Analysis Overview
SHA256
ea6443416c31bb5f5d8476357619c3c9b80d3959742b8f3080b56ce8c24b9429
Threat Level: Shows suspicious behavior
The file Unknown (1).exe was found to be: Shows suspicious behavior.
Malicious Activity Summary
Reads user/profile data of web browsers
Checks computer location settings
Enumerates physical storage devices
Program crash
Modifies data under HKEY_USERS
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Suspicious behavior: EnumeratesProcesses
Enumerates system info in registry
Kills process with taskkill
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-04 01:09
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-04 01:09
Reported
2024-06-04 01:22
Platform
win7-20240221-es
Max time kernel
118s
Max time network
122s
Command Line
Signatures
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\AppData\Local\Temp\Unknown (1).exe |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 1444 wrote to memory of 1344 | N/A | C:\Users\Admin\AppData\Local\Temp\Unknown (1).exe | C:\Windows\SysWOW64\WerFault.exe |
| PID 1444 wrote to memory of 1344 | N/A | C:\Users\Admin\AppData\Local\Temp\Unknown (1).exe | C:\Windows\SysWOW64\WerFault.exe |
| PID 1444 wrote to memory of 1344 | N/A | C:\Users\Admin\AppData\Local\Temp\Unknown (1).exe | C:\Windows\SysWOW64\WerFault.exe |
| PID 1444 wrote to memory of 1344 | N/A | C:\Users\Admin\AppData\Local\Temp\Unknown (1).exe | C:\Windows\SysWOW64\WerFault.exe |
Processes
C:\Users\Admin\AppData\Local\Temp\Unknown (1).exe
"C:\Users\Admin\AppData\Local\Temp\Unknown (1).exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1444 -s 172
Network
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-04 01:09
Reported
2024-06-04 01:32
Platform
win10v2004-20240508-es
Max time kernel
565s
Max time network
458s
Command Line
Signatures
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\Unknown (1).exe | N/A |
Reads user/profile data of web browsers
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | \??\c:\windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | \??\c:\windows\SysWOW64\taskkill.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133619377805145612" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\Unknown (1).exe
"C:\Users\Admin\AppData\Local\Temp\Unknown (1).exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff985faab58,0x7ff985faab68,0x7ff985faab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1620 --field-trial-handle=1900,i,18342602941475093442,12080664282746881875,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1900,i,18342602941475093442,12080664282746881875,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2228 --field-trial-handle=1900,i,18342602941475093442,12080664282746881875,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3064 --field-trial-handle=1900,i,18342602941475093442,12080664282746881875,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3100 --field-trial-handle=1900,i,18342602941475093442,12080664282746881875,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3820 --field-trial-handle=1900,i,18342602941475093442,12080664282746881875,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4424 --field-trial-handle=1900,i,18342602941475093442,12080664282746881875,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4452 --field-trial-handle=1900,i,18342602941475093442,12080664282746881875,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4496 --field-trial-handle=1900,i,18342602941475093442,12080664282746881875,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4584 --field-trial-handle=1900,i,18342602941475093442,12080664282746881875,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4828 --field-trial-handle=1900,i,18342602941475093442,12080664282746881875,131072 /prefetch:8
\??\c:\windows\SysWOW64\taskkill.exe
/IM chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4484 --field-trial-handle=1900,i,18342602941475093442,12080664282746881875,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4788 --field-trial-handle=1900,i,18342602941475093442,12080664282746881875,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5028 --field-trial-handle=1900,i,18342602941475093442,12080664282746881875,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5016 --field-trial-handle=1900,i,18342602941475093442,12080664282746881875,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --profile-directory="Default" --no-startup-window --load-extension="C:\Users\Admin\AppData\Local\ServiceApp\apps-helper" --hide-crash-restore-bubble
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff985faab58,0x7ff985faab68,0x7ff985faab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1736 --field-trial-handle=1952,i,9840453372430708785,17458862110134184551,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1984 --field-trial-handle=1952,i,9840453372430708785,17458862110134184551,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2248 --field-trial-handle=1952,i,9840453372430708785,17458862110134184551,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3232 --field-trial-handle=1952,i,9840453372430708785,17458862110134184551,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3560 --field-trial-handle=1952,i,9840453372430708785,17458862110134184551,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3772 --field-trial-handle=1952,i,9840453372430708785,17458862110134184551,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3784 --field-trial-handle=1952,i,9840453372430708785,17458862110134184551,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2820 --field-trial-handle=1952,i,9840453372430708785,17458862110134184551,131072 /prefetch:8
\??\c:\windows\SysWOW64\taskkill.exe
/F /IM chrome.exe /T
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.200.14:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | 136.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.187.238:443 | clients2.google.com | udp |
| GB | 142.250.187.238:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.56.20.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.143.182.52.in-addr.arpa | udp |
Files
\??\pipe\crashpad_696_WIXQLKMCKRUJCDEX
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\ServiceApp\apps-helper\apps.crx
| MD5 | d28022bee7b1c61dd1c065a85a8f15ca |
| SHA1 | bb6510937cd735c8dee1f6f8e36c5ea2011ea4e7 |
| SHA256 | 092f386c78aef402225279c45d519ea6abfb2ce07a735bb1288529c20b1f5db9 |
| SHA512 | 0215880912ba0907a0d9326c5b63e00ab860278f2f22f2560136a2dc4babf6e5a99764f59d05e8228fabce6f1b2a8e4ff2fda64d353cfdf4b9de07ed3bb7628d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 1be921e6ecedc3b1de4fffbe220a8a53 |
| SHA1 | 1f9d614060505c9999932ca64b283df4b8c521bc |
| SHA256 | 348c6303968fa116d447258db6ae6b2de10ffaee0937f99840249e76e5cd2834 |
| SHA512 | b8f0186df2e20386668fa9852c94f17093690309da81a9331f542a718a3565c7442304cd104e48c3cafda809119d88a6d1d775c35c840d6ffee8ddd00e75ead1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | fbba98b9d166639c4e64e9fa320c6fc1 |
| SHA1 | 10b76088663f36949b6b9380de7a1e4ca904b2a4 |
| SHA256 | 47b3c85ebae16c8fb605694dd4cf2e91012a1f62b08265bbb017344b1705b9e3 |
| SHA512 | 31754b2825e99278f83eeb753edaf3ca96628373b941ae8ba35af270e6b7fbaf8d8615bc7a760d2855e41903f942647aef2885a1d88e4230a4d8c51e84660540 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 77a23a5903d716d361d09bf45c07c663 |
| SHA1 | 74b6a0bd40082b25085484d85550fb504e70c94c |
| SHA256 | e5de7d7844ffd78adbe1178933eab5654c17ec64db4868743cf0fa3d6da12c31 |
| SHA512 | a638dd795da7dc4b9522a34746ff4719716fd5e9a3b5f2ed99766e5a82765b02f065c77878370430dbc5224eb91533e9a8d4b1472e7385956c68d942666b7042 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e559bc9645759a936e7607046647cc92 |
| SHA1 | 713928b1f1185ec0cecf6c88f90b9d7f50c1881c |
| SHA256 | be32e0571bc598df174dbe1b7885c3bec25bfdd34ac902525b11c4b334bbd2d3 |
| SHA512 | a7e3e87b75bc9296968457d3ab79135542cc9b52dbd6d658defebb331e15a63267faa6daf070fc3e833b6a1efd14402ab292754a739f53df3229ceb700040c09 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 62545dc49d6e567f27a1cf30ad786e06 |
| SHA1 | 88a89062d3b34c161beaca3c3893a3f5b2f8ad66 |
| SHA256 | 926d650db163bb569607f8b4ba85b8d647dc37bf900f262960af68b9f09ea088 |
| SHA512 | 9f947f9a9cf6381fe60f1dea9095c7b141bc2bfe752888e621a2cce81d26e7fd369c199c179e473ae4427bebf60466d7bacc1d6f944d1366076171f25a9f7d55 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 23e6ef5a90e33c22bae14f76f2684f3a |
| SHA1 | 77c72b67f257c2dde499789fd62a0dc0503f3f21 |
| SHA256 | 62d7beeb501a1dcd8ce49a2f96b3346f4a7823c6f5c47dac0e6dc6e486801790 |
| SHA512 | 23be0240146ba8d857fc8d37d77eb722066065877d1f698f0d3e185fcdae3daf9e1b2580a1db839c1356a45b599996d5acc83fda2af36840d3a8748684df5122 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | 961e3604f228b0d10541ebf921500c86 |
| SHA1 | 6e00570d9f78d9cfebe67d4da5efe546543949a7 |
| SHA256 | f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed |
| SHA512 | 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1
| MD5 | fa3d6b1929c9213ac258c1df3c25c54e |
| SHA1 | 87073265c40f4aecd7fe71b1f4180084114cf07d |
| SHA256 | 518acdd2d7bc3ba6b14030adfb2d3d5418453261ec7aa560f2cbc43761eb0a21 |
| SHA512 | 1761e305ad6047b0e90d87012eb4d3ca4f88de8c76458824ba9c94a18f0ec90a5bc0b010f536ab8afcb957c0a6526ccb29dee88135c0205629cc77e26a6cf007 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
| MD5 | 46d5023bdf6f561c5eed2cc80e162d69 |
| SHA1 | da238c8e289aa9c61e35ad3f83377a3a8ab6d6df |
| SHA256 | 030b7b4960e4f49bf5fef7c66dc6e7e2aef513a26fdff0e8a8f2f49f2e5c2bd1 |
| SHA512 | 33af0ba459992e1098030867157bebdf626e23d28d68a4aa1c7737eeb0adcd484935e8d71676a6a8dce389ed6a66fbf465fbafb653cf8d7a6ca9f18666cd697d |
C:\Users\Admin\AppData\Local\ServiceApp\apps-helper\manifest.json
| MD5 | 99f8d6aa35e67db20b5f6e3fc54101ce |
| SHA1 | 37e09293aa7cdb8fae7754aaae3e8bd2591a2f29 |
| SHA256 | cc1c1c7aa14ac707f66629095b8e117109660c13511f26d6eeda1e9fdc363ab2 |
| SHA512 | 57562dbe3c33139b98ff244cdcc233c9689823a11032d42b9b179eda53831481422d69a62691eebff34c0ae85c36cbe7f8b16599d89919bab759cfd38af27797 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
| MD5 | d06e32ffd331b9c0807e63e5e29df726 |
| SHA1 | ba53d97ea76f1cecb2a91ed143133ed3c5bc513d |
| SHA256 | 1f64cfd6e14501533b3da0828eb3aa116d38a0c9b7f171d3cecd04616de3f634 |
| SHA512 | 73470b3f2d3482cbdfb6e53bf6b4b38804e4bffe384d6d699c8caac1eb51422e34f5de18a351a553a6419882a9e2187604bb1fd4f5b5901ae16d3b7f7a333b5b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log
| MD5 | 198c1fa22ff60eddccc3371db5a811a9 |
| SHA1 | 03ceaadcaf501d64e08d3b287aa976750cf497b1 |
| SHA256 | 9c626dfaee97c501528a2ff29871a9a8cc2b79949cd8a84688bbadbcbe38e1b5 |
| SHA512 | 6eb150c135b31a0acb25c7bbaacace14555ed5a8524223a471f7c21c4da1d0e918dcdd67f24ddc82e8c2281eaff01a42b867c6c28c6103611af28458999ca0ce |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG
| MD5 | c454ae5ce7e2fd9e0ae3fdde8c3c5b7d |
| SHA1 | 319ca391f79615898a468744183b182ac71fb74a |
| SHA256 | 66a7a92e129d7625547dff31716173974618f0c14342cd6bac173bc7c46d3071 |
| SHA512 | 962a5431f0a0adfcb631250feda9393059ed3c3c0dcd6d52c0262006d5e0af3c56ac27b52dc14ae5d9cddcc76e695db6f1b68aad7e14676f87eb63b238eae2f1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log
| MD5 | 7bb6cca9ba8d96901001d0abc787a4f2 |
| SHA1 | 9c8948ef3db0ad37a1b5348cfef25cdce9ba98a8 |
| SHA256 | 43d0f1eb46ef5f707013e4701e88d55a14215a2e57a5302cd69f0f98529f7cc4 |
| SHA512 | 3c4288c4b70fa6330b379e72d276c9d58cbddb12f077e0cf6bcff49d477ed5c777dabe9d9762cc3e729334ea33a864161c1ae4cff6bdb2f07890ef677b36b46c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
| MD5 | 1c84f829d8c45072beae71462d41f142 |
| SHA1 | f6856a75ae1be0f4f9b5b04ea6d582dbd69d817e |
| SHA256 | 4a9265ae2aa5ae80bc270886d73925b845bb1246d0885268635180ae24c70e53 |
| SHA512 | e9907cbcb4a99fbc9adcc80d310187677e13bcdc9b1c5a9eac0a5cb7979dfb97e482051a65ebeb595e47587af1c10259391680df2bdbad86489dc4f81118f8d6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Reporting and NEL
| MD5 | d8dd7405e667de64c84f28862c205924 |
| SHA1 | 79c6ca775f1abbc5b3393aaecdc2f7b3cc6db551 |
| SHA256 | 8ad4ef99b3a1817bbcd60c813406087376fccd22be5d5bfe1bf43295f0fbedf3 |
| SHA512 | 23c86c024ab1ade0fcaff20f0ebe28d7b7f109dc4a680150016f7513f382342a3d5f1990c2d3eeba1a762f73c163ce8e8746f9151dae0127ab53b8c1430d706c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
| MD5 | 0951c27e24c6388748411ca503561425 |
| SHA1 | b3dce856a7ba09a9ec233855f968e11813ffe59d |
| SHA256 | 315c3df1da0737c256d7ca8c4223f74a62ff5cd2235c0b7f5796d8f7a96beaa7 |
| SHA512 | 571aee73b1ac190be62d7364f7b2f8b7b2d6dbe6d152038833de4f24b4b372eaf694c33a2f5f64d6f797653c06d3d5af6e4c59bc7f9b3123c50e43ecc0850309 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
| MD5 | b2b2ee9f274811f11bbec94e848458d8 |
| SHA1 | cada16998fe102f9309c864d34024c6eb088886b |
| SHA256 | defb83eff77fde0680a8258787f0e2b171d96e5b07fee3a9a60bf98f47d4a571 |
| SHA512 | 68889add02f5c62a5218c43e0ee3bb3ae5152b2355d635c5aca5bba52d9921c5edbe264d4aaf0fd8368922e28669241a5435e03dcd34060d97bd23222e3d61d4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007
| MD5 | aa12ea792026e66caab5841d4d0b9bab |
| SHA1 | 47beeba1239050999e8c98ded40f02ce82a78d3f |
| SHA256 | 65fe153a832452e97f5d484440a7047e314d3a83cb61ad2508fed48a820e1de1 |
| SHA512 | 0b2b1bb8851c60c9d4ab1d039b990a4de5799c97c50b45f64e36a21849c14e785f69196f674ac225b1419d7f501338054074cab6203d041361a4fa1ed8802b27 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
| MD5 | 33d2dcc9ccf87d6ed728ab0c46235369 |
| SHA1 | 249e080a07601d8537b242546067229f49a4aca1 |
| SHA256 | a455f1cebb519dc1861af1646224fb2cff08843469c0f346d93efb6745615c4c |
| SHA512 | 754e230d5ed0a578559702f43312b2cb2b282676a95218ec3213efb566fed6ca02034bc6dc7ba124afee6f9b766a0680a8e51ea377b998eb2a10d0b7de67f7cc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005
| MD5 | 6d66c063a5048fc856aa58a9be1ce582 |
| SHA1 | 50c39a74928bec238fa5b7d5581f8c28b7d976b6 |
| SHA256 | 3fb5f3eb311f3e82e1de4a9bc8694aa6bed91bbb955ccea7da6d6ae8ff8da0b8 |
| SHA512 | 678f43c5804d07f72424af3a0c74d852ca55106b7c91b8546d4679a8cd0925fefbf94921685d21c982746478cbd08b0ce4dd2d0f4a0993450952843ae1ab10ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3
| MD5 | d07b90c1930602742fec997aebbac80f |
| SHA1 | 6884c3517c29e379d17d583128c0c1701c4e7aaa |
| SHA256 | 5864d29bbc1fb96dc2949c12d26891fb0b57287c6f3334af877050497435a6ae |
| SHA512 | 96b4b64bbd6601fff626db5ddb0b1abbeff22faaa26d2558d3230a9b96f1697bf0717f9b1f7396636402f8348cbd62cfa7ebc1b293d674ecac5a30da4cfacb1b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | 4ec7d97159d9881d44f312660bc89f5b |
| SHA1 | 579d2010e105e663d5a708f1ba91549b23b5bcbf |
| SHA256 | ae3779624e252bebb43041068f58c238cd76c2bec3627a2cbeb798f6cab67f9f |
| SHA512 | 27fa3b47420544b635393e9947fc258c88c854151fae07d11e0ab28258bf4283593b235461b6106ea140a36eadc1499c1e9eb2bc0e8dde50ca931584bbe40db2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0
| MD5 | 367634597a6ec6d0f4a79e30b7c9a479 |
| SHA1 | f0442990ccba871e775fbf2989779a54a27b76e6 |
| SHA256 | bf66f54a88740124107982cebe563786fe3bc4a46d67096521c0dc3b9b93d2be |
| SHA512 | 99f31d9541b9ece79c18a6c36a63f83da9390105d98540410331059c521665c26956673e6c9fbfea71942ac8ba3d06585d09d0b3655a31fc125c5a86459ae38c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\1a50638d-6857-407d-9588-1dd3f370e636.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version
| MD5 | 009b9a2ee7afbf6dd0b9617fc8f8ecba |
| SHA1 | c97ed0652e731fc412e3b7bdfca2994b7cc206a7 |
| SHA256 | de607a2c68f52e15a104ead9ecbaa3e6862fdb11eac080e408ba4d69f1f7a915 |
| SHA512 | 6161dd952ae140a8fb8aa5e33f06bc65fdc15ce3fbfe4c576dc2668c86bce4a1d5c1112caee014e5efa3698547faad3bc80ec253eedb43148e36e1a02ce89910 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
| MD5 | 7e628dcf1a0ce923fdbd4819f8d8c3b2 |
| SHA1 | 089eade61ead050e4d5407d04c694c1a2097390c |
| SHA256 | 900dad3aa868395a90e581a2b747b0902f691395c6db045a27088eb2620ce329 |
| SHA512 | a0af2f908825f1cf71cc8b1c3e89bf2aa44b066f59798729e6d48b67573e4efc28a1f3103a8afda92db6710617c1149b0c53902886e3d2cc0a49da752886a49e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_3
| MD5 | edbbe68a14144857446812fc7c27d7ae |
| SHA1 | a092f33157bf4de1d7214f64baa4031f17a7dc64 |
| SHA256 | 098d10a626708cf05f69b378d90386994393f7d0fe42077171606392ca16a858 |
| SHA512 | 1293eace494a74f13979f87aed1f8344efd71e9a2c18ba3b788a9ee3d256405f9f7bdf42454929f9ce5c10f0cc50c2a1b7d3117a4e5ebe313c9072f090c510f5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1
| MD5 | 9f9dd9d94cfcbcfa49a006bfbd5042e8 |
| SHA1 | 8bcf31dda5a73626edbe8556d68566a293ce052c |
| SHA256 | 38f9ecf2512387c53e85d5e9da15280e92443ec7a1b55502c4b69d3861185ff5 |
| SHA512 | a7abd15c63a587b26577dee6ee6b24817a3632e8f19c267997e79761cb16bf27f3d997c6a2749411d5b555e748633dc2026dec333188a21a320e90681bdff064 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0
| MD5 | 612ac1d1fc1a5384e6904b860e28676b |
| SHA1 | 3b3c79287dc5de4240487e1ca32a8c3fd10d451e |
| SHA256 | 185fa1ee8338a844df6e87f9731e2c1154c0226a3b792cf1695b638bf9b16c0b |
| SHA512 | 1b40118d5d3eaa1e46af442a19c00604e77b1e45726168b789b757d870c53a7664cf523586fa83e75e944d4210c68a42795920a43e85fa267341b419982fe056 |
C:\Users\Admin\AppData\Local\ServiceApp\apps-helper\service.js
| MD5 | 0d67e04a068cb7f660c077c00d42bf0e |
| SHA1 | d07b8d3d9300b18eecf5b8d179e1a004811885aa |
| SHA256 | 0626d33f723c33ed98f9e8c1a78b43510e6dbd196ef91fc0be2633ba73b91649 |
| SHA512 | 2626de8dff9df4d983437cdcb86aafa4a3a3a894aa1572a33c160d480cf8830aecb230be407f57a5cde45133a436e52926ed8612fc6d6245f50fe918f2baca84 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir4044_1192685622\CRX_INSTALL\manifest.json
| MD5 | 9353c270da2dd4836e229cb9ad049fee |
| SHA1 | 4fd8e822e85d43ad69692b8185dad64a0da44313 |
| SHA256 | 4f5a041e6ee123988f6c49904f3dc862c5ab284f55309d8050c5dc2d3d37356c |
| SHA512 | 78a38649d45bdbc893fb70e21a66c0e4996752ac910959c1732f4162eeafdff27a68987083e3cbffb91bb9da90e1951642c7387896f46ed684e1814efb00abcb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iglfjaeojcakllgbfalclepdncgidelo\1.0_0\src\content.css
| MD5 | fc4d5e1d4d7f3d66a6f5c65abe693fc2 |
| SHA1 | 8f4fe7ead18db219b8843e005eadb82b7c379971 |
| SHA256 | eede9ac5c201aee389bc558407a076360c28f58f6c7eaecc3f7f7c8bbaaf211d |
| SHA512 | db9ad81ede04ae345d0cf5b8970003db6cd8301c25942f76fcedb9af92342e7a988d87b4b7c4fe77cd46afff0a07c780c4677e22f1f518ba2a4d38841b22459e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iglfjaeojcakllgbfalclepdncgidelo\1.0_0\src\content.js
| MD5 | f595e32e27d035c2995cb90a99151a48 |
| SHA1 | 0ef51b8ea20b398f6459e607c69f0300ab2810d8 |
| SHA256 | a70edb3f4706ec8986c899ba01c2544b704a1047213c5eae28a614b739807b69 |
| SHA512 | f286a3e0ca84c2d365cef15b7e2f45bda47ed34704d6c04dccf55036f008a3af1b7d23ca43ee6b0cd871cfa11a1981f608538e8f3c26dd43f2f02d4a0397bd0c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iglfjaeojcakllgbfalclepdncgidelo\1.0_0\src\jquery-3.5.1.min.js
| MD5 | dc5e7f18c8d36ac1d3d4753a87c98d0a |
| SHA1 | c8e1c8b386dc5b7a9184c763c88d19a346eb3342 |
| SHA256 | f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d |
| SHA512 | 6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c99bed39a7c468ebf67ceb413f342286 |
| SHA1 | 06a77d0edaff99b7834baf7b76f564f73b4e2752 |
| SHA256 | 051d01897377e4129fc9101b9c243d8fed089ff50d000c9f03453f7b7d108312 |
| SHA512 | 5c0e05b22c7cd00ee3318b0545765672ca878bf416c12c8bb7778ee81b505d759b4464f85362ae0dfd9570051b5be157d4ae410a88140bb6f71e0c5381d95b71 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ce0df62d7c63a2ef32e83f0931da8c10 |
| SHA1 | 46a28233c0e9118cd3e7dcafc36b5285027c6ec2 |
| SHA256 | 54c12a6a7b983d5254eb02902d5ab080309371a26947101ee21ce7fc8bb39d3e |
| SHA512 | d03eb6394cee70d9aa856b6197749db73eb5896152c42659a63e8cb64764a3b6dc7e72374c68a7ea2507f140dd48b06a6767876e13bece019f9048183e2e75ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | d87bb05a414c3a8154709213a609adca |
| SHA1 | 64062e76e008872da59b5a62311f1534c2bc7f02 |
| SHA256 | 1ec6a045a08020393af00103ccb439864a3f0a47366a27750c0cbcd6533339d7 |
| SHA512 | 22f0630128a808fd5334eb6825eeb685c19cdbf868b498b80043962a55a706c2192ca578cafaed65d7177437b0c85157583f2c15f75bb1d82bf81c8d8d8e0660 |