Analysis Overview
Threat Level: Known bad
The file https://freecoleg.site/+_O0nckh1i4jidKF was found to be: Known bad.
Malicious Activity Summary
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-29 17:21
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-29 17:21
Reported
2024-05-29 17:24
Platform
win10v2004-20240508-es
Max time kernel
150s
Max time network
153s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133614769300874831" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://freecoleg.site/+_O0nckh1i4jidKF
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbeb76ab58,0x7ffbeb76ab68,0x7ffbeb76ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1696 --field-trial-handle=1872,i,13709087563938590725,4794399072282976802,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1872,i,13709087563938590725,4794399072282976802,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2184 --field-trial-handle=1872,i,13709087563938590725,4794399072282976802,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3056 --field-trial-handle=1872,i,13709087563938590725,4794399072282976802,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3064 --field-trial-handle=1872,i,13709087563938590725,4794399072282976802,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4668 --field-trial-handle=1872,i,13709087563938590725,4794399072282976802,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4428 --field-trial-handle=1872,i,13709087563938590725,4794399072282976802,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4704 --field-trial-handle=1872,i,13709087563938590725,4794399072282976802,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4700 --field-trial-handle=1872,i,13709087563938590725,4794399072282976802,131072 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | freecoleg.site | udp |
| US | 104.21.47.110:443 | freecoleg.site | tcp |
| US | 8.8.8.8:53 | 110.47.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.142.211.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.58.20.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.32.126.40.in-addr.arpa | udp |
| BE | 88.221.83.200:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 104.21.47.110:443 | freecoleg.site | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 200.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 104.21.47.110:443 | freecoleg.site | udp |
| US | 8.8.8.8:53 | kws2.web.telegram.org | udp |
| US | 8.8.8.8:53 | venus.web.telegram.org | udp |
| NL | 149.154.167.99:443 | venus.web.telegram.org | tcp |
| NL | 149.154.167.99:443 | venus.web.telegram.org | tcp |
| NL | 149.154.167.99:443 | venus.web.telegram.org | tcp |
| US | 8.8.8.8:53 | 99.167.154.149.in-addr.arpa | udp |
| NL | 149.154.167.99:443 | venus.web.telegram.org | tcp |
| US | 8.8.8.8:53 | kws4.web.telegram.org | udp |
| NL | 149.154.167.99:443 | kws4.web.telegram.org | tcp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | kws1.web.telegram.org | udp |
| US | 149.154.174.100:443 | kws1.web.telegram.org | tcp |
| US | 8.8.8.8:53 | 100.174.154.149.in-addr.arpa | udp |
| US | 8.8.8.8:53 | kws3.web.telegram.org | udp |
| US | 149.154.174.100:443 | kws3.web.telegram.org | tcp |
| US | 104.21.47.110:443 | freecoleg.site | udp |
| US | 8.8.8.8:53 | kws5.web.telegram.org | udp |
| SG | 149.154.170.100:443 | kws5.web.telegram.org | tcp |
| US | 8.8.8.8:53 | 100.170.154.149.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.83.221.88.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 104.21.47.110:443 | freecoleg.site | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 104.21.47.110:443 | freecoleg.site | udp |
| US | 8.8.8.8:53 | kws2.web.telegram.org | udp |
| NL | 149.154.167.99:443 | kws2.web.telegram.org | tcp |
| NL | 149.154.167.99:443 | kws2.web.telegram.org | tcp |
| US | 8.8.8.8:53 | kws4.web.telegram.org | udp |
| NL | 149.154.167.99:443 | kws4.web.telegram.org | tcp |
Files
\??\pipe\crashpad_2184_GQWTZGGHMTUTPJGP
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 14e1d321fcb0c71b03c3961491800116 |
| SHA1 | 2db8f19e5dd0a40d498083b4573d878a8643f5e2 |
| SHA256 | ef897c4a0e3bb573fcc263caaf0ca32381b423149010762fa8a17291f4986ad4 |
| SHA512 | 3bc6b88cc4e3b90f8e168e2c0f53d79662aa37bb166871a0c558a82044ad5e45df345c3e22be0adce68175c55e8514c68ad3b23409d965ec0a2cd7318473a1b4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 01ea864557f1599af19db1a7b535a1a4 |
| SHA1 | 5f460a5968f54c5bcd2a3e0130b4a1a3db55d28b |
| SHA256 | bf82b6fe472f84c2fa10251a1c69886234c911c4fa8a6d670f571d7b8ef7226a |
| SHA512 | 9c6d05be900813f7c586759e48dd43ac6a9986eab46a3f31a17165595fb99f2962d5f948de23ac96a2f4993c9cb395edf036a392a92df2d6d45d28ec0fb2e9c5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b9984325065f64a538483f4cdb4d3cb7 |
| SHA1 | 481f8473f29de1778c9012b5ca2a037e5587bf5e |
| SHA256 | cf331d1db6ed2811dc2cd2a092a11873a97b92e2c1acee0696e6bc87b10e53b9 |
| SHA512 | 1ce89962d088f5b8868f9a4daf68520d16608a3495ef0f8f7ed25f0351bb646930d4a616598d2e6d8107c99d14fdb95f6c5b01bd2c7dc98f8c5b23add52706dc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_freecoleg.site_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\74989de41ee8362592c7bccf8cbda138283600c9\index.txt
| MD5 | 1603ab6cb41292688e6cec22a72315de |
| SHA1 | 0ce38881f803f9c383238d1e8742f44c583e7af4 |
| SHA256 | d49c5aa4f196bcd0e181992fc8dedc814d1a619650ccb19d3e0d16749d5ecfa3 |
| SHA512 | 9d4cf852510fa28caa8f49e475b79ee9dffefb32bf8c1a59318c1cf2709c73126d0c9ef0ecb20169c29d1ff5207ab7d72897464b3b71f64ac8576741cdb24ef3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\74989de41ee8362592c7bccf8cbda138283600c9\index.txt~RFe57bb22.TMP
| MD5 | 089bd438f23119901ffe36003d6eea39 |
| SHA1 | c1e81342cd82c7220fb2954887b4d272ff8ee4e9 |
| SHA256 | f8458d23e521f4b71dbc855c731ef0bbc902d257277264686ffcf9eb256114d8 |
| SHA512 | 64bbe3ea430dea42bc13b3945dab6d7d0041092018311506139aa46f2b3383a3d576425f53d23c7d4f662986ea8ce6ea7cac685d08413f8da3e66d37a7203715 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\74989de41ee8362592c7bccf8cbda138283600c9\index.txt
| MD5 | b3e8cc89a95078167475ed33b34aeeaa |
| SHA1 | d053646dad5c0ccb529374109be93d49ddd36882 |
| SHA256 | de8b1cb46af1ebbaec33bf2b60ddde81303587af4826356d7da7b093fe85e849 |
| SHA512 | 194f1c59778104f3f201a93d75dd8d0a0ef278330479baa3a6628ee106a06e6061ef2e4bbe798d3c5b2ecb1d150a7ea6caa04837a503e517e8bfb980704c0395 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\74989de41ee8362592c7bccf8cbda138283600c9\6b11ca6b-78a3-41e2-a6a3-c79f3f2e800f\832ec4e50d222bcc_0
| MD5 | 5de54e2d24161a7dc848658ec5c2a915 |
| SHA1 | 710bcce0862b78ed7f69f83e6f817a13ac04c2ef |
| SHA256 | 1beb485b4bc1fe644daafe12e79e63a158ebaa1c82123ae54f19577f7f285f7f |
| SHA512 | 6975b4a1f486f7b08d5b820dbf49e28ceea6081a4660bec99da2c783f359888d13014e6888351ebe8f0f199340e98d55ba0ef04f1efdbc6bade05c8aa3ba804a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\74989de41ee8362592c7bccf8cbda138283600c9\6b11ca6b-78a3-41e2-a6a3-c79f3f2e800f\4692d70ac748dddb_0
| MD5 | ac1445414634311a1025b5c40c8799aa |
| SHA1 | 84f0b412ec0d58dead86aa1fca939e7a294a099f |
| SHA256 | 4e758331ec5b6426477f8503ff11ac9de999374c6d3512487b13125ba05fcd4d |
| SHA512 | 53780f4b2a3d95c0c8206d948f3f9dea3570cc018ebcc3350ceec14c2d194513681b32f613b0bfc08599ac37691b74a9ded8d31f7b81d48679753d872e98fbde |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bc22a05e5e4983e327cc9b8e2f8855cd |
| SHA1 | 17f1c66e6f060ab7477a1cf7eb86a0cf986a2318 |
| SHA256 | 46a69794fe64ef5581a66e674151672269f1415278f6e802f9018ad57019a59a |
| SHA512 | 58505a7c99a227d4e6f064840ae70a9c557ceb2decb2fdea13c1d9593684c783e3dff512819452f29b9d4f7a6f9267fd8b080da1216a0ad4d9a7e5866f20ac0f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5808e4.TMP
| MD5 | 222d67531744b809d79ca1976e800793 |
| SHA1 | 277a1315efbcbd250444aaf4d1e9cb6c95c99779 |
| SHA256 | e530d5d4b32156f7d947faabb6ccd946e1f07f42a43c46c18f754447454ee501 |
| SHA512 | 5f33cb6dcd96a4567dfa258c5510d4e79b4e546a073d577890d3b53848ea06bafe2a02aedb68e7739eb4acc359bf8de26f6a7ed7fc828c1a141f1d95027b0c30 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 4f851e263141e980630a8590f3506b66 |
| SHA1 | 0deaa0306f530a3424daaf994db6f785f23b61e4 |
| SHA256 | 4e64d96124b390cd2d675f27d1b0c41774f8ec4feeae2fcc216bce379d3fa835 |
| SHA512 | da3f48f9b035a84f22cb631f3988d8dcc2aabae94d09317c92c6b3be07114fa673510be1b6482b4022340896f495a99e17654ae57f07ea87ee613d65c545f8ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1598829800565cd9d063d5be675f1e91 |
| SHA1 | f238cc53d3cfd2e34fc9bccab8b706b41b106a0f |
| SHA256 | f5f91382ea73a240bd2fe36d33ce10bc88b81ca29f628a40b8b878bec3077dd3 |
| SHA512 | 2d1aa820d00936d43acb19fe52b4cd0f2426bfa94b1b90bf6432cb495ea243362b56b349d264a97e99af30aa54ccb7278ef72c44c0a9d28d2ae705d24cc39c34 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | cdcb616ba2c563c7d48982e9845c6e01 |
| SHA1 | 79ee893adb6a27de4cef7531e4be94cdcb77f1b7 |
| SHA256 | 2339e5c0ba53811a2ebfbfefe0b14faf39663dd9b8c8354b2ac29bac5efbf60e |
| SHA512 | 0091d79fe4751a0fa7062c293af7955a87019d5b1db210c1ef1291de362ee156f9951eb27f433f3f9aa2dcda03751b8eb2e130d81e3414ff97408f7bb5506aea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\74989de41ee8362592c7bccf8cbda138283600c9\6b11ca6b-78a3-41e2-a6a3-c79f3f2e800f\index-dir\the-real-index
| MD5 | 9d5b8ecbdeb8a2e334a37e81298631dc |
| SHA1 | dbe9b47fdd5beb781dbf041d3ffb9b6f21f9163a |
| SHA256 | 5e0f1171ee4d40d1c2265fa202442e529c8a1d12904bbf89a2f82cb6960d3dbb |
| SHA512 | 8e95628305d3a467caa35fcae74109a285ab3b51e6a3c3e664794a8189227550dd4058cdd82fbee8224dd306a78cb9624bae586732faa2874c43c0ee6c0809f0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\74989de41ee8362592c7bccf8cbda138283600c9\6b11ca6b-78a3-41e2-a6a3-c79f3f2e800f\index-dir\the-real-index~RFe582b60.TMP
| MD5 | 2f9b3a48fb09c0ac3ce0db7cb749914e |
| SHA1 | b1dec7f0d6558168b2326353ae4a7074e6a681bd |
| SHA256 | 847bd43eb11cfde1d9e94f0f73517f70dc15a8faa29dddbd841228005f6d23a5 |
| SHA512 | dac0c16426e36d831a4e7efce411be4bd311eb70ed077061c6b83f4e6f3c884e63e7dcd885099cb04b1ffd105a36a1510a183f7734f159c35b5bf304f842c3f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\74989de41ee8362592c7bccf8cbda138283600c9\index.txt
| MD5 | 1618e6a3ecfea690f47ac96942b7d041 |
| SHA1 | 51f6ed39c767507079da215f6b75f10ffacf5fff |
| SHA256 | 3e64607a672491ed630ff0d3ef8b72127fbb4358e4bf8f2608db007887b02b95 |
| SHA512 | 3e9349791b4375852189a57e11094c47d047de7bea2930c9fab036b83095d053ea808dcac7640152e44b0d2b95c91627616fe869dbc92e4eb1df8f6ae0d513bd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8a6c2a0f67439c11816a6037ebbd44ba |
| SHA1 | 569ef286c391e0e5523bfa72665303dc078143e9 |
| SHA256 | 8dc3b1038cd873348a9555c8ec3c399efd06fd7501197b6fca6276079a9693ee |
| SHA512 | c92cb378114cced80bc2601b11d134f1a77ea949ae2e1bf7f2d237339a0b2b997e142a9f9ad9ef40783e8a85d2938f00d13b348de76a6cf84addc9e470588062 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 6cf5e199f76b547111e3329620314e1f |
| SHA1 | 54ad2665626d2d0db8349fba93760f014db914de |
| SHA256 | db700c17530e79211ea3a2755bbb52e8734a62e654b6d7e42cdf2c83f7a14312 |
| SHA512 | bbe750ab0c9beeb8f09dea7a2849f37f9f3ccc7ca5dff47c7261e3506fc2fed4153a9da643a50c5a4aac3691ef3d3fbd29e74cc9cb0d73d26095b5ed63aef589 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\74989de41ee8362592c7bccf8cbda138283600c9\index.txt
| MD5 | be6d59f9d1420aa0a8a2d3cb8ac92e48 |
| SHA1 | d70e8274fd453b8054c90e31601899a4af05ce2e |
| SHA256 | 8506544868a2ffdebd6402fdde7c074bb3dae4086e99fb0eae4f30a6d4e284b5 |
| SHA512 | e010e9bfb9f7c739aa51259a6c84e09d06b620565aeb155b3d4326768fb56f788d856a4fdc704d8117d446a2c78aeba6ee7772ab824bbf23edbd831f22567536 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\74989de41ee8362592c7bccf8cbda138283600c9\index.txt
| MD5 | a020cb4c36737ae18ddc18431681c6f4 |
| SHA1 | f23a87b0fcd8ff316841fbe277a2d64489100fc0 |
| SHA256 | 69efcc7a2a8dcfaf108095ef32ad6d048d34ce79abc61b04194abfae9221656a |
| SHA512 | 230c2e554154beaf949eb9ca25394804aef101162380cbf33357d5c586d1e170b06f7e8cb7769d56ba3b9060af34a075dd7273765665ce911bdf78084bbb8241 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6e308e3e9cfcc8ddefd3a4df8c0d8cb4 |
| SHA1 | 3628910fb44c9ee3702414c89626195dd26ba62d |
| SHA256 | 2c0a32b1d10a238f0709e78378945e6bf8b52f3390295e41b025f7e3c2c4d35b |
| SHA512 | c8d571c096a35d5358132cd0916aef7bc5fe421469758343edcb8681ede0f5cb3b2747b134ff691bcbf720fb0d601fa60186a9f9d975b09b6b1ab5807228a7c3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 33d1bfdb0ce60dd00e8e8c1731542461 |
| SHA1 | 44b35cd981db4c1577a987ac38ccb4b988b30400 |
| SHA256 | 892530448895b20c5c44cae41dbde9c99955afbff0092bf3e4cf64eb77adc260 |
| SHA512 | 42db16e92c570d372e826e2e7b5b754e88cd6257dc05bd7827f714c7570df379c703e3a6341fef9c3d5ce399adac5a09b3f9aa4fe32f259b1a0d67bcf1323b25 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe593aae.TMP
| MD5 | 7285ea674287812a5be79f9da7e13943 |
| SHA1 | ef069361d76e62400ac2470085a3bba768d609b0 |
| SHA256 | 5cb70d67a789dd3aa1b03dca019496f82b81fc53d82fe59cb5e33e4a11f91129 |
| SHA512 | 03c33a1bde7d085adf201f683a083281e282af4ef3f1a6002a600c7384a786dc948a30d5506d0e24e67e5e568faa7eadabfdf69bfe3ca67ad9a0ea8434b49da6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e
| MD5 | 9b09fdf4f6e57b09020c764681c21517 |
| SHA1 | 7feff783ecc14d81bfbefa4a5d311ea175f5be9d |
| SHA256 | 9ac0afecfc21d308fe9aa6e065ac1d63fe2247eaa50b3b61130d60ca3fb2864b |
| SHA512 | 10da6eab80fb8727948dd8bd69fcd380ea1e6a7589b2346483b61278967ba31aa7721d80145015331a42fc7c0ec8fd6fdac3471742703fbfc57140f314fdc971 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\74989de41ee8362592c7bccf8cbda138283600c9\index.txt
| MD5 | a986f0859ed0536f2bd7e692f7b30603 |
| SHA1 | d030009dbb647a7700ad15aae9dc9d0661d4d42f |
| SHA256 | 998e71037ac7027175b66ce20b8d76766e05eca588e340cdf3ffb8b8c72716cf |
| SHA512 | a358c983aa009f98809276ea44204e65a943951544dcec5289b8673c2ec2af7fa551e65b6a0fa696248254ee3cb68c3d3949f4a1afadb45df41bce617d4d7a33 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\74989de41ee8362592c7bccf8cbda138283600c9\a41ab738-c216-45bf-b866-a459004bacba\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8c830b32c6a2e9c2_0
| MD5 | 04883bef9eb87854d70c1888136f1efd |
| SHA1 | 46240d481cf1ae75888b65152d00b8d32ab94b2e |
| SHA256 | 06c9305e00d0b14456d2525a266e05c9c5aa08bbf5420b6e992809d40d88edb7 |
| SHA512 | 150727a1bb9cefb5436a451f87dc8e5478afaea207bade4da0bf8b1a7f9a6acae38646f71b3b87e69080fe5ae23dbd3131176fc785df0df57416753870809695 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0
| MD5 | 5658a17f5c0f82cc5f9bbaf8aebe5ea5 |
| SHA1 | ea1b1af70d8a6584dbcf23fac37ddf171889bff7 |
| SHA256 | 2d2b4f3d955b91611a16e6db8819efe4d002710a40e2c8cb5b51b7c5d3cdf6af |
| SHA512 | cbe5e5825eb35062ff87599215305edd5902c21e629257e3f6363cee1a56f228238b65d62190ece0b3da7eba89a3ef65fdcf8dc832a6c173a542202a61491455 |