Analysis

  • max time kernel
    1799s
  • max time network
    1705s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240508-en
  • resource tags

    arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    03/06/2024, 07:32

General

  • Target

    Egon Bondy.docx

  • Size

    13KB

  • MD5

    a3bca72294bd2cd0921fbdcc871ab3bc

  • SHA1

    f2311787ee01c5f57b816c6ae99b8f067b335980

  • SHA256

    23ef942b84f0fb42078ef13fa29a9018b91df94be626752f03d8f92dea414172

  • SHA512

    6b41f6f47f84e3de116d35615f87d3a8e62f02cefce07110ed3adf41c4353e6b19346c5e89f72eae0b3f9188927ab8c5248477e375a29f5ce2e072928c0195fe

  • SSDEEP

    384:dLJqibNxt/ZtNNjnpRsXWKZ0VVqx59K6sS:tYiBxllNjnpR79qx3K6v

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 3 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 6 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Suspicious behavior: AddClipboardFormatListener 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 12 IoCs
  • Suspicious use of SetWindowsHookEx 10 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\Egon Bondy.docx" /o ""
    1⤵
    • Checks processor information in registry
    • Enumerates system info in registry
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:1544
  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe"
    1⤵
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:3676
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x104,0x108,0x10c,0xe0,0x110,0x7ffd9efaab58,0x7ffd9efaab68,0x7ffd9efaab78
      2⤵
        PID:576
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1688 --field-trial-handle=1788,i,13572187108151995374,6410592678539355456,131072 /prefetch:2
        2⤵
          PID:4000
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 --field-trial-handle=1788,i,13572187108151995374,6410592678539355456,131072 /prefetch:8
          2⤵
            PID:1524
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2188 --field-trial-handle=1788,i,13572187108151995374,6410592678539355456,131072 /prefetch:8
            2⤵
              PID:1732
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2992 --field-trial-handle=1788,i,13572187108151995374,6410592678539355456,131072 /prefetch:1
              2⤵
                PID:808
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2188 --field-trial-handle=1788,i,13572187108151995374,6410592678539355456,131072 /prefetch:1
                2⤵
                  PID:4408
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4232 --field-trial-handle=1788,i,13572187108151995374,6410592678539355456,131072 /prefetch:1
                  2⤵
                    PID:2244
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4400 --field-trial-handle=1788,i,13572187108151995374,6410592678539355456,131072 /prefetch:8
                    2⤵
                      PID:2336
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4544 --field-trial-handle=1788,i,13572187108151995374,6410592678539355456,131072 /prefetch:8
                      2⤵
                        PID:896
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3868 --field-trial-handle=1788,i,13572187108151995374,6410592678539355456,131072 /prefetch:8
                        2⤵
                          PID:1768
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4524 --field-trial-handle=1788,i,13572187108151995374,6410592678539355456,131072 /prefetch:8
                          2⤵
                            PID:5068
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4520 --field-trial-handle=1788,i,13572187108151995374,6410592678539355456,131072 /prefetch:8
                            2⤵
                              PID:4556
                            • C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe
                              "C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --reenable-autoupdates --system-level
                              2⤵
                                PID:2504
                                • C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe
                                  "C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x25c,0x260,0x264,0x238,0x268,0x7ff74e07ae48,0x7ff74e07ae58,0x7ff74e07ae68
                                  3⤵
                                    PID:1896
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4584 --field-trial-handle=1788,i,13572187108151995374,6410592678539355456,131072 /prefetch:1
                                  2⤵
                                    PID:2528
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3392 --field-trial-handle=1788,i,13572187108151995374,6410592678539355456,131072 /prefetch:1
                                    2⤵
                                      PID:2008
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3348 --field-trial-handle=1788,i,13572187108151995374,6410592678539355456,131072 /prefetch:1
                                      2⤵
                                        PID:5052
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3268 --field-trial-handle=1788,i,13572187108151995374,6410592678539355456,131072 /prefetch:1
                                        2⤵
                                          PID:4880
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=4176 --field-trial-handle=1788,i,13572187108151995374,6410592678539355456,131072 /prefetch:1
                                          2⤵
                                            PID:2812
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=3420 --field-trial-handle=1788,i,13572187108151995374,6410592678539355456,131072 /prefetch:1
                                            2⤵
                                              PID:4760
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4124 --field-trial-handle=1788,i,13572187108151995374,6410592678539355456,131072 /prefetch:1
                                              2⤵
                                                PID:3140
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=4900 --field-trial-handle=1788,i,13572187108151995374,6410592678539355456,131072 /prefetch:1
                                                2⤵
                                                  PID:3780
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5020 --field-trial-handle=1788,i,13572187108151995374,6410592678539355456,131072 /prefetch:1
                                                  2⤵
                                                    PID:4736
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=4596 --field-trial-handle=1788,i,13572187108151995374,6410592678539355456,131072 /prefetch:1
                                                    2⤵
                                                      PID:1644
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1480 --field-trial-handle=1788,i,13572187108151995374,6410592678539355456,131072 /prefetch:2
                                                      2⤵
                                                      • Suspicious behavior: EnumeratesProcesses
                                                      PID:4080
                                                  • C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
                                                    "C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
                                                    1⤵
                                                      PID:3648

                                                    Network

                                                    MITRE ATT&CK Enterprise v15

                                                    Replay Monitor

                                                    Loading Replay Monitor...

                                                    Downloads

                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                      Filesize

                                                      432B

                                                      MD5

                                                      2c7c215e22ec1086977ce72d99874c47

                                                      SHA1

                                                      dc773a2432ec3766116ddb2592d892b50117286c

                                                      SHA256

                                                      4798ea9deeb0c7eb018c515cebf64b8590ed0a7173bdf1785adfcfad384c1e7d

                                                      SHA512

                                                      dbad465d1e6b47ceb2fdc3da5f7286a153a69ebf1b593203da2561bdccedbd24771b13c029810b9a59de56d6ea943912bbff00c78d9974954c14ad5d109f3acd

                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                      Filesize

                                                      960B

                                                      MD5

                                                      e93eacc3c0dbeb55d475612fe8219b91

                                                      SHA1

                                                      b9ccced09981c32ce4910ca7d1df2ec331a939cf

                                                      SHA256

                                                      d46f5610c980ea847a90166b1093f86e33ccf71618654730c8922abe74a945fa

                                                      SHA512

                                                      70af0a8508b437b3c34b9ea6208f8cd01568307ffc35ea472621c46aa808e6d6788f742a5d61b1fc16a72ec5fff95a29ddace4da7bdbe562c0ca139b78b389b0

                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\227bea68-1abb-40dd-87c5-1b2d33c60058.tmp

                                                      Filesize

                                                      4KB

                                                      MD5

                                                      9cbf62f4218f6d30cdc2cd95d943f966

                                                      SHA1

                                                      a5cd4dbf3a0235b2f8c68121fa417c548a4787c0

                                                      SHA256

                                                      2e5aeebe66cd004449f49e88be8ba0ddd74dc955d2b3a288a3c3f45098f05913

                                                      SHA512

                                                      329cba8224affa91d2e503d97d2c2094d447b6c84b0e816eec474b3c399e6b63fb2c4bc0bf489610e46ead7e599d7613af45e615706095f4dbac713ac1410b62

                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                      Filesize

                                                      5KB

                                                      MD5

                                                      30bd0f4bc0a9338d0249172195a25d58

                                                      SHA1

                                                      89dcfcd284bfd4298560d6830bc666a5e6a5f39d

                                                      SHA256

                                                      1ef25f6b2f8a2657b33e92d5523f1463c098bfab95c77955e90bc4eaed1f755a

                                                      SHA512

                                                      f8ba5613a2fba950be45726a4f0908a74d9d4f554e8a5597cd20adf8d88d7a5af84ce86109feabc441c1ef50b623bcb27de7bacc7eca2738edab3ec7d6351730

                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                      Filesize

                                                      5KB

                                                      MD5

                                                      98572d9f2b799e608b5e64fb31bf952c

                                                      SHA1

                                                      0f2a3749fcf0162fcf6aa3950dfd61f93084cb93

                                                      SHA256

                                                      0efb3328ef61b7c0b6a29a46593a672edde0ca07b88760efb81cd9b593878e15

                                                      SHA512

                                                      3ca271bb20c7b993f7bef07d3128dce63a5af3fe67b143bb91f23678307cc2f60260c856241099b00ac4cfaeab514e6feae772476d4073a3896b1e862a95f152

                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                      Filesize

                                                      5KB

                                                      MD5

                                                      9e9a1fe3078bd8b4296cce27e9301790

                                                      SHA1

                                                      11b9b9dbf9728cdeaecec1937151e74018d5e550

                                                      SHA256

                                                      a823fbc8bf9163feb8b8668eb2f694e6617a292995ef2419a632870c38119d43

                                                      SHA512

                                                      eb35af78b774ec8ef583b9e5cb8409aa39056640e3d12afd35b797ca5bb3addfb4ae157541ea598994ddb6567869d756c7ee9e3085f2e698582ab2d429dfb595

                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                                                      Filesize

                                                      2B

                                                      MD5

                                                      d751713988987e9331980363e24189ce

                                                      SHA1

                                                      97d170e1550eee4afc0af065b78cda302a97674c

                                                      SHA256

                                                      4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                      SHA512

                                                      b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                      Filesize

                                                      524B

                                                      MD5

                                                      0d0d054407c33e82b410da8b99aeb6f5

                                                      SHA1

                                                      46b4c82526c49c55865891a6e1e4b595c93029bd

                                                      SHA256

                                                      9e671c9448db61240b437e760ff671186968c0ed704e8e27e6c4afbf790c5bed

                                                      SHA512

                                                      e4e37886666cb0aeec28c1917a77752c79dbe9c076aeed44ce473e0de7907aad5589a2c6005395437b960b3d81f98fe10ac054355bc8eb24311c21c87a836f9a

                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                      Filesize

                                                      524B

                                                      MD5

                                                      00a1004558405f88004cf97fa299eea7

                                                      SHA1

                                                      a4ed43764304b30f6ab321c177dd202cf96ef983

                                                      SHA256

                                                      27ff46d6cfaa15c24c9332c2550105184a740a372b599ba1b16f717209e3136c

                                                      SHA512

                                                      a403f288487aa721799bc2c4764a92714ba3bbad8a4191b172f3b565c313cf9ca38c8693a93b791cb8c4e0a092a7a93482fbe28b28c615cba2e8914045ea08b3

                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                      Filesize

                                                      524B

                                                      MD5

                                                      798e3809a7b70c2ff979e5b2042b6872

                                                      SHA1

                                                      ade5715e0df4b8ae9b9405400ede33a673aa9ef8

                                                      SHA256

                                                      43b87eefd9c1b9dda13384da88e9455a21582836a747ffb34f308346f8e18eba

                                                      SHA512

                                                      62e0819b2f8e8834747041930cc432b652e002235be7038378f30f80a934009b7fb3aeefc32fafc7faffceca3543c2b5fc93564517b00d2312fa4bb58a89333b

                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                      Filesize

                                                      7KB

                                                      MD5

                                                      d2dcac921bcbf574bf81be4bb275f124

                                                      SHA1

                                                      0911831fdff24475fa3eeb8563204f0d194d40e2

                                                      SHA256

                                                      518a4307f3e529fc545b62e5890956bfaa62670b25a049346858401a55a92c77

                                                      SHA512

                                                      8ae834b10b3d16a966d169bc425d2b46ceaa24f180be4a83b36c14d96ece86cbf2cbfdbb1343efa0c7e5521b081db9d54cd59298bd1575488990dd446e446640

                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                      Filesize

                                                      7KB

                                                      MD5

                                                      781c422f747deb2baf51af2b5c69c7c0

                                                      SHA1

                                                      900e77010020668d7996da1f0f6ff58273e84f4e

                                                      SHA256

                                                      1a80d5a188d0b6a8508dac35084077d87bbcf834ec625d74b04d52a9ced41c90

                                                      SHA512

                                                      c50291598a3abbe0e4c7ec44b45dbfee2d3d2b750a2fbe5205326a2dacc69f6f25ba65d5bf12299c131786a86b54eabe4a7a670abaa03e44079ee0a25f44a46e

                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

                                                      Filesize

                                                      16KB

                                                      MD5

                                                      29d50fd4e84c3e7c099c0fb13b2dab22

                                                      SHA1

                                                      3f44c412e56c4951d87412751e527d9b48c5fabf

                                                      SHA256

                                                      d0b7f725186d1c0c9b45ee6096d7912866136388e4520e48cae8123f8aaa3b7b

                                                      SHA512

                                                      f7c37f6dc5ca0226f66fd5ec52e1a4e85de08118c273db710f20019e1d92b37e6589fbd9d8ab194d889c423f3e1c99931c83122af2347758f22b4fa5f5066885

                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                      Filesize

                                                      56B

                                                      MD5

                                                      ae1bccd6831ebfe5ad03b482ee266e4f

                                                      SHA1

                                                      01f4179f48f1af383b275d7ee338dd160b6f558a

                                                      SHA256

                                                      1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

                                                      SHA512

                                                      baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                      Filesize

                                                      120B

                                                      MD5

                                                      e29fd1efd0c49efbc2f17c4fda17657f

                                                      SHA1

                                                      05be1b46ab8cf1dc237fc08312cb5071047391a2

                                                      SHA256

                                                      39e3c9314a41ddc7caef36449acf8215327e91c9feee95af2bb68f4ab58e0c45

                                                      SHA512

                                                      07998e05ada23d0edb150c46587d84802ab48ddb1ebd72a960162d6854fb0ae94fd90c4cff5b70ac318b9a918fd99dd13a1b500f431b7545458edf3b19ce1774

                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57d179.TMP

                                                      Filesize

                                                      120B

                                                      MD5

                                                      5a420522253ca0d62b0e7c99d34ef4f0

                                                      SHA1

                                                      bc4c179d2c59bad21d316e2f4c661fc516633acd

                                                      SHA256

                                                      ec6c732a42f0bcc10cff60bf3d36917fe7986daf9e44c26d46e5cd508904a3b4

                                                      SHA512

                                                      c4ade8ceacd2e89c2e89e9df4160b089cf902541541bb38deb2d3b1c6738d5c79b0a72fba222bef0cd47ee5fe41cc3d5a83847593a981ae67e7124d1cf9abd73

                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                      Filesize

                                                      259KB

                                                      MD5

                                                      935be76b36a3f4b3ede17dc0fa48edeb

                                                      SHA1

                                                      2c9f14dcb2c4f958ba6b8ad35178194d09536673

                                                      SHA256

                                                      d0a42a6698ec361dd5f4c6b47f6fbd38cba2fec17dd249842db5f0fcdf888474

                                                      SHA512

                                                      d89527774c4bb94995cf1591176617fc0ad032bd9a96ce6be64891bb2e1c6ea5229c1dcdfb5ede3b1f8c53e1df913e6135e0e783f56047062d3958d1ebc19a7f

                                                    • memory/1544-10-0x00007FFDAE0A0000-0x00007FFDAE2A9000-memory.dmp

                                                      Filesize

                                                      2.0MB

                                                    • memory/1544-11-0x00007FFDAE0A0000-0x00007FFDAE2A9000-memory.dmp

                                                      Filesize

                                                      2.0MB

                                                    • memory/1544-51-0x00007FFD6E130000-0x00007FFD6E140000-memory.dmp

                                                      Filesize

                                                      64KB

                                                    • memory/1544-53-0x00007FFDAE0A0000-0x00007FFDAE2A9000-memory.dmp

                                                      Filesize

                                                      2.0MB

                                                    • memory/1544-50-0x00007FFD6E130000-0x00007FFD6E140000-memory.dmp

                                                      Filesize

                                                      64KB

                                                    • memory/1544-49-0x00007FFD6E130000-0x00007FFD6E140000-memory.dmp

                                                      Filesize

                                                      64KB

                                                    • memory/1544-16-0x00007FFD6B890000-0x00007FFD6B8A0000-memory.dmp

                                                      Filesize

                                                      64KB

                                                    • memory/1544-15-0x00007FFD6B890000-0x00007FFD6B8A0000-memory.dmp

                                                      Filesize

                                                      64KB

                                                    • memory/1544-14-0x00007FFDAE0A0000-0x00007FFDAE2A9000-memory.dmp

                                                      Filesize

                                                      2.0MB

                                                    • memory/1544-12-0x00007FFDAE0A0000-0x00007FFDAE2A9000-memory.dmp

                                                      Filesize

                                                      2.0MB

                                                    • memory/1544-13-0x00007FFDAE0A0000-0x00007FFDAE2A9000-memory.dmp

                                                      Filesize

                                                      2.0MB

                                                    • memory/1544-52-0x00007FFD6E130000-0x00007FFD6E140000-memory.dmp

                                                      Filesize

                                                      64KB

                                                    • memory/1544-0-0x00007FFD6E130000-0x00007FFD6E140000-memory.dmp

                                                      Filesize

                                                      64KB

                                                    • memory/1544-9-0x00007FFDAE0A0000-0x00007FFDAE2A9000-memory.dmp

                                                      Filesize

                                                      2.0MB

                                                    • memory/1544-8-0x00007FFDAE0A0000-0x00007FFDAE2A9000-memory.dmp

                                                      Filesize

                                                      2.0MB

                                                    • memory/1544-6-0x00007FFDAE0A0000-0x00007FFDAE2A9000-memory.dmp

                                                      Filesize

                                                      2.0MB

                                                    • memory/1544-7-0x00007FFDAE0A0000-0x00007FFDAE2A9000-memory.dmp

                                                      Filesize

                                                      2.0MB

                                                    • memory/1544-1-0x00007FFD6E130000-0x00007FFD6E140000-memory.dmp

                                                      Filesize

                                                      64KB

                                                    • memory/1544-5-0x00007FFD6E130000-0x00007FFD6E140000-memory.dmp

                                                      Filesize

                                                      64KB

                                                    • memory/1544-3-0x00007FFD6E130000-0x00007FFD6E140000-memory.dmp

                                                      Filesize

                                                      64KB

                                                    • memory/1544-4-0x00007FFDAE143000-0x00007FFDAE144000-memory.dmp

                                                      Filesize

                                                      4KB

                                                    • memory/1544-2-0x00007FFD6E130000-0x00007FFD6E140000-memory.dmp

                                                      Filesize

                                                      64KB