hxxps://ddec1-0-en-ctp[.]trendmicro[.]com/wis/clicktime/v1/query?url=http%3a%2f%2fx4jm1[.]mjt[.]lu%2flnk%2fAVMAAEI7MKQAAchdlUQAARRjPWgAAYCrHYAAnBxZABDFTABmU58sE2870hYmRNq0D5T63fhJWAAQdAw%2f2%2fkdEQiXB4z6TX4rEjJF900w%2faHR0cHM6Ly9kcml2ZS5nb29nbGUuY29tL2ZpbGUvZC8xdXNSSHB3U01xZEVDYzBUdlVKczRsM1B5MlpiMzRXTGgvdmlldz91c3A9c2hhcmluZw&umid=99825c24-4264-48d0-92c8-4adacdcd9ef6&auth=84247b409afe2128671efe0c5790aaffcd4c1d5f-66a7a7dd5d9a9e965733be4b244954bf46e29bd4

Analysis

max time kernel
149s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
27/05/2024, 05:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=http%3a%2f%2fx4jm1.mjt.lu%2flnk%2fAVMAAEI7MKQAAchdlUQAARRjPWgAAYCrHYAAnBxZABDFTABmU58sE2870hYmRNq0D5T63fhJWAAQdAw%2f2%2fkdEQiXB4z6TX4rEjJF900w%2faHR0cHM6Ly9kcml2ZS5nb29nbGUuY29tL2ZpbGUvZC8xdXNSSHB3U01xZEVDYzBUdlVKczRsM1B5MlpiMzRXTGgvdmlldz91c3A9c2hhcmluZw&umid=99825c24-4264-48d0-92c8-4adacdcd9ef6&auth=84247b409afe2128671efe0c5790aaffcd4c1d5f-66a7a7dd5d9a9e965733be4b244954bf46e29bd4

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
12	drive.google.com
14	drive.google.com

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133612631751815227"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
3688	chrome.exe
3688	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe
Token: SeShutdownPrivilege	4424	chrome.exe
Token: SeCreatePagefilePrivilege	4424	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe
4424	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4424 wrote to memory of 1536	4424	chrome.exe	82
PID 4424 wrote to memory of 1536	4424	chrome.exe	82
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 2068	4424	chrome.exe	83
PID 4424 wrote to memory of 684	4424	chrome.exe	84
PID 4424 wrote to memory of 684	4424	chrome.exe	84
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85
PID 4424 wrote to memory of 4960	4424	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=http%3a%2f%2fx4jm1.mjt.lu%2flnk%2fAVMAAEI7MKQAAchdlUQAARRjPWgAAYCrHYAAnBxZABDFTABmU58sE2870hYmRNq0D5T63fhJWAAQdAw%2f2%2fkdEQiXB4z6TX4rEjJF900w%2faHR0cHM6Ly9kcml2ZS5nb29nbGUuY29tL2ZpbGUvZC8xdXNSSHB3U01xZEVDYzBUdlVKczRsM1B5MlpiMzRXTGgvdmlldz91c3A9c2hhcmluZw&umid=99825c24-4264-48d0-92c8-4adacdcd9ef6&auth=84247b409afe2128671efe0c5790aaffcd4c1d5f-66a7a7dd5d9a9e965733be4b244954bf46e29bd4
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc4d68ab58,0x7ffc4d68ab68,0x7ffc4d68ab78
  2⤵
  PID:1536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1696 --field-trial-handle=1928,i,1585986058043621552,16420372732728158377,131072 /prefetch:2
  2⤵
  PID:2068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1928,i,1585986058043621552,16420372732728158377,131072 /prefetch:8
  2⤵
  PID:684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2248 --field-trial-handle=1928,i,1585986058043621552,16420372732728158377,131072 /prefetch:8
  2⤵
  PID:4960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3080 --field-trial-handle=1928,i,1585986058043621552,16420372732728158377,131072 /prefetch:1
  2⤵
  PID:3656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3104 --field-trial-handle=1928,i,1585986058043621552,16420372732728158377,131072 /prefetch:1
  2⤵
  PID:716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4132 --field-trial-handle=1928,i,1585986058043621552,16420372732728158377,131072 /prefetch:1
  2⤵
  PID:4820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3104 --field-trial-handle=1928,i,1585986058043621552,16420372732728158377,131072 /prefetch:1
  2⤵
  PID:4928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4604 --field-trial-handle=1928,i,1585986058043621552,16420372732728158377,131072 /prefetch:8
  2⤵
  PID:1492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4656 --field-trial-handle=1928,i,1585986058043621552,16420372732728158377,131072 /prefetch:8
  2⤵
  PID:2092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4888 --field-trial-handle=1928,i,1585986058043621552,16420372732728158377,131072 /prefetch:8
  2⤵
  PID:1572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4704 --field-trial-handle=1928,i,1585986058043621552,16420372732728158377,131072 /prefetch:8
  2⤵
  PID:3776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4756 --field-trial-handle=1928,i,1585986058043621552,16420372732728158377,131072 /prefetch:8
  2⤵
  PID:1004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1800 --field-trial-handle=1928,i,1585986058043621552,16420372732728158377,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3688

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:3876

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
7a2d7a8df5aca4c4006329156a9aaf13

SHA1
c0739ed26cfc6b9c64bc90ded6578fe5bf241d7e

SHA256
509734afa39742d878ed535d3cc16a96a3b2378d3459f26c797e002202a1c950

SHA512
9966e37152ded8ccf736f6f5f8085bc4e10d8a21aad9efd90e9e4190d6c3a616a6ba5807272a163f409a2dd6efe7c1e887c0f87cef3fc18f069e5b161c3fadfa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
76813f6af7d8f860b516c981060a7416

SHA1
8a64f8ccecd7ea7ad3e0d31a8d8e4839ebfd8c1c

SHA256
caee0566acb3644803fb0c228f08cfadafe68a0c6bbf0e769613574770c7a4c7

SHA512
501809e9e14e03d247e14903339c84620587b29db1e71f36e5da91910db8e9e2c0a3095f503a1b43be54a4efe8fe1d20045aa0054247d58e526f3c5e4e8d9598

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
8dfff2be008975f655d3566bff486d1d

SHA1
d52943a9abb1f0a4f4620ef6c06795c9f7a8641a

SHA256
8453e7a915597378175a7b45d06f60143e8933445d9413819160da1e48f1d485

SHA512
97de2561419aa95220f14e0027e36c7c8dec558d48ed136b5a22081f6013158f0ed5c305f5e86adb95ad6ffd4620f2c0232b52e1b09dfa56b7373e61c4359d19

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
b1a5ce95ff3ec3925507a0df0ae75b41

SHA1
3f2eda5df433e6aa93552d6a26708ef7c0a0c4a3

SHA256
d8a0e615e25108c5839b7fe82d295ebf788ce036b50c37e7c6c27bdd70e62e39

SHA512
d4fd4708a3aea460d77c552598a85b7ef596d3748328c34066e7ef3c04b2cce145b12438fc49a6739f0e3124115a9e087afabaa9483e5ad40f174a7290abbf99

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1016B

MD5
6d6841e83982a9bc401284706a272da1

SHA1
cc138ac26ed84a356fd046047cd163f6dae885f5

SHA256
55a6c4439f61c82133369a134bc925caa9048fe08152c973b9188630050327dd

SHA512
6d44a86cba145942cfcf2351a0434fcc10db53b8a701f73c63f627a0f7fcedc20942d37f7ed167acbf718a64f6d4775702474c7ba55ad6223c81ab023dfdf3c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1016B

MD5
ec7bd514c5325765a3327fc8e97e22f1

SHA1
c7efb9add8ea6a89ed777a1b04b33325c5195d3d

SHA256
796b4545e251f9b409ea53c05c68fb0f5b09db0dcd57405114f9f6fe936aeef3

SHA512
d366a01e75fd89d1714bb8a41ef37df3abac4d6b5cd6b2654e785fec4b2987f8ef3d8f0ef4d54ffdd88ea790643f91792c85d51f090f086f6b25f9fad96ccc95

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
510135d5ec89bb357d3fad285173958a

SHA1
02b8703d4d6dc64cf06661796d7e66412a73b9ce

SHA256
8566663c07f1ba13f4405bbb142560f09e407e274f6598702df23b66633c1953

SHA512
5fe01e9e003f74193a245143d8eb4d9c4c81b62c72cb0772a85dcc703a980e3230ba4bf546370de406e06b81a7754239903f0e3eb48f7059f2d7ff3d870d7fe5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
648c3dc30a100de88e49d30d0ef44141

SHA1
0dae0d48f6df0ca4cd37ba1ec8f8b70abd0759b0

SHA256
974db5311da6c65dc211a59ea1f01048edde91f40de06d527f10345d352ea86a

SHA512
94588b8b8c5606d46f6a409736aeae4e3cc6a64328264bf2b41cc2b9d87b4dab880b3fd108c611e26654b7caec4edc205f4051db25743828503b04dcf39cbf66

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
257KB

MD5
3dfcc5cf832cef008b0c34e75ada104b

SHA1
640138bc16d717fc1270f0d21a5d835cbbe78bd8

SHA256
22d9b3f8a0e59d579a6774c391b4fb7e6f850f6fff8770fb9faf41f7617d068f

SHA512
e1dbda0a50d8ed3ac4db76f84fbb89cc3c5bede633eab8ae0ebfe8b9f9407f2cf58a4a7abdff9de8bf6a819b8c56096f0fa4778a5021ee1163979fdac6f94f8d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
257KB

MD5
513cd28d5862d8772403ef64628bde09

SHA1
b247c031cca54807450eabf091f58ce6bbdb6d4b

SHA256
dec05f0897cc69d572e45dc18eec59a302ba8927647467bd63836ab024b54443

SHA512
72dfb188ec0e4db38a9a274d2f948eba6c9568923c2381d50ed698fe65dfa9f8b70efa87ab10c1a9ffeb8cb46691c0af4e7df6a4431b9bf50a88decbb24bc106

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
257KB

MD5
4a311e3237b93b1bb1eb51b1e34ef692

SHA1
9cf553c1b25f4b2eceb91d7f386c9eb834453320

SHA256
1e209d935543df4bee4fe849f2a1c3c5e37ceff311a3ca27afd45486d34c2494

SHA512
24b40750005ee5996f8af009b0ec5f4fe7227dcc819288a19f9bb04f853b801b42200cf9ffe95ec9448234d7840289e3ebd63b75dfbcdac382ab5022059339ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
277KB

MD5
36081158a15b0773f89cf62cb8aae0b4

SHA1
b96c79c4391bea243ab2000ec2359bd93bc05cb2

SHA256
97152caa5147f60c805f799a85de4157351633f61aa99e77862e9c2cec58c5ee

SHA512
35be4d6ee81ff53fe1a722bda60fe63e1ecd190757f31cb4b84f7ced3127a07efbdd54a4be769c258ef058d0159ba9e293e9bdb05c34b97946313328a7c4a071

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
91KB

MD5
3e100aa5c1407267c455e0872d85011c

SHA1
51734e984aecd9732a5ed9988fdc3d40b0bb6f7f

SHA256
5e7f970b5ba8f94b1d55fc32769feeed46910f5e20fe1118700f9b1d8f1faf11

SHA512
1ea68659b74e03d19efac1a72a172214d77d8d6334e431143fba654ce1d6651dba7a80996e85661e06ec1ded90e35e0252c56701873216c3c11a8386fc9e94d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57f51e.TMP

Filesize
88KB

MD5
2018fe138f93faa4f8fac1fbe787fce8

SHA1
1e6f71b02f150c4bd3f71512263cf6a9507278f1

SHA256
90f915242c57bb9f7be20295c4149fc5c1e77c0d7432ca9a24152555b2845386

SHA512
24c8807826a70080ce038731be78cebadd0cf720dcc60fd6fb24d906991be1d9d9fbf16c5371768dd0178ea5271ea9ff87744db7a90158d8067c844fc6caba00

Download Submit