hxxp://humana[.]com

Analysis

max time kernel
149s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
27/05/2024, 07:42

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

http://humana.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133612693472103396"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1956	chrome.exe
1956	chrome.exe
4464	chrome.exe
4464	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe
Token: SeShutdownPrivilege	1956	chrome.exe
Token: SeCreatePagefilePrivilege	1956	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe
1956	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1956 wrote to memory of 536	1956	chrome.exe	81
PID 1956 wrote to memory of 536	1956	chrome.exe	81
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 1304	1956	chrome.exe	84
PID 1956 wrote to memory of 4924	1956	chrome.exe	85
PID 1956 wrote to memory of 4924	1956	chrome.exe	85
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86
PID 1956 wrote to memory of 2892	1956	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://humana.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0x9c,0x108,0x7ff84afbab58,0x7ff84afbab68,0x7ff84afbab78
  2⤵
  PID:536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1596 --field-trial-handle=1944,i,8109762256044030439,16357525234405667837,131072 /prefetch:2
  2⤵
  PID:1304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1904 --field-trial-handle=1944,i,8109762256044030439,16357525234405667837,131072 /prefetch:8
  2⤵
  PID:4924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2224 --field-trial-handle=1944,i,8109762256044030439,16357525234405667837,131072 /prefetch:8
  2⤵
  PID:2892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2960 --field-trial-handle=1944,i,8109762256044030439,16357525234405667837,131072 /prefetch:1
  2⤵
  PID:676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2968 --field-trial-handle=1944,i,8109762256044030439,16357525234405667837,131072 /prefetch:1
  2⤵
  PID:3624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4328 --field-trial-handle=1944,i,8109762256044030439,16357525234405667837,131072 /prefetch:1
  2⤵
  PID:5044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4484 --field-trial-handle=1944,i,8109762256044030439,16357525234405667837,131072 /prefetch:1
  2⤵
  PID:4056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4840 --field-trial-handle=1944,i,8109762256044030439,16357525234405667837,131072 /prefetch:1
  2⤵
  PID:1792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5008 --field-trial-handle=1944,i,8109762256044030439,16357525234405667837,131072 /prefetch:1
  2⤵
  PID:588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5196 --field-trial-handle=1944,i,8109762256044030439,16357525234405667837,131072 /prefetch:8
  2⤵
  PID:544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4888 --field-trial-handle=1944,i,8109762256044030439,16357525234405667837,131072 /prefetch:8
  2⤵
  PID:988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5216 --field-trial-handle=1944,i,8109762256044030439,16357525234405667837,131072 /prefetch:1
  2⤵
  PID:3764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1556 --field-trial-handle=1944,i,8109762256044030439,16357525234405667837,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4464

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:376

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
43c06b97b53fa9b9c4bfe0a18f42907e

SHA1
947ed767029232dd3326da806b3ee403fd176bb1

SHA256
72bfbeca3879881af9dc9fd51eda463f4ca966857430d84d6150ddf8969aba4c

SHA512
a213cb81dbe3be3ecd833c3d18fe054215975cc6897162c94d1a07e17040ecc2bae91b4b42d60fd9437dfcdcf75a372650ab6f7e11228ec3d472f87ae6da2995

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.humana.com_0.indexeddb.blob\1\00\6

Filesize
380KB

MD5
09c840db2efeb4f7bd20ccbc24c5f3dd

SHA1
f1d0d940eabba959e68c478e2c846d7dff40438d

SHA256
37744d6baf4609520e4387342413aa010aa55717da63100d8df9a4ba9f7383ce

SHA512
06d6a9270cc260a58f54e6b84f19126c098e8acbff45bf2f594d189d85a2f1eba6ea9af8492b9a055c89af2f38c8d0124644f1d446a3b002adf2572386914293

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\80412519-7d5d-421f-a17d-809db5110bd4.tmp

Filesize
4KB

MD5
8ef208817b6508e33a4f3906e75c7369

SHA1
0546729701fdab15d2ec4b5913e7405e4be3b97e

SHA256
a773e066e608a5c20f6a3acf055351f9b959cc9359576f37f637a58f5e615ada

SHA512
a95c01ca685d900c741ba658a360d88d245d03fcc3c1a23fa4ffd8876942522ea67cb6868b6f85bfdf3d881f544b7e16da54232974d8f403614564c9f5e9ab11

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
95d6c4c1dac625b57bb05ce2f011967d

SHA1
cdc791d2c2cb7e5eb42157bb93f0e44c79748726

SHA256
e0b22b3ed2e6295d40c6eef57c582d45c098da71b88fec7b40fbd8962ac452bd

SHA512
6d2c11c3546ff5bd3e37d67dc53ad82c18fad7bf6e6cc4c99c7077a4d7e68870e24846d1c1b83230f15550eb6f21eef8fc17b3b0b442a00cf0dc88b509f9838e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
bd94552b408c1f66583584962583345c

SHA1
d4e057bb7588e3e004965c097052c73349fac086

SHA256
02a3ad6e0187a89a468d2e4d194099b8e8942a26ecfc9430a3a3c5e6d39ba592

SHA512
87306871007a4796f8c5ae88bd09082f17d5c2d3e3d8387425b9d5a89c488a46e944c2072b2c83accf870f9bf1a52d50660a589c5aa5bbc2b5c91806df167cdc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
9923919570818fc0b35752a074bd1088

SHA1
ecd57ff3636129562fecdfab7c03c12349cfcff5

SHA256
43f6a8951d2f85080b594882ef054426b2a91b21dd0a98f6bfd47e26b048f8e0

SHA512
7c337b2a25f30065955290083d867665666ca62b62db6676e5708109931fdece988824839da056afaf7977796ff3d98ce8aed852e71a419b83a0d25774f21afe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
fa09e0b72a08163964345d02a4c657bb

SHA1
0c9d34b481e000a8e728ae0957c40a61b0dacaec

SHA256
e18297f2d9198e2b97d232c351877945002483ea662c796c30e9bfc8004b9137

SHA512
8eca3cd1473a04b95f971215633c532149a2f87da43ad40e0fc997077a676d8ff323e5cce502e36054742a92063689849346dfdd78fcd6bd75b5c4febd1e692e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
06761823a0eb33f83cd2635825930835

SHA1
69696980b7acf809bbdea6f27c2021b6544d092e

SHA256
d4c11f98ac865d4def57f499cd71a11092868a99c7f50adfd96e13534b6c6405

SHA512
88ec85bba8334c0081bb12ed91c488e0273942ba0a96892da4e1d022027c82a3ed17b6df632b6aeb4f606fbfdd6cd0e93253bbcd5fbf566db44e146b47eec8ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
2c385fdad850e888a2b72804113f48f7

SHA1
9fd4025467f5dd5612bef0523df283eb30854128

SHA256
a5913522459a53264a6398315bd4c6e8b7868d1c3bc71dea5b57ee6d55d73ac4

SHA512
d4903694a06f785bfc9930fe10f6f006ecce3d14c4ddfb58019d9078d41936279afd56566e4f2f18bf01cf4b2a36617031c56ddb836f3dfe0acbbabe3286cd0c

Download Submit