aaeacdad0b4deeca11e7fd50de536f48d12541be370b0a3347bb6160cbc65def

Analysis

max time kernel
149s
max time network
151s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
25/05/2024, 20:26

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

hud(2) (1).json
Size

3KB
MD5

92b8741f200d9a5884f30dcc8731dd8d
SHA1

00acb19ab4af0b9ccb35cb21c85a8d0fcf28573c
SHA256

aaeacdad0b4deeca11e7fd50de536f48d12541be370b0a3347bb6160cbc65def
SHA512

df4570d9c9d4caafb2ccde6ace3cd14d9bf35916384ce23215bb1f870ec34da3bb147c0627b0ae0cc27a347c69e17b982b06ce044ca204354852e7e14d8ad6b2

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133611424314727904"	chrome.exe

Modifies registry class 12 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\json_auto_file	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings	cmd.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\.json	OpenWith.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\.json\ = "json_auto_file"	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\json_auto_file\shell\edit	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\json_auto_file\shell	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\json_auto_file\shell\edit\command	OpenWith.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\json_auto_file\shell\edit\command\ = "%SystemRoot%\\system32\\NOTEPAD.EXE %1"	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\json_auto_file\shell\open	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\json_auto_file\shell\open\command	OpenWith.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\json_auto_file\shell\open\command\ = "%SystemRoot%\\system32\\NOTEPAD.EXE %1"	OpenWith.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2120	chrome.exe
2120	chrome.exe
2984	chrome.exe
2984	chrome.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
4716	OpenWith.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs

pid	Process
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe

Suspicious use of SetWindowsHookEx 25 IoCs

pid	Process
4716	OpenWith.exe
4716	OpenWith.exe
4716	OpenWith.exe
4716	OpenWith.exe
4716	OpenWith.exe
4716	OpenWith.exe
4716	OpenWith.exe
4716	OpenWith.exe
4716	OpenWith.exe
4716	OpenWith.exe
4716	OpenWith.exe
4716	OpenWith.exe
4716	OpenWith.exe
4716	OpenWith.exe
4716	OpenWith.exe
4716	OpenWith.exe
4716	OpenWith.exe
4716	OpenWith.exe
4716	OpenWith.exe
4716	OpenWith.exe
4716	OpenWith.exe
4716	OpenWith.exe
4716	OpenWith.exe
4716	OpenWith.exe
4716	OpenWith.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4716 wrote to memory of 3580	4716	OpenWith.exe	74
PID 4716 wrote to memory of 3580	4716	OpenWith.exe	74
PID 2120 wrote to memory of 2224	2120	chrome.exe	78
PID 2120 wrote to memory of 2224	2120	chrome.exe	78
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4228	2120	chrome.exe	80
PID 2120 wrote to memory of 4064	2120	chrome.exe	81
PID 2120 wrote to memory of 4064	2120	chrome.exe	81
PID 2120 wrote to memory of 5116	2120	chrome.exe	82
PID 2120 wrote to memory of 5116	2120	chrome.exe	82
PID 2120 wrote to memory of 5116	2120	chrome.exe	82
PID 2120 wrote to memory of 5116	2120	chrome.exe	82
PID 2120 wrote to memory of 5116	2120	chrome.exe	82
PID 2120 wrote to memory of 5116	2120	chrome.exe	82
PID 2120 wrote to memory of 5116	2120	chrome.exe	82
PID 2120 wrote to memory of 5116	2120	chrome.exe	82
PID 2120 wrote to memory of 5116	2120	chrome.exe	82
PID 2120 wrote to memory of 5116	2120	chrome.exe	82
PID 2120 wrote to memory of 5116	2120	chrome.exe	82
PID 2120 wrote to memory of 5116	2120	chrome.exe	82
PID 2120 wrote to memory of 5116	2120	chrome.exe	82
PID 2120 wrote to memory of 5116	2120	chrome.exe	82
PID 2120 wrote to memory of 5116	2120	chrome.exe	82
PID 2120 wrote to memory of 5116	2120	chrome.exe	82
PID 2120 wrote to memory of 5116	2120	chrome.exe	82
PID 2120 wrote to memory of 5116	2120	chrome.exe	82
PID 2120 wrote to memory of 5116	2120	chrome.exe	82
PID 2120 wrote to memory of 5116	2120	chrome.exe	82

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\hud(2) (1).json"
1⤵
- Modifies registry class
PID:380

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:4716
- C:\Windows\system32\NOTEPAD.EXE
  "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\hud(2) (1).json
  2⤵
  PID:3580

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffb5d689758,0x7ffb5d689768,0x7ffb5d689778
  2⤵
  PID:2224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1656 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:2
  2⤵
  PID:4228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1816 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:8
  2⤵
  PID:4064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2112 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:8
  2⤵
  PID:5116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2944 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:1
  2⤵
  PID:3956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2952 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:1
  2⤵
  PID:4364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4528 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:1
  2⤵
  PID:2844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4712 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:8
  2⤵
  PID:3180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4020 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:8
  2⤵
  PID:4704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4816 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:1
  2⤵
  PID:4788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3604 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:1
  2⤵
  PID:3372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5108 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:1
  2⤵
  PID:4628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3124 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:1
  2⤵
  PID:192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4000 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:8
  2⤵
  PID:1540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5192 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:8
  2⤵
  PID:4012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4456 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:8
  2⤵
  PID:4680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5552 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:8
  2⤵
  PID:3956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5680 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:8
  2⤵
  PID:2716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=6080 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:1
  2⤵
  PID:3544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1540 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:8
  2⤵
  PID:1456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5752 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:1
  2⤵
  PID:4072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4824 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:8
  2⤵
  PID:4540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=4844 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:1
  2⤵
  PID:4376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=6040 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:1
  2⤵
  PID:4916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5820 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:8
  2⤵
  PID:1592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=5592 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:1
  2⤵
  PID:2864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=5864 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:1
  2⤵
  PID:3216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6564 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:8
  2⤵
  PID:2032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6216 --field-trial-handle=1864,i,7928784403843742757,14242759458414670500,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2984

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1924

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x32c
1⤵
PID:348

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
69KB

MD5
0ed8278b11742681d994e5f5b44b8d3d

SHA1
28711624d01da8dbd0aa4aad8629d5b0f703441e

SHA256
354730711c3ca9845bf98ec5dfb58a16e50984f9edcf0e8f432742326334f8a2

SHA512
d296ab1f1b418b125f09598ca6645d984a1cf67092a914956b8879d285ee35521b408363b47da195de79086e3be3ed9b1709bc8f9cd2e32d5dccb720a010bc8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
250KB

MD5
a92fa19d302accbec7dc4b94ed02fc90

SHA1
cb258fa62b1ca97da91ea2abb4d0abf165c59426

SHA256
a5f80eee141c0f9e7dfd9a156e3e45dd9f5ec1573473380ec64b8fab3c2dca9d

SHA512
756dc062c236a101b4afc742078d472566a3c2fded5851d3e2e42db3d8b71c4ec29e22b6610fd383a535ba75009164e6905581be7ec763f44cb924ca8c29ae01

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
164KB

MD5
e8dfc02c3b5c396653186462aff7813a

SHA1
971e133e0b51f4705f742f4dd313d126e1cb9577

SHA256
c5ee5227dfd80d24aab357543306142afa8823fcfa205d4fb2b3e0f1533df79e

SHA512
9d8239db7777eadde43916b139a36dadbf6c5ad4c9408abf9fa4a10f588e9514c4c4512beef19552c3d3dec602ff8cef6764cce863283b1a1f5c8f6c14a7e841

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

Filesize
223KB

MD5
3821f1b4914613cd8e3f6b2be9f5595e

SHA1
01690474cd1340ee26ba3b32755d138a718f1b92

SHA256
f20484e43fffb76f528523ccfa33595e7a47b8bba7d19672e50a36d7c95e589f

SHA512
d216f7c8cf10ef97197de0f8f9cf879a15588442b3769124b2fcc5739eb6e78e2d3f5ea8054742aeaadf5f8ce5fd573dc9c2b8a6c25d0cb8fcc2490db749bab3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
42KB

MD5
ec7ce309f9f6c41b6f91187c7c7726e7

SHA1
22355398914d18888b25a0730cb6d81cb98a47f3

SHA256
2065d961beeba6302d62a919bf974a0864ee3fcaa38ed8aeeed6c4f36672fbf7

SHA512
7d848890b10a865d48966984142185c081ba22cc888a5be615b795c3851372ddd1ac28473de7168436695971c3178a05d9220dfe680849385a208b2105a9728e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

Filesize
326KB

MD5
f04cc7d5ee9150a73ba2eac920e78841

SHA1
92b4c0ad93889f3d1e851b83e0fd027caca10d59

SHA256
1a87118c3d118dade65324586a2930cf11fb929362f9612cc93f875c67e2c4bd

SHA512
52b1a050e6da4c57cba4623dd225844d83d9a47e4cb1f5512e4aa1365537022bbb0b9b3217465c258facf576b4706e577a83078f2fa71b4442a4a7624ac1fdab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

Filesize
133KB

MD5
da1d252e947bce39c6b4fc3270383195

SHA1
f6e8fcd9d63683e56e457bbf1dfbd684586382fc

SHA256
28ac23c8020d600a3141888b982e3061d34aeaad83fe5993d8e61cf2a70b7bd4

SHA512
320539f5ec40d9bf31f6b9b7c1c99f6c644937060c5f29726b6719f2ff5d2043d237ddcbf4be20055e9b13673fc0e4e025d172bcd51495caf65ca57a689e2eb4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000034

Filesize
20KB

MD5
216ce7182bdf5ba60f31cdcad91a5a64

SHA1
87718866e421f5bb3b185c9d5a27a33f2a53d66a

SHA256
8e49c830f8b8bdc5cb803b9ffc40fd2bc35c8bf85dc81877028d637806fd49e2

SHA512
cae5205b3c0745950d996f9fe611ea364866640a5b5cfb953a939ee8b461faba2897c11bb6e320b6b195e6e5f5565bfc865c6b6becbef71124c6b05b52bbbbef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003e

Filesize
415KB

MD5
b4f7e6ae432938a9d38a81a455a5a784

SHA1
a06c22220f484023216b1a0ea876f13e4f876d04

SHA256
cd1c20bd1c3e77fc6f6f681775da897a5a7281093aa371825ea05919817acc0e

SHA512
4b27df01efa1a8d7275a894a93e451d1580e69cbaddc9e4357896d430708c4e5129dc9a598965342b76af916876ef8cdc988c52956d172865ee25b0bdd9c765c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000042

Filesize
206KB

MD5
f998b8f6765b4c57936ada0bb2eb4a5a

SHA1
13fb29dc0968838653b8414a125c124023c001df

SHA256
374db366966d7b48782f352c78a0b3670ffec33ed046d931415034d6f93dcfef

SHA512
d340ae61467332f99e4606ef022ff71c9495b9d138a40cc7c58b3206be0d080b25f4e877a811a55f4320db9a7f52e39f88f1aa426ba79fc5e78fc73dacf8c716

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
4e7833bda8d093767796e75e829a15a9

SHA1
90ce40b39c173f98f6c0a3c64e2c1b4a55b7fb37

SHA256
ba8681afe00b39bb9484a112b6c812df0566a90a953bfa2ce7fa0b8f5c0c04ee

SHA512
a2311e6ae936865b703a0902f22f2486856e01f9370bfb746fc63199c1b29908f6dce591178feb759cc724f5eba06d2c52684080e9e01ab2feefd66fd4fe3be2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
d276d77166a7cab2b1ee08aa93dea054

SHA1
1bcc8f28cd493653f815f79d5c94471e4c6b6a39

SHA256
4026aa6056d56624dc26b187607e91074f05410638fcc3a99ecf742b2ebe9317

SHA512
5b38e106cd33785114b49f335252116a35945ce3a584b7f029d0bd546929b772d763862204c2f98885013c869d2900220b9f01422841800cf5b1e6bd1e8e497b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
7KB

MD5
5315dd1cb7ef61daa48c369b50fe5ff8

SHA1
d25fe6d7f72d0b5feea9c4383b6a9964251b742e

SHA256
cd5fff60a2d954cea70cf0dd530e023a1fe96b6616e8e949b26a6bbdd0ef57b3

SHA512
c91d8a6bf250ad1b1574c554d40ef45201d292155ac55c73abe423bed71b44a44f5ad4da3ddc148c7c796c1f855421d87f5d174bed1f6221b0dd66c760880028

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
4c52f791b10d12d4b4890669947d3126

SHA1
02b7e9cf5ad90e02686407ea1124d59c11236113

SHA256
f1c07efaf3fe107110185e048c5e72071815160e9af18e50c114badb95c1055d

SHA512
6dc1bc448df737e8adcfabf7645e512af71cbb7e98f93f87a8fb066d2a3a9bb55854090d912aeeb1203e8d10ee0288845b5f294c1f2c955de385fd63b501bce6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ef6ada313c90213a1bf6c654110d5f2c

SHA1
8edd31429d4129b52f31ad84d53e9756593b5508

SHA256
5e30ec46ff928f18cd1bdf01d6688b8e67e767705c6970b604a28299b9d27cdd

SHA512
999f7b2a6418e3ea3d911798675048371b212a1aecfd09ea5a205a2a42a9564d914cf6fed6329989447859a5218fd78a9c2c8b1895763882f52c134af6d910af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
537B

MD5
2dce499eef48cc5620202d7abff2b703

SHA1
0bb1b8e51709ebd09fbd381748cde7fd4ea50f54

SHA256
78c25e535c0daa27d4c069e05d7ecd6aa99b742c4645b3116ed08fd0cab73572

SHA512
b7d9b11b735989d827ef6165cb45c4708a2e2e4655e3de532d262d326101668ced27d509e3c9be1a0a787eed6a89efced461dc2c0fd9c5eff0f5623e9d73cd0c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
705B

MD5
a99991c3dc8cb1d73ec58028bfb92370

SHA1
6fa051a2c79144131ef6ae77c97847a4d91b6424

SHA256
e0345d159d79c3a9fcada88c1456c9c7823fb56970a0082d6578052ca093bd8b

SHA512
c4cdcce8e29cb330b136bf9df39cb0aaf41b4320ef1c993a2b26f269ba14a3f9363fc8178bb79c07bb13e1e12a73a3aa99be0992642d27de45293450e886b283

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
041e8b0a780bf299a77abf3235b968cb

SHA1
2f6eedf6073cf833885b8715ee70f7a32054b4c2

SHA256
d59751fb46810ee0cdf68ad1a148a7fc7163cfb7e83b5e50c0a428e9c67d7cb3

SHA512
72c943af8dc1589402226080577220653c7fea0aaaed2a81ff9fcbd9339a7cda182c0aeb13a79471f57dfa98eb1d1d17b650ed1418e40560c5ad852246714346

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
96c729b630b0ec0b41b79fe2e87cac23

SHA1
681581bcb4550fc4d4e250e54f170564e1f77b5b

SHA256
e0bc3dfb771eae7fec6404c4ffa5e881acb42d04f835e11dc4096d04a9132c4d

SHA512
71966b10b393ec60986d5f3e389fd282f4e1b34bbbdc2126c4d802d51038a2621056ef21792c39fecf730880172d9182594bfc4822e77ddb3438b0794f23227f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
537B

MD5
b5b177d058f73d6068292a2eca424883

SHA1
36e3599fc8bcc9c50263b12bd575983cb20aec3e

SHA256
25b61e3bac62be3ce01720b77e007e3a3a48e3b0c296a95508177986b845f180

SHA512
758a781aaf40d760bf9978475c40d8dc2f904a37599a588fc6102950b2e51ac5d552d43afc31e0eb0d3a34d03c595d856a32c54224c461cc12bbf840edb0a6b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\e32dfb75-cdbd-4b07-bfd0-7db162810a3e.tmp

Filesize
1KB

MD5
88fcbbf564c9ff02db346e80ada8f8fd

SHA1
5548e3241cadfcd96cd248f2df822ea0417fb4a7

SHA256
80ce21762fb767a3c52d666885e90ea3911a5c022fa6739d6d37385ee707ca51

SHA512
e47c168bdade0a292490d7226b7d2119f05908d10b46af0670f7ceb5275c212d63da08f6ae6593333a5b34dd84c65bd1b0057588fd83f7bd848c3ee6c350376f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
36ed23700ec5b754bb26f92d5a389663

SHA1
c23cf602cfd0de187a7f62a0b5fea052b7bd5c04

SHA256
f5b494f4a6e63cb21026b07ba92c1f58adb298753db3e655d84cc04c002e9cb1

SHA512
5bc674f3b2a8d1a2b25ee463834bcc92db5042181000805963a925c618eb9fa971ef07f373de61cff8c795c153bfa8b777c54c27e001765b812e773f992b7b7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
2aa22ab78b353d8fecc926de75c202b7

SHA1
9de50793ea2b5f36903dca388acdbc2e50a624f1

SHA256
bfd7a05010005125a31d6684850573b1312df61c3c696d0f86b68191875983a4

SHA512
f7f18d4093c0201eafa2002b9cd490812624af91b2925d75fa5c68c32161dc7be074513c58ad13855fa2714b086b9749ffda82c4430b14ca7b60bf881caef5cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
047409901e2b9c9a01029dd9604f4609

SHA1
c5c5276899db3c043a58c3f6c1187e2a283cfcb1

SHA256
1338773ecdd70506f886e1d766bd7f8c5362ef72cf5e4645648b2e461a162084

SHA512
7fd3ffabae16d9d9e667288149a8011c64c2a900cb26d05b8d1c25ce9d541345f81233fee538221ed15c1a89513c3eefd537eaf79dfb8c531f132400298070a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
9fc18545c9494f87bc5059ca0917e535

SHA1
9a93650683bef423550d0f4ad25178fa69d525bd

SHA256
2e978818da8e729a7f90aef9eb36c22c1891b586266d31f86457ca3de8450c94

SHA512
eb1f8abb778befe4ee491f6c0f64175ec4ba85a2ed3aafb48d66b5057aa133968f80df1888cfb4266932cb4db73874186651017a25a1ad086e89a1c8b5b22fea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
3fad6635ad567b525bd76896bebeab93

SHA1
a23e3df0e7d6a18b46fac24a24fefc0f90606786

SHA256
047c16a8d7b0181ef6a2114172aff724df587f173ee9aeb26a0e8a3c8c345532

SHA512
1bb1a17e4b0d0bd9d0711c8ac651e2844dfaf1c05396b402201c4003dc0bf88a38f679eb73f398bb81657e777b4140afc6b4d92dec78fcd52daa0b70f60f4a2c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
12KB

MD5
8428a9591b199eba5cbf169b30103aa3

SHA1
aaa2ed37f6d4b2ba09f94c60d510645efabe8333

SHA256
17b52bd2bd4f2f0ed55c5ec75575a0c7b89ad69fcd9dc485a7f59aa1d5297c2c

SHA512
7663ec22c27c3c7928a8384042e99d5ff7483a4fbcc8a760ed53ae61407711c0be351088c95b09ae5504ccf8a298eda129d7be9f53663c025f7af656b222872e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57b6bd.TMP

Filesize
120B

MD5
ee0398711c7752982cb6d6e3d499b3fc

SHA1
ff2df8486e9a924b78c9828fb68dfa93aad2c726

SHA256
58b54100c4a055b68b192c35dca47c206d97649d7b2d3f268928f3b195c3fcec

SHA512
5d8df3c78f7a1db71eae7298e17378da664a903134bf211492be169457aa3f93a6c43b9e4119cd658460f9bb93012e66297184ba3167221d6e7c5038dcf34fc5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
277KB

MD5
d86630d828600a59b61c61181ee7c987

SHA1
02c67c8f7f961daf870c7f400e6f700152c92f79

SHA256
4aca59240dbe5cababbd9c398c5b1fc8dd22f6622d620075b2e0faec639f56ea

SHA512
43c5ff60ea56769ab5914246ff024f5cde1c136d229dcd69cc411ac623e561892a434b3d54e41e8c01fd05858a0769da4d55b17e29dc0a459437817c865687d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
277KB

MD5
1bc9163e15c9499df75d7d2e36cb23f3

SHA1
ffe42a07ef253d214950f199d290b82e1810e03c

SHA256
f4665b3760342b7a6fdc28f7dfbe1f97999e9cff8536330761bbdfca6c92a8ff

SHA512
5f0b6839d98abb506e81660e74746e11a8cf27421ec93f564b90ffb00ba9d1fffce1ecbb941ae20ddaf69c657055b21ba2a4f59a0abdcd7e2a9335a5e4134b74

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
97KB

MD5
071429c2dd6cc6ee9590bc1710590c23

SHA1
9d477033cbe0168752cdf9af757b715addea6452

SHA256
8fe08bf5a60d07a06adf99aa4c24c8277b3327cc3d9db51183abfb4a699371f8

SHA512
adc9986539514879af0d159ae921df3f26d897251b4ed6bef68c2258623e01e44985533950fed2c390e8f735f64d6e3e69851e6a95a45146c1ba9e17cef3fb94

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
100KB

MD5
8bc1d0e3a33ac9da67722cb35d8ccc27

SHA1
559c4b5c04ce15cad41263a7ad2adc76b3148910

SHA256
a809a130f5488dca5464e6ffb0a4d737c6efb89ea15c9a79a6f08dbaadd65754

SHA512
a89498471751d207c5c2207bf9ba54921775d7ec12c3754a0e71b80879e771e404e2854b35535040a1467e5889861f738007b01ce5a3c6ef0ae6d6c575f30b6b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe584bc9.TMP

Filesize
92KB

MD5
b8cf63b6c026624385c07697ff2fa13e

SHA1
841a17be3e86d802ccddc41593c9af461cc06be2

SHA256
f50e24317d83776bfca48a4ffbe3735e38cea03982015e84af42b784f9d55296

SHA512
2692fed5235188b1c3c0bdc0e9bbe1624f0b22a4548ffc8c2fcd4846c52737aff29acc0ec6c56994a3ebf2a57a84a2ab71f1f69d6a4d3ac4a97a252d7a631ed4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit