85b8f50f2eb4304dccf58ce7964da3e543a69c5ef0afcf6cf1d15

SHA512
2d0b2f68e49b43dec8438fe12197217cde2cdc1d013ddaa2fab7492b401c2a5260e97f5a35cc3314c92852184f8fb515ca03f5f187bf286e85e3ec9e04f9e55f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
33d6850d00b86b652c92cf3e3d6783d0

SHA1
ae7c2e08a8cd62fe82f59faf9be152fbbcf2ab1f

SHA256
29ffc3d86fed87657e392c3c3c872c3238c3c7d778726c9bcc3246bedefac087

SHA512
3fcb9ffaeb8e38b4706c033ac9c144419dc2728c30c1789666ba44e8947a45453ee939d5779f4d6dc6692fef68393e62f23b16605b453419660e5742acf271c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
56579d6707dfecf89098c8f413f42811

SHA1
8fe9226f7420e191f8d3d23d752fd5d48f3ebce7

SHA256
e96a05ba21bfdc9af80abf0e5561928b6c704d60721f47fe2f85187eccbbc2f0

SHA512
05bc6eee0a380673c9327edf1e4e254242fde8a74f3138e386fc51d83a96b274a629c4cc01df309245d5f7bfa5b81d273531c9fa826dcc340e5d599f78398577

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
b1dbb69cb756f2541b9f519c87b14aa2

SHA1
ae5bbff09b468664ff276493698f6cc8ca6ecf1b

SHA256
a422ff84efc7e26c5d60405cade053155b865f6582c64fdc5f18c05198181a73

SHA512
e969ca56d2ebf18ec154aa19f50e876917d13d1c2a173ce8b432052180843d9887a8596779c2e52755d96c2eea57de5f5bb6ab1b4ddb0578a592320351246c69

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
2773e9bbc62c225c91dbc06cd1bac7e4

SHA1
3028ed3836d0625768941082400cf411f250addb

SHA256
e3d7d2ff04ba8614c291bf4e98519e1f51b9a85fd2c0c28fb5a10ed4a2e1e5da

SHA512
75044ab8ccfdde6b2f5c82f24e9972fbf7d42e1b04cdf220f9daad73ea41a3a8a08e15068c342394242db7368a47c17af58cdce4b3beb552aaa36f9cc2d52743

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
859B

MD5
25692291c104a63e8de3acfd8ee90f5a

SHA1
0a618e0724962e71bce4b93ff0cd6cbb7fccd8c3

SHA256
9d735d4e172fd0479a85f5e93f2d2597d7e0a853ff5316732b26f34cf22a2d54

SHA512
7549f7ce43216456c769ec95d9f821a7da9b30a76f8c659e7d2ad67ab9a288dedcd48b688dc0887d9c2aca2d2a05fd07f49cf6091aa289906aeee498fe6d7d6b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
c8c7289c3c79fd862664f7486deed115

SHA1
c89853f87208986d9e55729fefa3fb48e040ca01

SHA256
3baa9a61fa816221dd79edab6fbe8fbc32f2a1e29f6b7e986a820d9502fb01de

SHA512
9d499689652ade24294c044601062ddc29c161ce56cd9e19bf376da3c083ca524d01a053c117da435652c52fff850f5503f125bf1a7add185cd71551cc3cac74

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ec04881c-a32a-4c27-9e0e-3e6c3cd99d27\index-dir\the-real-index

Filesize
2KB

MD5
9fcc71f7245917784ba4117ac8182b3d

SHA1
7b0050f022f347f7c568aab44294b649245ab4d8

SHA256
1d013599d05e2b3df6db14d68758197b3fdd1a796be65f2555ffe8d2ef8e6aa7

SHA512
adc46c3adcc741eed2c9c9826b573998fe9556afb9fb1ffe584d663d9c966a3c3b1ec19e0555701a5845d4b0ab14d61060fcd0136d19c1cd676ce8da102a8dee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ec04881c-a32a-4c27-9e0e-3e6c3cd99d27\index-dir\the-real-index~RFe579981.TMP

Filesize
48B

MD5
e6f756ba9e44a9af82270f9b1f59c635

SHA1
ac87488827b56d67d04943bc1604d37d12d434fd

SHA256
5c0a27b875214eb13c3c81bbf9a6deded18f7556ccca0c1efc7889695905c2a5

SHA512
ad6bae118259cd236019ccee0f98604082f06fab58cde18456d853fe24081f7e172f753f56614ca87cddb10bc693cf0c502b3ef83436fd416ce00a5270ae3301

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
24648762e1bd5402231756bd090c7b41

SHA1
7ab9a522101397a0928d7d650deae89a39b9fcca

SHA256
c35cc88bdc98c32890e584cf4b156c4fd6a39c63891d5cbd7c17e2c330c55735

SHA512
e563ba0ecf6c22c51d2dede5dba4dcf2d9597e3fe10953b60e2191db9efcebbb6882d84c4beacf699ceb4735f5620705908ad561c10055aed14d2af81d2b285c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
8965ab9c139c3d8a42d32c052ab3e2da

SHA1
0341d4effa63bc9b2a5c55f2c1a1bafb7feeff10

SHA256
c4658bb2b3b28f4eb55caf66ad30c91bc848855061663407ac68d3fcde12ccca

SHA512
11ca99083582badc435544e588221e2562cc009179af2039d9ef34260e5630d0853fa35745a994bbb4366c049c0215f027062a71d2515b3878a3b2f4b884b8b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
3572043439f83cfc21c2872882a4083c

SHA1
5d9e30ebd6bc766d733522987f80a5e61a4119cb

SHA256
d1800a01b7c6503c3d7db23b568d5c5f3ec12205e79ea78560d30853a73a48c8

SHA512
12ac0334238086daf0028668075afa18c7977482ca0894c5c7a096d7424717a9bbb59a3ad98c42b8693719c2cb2687bda422b1d5b3d5bce2ad9526cd58da93e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5743c0.TMP

Filesize
119B

MD5
fbd505190df351f939653fad541e0fb4

SHA1
01ed73cb8cf9a0d7ff54754775847ae30cde8844

SHA256
ca9adc6d6c99b0fb9fec2fa03eec376ca2d5616e5928e566f539f0d0d09cd2e7

SHA512
d92861a5a3a4f0227bb479a3ac7d0a5bf2ac441a18be23b1bd4e10c6b0db62d1cf8f723f3b00fb65bc7bd5a50014a2c9cff3be64985d4946cbd37ad2ff09b33d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
bf0a24a536517e16b3a6fb613aedb313

SHA1
373381ff4fbcbb075e1057f3d8e013eb44368127

SHA256
1ae33220c070d81d9bb64adf3702b8149e4c8a77ca34a313c63e2892723dc208

SHA512
87e41470772ace026331ba3791e77a74375e8420b6be6081b51a6be60c0b2329d15764ed2e7eb796848908c6542ef908db758aec76201bba7e7cf7096f2cd79f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57929b.TMP

Filesize
48B

MD5
192df186585da3bae52ebc9450d90edf

SHA1
cd652081329aceb7c1ccf2ba524cf9efec8b12a9

SHA256
b061bbf1addb0cd2d6257a8743897c1341e081e8f35f75a835cdf99cd4c71292

SHA512
8e8c8a1e4b8a2c312de4a99f95a09bdf8b34177a5977bfef3985f14c5a6c126e7ca00329d2c6708dd5b977000f731f3583c29c79f5927678715ad897cd776d56

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Icons\32.png

Filesize
673B

MD5
88dfa96f9642297ff88909ca4e0f7330

SHA1
ed8655bf13e6cc49395da4c760168c4148454b7c

SHA256
5e5eb084cf1a650b2e122f53d36f85b67ce6e39069e399a46a25dbd34f7be286

SHA512
cc2deedfeacf9f26e48cbb26e222a219905888b95634c7d91d6393b84248305ce8940816bdb3bff0f5384b9dad90f4e3905b229e06ce4b1023a1439293b240dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir700_164525786\Icons Monochrome\16.png

Filesize
216B

MD5
a4fd4f5953721f7f3a5b4bfd58922efe

SHA1
f3abed41d764efbd26bacf84c42bd8098a14c5cb

SHA256
c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3

SHA512
7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir700_698085044\Shortcuts Menu Icons\Monochrome\0\512.png

Filesize
2KB

MD5
12a429f9782bcff446dc1089b68d44ee

SHA1
e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

SHA256
e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

SHA512
1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir700_698085044\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
7f57c509f12aaae2c269646db7fde6e8

SHA1
969d8c0e3d9140f843f36ccf2974b112ad7afc07

SHA256
1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

SHA512
3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
257KB

MD5
ee781064a0e02e8d298956a03ab51ce5

SHA1
f8e055e41e7a5a96117d8de2107398519d9124f0

SHA256
ab36c909658a39b794f699995524892f97a503ee7cd967a4436709e1e44c672a

SHA512
8335cf984cd430169bc7f7d5d6976e5335e4f2dd56dcde1947d56f0981c9b19932bd42afa5ac72239a12b69f48a004a29bdf1003e50667528533fe05488724bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
257KB

MD5
b640fb29031da2cc98a4985e75c59473

SHA1
175b516019f9c4a9e9459e28d1e92b5aebb6680d

SHA256
48983f7c3c678c5f8ccc2114a464c7044cb5d4588c1d75f84493c8169dfe3249

SHA512
ac2bda1017d4e660faf60f50f9fd136ac7184f3cfa7a6d3d52af82d558ec4bffcaee36b221e16daee144ccc1ec1db80337863ef7e1938321f21c6b42fbc155e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
277KB

MD5
f27c5d6635cfcdf13cd2eedc4b6b4885

SHA1
1323ed4c2d54ad5d1251b9c7742223110e597fc8

SHA256
4fd1b97472abbbcf52bed5723d5f003a6c36365a05d6abd249d476410679da6f

SHA512
41b8a9bf6e8d91612e637f9054b7bdc23810d2456edca88b33400586d43904b88d46f2393f4ec1f8e905ce9aeb1b4c16ffc25e060277c37b680f6039f8a97131

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
257KB

MD5
fde4277df82eb2b303237fe8afb236dd

SHA1
d3f3f818056e434ad86138fc9c5b8d1098493e52

SHA256
5cb9f4b733566259b64abea2b9ffa8c1fad4c76b47e027c04f1ee09de7506750

SHA512
364a441fd011ef6c34f5cfe267338812a02b1df60f0bd3ec3a031c7a4416e1d460d2b464b0ade07ae4e9a3d45e8603efbe0dcbc785221255dd1ee0057eab6ea3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
91KB

MD5
007eba559c52e8986dc54f1ce70e251f

SHA1
aa31741e67cfd58a0d8be66487f08f62008781ae

SHA256
6dca04160aef76ac303a581a50a81e58e223553362f8738c0e1b6fbdfd3d2e22

SHA512
47d1c2e632721175eacd42d86d6725307a7005dd8195d6a9420bbe699569e8d66e8c65718719799242727a733716f8fe98712f992d00ffb4449f2bc1b9b13c16

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57d7e1.TMP

Filesize
88KB

MD5
ce2ee76060347310c12b08d39754a36b

SHA1
dc8bba4d19c6ba9b189227a6c062d049b97a9b61

SHA256
a884ac6f8cf710ad2bf0d93584b92d3d82d68d3e6f277245e33d33315c00772d

SHA512
b50378d65999440a5223ec2550b86d0e67c2a4bb142246fbb72c18836c5aee97622f8fcc559a0c886445295da5abb85e392c95eb0cfb9a7616fe86bbcaf104b5

Download Submit