Analysis Overview
Threat Level: No (potentially) malicious behavior was detected
The file https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=http%3a%2f%2femail.uber.com%2fss%2fc%2fu001.3rz4IfclD0%2d2ph6Eff9d63g%5fdErgruABBRYcWl3Pm2nFD9DMCHLAkMzqjWuMjS7ajoIpCxOQUIld41g3y1vnzw%2f46w%2fyvl5PViDQeu0FcpBCXFLWQ%2fh2%2fh001.fJlqciKpz5LZ6VLlz9Y2MUaJclV4ZBuCHDAs5UVtyjs&umid=5e0d9354-4e43-4565-b6a9-c33efe1edfee&auth=84247b409afe2128671efe0c5790aaffcd4c1d5f-e19683f1f518afb7444a1dea1878dfaa39b7b5f6 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-03 12:53
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-03 12:53
Reported
2024-06-03 12:55
Platform
win10v2004-20240508-en
Max time kernel
149s
Max time network
139s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133618928022974145" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=http%3a%2f%2femail.uber.com%2fss%2fc%2fu001.3rz4IfclD0%2d2ph6Eff9d63g%5fdErgruABBRYcWl3Pm2nFD9DMCHLAkMzqjWuMjS7ajoIpCxOQUIld41g3y1vnzw%2f46w%2fyvl5PViDQeu0FcpBCXFLWQ%2fh2%2fh001.fJlqciKpz5LZ6VLlz9Y2MUaJclV4ZBuCHDAs5UVtyjs&umid=5e0d9354-4e43-4565-b6a9-c33efe1edfee&auth=84247b409afe2128671efe0c5790aaffcd4c1d5f-e19683f1f518afb7444a1dea1878dfaa39b7b5f6
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff0872ab58,0x7fff0872ab68,0x7fff0872ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1716 --field-trial-handle=1932,i,14834201642730208907,8743973874536406370,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1932,i,14834201642730208907,8743973874536406370,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1888 --field-trial-handle=1932,i,14834201642730208907,8743973874536406370,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3040 --field-trial-handle=1932,i,14834201642730208907,8743973874536406370,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3060 --field-trial-handle=1932,i,14834201642730208907,8743973874536406370,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4284 --field-trial-handle=1932,i,14834201642730208907,8743973874536406370,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4460 --field-trial-handle=1932,i,14834201642730208907,8743973874536406370,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3256 --field-trial-handle=1932,i,14834201642730208907,8743973874536406370,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3268 --field-trial-handle=1932,i,14834201642730208907,8743973874536406370,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4720 --field-trial-handle=1932,i,14834201642730208907,8743973874536406370,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4732 --field-trial-handle=1932,i,14834201642730208907,8743973874536406370,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5040 --field-trial-handle=1932,i,14834201642730208907,8743973874536406370,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4984 --field-trial-handle=1932,i,14834201642730208907,8743973874536406370,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3080 --field-trial-handle=1932,i,14834201642730208907,8743973874536406370,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4256 --field-trial-handle=1932,i,14834201642730208907,8743973874536406370,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4932 --field-trial-handle=1932,i,14834201642730208907,8743973874536406370,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5104 --field-trial-handle=1932,i,14834201642730208907,8743973874536406370,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4960 --field-trial-handle=1932,i,14834201642730208907,8743973874536406370,131072 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ddec1-0-en-ctp.trendmicro.com | udp |
| US | 54.69.35.20:443 | ddec1-0-en-ctp.trendmicro.com | tcp |
| US | 8.8.8.8:53 | email.uber.com | udp |
| US | 34.98.127.226:80 | email.uber.com | tcp |
| US | 34.98.127.226:443 | email.uber.com | tcp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.35.69.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.177.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 172.217.169.42:443 | content-autofill.googleapis.com | tcp |
| US | 34.98.127.226:443 | email.uber.com | udp |
| US | 8.8.8.8:53 | 226.127.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| NL | 23.62.61.129:443 | www.bing.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 34.98.127.226:443 | email.uber.com | udp |
| US | 8.8.8.8:53 | www.ubereats.com | udp |
| US | 69.48.216.12:443 | www.ubereats.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 172.217.169.42:443 | content-autofill.googleapis.com | udp |
| US | 69.48.216.12:443 | www.ubereats.com | udp |
| US | 8.8.8.8:53 | 12.216.48.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.71.91.104.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 192.178.49.195:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.49.178.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 69.48.216.12:443 | www.ubereats.com | udp |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| GB | 172.217.169.42:443 | content-autofill.googleapis.com | udp |
| US | 69.48.216.12:443 | www.ubereats.com | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 95c000f041169cca8d99ae533874a640 |
| SHA1 | 4d7b81fa651bfc9b1d884a0aa835f5a53a22e636 |
| SHA256 | b5ec2d38120c369aedbf42bbf4c8d97b798e7ec4b662b53f2844c1393fd4affb |
| SHA512 | 8b7bdf3a0b8457eada03173897a950ee13de144959eb1caa76a1eac7f15257b339b3ad94fa9cd3058e2a9ccd51f46bcffdec7db43d43a360f3c333c6ae545e6b |
\??\pipe\crashpad_456_HIXDCWNSZPDOGKIK
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009
| MD5 | f998b8f6765b4c57936ada0bb2eb4a5a |
| SHA1 | 13fb29dc0968838653b8414a125c124023c001df |
| SHA256 | 374db366966d7b48782f352c78a0b3670ffec33ed046d931415034d6f93dcfef |
| SHA512 | d340ae61467332f99e4606ef022ff71c9495b9d138a40cc7c58b3206be0d080b25f4e877a811a55f4320db9a7f52e39f88f1aa426ba79fc5e78fc73dacf8c716 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 448826c5d29a5e64e0f454c3cbfd96ce |
| SHA1 | 0346a0e8706d02d4613ec33fc064e2e184450163 |
| SHA256 | 4c06df2eb584d1c37fe416825c283575b4b7930e2e6149d2cf4e19e9226b3a0e |
| SHA512 | 99dacd117a14c3d916b0aadac9ae93984185c1943bb3a895e6153548fe54cbae77b454087aab2dc28eeceaac1438d0a1a6e9adb788ed438675e3132b4200af3d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 906eb251b23e76e28d420acbe16676a7 |
| SHA1 | 2fbfc50b7d7fa0cc59292e79da52983257c0dd47 |
| SHA256 | d970410c062db0c82c42ee736566a3068490b567dcb8b11262426c1e95644049 |
| SHA512 | 6ea23c7d5a5a684ee0735d71d49a7f547f0af46c8085b1cd549db4a210de0129526d9c5f5ac712a1335993a7d3e9e3100d280435c22cbe751171e95a94ee7e84 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 612f5a1cf21d2548d475f33a050efbd2 |
| SHA1 | 80bbf67e3128b9adc4001ccc191bcbc027d6813c |
| SHA256 | c07986bb1308acab4c0feb895084dbd3cfbe4956caaccdc52b5019bc63c7491b |
| SHA512 | 8dbb5f78c932573bc13f1a1af53eda870c39ff037354d44e5351065c9acf65591615fe0e94fb21542dba6283a75f31d3f5f4a865baea6b5ec5b2fca1ce4d7d18 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f21f8f5f638534bd6bace6c5bdb63f85 |
| SHA1 | 40deec7a54feb3c543061005174bb0fbac31c9a1 |
| SHA256 | eee0f1178fdf1d76d12c9d6e298cf21ae95abb5fa7604d380399757bd8cf12fa |
| SHA512 | 127ffa2d2ab30a28b8272c5973fe39a089d3abc8f20b7960368fdea11b11fa955bbe1124eca2ac1025c6a9507f2d33b14cbb42d580c1adfbd8a7cd93f0d28801 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e
| MD5 | 1fc15b901524b92722f9ff863f892a2b |
| SHA1 | cfd0a92d2c92614684524739630a35750c0103ec |
| SHA256 | da9a1e371b04099955c3a322baee3aeee1962c8b8dabe559703a7c2699968ef4 |
| SHA512 | 5cdc691e1be0d28c30819c0245b292d914f0a5beaed3f4fc42ac67ba22834808d66a0bfc663d625274631957c9b7760ada4088309b5941786c794edad1329c75 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e630a124608d0798db8c9b79641a5060 |
| SHA1 | 5257e385beaf9722830c5ad3a1e5f325e3ba89f8 |
| SHA256 | d601362d4e42d0d9f43f8f5943e02ffbd3a3453a03ac8e74d697c36a6ee14966 |
| SHA512 | 696f3f67f1100aad52bb531263f44023372fb5af702b2e88f4d46e90ec777d2f02939c1a291cdbf1ac50c6c70dc6dbf749c9e7c993c9be4edb381c859a4ddba0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | d044e87401412679a665952b0a6bb811 |
| SHA1 | 5852e9a7abab27014f9e4c5eebd406db6b40bfdc |
| SHA256 | 68acd71f335481baea977308e4f63e391474de2e6657fc4d0ac3701dde5ae0e2 |
| SHA512 | 19534936698d61e0395a1e1afe1f28a9920310955b8d7be6561ce4a68f83d53f27b571a884ca9a2b31dc2fba42153c008ec53313e9ff2e8653d2e0959c3ee324 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57f2ad.TMP
| MD5 | b37e972beed7a165f74131f2e19cb186 |
| SHA1 | f6ef8b9ebaf3a44584652ce34f67d11ee5e122ee |
| SHA256 | 3d0a87047b24ca37ee68d6f874d85f939f46549ef4c6e2bd1f5868455ecd7ea0 |
| SHA512 | c84398564ef4c2a00f608f5c599b442b05fa7ee02c70c0cbe7d580633778cbfa9e4ec65d81194c46ff209a0926076eebdae721563bcf3ff2b4aa8bd19697f55c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2ae0a25606bf629860d162c1605536e7 |
| SHA1 | 06c496f196b68b6ab8586c1efa589ca92b828c63 |
| SHA256 | 64cdc9f4ac9bc50131ebc9ddce8e8e4394b1cfaa12734b0ce45182b929cf62f1 |
| SHA512 | a88aadeda90e29da18767fe4826dbd0f7471bb74feb3150848d82b41ef8636127c31dc56923c087fef88b3aa472a623561075ad5b929fd9eb942c8fa51225b4a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b4a6df7103e8baa1682892aebbaadee9 |
| SHA1 | a3024e96e78eada432d23db61d2559a3c5d4e540 |
| SHA256 | 04ff8f9647206b7db293d38bb9fe4f674052c49c7428637fd630d71e577b536b |
| SHA512 | e58aa7d4eaff1627ee9dc858e76a47395b400763ec64db47ac7003b399ce5c99d7a7616be01827410679649fa75c0dcc460035711c986e82b8bd099f2a0aa030 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 16794a5edfdcae3b9ead6d6b44292726 |
| SHA1 | c59357b6aa3652170fb623d5a87e3861a5334282 |
| SHA256 | 79a8c5a14d2a8cdbd7593e44840f1ebc08e5cb8bc613e89668e08ff27673cbb8 |
| SHA512 | a181259c17939db7ae53cd1192dbbae4eb1021a6ffd9b2d02107c724e5f75523895f49a23bf8171294344966837fa42faadd2ee6367eb15bf990e3ac71b71d31 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 846c232edeab31e04ef87b3d5c5932db |
| SHA1 | cbb2ae7ff1a6691eef32c44b4e1c3001494dd37c |
| SHA256 | 0a4a7ad415c71d46d514335daa65391e9eeccfb16f25a5ce514f13fcc93b2a21 |
| SHA512 | f3ebe82e9b7e18a35b489544041065e9d63f435c274b79152ee8fc0e6795a5b95760212b243ac6ca9e829427a092516a4ae940a77c3f38ea83c3483b121fe61c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | f86b43af86ab1193fa78bc561e7306c3 |
| SHA1 | ff825d46d9eae81ac3a41fd537579ede34549854 |
| SHA256 | c7474f3f6ac41b6fe71d0cef7f8fe65cffcd4402de5fb9c845af3e14be5ec4a1 |
| SHA512 | 68bfbca656dd561fda37499e820f258dfb2fa234d5f7e96250461b652e664d5174fa2cab3f2c7d0f68ff125de40476fbdcb82ef327eb13c507bd7a7b73f07deb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a42d9bab85f570e3c59db947534be548 |
| SHA1 | 0bbd54f53e61950a32fc3348838e04b8b1ed8893 |
| SHA256 | 6ebf898da04d724347f0378312c18faefd30ea7260eebcaefa3261f8c2b74f32 |
| SHA512 | bf997f4e1589db577dbc7ed106e280ebdec8017b135eb9787ee82bfbbd49e3050ab8688b181a9fd5b0490d39e1e6649854e66b42312a83d3ea58aab931a7523f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e6bed568bf388e2b22259e7ee8d1647a |
| SHA1 | c3d7bfeb573cf9884b97b6d395229a37fbe7705d |
| SHA256 | e0777e74f27a8e9b19dca68f58399d98e61a2f4801850783a599505054bbdb00 |
| SHA512 | 5a495ae05744ed88d015c83e3ba818deba874141918c23c08dd38cad7ef38e58aa768510b13a04bd0b287ee09762a47bedc217dfcb8fb57dfcbef4d0cfdf8e0f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 3f9e1ee2c713b423557654ece6d778b0 |
| SHA1 | 6bca67e5fac16dc4cf1b0f84a42cbd7ad3ab67e2 |
| SHA256 | c97203d463cef1a0d286d7100b7a04f704ab34c7318b1302c9968aa2ac042737 |
| SHA512 | a418df57366838d0532493f4bb2c324f60a087df3ed81f6a9ee7d7f4c59d9d6cf9728f97fba764d95bd4b90df3fe383d3bb0550a571a90d797f4bba9fdedf21b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d2915968af093947f333bf7978f34ae4 |
| SHA1 | 8e16b6789845cb0dd185ef753faaa7e96127a137 |
| SHA256 | 7facf31a0bd010c69c133919ccd40964b558abf53517a55b233ce83a4355e135 |
| SHA512 | cbf731f8daa06ebf72a1c2c80c9f2b2a9d7d1092c6310f7430a1dd8a479802b498d2e43848ad21f3371498440428e40653e01afb2b958d851d7e98550e3ecbab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ee86f681e1848c509ff53ad7d3cbfe38 |
| SHA1 | 27f386b96aea1cd5d026707117d9bbd5e1bc4a58 |
| SHA256 | db8755700f46130330cfda289866b8d807444634a61f4af7d02a5d12fb0d04fc |
| SHA512 | 4fa5f1eb363646af43e69da6593317b8938b51e4971df6ccd5b166998caedf94129cab34b85cee58f825b3bee928a12966221faebfd158ddb42b1544d2dca905 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe591a45.TMP
| MD5 | ff2b7fbf6981120f0761a04f94261179 |
| SHA1 | 1d2d9dc92cc96e4673b3489d134a92df0cf4b8f5 |
| SHA256 | 84eb906c411de19591e0103b7e844db7c2310e37dfb5e9b64a6d872b0c7fbab1 |
| SHA512 | 1f2ca81f4761328fbb8a81feaeec4f2164fc3a91dbce5b2c69cec37990928153c2f32888eceb023fd3ed74d0f144f929e57e7cf2ad086e37bd8935ce7fd4cfd3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 845143ca68d92d16115007d8100015f5 |
| SHA1 | 553ad65c9850fe8891a82c34748217cd64ffb358 |
| SHA256 | 8e1d936d035ccd30ba0fded31e5555a84a0005ffbe520f3b399d9cf8ffb06635 |
| SHA512 | c7c7723b9cb6d58d51f20216d77d76dc38723c8ba87d3dfcaecd68f7f2bd49bd8717bb8c8d6924d0bd544875256ac62371142cedc29016763798de4c47885929 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 95d5d7206b7b1ef2edd4f2a44f82a053 |
| SHA1 | 06a3738ea9d9357a61e59bd69f9b5f67c1fa49f6 |
| SHA256 | 1b6ad6ccfb2cf91de2381ae7ba9c0bc85652069212249e87e908a2f843dd35dd |
| SHA512 | 3aab7c0403013a4899c88d336ac255fcb5c1d1b64d33f50fb0bc76a284f67a657036c2cf4a820a144afcd0be20a9df540ae24391bde70a2e1e89d5295253f268 |