9e1311d48d21c98d6849502ec3c95458bce047b77ddd5477aff7e82e02ec1407

Resubmissions

27/05/2024, 13:51

240527-q52k1sef3s 7

27/05/2024, 13:50

240527-q5kx9sfg35 1

Analysis

max time kernel
9s
max time network
26s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
27/05/2024, 13:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

osumaple
Size

248KB
MD5

fb250175faed3a3c2da7700c1046f5db
SHA1

a252d97ba23dfce73d5a10bf024698f1e54cda8f
SHA256

9e1311d48d21c98d6849502ec3c95458bce047b77ddd5477aff7e82e02ec1407
SHA512

68904c500a95cdefba0cba30b348af4cf87fca15843fe172bd57c904adfd06a3db5f7f774afe3632b4a71f61db70961c81ffa68e7b6a2c829a42d8d8f42c48c6
SSDEEP

6144:sCoGV2n9ddKM2vkm0aWyRv3Q9OvZJT3CqbMrhryfQNRPaCieMjAkvCJv1Vi0Z+3T:doGV2n9ddKM2vkm0aWyRv3Q9OvZJT3C6

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1600	chrome.exe
1600	chrome.exe

Suspicious use of AdjustPrivilegeToken 8 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1600 wrote to memory of 2892	1600	chrome.exe	30
PID 1600 wrote to memory of 2892	1600	chrome.exe	30
PID 1600 wrote to memory of 2892	1600	chrome.exe	30
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2560	1600	chrome.exe	32
PID 1600 wrote to memory of 2764	1600	chrome.exe	33
PID 1600 wrote to memory of 2764	1600	chrome.exe	33
PID 1600 wrote to memory of 2764	1600	chrome.exe	33
PID 1600 wrote to memory of 2860	1600	chrome.exe	34
PID 1600 wrote to memory of 2860	1600	chrome.exe	34
PID 1600 wrote to memory of 2860	1600	chrome.exe	34
PID 1600 wrote to memory of 2860	1600	chrome.exe	34
PID 1600 wrote to memory of 2860	1600	chrome.exe	34
PID 1600 wrote to memory of 2860	1600	chrome.exe	34
PID 1600 wrote to memory of 2860	1600	chrome.exe	34
PID 1600 wrote to memory of 2860	1600	chrome.exe	34
PID 1600 wrote to memory of 2860	1600	chrome.exe	34
PID 1600 wrote to memory of 2860	1600	chrome.exe	34
PID 1600 wrote to memory of 2860	1600	chrome.exe	34
PID 1600 wrote to memory of 2860	1600	chrome.exe	34
PID 1600 wrote to memory of 2860	1600	chrome.exe	34
PID 1600 wrote to memory of 2860	1600	chrome.exe	34
PID 1600 wrote to memory of 2860	1600	chrome.exe	34
PID 1600 wrote to memory of 2860	1600	chrome.exe	34
PID 1600 wrote to memory of 2860	1600	chrome.exe	34
PID 1600 wrote to memory of 2860	1600	chrome.exe	34
PID 1600 wrote to memory of 2860	1600	chrome.exe	34

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\osumaple
1⤵
PID:1720

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7209758,0x7fef7209768,0x7fef7209778
  2⤵
  PID:2892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1180 --field-trial-handle=1396,i,17391782427368528950,2180989594718067756,131072 /prefetch:2
  2⤵
  PID:2560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1532 --field-trial-handle=1396,i,17391782427368528950,2180989594718067756,131072 /prefetch:8
  2⤵
  PID:2764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1652 --field-trial-handle=1396,i,17391782427368528950,2180989594718067756,131072 /prefetch:8
  2⤵
  PID:2860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2120 --field-trial-handle=1396,i,17391782427368528950,2180989594718067756,131072 /prefetch:1
  2⤵
  PID:2504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2128 --field-trial-handle=1396,i,17391782427368528950,2180989594718067756,131072 /prefetch:1
  2⤵
  PID:2992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1516 --field-trial-handle=1396,i,17391782427368528950,2180989594718067756,131072 /prefetch:2
  2⤵
  PID:2988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3268 --field-trial-handle=1396,i,17391782427368528950,2180989594718067756,131072 /prefetch:1
  2⤵
  PID:784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3524 --field-trial-handle=1396,i,17391782427368528950,2180989594718067756,131072 /prefetch:8
  2⤵
  PID:1516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3696 --field-trial-handle=1396,i,17391782427368528950,2180989594718067756,131072 /prefetch:8
  2⤵
  PID:1524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3820 --field-trial-handle=1396,i,17391782427368528950,2180989594718067756,131072 /prefetch:8
  2⤵
  PID:1924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3932 --field-trial-handle=1396,i,17391782427368528950,2180989594718067756,131072 /prefetch:8
  2⤵
  PID:1164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3956 --field-trial-handle=1396,i,17391782427368528950,2180989594718067756,131072 /prefetch:8
  2⤵
  PID:2928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2820 --field-trial-handle=1396,i,17391782427368528950,2180989594718067756,131072 /prefetch:1
  2⤵
  PID:1084

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1468

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
PID:1120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7209758,0x7fef7209768,0x7fef7209778
  2⤵
  PID:1860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1180 --field-trial-handle=1308,i,11501978539613219309,8020467843522099009,131072 /prefetch:2
  2⤵
  PID:1504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1520 --field-trial-handle=1308,i,11501978539613219309,8020467843522099009,131072 /prefetch:8
  2⤵
  PID:2524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1580 --field-trial-handle=1308,i,11501978539613219309,8020467843522099009,131072 /prefetch:8
  2⤵
  PID:3060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=1616 --field-trial-handle=1308,i,11501978539613219309,8020467843522099009,131072 /prefetch:1
  2⤵
  PID:1916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2164 --field-trial-handle=1308,i,11501978539613219309,8020467843522099009,131072 /prefetch:1
  2⤵
  PID:1644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2740 --field-trial-handle=1308,i,11501978539613219309,8020467843522099009,131072 /prefetch:8
  2⤵
  PID:2224

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1468

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\90297f9c-4f60-41dc-b15a-4be86f031a46.tmp

Filesize
144KB

MD5
c71dd29697a6245f7ed1d9673ecb7aa7

SHA1
2d737b7ba49b03bc71a6d098d612ddc107a9a5df

SHA256
b1c04d0a9b76b2081a27a664ced149b48c111d1a754fe1a89040eda688fd1105

SHA512
5a05bc6fd42447dde4689d1f4c7ff890fd00f420fa77dd8db23ba0b4bb0c24f6383fc9f8901ed2e29ab70b3ce75663c2b4de1120564af270c793d83485c3ec32

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
cc224701d3988dd5549f5d4adbf10fe4

SHA1
bf7837f102c82b785f087208d907c86f3de96bb4

SHA256
ab4b477c15da3d33fd048de6a07bc97f38cb55f647a7cbb9c39ccbe56e18cb21

SHA512
da48b8a59c7a8434d277f18dff52557066aea503d889b4c06a840e0412afc0732ad8958a95f5d14d92b7cbf503ae0d1a32c5da87027c5df69591e85a973724d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
624a96ab29550963110b44ba56040c3e

SHA1
8cfcefa24ae18cc595be3f8852d1e9bf3a8059a7

SHA256
91cf9e81f0d519197e6f9a7b157058a86ecaa8bfdb145fea35c37d34c3aaea18

SHA512
c2242de56aa534424aef7b751289e249274f40497fa5eaddaa2c7f81e4a6283bc4559b68268b88a8fc996a8404f0ef68284546079f54731e65b71d75be8fbcfd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
c1739e91f213b6ba9a1eddb79237b810

SHA1
19de9cd025764d1b41f2f070611ca65aa51965ba

SHA256
7eb925ae4b402408e272f70981b9f51d84f88a479440469d2104e020758ea4b7

SHA512
8e06e8fc99f1275c97fb1bcd08c4d3017071fb1a3598eda03eb1283534e42d3fd1502ce44d02dbecfc75328bd35aff17e18569cf78c5594a9a4aa84a1b101a50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
eb257d1a0c12895c17a156a20c0bc9a9

SHA1
a5b7481494805df773f8c95afce81c18240f2bff

SHA256
f01a8bb36c70c1697c1bbc372e8a857acf23e41f5d08dbcca679364cb43cc996

SHA512
781d9417d5f059b5603158894c7b18d00c9c253adb379f91b1f73446002702cb0ff7f92f04cb2381cdf9f28971060a29113f64775b8b845640308cb470700bc6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
8c5c6fcc6c3d7e678552815201a5f8d1

SHA1
9ab42fb7b49c5caf93ddb878bd32edfe41cd82c7

SHA256
b57fa85ca8e7627e7596c911daca2d4f49d93de20bcb58eaf23241af021f000f

SHA512
e170419e6408d9fac9cda96fb052f8805e333ac573e89223f379fa3495c3b6306ca61d65b74dabf22bb2deb21601fe0c6af5fc549fc1b1050d5e11c85978bdcf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
21658c393e60f6b3832f99ec61a5072e

SHA1
e7077f74f3c13c9850d9b891473acf0014920e97

SHA256
ce626917967d6ef3ba740ad5fa8ad70328c7e07f30332043448265acb2dc9b4e

SHA512
649851455d005b0c684db5733f306e6f79fe06fa371a27478b9c9ac85e9b78e5d61d6547f91a9b726026ebfe345681a9d15810c4e2c5eb991d1f334d160fc0a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

Filesize
136B

MD5
169ddd7b0dff8027fa59d497eb85e297

SHA1
c6e18517d4a7758d5c94e0d3cf4da631d0dd8fcc

SHA256
8388ba2f667596caeb822ae72614c25d6dec013b4c16283356cf658e5b4cb0e2

SHA512
23dec9251dc80efcb05c76665adf94367abd9f5932e453e95086a152943f17d629868b65603e3066b5ab3e2dfc779e73882f374e4d1f4a23fa9398043c79281a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-000007

Filesize
50B

MD5
1be22f40a06c4e7348f4e7eaf40634a9

SHA1
8205ec74cd32ef63b1cc274181a74b95eedf86df

SHA256
45a28788cde0d2a0232d19c391eae45777fe640790ac0674d6daa5672c444691

SHA512
b8f6f42d375e3ad8015d744fa2814994fa6e588b41cce0131fca48194dd40146b08169a8ce0da350525ff32a59a16edb503c72e0f07254955c82a0d38074856e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

Filesize
136B

MD5
c09c846dda77ed75536aa5d1d9dcc233

SHA1
9fca0ef2df67b37185944ad1e779d22e3e6e1105

SHA256
cec7e73c36fc07ecd3248591e1f33e0f3bed9a7732c8a84fb9c1d8d5c54b5679

SHA512
054761a18a8788d00ecfa8c13c0b81c7a1645ca2312fad76ee0424b836004af137ee350d7c2b1fa7ca087e8c14e442cd49b9b81a9f497d62d9b2bae7da66c3ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\MANIFEST-000006

Filesize
50B

MD5
78c55e45e9d1dc2e44283cf45c66728a

SHA1
88e234d9f7a513c4806845ce5c07e0016cf13352

SHA256
7b69a2bee12703825dc20e7d07292125180b86685d2d1b9fd097df76fc6791ec

SHA512
f2ad4594024871286b98a94223b8e7155c7934ef4ebb55f25a4a485a059f75b572d21bc96e9b48ed394be8a41fe0208f7bfb6e28a79d75640c5b684f0c848fe3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

Filesize
20KB

MD5
ef71563d24825a44d0dd3e4fb7102034

SHA1
b1476f1994fc3bf633d027a4b050459504de6135

SHA256
8cf4a4f7271ee41c59ef8b23239a8b73b3b2f22a64463e7ec7c562dc983b337a

SHA512
810bf2b9a7db8eb5c03f1870e5c165155ebf23361fc5113602069b67f041997a2ddbfa3f580fe6aed2af90978062bfb722f0ffed06fd0a2993858dcca1d273d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
c26d199f1acb543603141d898e4fe869

SHA1
a4a1e85e2f87e5b334a989a8ad51d98550424f14

SHA256
2df34af9325c8423ec8d3cd988710c5cd978650bb6d9af513d06c474933e3606

SHA512
6f0086a2838fdbfadf57de0ae19b32e92a316451fc6672d4671d6bc514fea01ea64e48680ed74bb17a63fe9e5234afafa3f478c2d7e3d47ce3a37bc21299d868

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
364B

MD5
f75aa8c144c36ea3ff9dba244fc81936

SHA1
4673c731c971ecad390de31096302c4988af3824

SHA256
ab6d73141bb66c5556047d99c501dd3086c3acc6e59cc8da0597f1e332bd85dc

SHA512
e23bd97d2a36de6efd19a8d24985d85be29feb38fbec051f6d7229658d7f085445ea4ca20bab0b5bd649a82c028321f82368a4e7ae480c6a343f8f55cb5a2b30

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
35e2119085cf92bb50df10ceea339220

SHA1
d5fd210b33f147529ce02d853f202104305f8cc1

SHA256
be8d2927874ff4701beeb5c30b109adb03b38a5d2b5f4f356e82ccd80b734970

SHA512
6b1fec39561cdabf7e1dca6b947109559f1df0775b605b62c10b8edef671941e8bacf0f428966d5bae2b3f80f92966321f0b42639abd771874e76d92d0b917ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
ff80497722aaab54ff08ef2875499bc0

SHA1
170ffb0f717129a14189b733b1ab78531c4b6073

SHA256
bd1c6cfd3524c4f82a35631c27771e74fe08870c999df0682ca1bc565a009819

SHA512
2f65290c107d7a6b0564a850d6024a0fe7cff97f6bffb07b312a173cc233026be559d8be97f3bf12d602700a1848e6836378c5d7817aaa47d9341ff8a360dbbf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Search Logos\dark_logo

Filesize
6KB

MD5
b4ee0f30acf8b2e447f660ae2849e1b9

SHA1
d05ab75b5bc869dca1c2e6f1830e91a91e4a33ac

SHA256
5347f04be0627bd66a60b4345fbc12357e84add11c543d455c1ea3bbb83a028f

SHA512
289bc20678330fd831e15b908d458782d79f6fe2940fb4720ed9ff8acf8540a89a8497b71f0bb036ce42d588cffb29b1251b1b632e50ac31f6807a651ab418b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Search Logos\logo

Filesize
5KB

MD5
0aa7ec060522479a43d585e2f9f4f9d0

SHA1
dc5839790979477e8983016dd46cfbfe046e8260

SHA256
423d1a856e6fce1abb772b94e914d8d69f48c146844462398b6378f87abbc952

SHA512
07994e375d6a3e73a13753698f8878267c54b19084220e7cb00d8fef1ddcdd25a3c65a8c3d04d95a0ca7d2ac632645d64126ebcf522a62eb1e4d5e8e49eeae02

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Search Logos\metadata

Filesize
1KB

MD5
5f539558656ebd94aea31ca6e2d9ab41

SHA1
f9411a2d3e3e33b89a0ee3b412c44090ea3d5544

SHA256
39860c09391606efb77eda4e61700a4d637a4ae4dbc25406d68a259960be98f9

SHA512
09efd30e00c64e841ff8a090bc1a330a2ffe8eab00768a80676d0e0718bab8c231c3fdba48c21a83a76b1eef69c4a3983868e2bb2f28b737fb10e9335c7f2cba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000009.log

Filesize
218B

MD5
61d2759d2a2e1a0f8fc061309584fdf0

SHA1
831561c2737f45366488ca5b6550f82753e2f446

SHA256
b133932dfc3dd83130507cb939e4e337a583b61ca55b462beb35d39f920c341e

SHA512
5022398fca1cee3b296cf505fa88d4ae99bb509abe983f2cb30e34a69e73072b403999f5b49ef5b9b70610e5b36a75e05ada54e87d50fe6cb342ee4acc6e60ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

Filesize
247B

MD5
107b111d5c4d046559b3b52b4c8f83ad

SHA1
2b95bbbb701e8816a1d4ba74f3baab09f805cadf

SHA256
2be0b377789fa73b371190ccb5a827bcb9e836f031da7418ff11ec63e588a947

SHA512
712bc8df37f4e6440e678fb3b86c8f1249a82de669b449817774c0f57c8231b06373d23c4408a0016ebfe64f1c8652f97a6bf05b514f9ad43d5e4398f3993656

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000007

Filesize
90B

MD5
b6d5d86412551e2d21c97af6f00d20c3

SHA1
543302ae0c758954e222399987bb5e364be89029

SHA256
e0b2fdc217d9c571a35f41c21ed2596309f3f00a7297a8d1ded05f54f0e68191

SHA512
5b56ae73a61add9e26f77d95c9b823f82a7fcdc75eed64b388fb4967f5c6c42cb0796b0b99dc25c89f38952786176c10d173dec7862a8a5ce5f820280f72d665

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
136B

MD5
7ce97cf5e5d0ffe483183abbeeb967e6

SHA1
0a4e7a12d0c97d432513aeff4103a97b77643766

SHA256
65f01f224e37d5ca7180000c77e03f958b2359a369014687ea74515589076b3b

SHA512
6a0b08913c524d36a24c86945f0a073cea5f2964e6a25da99a0a4426847d0244fa4a1d1b942c2466372f762a8003a9d9ee35b43421b5954d8f7074b84bdf3492

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\MANIFEST-000007

Filesize
107B

MD5
22b937965712bdbc90f3c4e5cd2a8950

SHA1
25a5df32156e12134996410c5f7d9e59b1d6c155

SHA256
cad3bbec41899ea5205612fc1494fa7ba88847fb75437a2def22211a4003e2eb

SHA512
931427ad4609ab4ca12b2ee852d4965680f58602b00c182a2d340acf3163d888be6cfad87ca089f2b47929ddfa66be03ab13a6d24922397334d6997d4c8ede3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000008.ldb

Filesize
1KB

MD5
1a4ca9070765cb8eb3320588d6b0b6bd

SHA1
dfa85e85c97ec3fbebf9348ce66dfa79f28574dc

SHA256
92682e86819a76399c791eb4a6f66bc4aa51ee1e044178459406e9a97618c0f7

SHA512
905bc0730aa625d7227ae7a8a3b99cb058039b8d9a1c602eaad9091b642ef9a6c012bb14a255001651d3a56e8ff50cdffd500a317a0455c8b50109c53f9ac599

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000009.log

Filesize
2KB

MD5
894a6f85ffb1ffe2efa3a71252b41dd2

SHA1
004c8c7ef0edadba5020eaea2a59234493fb39ba

SHA256
1a11fa443a9c5276f83ffb7498a8731b48448ddad02dd5bf2857ac46616c0510

SHA512
311ce543e4829a598d6f6e92f9692bc0ccb291279d78d753e36db110efdeb6f5e6680d1558ccc23ac890f844585bc008e9c7d15fb3b35c69e97eb03638c2a63a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
250B

MD5
34a6187efbc34562507e43899f033ddf

SHA1
72c961b3b3a178bbcccf8a8285df16c1b749dd84

SHA256
a43581d61d2f589c036120b7e574a151cb5e863a5fd0d7b3348b8cab8eb930a5

SHA512
88da27ed1ba9f202d9f41549e870be1667607480c07e7e0c107715dbf052c44ed70ea5fd12817ec1ca2d1bcce84dea50b728d964e901272e9c0c0a81fe71327f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000007

Filesize
250B

MD5
f9b398adaa849beec315e5f6f0bee834

SHA1
e24fb84ed0adccb30cc05c0129115d582e5e98e5

SHA256
1e6c50f9e61028b66f8c19f8fd6f2d60c40fee3602397f1f47188ce9813d6257

SHA512
b37ff594d12159f36368f1529f1069e9b61b820fa94ae567084a9944abcc4c5eaa4c037eb236f3198b649ba989a628571caceda98404aa05b8cfaebe45d5758f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000009.log

Filesize
34B

MD5
fe62c64b5b3d092170445d5f5230524e

SHA1
0e27b930da78fce26933c18129430816827b66d3

SHA256
1e1a9ca70503efd8c607f9bc7131f08aba0476d75f2586dadb4da5485a5315d4

SHA512
924daccfbfb0c0464b4c5fd769e01a8f2e96fe28b635aa27ab4cd91766b05b03bbf941af14c017436107673f01bad815ce1fac2a649e745c76b3c736994b4fd2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

Filesize
249B

MD5
ee25766524bc5fed43070117dff973d5

SHA1
8dddbe35a1c6f56f3f8b87c3c4241bb68d710ad1

SHA256
a6450b925fbcbff145c1a9a8c28edf1c7fccccf0968b1b3ee216609ad3183299

SHA512
f4b4f04691591b690c627a6cbf49e6c93acd5581f634392009d773288425f2aa47ef01ec4d7a65ad20aa75739fa3e73f9bfd7219f3d5e950f9c010ee283deede

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\MANIFEST-000007

Filesize
118B

MD5
d757e9f525200060aefbd2e00bc69809

SHA1
ae551809c3435fe3e6716b76dc23b7294189b4ce

SHA256
729406f9e7c1e50d927d0c6916ee0a97eaa26c46e6cdecef7580e61b8c0dfe20

SHA512
50c15062061f449952bda82a8b0cd4bafe6f3f434f642fadb8017e65c09886bb4d0b52967c80f8fa380447c63d79b6518f605a3efe7d8eea40c2dbbaa0d41953

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
9eae63c7a967fc314dd311d9f46a45b7

SHA1
caba9c2c93acfe0b9ceb9ab19b992b0fc19c71cf

SHA256
4288925b0cf871c7458c22c46936efb0e903802feb991a0e1803be94ca6c251d

SHA512
bed924bff236bf5b6ce1df1db82e86c935e5830a20d9d24697efd82ca331e30604db8d04b0d692ec8541ec6deb2225bcc7d805b79f2db5726642198ecf6348b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
144KB

MD5
1fa3f9adbb627b3c0b73b030d36d6c39

SHA1
098a73fbbc1a2f9fd9fb7d8623ea9cf4a5e89849

SHA256
b43ea90fb7bc90342c0f74076705df51e40980b140499ca8d5dec70e9383b761

SHA512
be1fa4cbe1f2bf1ab15375e5e88639526ed449eea29907fb7bf1a8ef5905f8e4b2de5696b12e6ff7becd982ab9ccdb7ab3c2091baa664a4b4371f8c9974f40b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
85B

MD5
bc6142469cd7dadf107be9ad87ea4753

SHA1
72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c

SHA256
b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557

SHA512
47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit