c21483485569acee77d71b019ed48ba151fa6bdc9c90f2e3f30ffbb5092c7fb2

Analysis

max time kernel
67s
max time network
121s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
25/05/2024, 17:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

mirage 1.16 v.0.2.zip
Size

2.3MB
MD5

c4b157db445734da54568d6383e70e15
SHA1

285f848ec5abcdfacf8d55361f0fb76064a42b32
SHA256

c21483485569acee77d71b019ed48ba151fa6bdc9c90f2e3f30ffbb5092c7fb2
SHA512

e014bb82fc5459cec8ccd630db488d1359cc6d198e204a5686441ce919f93856badfd449ac1b81bc7b2960ce7b1d9d5ed136a7f442e2e3bac0a3bb39a9ce23c8
SSDEEP

49152:a8ibphwYo0hjGhICCl4TFrlPqfSAuqNuSBZCfsrQ8srk97Hn+avIje:WbpmOhmXCl0/CfSAuEuMsnY9H+CIje

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2632	chrome.exe
2632	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe
Token: SeShutdownPrivilege	2632	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe
2632	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2632 wrote to memory of 2996	2632	chrome.exe	31
PID 2632 wrote to memory of 2996	2632	chrome.exe	31
PID 2632 wrote to memory of 2996	2632	chrome.exe	31
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2840	2632	chrome.exe	33
PID 2632 wrote to memory of 2764	2632	chrome.exe	34
PID 2632 wrote to memory of 2764	2632	chrome.exe	34
PID 2632 wrote to memory of 2764	2632	chrome.exe	34
PID 2632 wrote to memory of 1940	2632	chrome.exe	35
PID 2632 wrote to memory of 1940	2632	chrome.exe	35
PID 2632 wrote to memory of 1940	2632	chrome.exe	35
PID 2632 wrote to memory of 1940	2632	chrome.exe	35
PID 2632 wrote to memory of 1940	2632	chrome.exe	35
PID 2632 wrote to memory of 1940	2632	chrome.exe	35
PID 2632 wrote to memory of 1940	2632	chrome.exe	35
PID 2632 wrote to memory of 1940	2632	chrome.exe	35
PID 2632 wrote to memory of 1940	2632	chrome.exe	35
PID 2632 wrote to memory of 1940	2632	chrome.exe	35
PID 2632 wrote to memory of 1940	2632	chrome.exe	35
PID 2632 wrote to memory of 1940	2632	chrome.exe	35
PID 2632 wrote to memory of 1940	2632	chrome.exe	35
PID 2632 wrote to memory of 1940	2632	chrome.exe	35
PID 2632 wrote to memory of 1940	2632	chrome.exe	35
PID 2632 wrote to memory of 1940	2632	chrome.exe	35
PID 2632 wrote to memory of 1940	2632	chrome.exe	35
PID 2632 wrote to memory of 1940	2632	chrome.exe	35
PID 2632 wrote to memory of 1940	2632	chrome.exe	35

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,"C:\Users\Admin\AppData\Local\Temp\mirage 1.16 v.0.2.zip"
1⤵
PID:2976

C:\Windows\explorer.exe
"C:\Windows\explorer.exe"
1⤵
PID:2304

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef5849758,0x7fef5849768,0x7fef5849778
  2⤵
  PID:2996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=284 --field-trial-handle=1208,i,7729664894607729329,4759973439585077728,131072 /prefetch:2
  2⤵
  PID:2840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1496 --field-trial-handle=1208,i,7729664894607729329,4759973439585077728,131072 /prefetch:8
  2⤵
  PID:2764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1568 --field-trial-handle=1208,i,7729664894607729329,4759973439585077728,131072 /prefetch:8
  2⤵
  PID:1940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2116 --field-trial-handle=1208,i,7729664894607729329,4759973439585077728,131072 /prefetch:1
  2⤵
  PID:1928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2128 --field-trial-handle=1208,i,7729664894607729329,4759973439585077728,131072 /prefetch:1
  2⤵
  PID:2704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=284 --field-trial-handle=1208,i,7729664894607729329,4759973439585077728,131072 /prefetch:2
  2⤵
  PID:1868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1440 --field-trial-handle=1208,i,7729664894607729329,4759973439585077728,131072 /prefetch:1
  2⤵
  PID:1136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3312 --field-trial-handle=1208,i,7729664894607729329,4759973439585077728,131072 /prefetch:8
  2⤵
  PID:1788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3580 --field-trial-handle=1208,i,7729664894607729329,4759973439585077728,131072 /prefetch:8
  2⤵
  PID:1252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3668 --field-trial-handle=1208,i,7729664894607729329,4759973439585077728,131072 /prefetch:8
  2⤵
  PID:2320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3720 --field-trial-handle=1208,i,7729664894607729329,4759973439585077728,131072 /prefetch:1
  2⤵
  PID:988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3904 --field-trial-handle=1208,i,7729664894607729329,4759973439585077728,131072 /prefetch:1
  2⤵
  PID:1876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3420 --field-trial-handle=1208,i,7729664894607729329,4759973439585077728,131072 /prefetch:1
  2⤵
  PID:2412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3968 --field-trial-handle=1208,i,7729664894607729329,4759973439585077728,131072 /prefetch:1
  2⤵
  PID:2604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=1272 --field-trial-handle=1208,i,7729664894607729329,4759973439585077728,131072 /prefetch:1
  2⤵
  PID:2300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3180 --field-trial-handle=1208,i,7729664894607729329,4759973439585077728,131072 /prefetch:1
  2⤵
  PID:2120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=876 --field-trial-handle=1208,i,7729664894607729329,4759973439585077728,131072 /prefetch:1
  2⤵
  PID:2580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=2428 --field-trial-handle=1208,i,7729664894607729329,4759973439585077728,131072 /prefetch:1
  2⤵
  PID:2324

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2504

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
69KB

MD5
0ed8278b11742681d994e5f5b44b8d3d

SHA1
28711624d01da8dbd0aa4aad8629d5b0f703441e

SHA256
354730711c3ca9845bf98ec5dfb58a16e50984f9edcf0e8f432742326334f8a2

SHA512
d296ab1f1b418b125f09598ca6645d984a1cf67092a914956b8879d285ee35521b408363b47da195de79086e3be3ed9b1709bc8f9cd2e32d5dccb720a010bc8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
326KB

MD5
f04cc7d5ee9150a73ba2eac920e78841

SHA1
92b4c0ad93889f3d1e851b83e0fd027caca10d59

SHA256
1a87118c3d118dade65324586a2930cf11fb929362f9612cc93f875c67e2c4bd

SHA512
52b1a050e6da4c57cba4623dd225844d83d9a47e4cb1f5512e4aa1365537022bbb0b9b3217465c258facf576b4706e577a83078f2fa71b4442a4a7624ac1fdab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
133KB

MD5
da1d252e947bce39c6b4fc3270383195

SHA1
f6e8fcd9d63683e56e457bbf1dfbd684586382fc

SHA256
28ac23c8020d600a3141888b982e3061d34aeaad83fe5993d8e61cf2a70b7bd4

SHA512
320539f5ec40d9bf31f6b9b7c1c99f6c644937060c5f29726b6719f2ff5d2043d237ddcbf4be20055e9b13673fc0e4e025d172bcd51495caf65ca57a689e2eb4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
46KB

MD5
b4e4c40ba1b021933f86142b1010c253

SHA1
8901690b1040e46b360f7b39ecb9f9e342bd20af

SHA256
a1ad4fde10e0f378aeeb97ec0aaa27bbdba9ed434a0334052f0230e09fd891ae

SHA512
452cbfc40d99d69d65271ab7a6fb62c87d123813fe20898d13b938c13d54efb2e33eb04e165f18e9e91b6a0d02b3282b8e3bf2b8c65efaa974022d14c07bcfd4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

Filesize
19KB

MD5
16c0a2c82dc0ab50f23123f7ecb11f51

SHA1
fbaef7794f352126af25aedaa99f1bc22d131f71

SHA256
5749a98e9383a271b4f6cac8caefea4d86a6b40e203a750d45fda652e167583d

SHA512
0bf3c5458b647601a1f28c194ac1bcc424ecdeba91871fab9178e8daf1fdf2ee956ba55bbf61b3cd2f54cb1ca008dc894e6a54730f5caf754c61d9ba20da8244

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
250KB

MD5
bd14912abd74ec0405f0bc99a8c1be5a

SHA1
2fc68e96566fa6f6b1d8e952dda975ae909d402f

SHA256
6607b4c497019eb147df51bfcad2c093a752a2e2de91d83d04a8cd73ccd48dc0

SHA512
d6555d36dc505d828c2300dfe47c99ff655b628c5b60810f79519d7d7d59d6d2c1363cadc35d0161317f57715b77981b3da7e9345e67c35f3e37815eaa7c58d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

Filesize
95KB

MD5
0f978383950b924d31b77aad56c0ae79

SHA1
4481f7635c1cf3d98c542542d0106cfe498446e1

SHA256
afca43c7931d9ddc33882d9a079772bddced944debbf84143192c4eea3292c77

SHA512
b8ffaaf2d63b9582ec4917e970b2033989bd414b9bbf2b9d3b5359aa4a8a15cd3206e556514483e511df2433adab4c8cef9b8a251e2fb942fe4e7d846fdf936f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

Filesize
164KB

MD5
e8dfc02c3b5c396653186462aff7813a

SHA1
971e133e0b51f4705f742f4dd313d126e1cb9577

SHA256
c5ee5227dfd80d24aab357543306142afa8823fcfa205d4fb2b3e0f1533df79e

SHA512
9d8239db7777eadde43916b139a36dadbf6c5ad4c9408abf9fa4a10f588e9514c4c4512beef19552c3d3dec602ff8cef6764cce863283b1a1f5c8f6c14a7e841

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

Filesize
800KB

MD5
f941c2c08f149ec278a55f7db3bdfee7

SHA1
24b15cb166be8be824361ba53180cdb1d292af9e

SHA256
0f6c0b2a6d8a24a748eb606d40d97cebe53b9a8dd07c65ad07cc8e2ae190cbe0

SHA512
64b7d47cd96af8ee27036de1ef430372e4950a9b75d0b2ea6d040e941fa22cbe515f8a2dcea6415eb129fa00b6f277ad51cf376e82ef2256aad78d04707dc75d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

Filesize
223KB

MD5
3821f1b4914613cd8e3f6b2be9f5595e

SHA1
01690474cd1340ee26ba3b32755d138a718f1b92

SHA256
f20484e43fffb76f528523ccfa33595e7a47b8bba7d19672e50a36d7c95e589f

SHA512
d216f7c8cf10ef97197de0f8f9cf879a15588442b3769124b2fcc5739eb6e78e2d3f5ea8054742aeaadf5f8ce5fd573dc9c2b8a6c25d0cb8fcc2490db749bab3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

Filesize
42KB

MD5
ec7ce309f9f6c41b6f91187c7c7726e7

SHA1
22355398914d18888b25a0730cb6d81cb98a47f3

SHA256
2065d961beeba6302d62a919bf974a0864ee3fcaa38ed8aeeed6c4f36672fbf7

SHA512
7d848890b10a865d48966984142185c081ba22cc888a5be615b795c3851372ddd1ac28473de7168436695971c3178a05d9220dfe680849385a208b2105a9728e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

Filesize
32KB

MD5
94fd864eff41d2466c55e3d0d47e92c7

SHA1
2c8ab5e8d1ac7f09af3c09de7575f8ad55706094

SHA256
b7b245e311013279605a274aacf18e2f9314ea6c275aa4c54f7676c63f9b9248

SHA512
4e1f2656222174c5442a5af47a63bc56acb71d8f34809aec6f33e15f6e15d6e8e81f72a8aff925c09bc2d4a0d9f55b408d7d8dcb7ec01519e431a3dd28e1f682

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf7699ef.TMP

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG.old

Filesize
250B

MD5
714a3d4c9664ab9bf8de2f17b1cd1f6f

SHA1
8721bfc4c651717003bacb893b8701f27a2ebebf

SHA256
d68671c854a0c2a9ef2b3df416393c6eb628ffb8ce846be6b7bb5e5442566271

SHA512
ed6c579dc611954541ef99f654de6122c155ee31282aa7c96d564f16fe65599acc87ad733b5465d46a02a659fbff3c5b5fb4d133fb37020eab8602a25cae2a82

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
c4a13b17acf9315bda2bd09565a09b91

SHA1
0540c9898376f74bc8b09bb3f184ccbefc214f5e

SHA256
70549fe5a422947148be8c5596f21c051af3d9c3772500e02bf777dc203dec61

SHA512
2a3895d21409ca4df73971a020fbe373bcd6d35ddf72d7f716e5efc28781bc20e9f36d74dfeb25fe4dc9f9a47ff8c9c1b63bb068f1aff8287d60f3f72a8368b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
691B

MD5
a0b9ceead0ad0d93e202dd22a931f554

SHA1
b834008b6a8fd5623aa0c0a0178f57e6df4034ca

SHA256
f136dc3bb5dcec666feaa4e3863d22ac2a85251cb3e87f5b0a5e3ebf0dd91cc9

SHA512
973685fe140118f35b4b6382dfd801a7d9990d1f92b8af94be5638004728927b64780412a7aafdda8144042127000877d7d3008a84022c1adcdc9dad07d45b75

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
691B

MD5
85fe1f569daf127bacb301f3dc3b8fd4

SHA1
fc6b79b91c1088ddda4cb7e649da4362d9427dd2

SHA256
bbaccfaed48002e16f452c14e1135dd0c20acfac81828572ac0591c0c7f3ca90

SHA512
0bec6add3e4035aff7e758fcb12264e8298abe1acf1ae64a3bf5faa6b83081f4d69a74c2ac3596656f328ed92d686e26b77589992d80b29370634d5d847c1667

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
691B

MD5
75413492a80b35d00ab9367de0d3d3e9

SHA1
03be2fdc6df687bb196e7ce81391a113ea712d78

SHA256
d2e5cb83f4a29a5dbd3d9f11cbf0a14ce249a8c54c7ef64dd05542de3557593c

SHA512
fe862b8d8ee22caa5ec079716cb0963f2d208535e3900f28053fff117926de0e733b11e7f3d3b075e6deb96255a6eed65c2002dfe053df43c96e39d72eeb6307

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
691B

MD5
2bbe72e8c3fb5f58995cf5cfed6d1726

SHA1
813c0d1760ac66d17186ff05f4a8fc6b19b21c52

SHA256
f9c617314403a343e3c92e6d669b983123b8c94a654446fa85a3bb0477ba939b

SHA512
eef31b65a8e4bebeffca2547bc35b76de04d025c91ba305ded93cb1c962a6d2523935e9c11ee84589c741e33edc9dcdf7433e24ad325f731430c73dfd6ed213b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
527B

MD5
fe81cc525646181ec469cd2997be978f

SHA1
aaaccc00dac7a8d29415473f124b41e92545bd94

SHA256
3be4e1cfd3920607ac7a3f2da6abec80da5b0dcdb690c9e6dd6aa33392b84484

SHA512
9991fc6605978965d81ca45783af5e9e41dec3fc4f4f26487b993b7f7471b9751eb07614d8e3c8c9a1d94033dbe2cb2feebed078dba168c893cd1622228562f4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
210ca9ccd0a1ba07abf78b1e564675d1

SHA1
a0b7c687fdc76e9667e83a1614dbd429edec7683

SHA256
8af0d453dd3e2903a521cfcded0bbe70bb546baff863edc63349498ec32e439d

SHA512
365f36f1c954af37cb3640653b339524906c50f004d773ab74117514200d07388ab3cd5f2d4b459634751e4b84971ffe4d5547d86aad7acf85278107feb89d38

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a860671786b06eb0e68dd2b6b3b29566

SHA1
b27aef9bc5b82a2d4f03aa0265a47430d7d35fa4

SHA256
7f4cac3ec2da2370d406549fa911e8301f1b7798dc0554f279fc5b7f3b9b279d

SHA512
748561f18d384fa2a6966166d31ff4e28eb9bc265e9585878bc59142cd9201a6ae4da714d7783317e39a1b0295ff5bdc4766b2beb6138f392b94648dbc959e0b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a9136d19596028f2e590d7cf8bbd2a8e

SHA1
dce9aaeb713975898a25f9ad3be7006be93151b3

SHA256
b9b30b210e6c504dc2c63445424442722caabb2eb208e466a0e0159b9c0633fe

SHA512
c6736218c300a0ea881bd716a72d474037f770ba1c9721f4db5b5c261c8a7a15985b603d38d8cf8de37d3c993d317d8c3d3b479a33c05b2ca9238194dec89f6d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
42664e61332caad138d7ae0b35ea6274

SHA1
5f22ba139b41e51d48560bf27acba34e033bafa4

SHA256
6d4b15e1d6cb196ddb91f3db79187c88378c437d639e7030fc5ca1e66948ea42

SHA512
cfb1cae8767c73b6562de6be37bd51656a56e2ab7519912675af10108b097bc01e30e74a2ac3e93a8b3d2bc7bf9c1f35ac824e5e23e41b9601d64c3ca5e6eac3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
e4b97b412e1f66b3c02dbb389d7bbdcc

SHA1
b3a9f5b9ae7561c991e6b88dcc90fd085f6c9215

SHA256
e55f89d4f0fb95496717a819010432f91169fe491f0f6d0f3bf36eacaff9cabe

SHA512
bd41c177d921c6cb4ef50aa1a67742c1b341904bea771e675ce6985e007b276454b87734e65b1bba12e44845d80a132364f053eab6da6940ec3e004ed379ffef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
552caedab0e8887050d8aa28ff1d6b0d

SHA1
fbab66b2badd1420a38ff01ed63f5d035e6deba9

SHA256
c85fde7f9966cfe272e8ddebe1e74b2bc275c1aae299891ebb9d02ee716a0be9

SHA512
7ef2c08b16160dcafe0500f755c9284da302e4fbd4888c0f2d1801e599a2dcede3d5e3a1d4cc5345aba9884a9c4dd1c673710304b6ff46c9f5ffaf473fc8f6bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
49c007fa6ae4c46060198b59782c7bd8

SHA1
73247885271010abef959dcf2207f5ade01e71ff

SHA256
b21c7c216e36d1b040811b345924a52da7f7d90a430261b6f10a6429a171b4c6

SHA512
e7b5989cf9654acc6a00587b791044c57b6f64d5e6026fb099c7edb171320162a8e58efc1b30f3d4e71b1ed3c9d4ee5af9ca000374bf7ecd9e85cb240178ec1f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
a903cef42c025d41c408edd6ea6ddcba

SHA1
4bbbc0bbd38cc5ee09797bc79d7ea163f2ab849c

SHA256
cc2a01db98b30185be5bd23a52ccff2bcadb891cfa87e1fc291de17f69a7ca2c

SHA512
a58d4c4de9f852e937cbcfb0685cc1dcbd1441fc59553a31e2a21d5b1d7bb8b249cbcd9ffd9f6f8219baf12f9e135c723b7490bd170bada4857f4133292c41c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
271KB

MD5
c0055a3d955e9afabc99661909384159

SHA1
b9f456db4501be430f5b6e487baf6dedfc00e5ab

SHA256
626dfb301d4b870f941200c742baaa0cfa566923c9eb4d4c3cb09e9002726579

SHA512
49a8db96e5a4c8592354480f6d96b33fd4dd669e637bf5f12e35cb884638a1ec5e62fc28cd2dd6ba481ef14dc70973ba1c1ffe2febe28f8c5327dbf01960b605

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\e047d7dd-0214-405d-99dd-4a7b93f4311d.tmp

Filesize
271KB

MD5
b26046f2897c9413905030d7c40a147c

SHA1
6c2e25be9dc00563b8f6f4e876ee6f07e99bee10

SHA256
bd7177f2259132113f755e6de99e6646bc4d24ebf561eab5dd30b4fcd998657c

SHA512
13d092e74e38b575fd513fcb219790c5a59d1bb0dd1e6e33291004ccca4a596fa48da295c05396d7f1fa7ac77d5b2f1f6bb851aeec010a6772acf2dd1e4ceb74

Download Submit