hxxp://www[.]youtube[.]com

Analysis

max time kernel
299s
max time network
292s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
04/06/2024, 10:50

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

http://www.youtube.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133619718482241542"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2539840389-1261165778-1087677076-1000\{8102B2B6-484E-4F59-8550-7E0C8DC2032D}	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
4600	chrome.exe
4600	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: 33	2704	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	2704	AUDIODG.EXE
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe
Token: SeShutdownPrivilege	756	chrome.exe
Token: SeCreatePagefilePrivilege	756	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe
756	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 756 wrote to memory of 1804	756	chrome.exe	82
PID 756 wrote to memory of 1804	756	chrome.exe	82
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3000	756	chrome.exe	83
PID 756 wrote to memory of 3740	756	chrome.exe	84
PID 756 wrote to memory of 3740	756	chrome.exe	84
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85
PID 756 wrote to memory of 3540	756	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://www.youtube.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffba6a1ab58,0x7ffba6a1ab68,0x7ffba6a1ab78
  2⤵
  PID:1804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1676 --field-trial-handle=1948,i,6938443599851553424,12692526400932083759,131072 /prefetch:2
  2⤵
  PID:3000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1924 --field-trial-handle=1948,i,6938443599851553424,12692526400932083759,131072 /prefetch:8
  2⤵
  PID:3740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2200 --field-trial-handle=1948,i,6938443599851553424,12692526400932083759,131072 /prefetch:8
  2⤵
  PID:3540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2896 --field-trial-handle=1948,i,6938443599851553424,12692526400932083759,131072 /prefetch:1
  2⤵
  PID:2556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2908 --field-trial-handle=1948,i,6938443599851553424,12692526400932083759,131072 /prefetch:1
  2⤵
  PID:2408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3856 --field-trial-handle=1948,i,6938443599851553424,12692526400932083759,131072 /prefetch:1
  2⤵
  PID:3984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3568 --field-trial-handle=1948,i,6938443599851553424,12692526400932083759,131072 /prefetch:1
  2⤵
  PID:4576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3200 --field-trial-handle=1948,i,6938443599851553424,12692526400932083759,131072 /prefetch:8
  2⤵
  PID:2724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4660 --field-trial-handle=1948,i,6938443599851553424,12692526400932083759,131072 /prefetch:8
  2⤵
  PID:3584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4808 --field-trial-handle=1948,i,6938443599851553424,12692526400932083759,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:3592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4744 --field-trial-handle=1948,i,6938443599851553424,12692526400932083759,131072 /prefetch:8
  2⤵
  PID:4568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4780 --field-trial-handle=1948,i,6938443599851553424,12692526400932083759,131072 /prefetch:8
  2⤵
  PID:2932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4804 --field-trial-handle=1948,i,6938443599851553424,12692526400932083759,131072 /prefetch:8
  2⤵
  PID:2408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4940 --field-trial-handle=1948,i,6938443599851553424,12692526400932083759,131072 /prefetch:8
  2⤵
  PID:4488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4788 --field-trial-handle=1948,i,6938443599851553424,12692526400932083759,131072 /prefetch:8
  2⤵
  PID:3940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2072 --field-trial-handle=1948,i,6938443599851553424,12692526400932083759,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4600

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:4196

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x520 0x300
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2704

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
480B

MD5
00bf47c31141563a4c20f8389474153f

SHA1
f6bed91db081f3b21ab3a321bb1aa6d376c6da31

SHA256
4f2192524cb1101289d6611e9079f19d383d8aae85589d9690fe01ba95e99f44

SHA512
74e6232f49ff12ae23ddf5bbbb7b8a5fe743ffdbc2f034e21223f35e4db32dd1b06c0949c08fa98133bdd656f2655a0e432f0287fe91fedfed1e51a064496d2b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
3f6ba85d1c6914a386fbc10b6f6adab5

SHA1
ab47fe2f2a91aa0ccbd78f79c6b6f1d3d4b5c85f

SHA256
f20548f49fa061677d3078dfddeac761f5115066391d33dda0a660526ae2c9b1

SHA512
810401261006f144b20c8eb9a2c9386656def9c8dbb958d8ff03b0c1ec2fcc3e104b87dafe032027ceedbb5f7406f1092c5d83876aba94587cef125b096272e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
2807ea317b1fa1181ed046c6adb3cfa1

SHA1
d0f1fd642b4d0addb7c5a83984432f58b8f2e4e2

SHA256
771d3ba764f747fdaa82bcc60fa0026cea69da6c38cc2cb27a41b692cdb25af4

SHA512
3347b0245b59a93c54bd698190cd7c219143594f89cde515bf2c5292683fb904ccc1baeccdccf429434288eb30c0f737c31bd1169c495447103e32f002474b8d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
036807b46186481689155fcc6b481f7b

SHA1
3e951ac395e335b643c128dabb4a67677eea30c9

SHA256
b4455090dee80e6d90ef71988b287b75511d399b8b32cb86132f142388dbe7cd

SHA512
d7aa63c3035d82be0a9007cfd20173f10207fa5d5bb5e3a56bfcd30847fcc1fead88976daf7aecd6f1f902f6a29b672b39fc89e27de82adf561788f9c815cd23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
859B

MD5
ad7db8f3e917da76bcdf5808aad99429

SHA1
6fe32845e9127a94012d4a6ab4f592a4bf2409f5

SHA256
412317e4956087f9806fce006a97758f76cc11a1a69ad20eb00591ae174be1e0

SHA512
694707ca2d599043214842f3eb0255510f9bfb37d5e4dcf452f0136584b6254c46cf988f62bf865ed2c956dc0b79309ad4e5340bfdbb9878d3fd3d68b5e42707

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
d981fad8f9aedf2e538a29b549724820

SHA1
48ea391403e85016e3e5a516c2580b4243555eff

SHA256
804c682f0fb45958feecc1764c04b7e2bcdcf4d7a046cda0f5359d414aac267e

SHA512
ddaca19fa1f8857bc1024758b91d89a4d798a2ac0277d7d8f4be9fb2c79e7ecafcb2a9f7142a52596b951b40c71cc6424a962f5e2ed83f68840b040488f4b2da

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a2afe67a-8b4b-4898-85f3-a027e7e4adf6\index-dir\the-real-index

Filesize
624B

MD5
5e6da9c89af200b8f6184ee83b6aee86

SHA1
7a31f1c0a971048881ca8bcdea5d2dc11cbc6b1a

SHA256
78eb539015b5613464ed492d8e497f08f39a90b41c2a3d550265d36344f9115a

SHA512
144f4d45233f74ccb0376857693a8f4d554de2ede57138cb5e94a1cd5b3e515456dd58311e3fcd7def0735c094782ed7f90b8fc48f5407be593ccd97e949ee8b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a2afe67a-8b4b-4898-85f3-a027e7e4adf6\index-dir\the-real-index~RFe57a410.TMP

Filesize
48B

MD5
6dc1ab1589ad8ffdacad599db50e355b

SHA1
d620aab4c55962e30a88d559e4dbf939ca296d08

SHA256
af0dfd569b51b7b612bd7c742a0fd0106b138f11f670aee791ffc28da67e62a8

SHA512
dec77a0a0e9092ce330f8abe24b41ef4336d8556b3b859967ca77457f41d2cdd6d0c5398a27e22f61298d5808420a8ee4878687a5260e2a4b3042e903479c616

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\d71e608a-97e0-4a1d-8042-adad59a69c71\index-dir\the-real-index

Filesize
2KB

MD5
2d5642ba25443995e76a3aa630f9156f

SHA1
21ddbcee1f43cc71737ab60355b3b290828b9c07

SHA256
bfcea391ab34f95e784c8f7e7e74090c6bb51d397fbedcfa3395e1d677e6e93b

SHA512
a9428119e8bc9c1aa4f8a5cc754a452006018ad2a2ea9fae2fb2378ca1ec523a33d932428ed958edaa7ba0718ce8e533fa32ea324f0c3571cff344a6f0d79c9d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\d71e608a-97e0-4a1d-8042-adad59a69c71\index-dir\the-real-index~RFe57a066.TMP

Filesize
48B

MD5
451bfdf382ba20a37d28b4f2ea34080e

SHA1
1d6bdb7bcb52677d4aa0881eff42f4e74d03ba82

SHA256
7a7b55d87ec43bfbb1ba5810694a589c9af0292f834cfbe16124e09f1c69b040

SHA512
cc4492076b860d4ff781939db4e3ef47e31169144745a826d3945ded4ea66ed54953fc7f1f2cd7d6720c36791baa0e16d38a3c4dc64b87de1d5d5354f9e36df5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
123179b75b20f8e3ecbebdaf2cee9e10

SHA1
fc7f654a4d2de3e8d06e20a5c6a22934054d46e8

SHA256
aaa8c552d73b698ec783538791ddc0c0aa863a572b341aa127a6a289011287d5

SHA512
9d8a76ce00adbe17b614f1ece2e8568b3aa98f6d8fc351cac050b37536cb0439c8ec61106c859d0d6b2c7e808d1ea717c715261376cf98337952c45443d8fb77

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
5515213739475ad7222c5578815e51c6

SHA1
77ff9a821a03d4dfd54312d67d044005a23bdff2

SHA256
11a3216abd3a0e3e908712f9f0c6b3b4951f41a1f3f8fe910f1cd7932c399677

SHA512
761a6759c584cdfa5de3989084a2d42c791af94a2851cfca2ed8f3d874e70053cdad3e2810475e9b87bf8ffe25238875e33d2ab129dce5b192ded094df40fb10

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
185B

MD5
96a4c23ce29469a0a1ad604008c440c9

SHA1
c52763b3b33e6a5a543331a9b1bf6c0c846f0ba3

SHA256
e1aba45290cb05aaa34bdd68d3621e58759b5120724e2f57b8b84b589822f35b

SHA512
f81159a9df8b5ec70be6824ec16060ff93aaa02a0dfbabe772ddb1e83c7f8d3b361deeb73c3cf77f0ac20a8b3ef3580c58c7e2766b588cfb53bfc1f001b2c4bd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
183B

MD5
d3d712d60e9d61a5869e756df8931e89

SHA1
e4b083e90a3c984d25b32e8b7cefde9ba4f86ea2

SHA256
e85853db434385782a337c019d84be6f69d7ca36ed900d44c0a88bbfe60c45be

SHA512
302038c8430aafd6c72719a3d89bbde3416a721c168c8cc8af05c8b4b0eb5c3609e597468251b5dbbaa80355d9024fad6558cd32cfd43d5278a76426e7ec38ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe574b90.TMP

Filesize
119B

MD5
7357a0d6a74e7ad53b780980f1199c3a

SHA1
9ef9ce31bf3a55c34e9e1307884e2149b3ff285b

SHA256
c0e849330314ddd182fb6432e6e811e2f57c3bf2b9b03470c66aba9b8f536393

SHA512
5d8bf43ed3b679ff938857547856a9e4729b2e568f02405c6ab67bc96d6b08e78f2b77f6a5608b5f6ae7dec0c8647a4f185f3fcfb492b58c0165707c0cde9437

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
9a3c499b4aebd46f59926c7729b649fc

SHA1
b0f276b7515e4b1c6f0e7bcc18ecfeaca386416e

SHA256
fad9a88210afdce050cc161276ff86687d1bf61ed6e862cc8c8afa0724ee6667

SHA512
844ac74de26dff443ff6811c55f9e91b1b76b3b493a4c0fd87661dfc3c9eb4e0c1b7929897f1a75874d1a93fa48f55cc6b5439e03a4872a65aea12ae6cbfec5e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe579b27.TMP

Filesize
48B

MD5
50fb50661bef60e904425e1f3dcb36ce

SHA1
7283dd697d66d716eb26117990e08eeb975e37ca

SHA256
3d56911920e9882750691eb0ab1e3949a84eada4017283951d5b1847a54917bd

SHA512
13024a19b884fe196a73e0607246b65cede1a6ffe4d8af5d36893ee31a6b7f5cbecb104e799c85e1f833ad41b4e103bc2811498730aabf3650140367405fc829

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Icons\32.png

Filesize
673B

MD5
88dfa96f9642297ff88909ca4e0f7330

SHA1
ed8655bf13e6cc49395da4c760168c4148454b7c

SHA256
5e5eb084cf1a650b2e122f53d36f85b67ce6e39069e399a46a25dbd34f7be286

SHA512
cc2deedfeacf9f26e48cbb26e222a219905888b95634c7d91d6393b84248305ce8940816bdb3bff0f5384b9dad90f4e3905b229e06ce4b1023a1439293b240dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir756_346528096\Icons Monochrome\16.png

Filesize
216B

MD5
a4fd4f5953721f7f3a5b4bfd58922efe

SHA1
f3abed41d764efbd26bacf84c42bd8098a14c5cb

SHA256
c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3

SHA512
7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir756_362457807\Shortcuts Menu Icons\Monochrome\0\512.png

Filesize
2KB

MD5
12a429f9782bcff446dc1089b68d44ee

SHA1
e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

SHA256
e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

SHA512
1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir756_362457807\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
7f57c509f12aaae2c269646db7fde6e8

SHA1
969d8c0e3d9140f843f36ccf2974b112ad7afc07

SHA256
1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

SHA512
3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
257KB

MD5
83ca22ec45696ca852c9947a62c571f2

SHA1
023e1aaf90201703db490e4c6d1b0611dbafc124

SHA256
0fe7dbcc5b31e96e6da19208543fa65add54d14e9e6d75df2a3a76501c34d055

SHA512
68e2e2b865e2c890259b93e1d7ddd3819fdb016e5b3406cb27148498fc218b09da4665ce828b74e7e391723791debef24ea5c22b7dfd32b81e619153a44e68cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
257KB

MD5
63facadadfa6a9578833d714bafc0900

SHA1
fc0804add7fc0fec3574c1bbf436ddc49217fb22

SHA256
88cbd2206751fcaab7cda2ee19058b98c56e5e8b260bfda3035d3aa62a3ed6b3

SHA512
5c5459c2c5613426257ec2ab5f68bae4c2157ea53191b109a3461f6e9b4b370388d44b17364e40430d3f9d0c26cfcea949f18454a2e9d1cd271f364d4fb61e53

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
257KB

MD5
af942d63325a40bb632cab82a90c1819

SHA1
1315b9ac8a709dff06d1961fb74c07c4c2c5d25d

SHA256
0c1f84c7b9cd3d0d78b3628eb378c805a52a2675c9d95a7201715b97c47fb87a

SHA512
099fd4ef4f393adb06a9a3497e506e73bc04cab25950d764cf9879a34cf0b8560fb6954a9aa5611707024975cff14b3c7161a8aba82ac336f0b29604acb02bc5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
91KB

MD5
24022f53c89dc06a076753fd440fe54b

SHA1
940b1f7bd06ae4e52bdf4624729dafe8e6283ab8

SHA256
eb666977bb0acdf95ef4ba3e213f8136cb1d59e5ece44247d2b5377ccd7f1c71

SHA512
521ec2409ce4f1728d453ef024cc2c7e87eda22a39171cddbf32e5f7bc98fee4dc25d11b9784d8596da569478032a2cb7dc43085638055583e4f980e4846755a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57df83.TMP

Filesize
88KB

MD5
1e71e730196e76166c1da4e4b91a50c9

SHA1
1b5003a91480d3ed7a9c30d98c8052fc6157036d

SHA256
8f9a099c35392f0b9b502f75a40afec14ce9768de99a3cad7112a940c50ac3d8

SHA512
26a0d0d35fbac739272adbe8649743dd8f55c39add8e6dc774a70c1bdf4b6b86ff669e08168a94bc425ff726ca9a53488eec979fd2d19daa2d093be09ffd9346

Download Submit