Resubmissions

08/06/2024, 13:15

240608-qg9xgsbh51 1

08/06/2024, 09:10

240608-k49mcabe78 6

Analysis

  • max time kernel
    150s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/06/2024, 09:10

General

  • Target

    http://nppxml.bruderste.in

Score
6/10

Malware Config

Signatures

  • Looks up external IP address via web service 2 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 28 IoCs
  • Suspicious use of SendNotifyMessage 26 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://nppxml.bruderste.in
    1⤵
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:5080
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc5f149758,0x7ffc5f149768,0x7ffc5f149778
      2⤵
        PID:2368
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1724 --field-trial-handle=1772,i,12566619624051318818,9221595098200658185,131072 /prefetch:2
        2⤵
          PID:1408
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=1772,i,12566619624051318818,9221595098200658185,131072 /prefetch:8
          2⤵
            PID:3928
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2228 --field-trial-handle=1772,i,12566619624051318818,9221595098200658185,131072 /prefetch:8
            2⤵
              PID:1968
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2908 --field-trial-handle=1772,i,12566619624051318818,9221595098200658185,131072 /prefetch:1
              2⤵
                PID:4068
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2912 --field-trial-handle=1772,i,12566619624051318818,9221595098200658185,131072 /prefetch:1
                2⤵
                  PID:732
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3820 --field-trial-handle=1772,i,12566619624051318818,9221595098200658185,131072 /prefetch:1
                  2⤵
                    PID:2124
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4616 --field-trial-handle=1772,i,12566619624051318818,9221595098200658185,131072 /prefetch:8
                    2⤵
                      PID:4516
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5124 --field-trial-handle=1772,i,12566619624051318818,9221595098200658185,131072 /prefetch:8
                      2⤵
                        PID:1948
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5344 --field-trial-handle=1772,i,12566619624051318818,9221595098200658185,131072 /prefetch:1
                        2⤵
                          PID:364
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5656 --field-trial-handle=1772,i,12566619624051318818,9221595098200658185,131072 /prefetch:1
                          2⤵
                            PID:3572
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5812 --field-trial-handle=1772,i,12566619624051318818,9221595098200658185,131072 /prefetch:8
                            2⤵
                              PID:2488
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5964 --field-trial-handle=1772,i,12566619624051318818,9221595098200658185,131072 /prefetch:1
                              2⤵
                                PID:5368
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=1840 --field-trial-handle=1772,i,12566619624051318818,9221595098200658185,131072 /prefetch:1
                                2⤵
                                  PID:5620
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5632 --field-trial-handle=1772,i,12566619624051318818,9221595098200658185,131072 /prefetch:1
                                  2⤵
                                    PID:5880
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5208 --field-trial-handle=1772,i,12566619624051318818,9221595098200658185,131072 /prefetch:8
                                    2⤵
                                      PID:3488
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5464 --field-trial-handle=1772,i,12566619624051318818,9221595098200658185,131072 /prefetch:8
                                      2⤵
                                        PID:5512
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=212 --field-trial-handle=1772,i,12566619624051318818,9221595098200658185,131072 /prefetch:1
                                        2⤵
                                          PID:5600
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6864 --field-trial-handle=1772,i,12566619624051318818,9221595098200658185,131072 /prefetch:8
                                          2⤵
                                          • Modifies registry class
                                          PID:3416
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5196 --field-trial-handle=1772,i,12566619624051318818,9221595098200658185,131072 /prefetch:2
                                          2⤵
                                          • Suspicious behavior: EnumeratesProcesses
                                          PID:5552
                                      • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
                                        "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
                                        1⤵
                                          PID:5056
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3720 --field-trial-handle=2252,i,16504368816373493055,9578615028378602855,262144 --variations-seed-version /prefetch:8
                                          1⤵
                                            PID:5156
                                          • C:\Windows\system32\AUDIODG.EXE
                                            C:\Windows\system32\AUDIODG.EXE 0x458 0x308
                                            1⤵
                                              PID:4680

                                            Network

                                                  MITRE ATT&CK Enterprise v15

                                                  Replay Monitor

                                                  Loading Replay Monitor...

                                                  Downloads

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

                                                    Filesize

                                                    72KB

                                                    MD5

                                                    a8d94654043fed3e3644c495725e5bdc

                                                    SHA1

                                                    1ffb30bb0c6a0dc36186ede37651ee9776c84098

                                                    SHA256

                                                    baa8036205ed783317d463f0537795bc66d519617701486316ccc84a2441458a

                                                    SHA512

                                                    af3a7117b9731b90ac10dfe04d2739a8936d7a2780de8e4daba9ba987e2da3b6162ad624c2ca2966a6c71108e0116c90e4b7cf1bd50d27f847843b529055e0da

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                    Filesize

                                                    864B

                                                    MD5

                                                    903f2460f2a31dc984706a6ba673a60b

                                                    SHA1

                                                    2956bc2ca3429a7a7c4b39499974bd0eaf6aa6e7

                                                    SHA256

                                                    322785c739944d3d2c3ec3e49961fbe90bb57f6540dc50311bf85e0bc6d1f76c

                                                    SHA512

                                                    302c4a360aeb046c8de5af325e54dd86f5cbcbfec8471e90034a22f33b5d47b625726be529ab54a9a44c31d36313e2edefb73feaff20918a432655331c9537f6

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                    Filesize

                                                    9KB

                                                    MD5

                                                    1a15a707510efc1b8b4f858c280f8524

                                                    SHA1

                                                    7931e1ac8c6a6534cf0ee7b505eceee315d9b090

                                                    SHA256

                                                    a900aaebe8195470f20f6b468127b3cac222993a2817e6921a9bae840108e00e

                                                    SHA512

                                                    aabc19389472fc389c20f7dde1a570adb21878d08360c805b62120011a5eea4ffb00c8a8677da01b12e40f3c011f9ef928fd93cd5ae306bf9a881de210dc339b

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                    Filesize

                                                    6KB

                                                    MD5

                                                    1ba303e91224cf514050de61861e6a2f

                                                    SHA1

                                                    76dc4a24cfc32c2135e71abc625badbe2d1b9df2

                                                    SHA256

                                                    523f6d6dbc8d5d86ea054ea344649f3c0f1f2166fa0b8eaa635c32705ea2d223

                                                    SHA512

                                                    24be1170decaf2a8a3567cfa340bd5657dad51e19667517e44e997cb5d2bff3aaaf425c6938cc756c07bc23a58bc7348c87aa5b39456424ceed4588939ce1512

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                    Filesize

                                                    2KB

                                                    MD5

                                                    e6d9241123b2075d8ea514cc3fcc5203

                                                    SHA1

                                                    6fecb27f82c5bdb86ec085896d098ee7f1c0b6da

                                                    SHA256

                                                    985b39e2bd8ce9e3b5118b9877ddd44c800a5ffbc4b50b253d17dc23135be139

                                                    SHA512

                                                    94d4b7ce170174c7b75118e5947d899215f52c7943e54cc4e044de0e0922f7964b32692c920977d5a0fecbb54ca9d0d66b29bd785a6224ff89ca5c929cd8e56c

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                    Filesize

                                                    3KB

                                                    MD5

                                                    3932701e86829de78dd57f0fae93f964

                                                    SHA1

                                                    6e31d6e8af15180856e415e94559387924570c80

                                                    SHA256

                                                    b26b472671eaf2b9e5e60ef13b0e8ef7cb4b6557d328b1422958b676d923e0ba

                                                    SHA512

                                                    5baa77419895d0ba452df49c8857b64fc3b77cbd61f3513129489db3935afaa2dee6841e2163338a8616a00215ef737227ef6b1c768d23057a8c510c293b5369

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                    Filesize

                                                    3KB

                                                    MD5

                                                    9a2c6c3d223bf577bbbd6a7c87442f05

                                                    SHA1

                                                    567e6f659f5140706ccabf7e4ad0c07e3337a664

                                                    SHA256

                                                    abae53fd88915c9e91431aaaaeaaca0ed9a70820c73aef29f250e212dc1d504e

                                                    SHA512

                                                    2203e87cc040dd61456d322f3a2487c3d5990a164b026c6503bfae63c6442451a616e5e47c2a9442fdcc9ea7e6c37bf49cfcda5845b50ec97a5d9cf38402098e

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                    Filesize

                                                    2KB

                                                    MD5

                                                    d5a77d05308da6065f93a5b0fd5bee87

                                                    SHA1

                                                    b129b1f6b84079c3df9663c09834592a7b30f82a

                                                    SHA256

                                                    36338163629378dc82bd749e829c05147a33e68ed0b750340b0b0fe4c4e97e0e

                                                    SHA512

                                                    97924d2802f28f6db73d4bdbb6f730d71147d659821b98e4949696aafb88d6b57179f5cd13066b5c5ac17dbe608f7f8ed874d9a15075c99b9a8427956ce663fb

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                    Filesize

                                                    2KB

                                                    MD5

                                                    98ea47a47be94a515e29b4bbbb37c0ce

                                                    SHA1

                                                    2fa725dad1a2e3dec0d5dc9c78b25a2390ddd4f4

                                                    SHA256

                                                    8114dceb06140b6fb8eb341e53ca1f0d05c2e6921a13e4b33936c230793da60e

                                                    SHA512

                                                    d6ebf2a9496d35450e4c3867ad3e81bb88f134f50bbcf8faa075b2918ef3c5d9c52bb8011bf244a1e69b4f8936cb2d666c9b05938e0df981469158648f4e556e

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                    Filesize

                                                    871B

                                                    MD5

                                                    0a292635e25f7bccf947423ef67a855c

                                                    SHA1

                                                    14202ce7a892eecefdafc6e94d4fcd1f7c9fb31e

                                                    SHA256

                                                    6bbc6ed25399ff3685c08aed1226eb9b407cab67a0d41a4870a6faa80e947922

                                                    SHA512

                                                    8ce74faa647f635e518615184f15ebf1fd93bd5bd0adb599fed18d7556ecc31d9be0195cbe56eb5c84b8743559f1d3c8580395a5453f359b9a17feadb279006a

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                    Filesize

                                                    3KB

                                                    MD5

                                                    2b91ee372d266dd77825907800deafe4

                                                    SHA1

                                                    82ecea232e74299bfe0266b7bb32ea7e62cbd9b1

                                                    SHA256

                                                    d275fdacebaf620c401aabae8d4388ca8dacbf47c00ecfe1fa928e58e86d0a8b

                                                    SHA512

                                                    52181ebc835245e47cf04e0695dcc71133d9d2d63251f8bfe5f168e23dc9a137bd13be257d989bf9304f2e26af039066a3b4361aad8bd27da0d4d86e78b0af5b

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    6KB

                                                    MD5

                                                    b99e23249cb971a47ece57ee80986a1e

                                                    SHA1

                                                    2dc02f39f4dfad4f40d77b848b8fa2d33fb9ee09

                                                    SHA256

                                                    b7a672969c73957df4dd1e5207b833a2dbd4845bde4ba61fa0dd6966c6561251

                                                    SHA512

                                                    73b2c7048cc67bfd61a3225266522f235437a383e7144387735e7d218fa4596dc221b35abcad541075c289a2d46ef69577000d28e08895812a231b08b238f3e3

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    6KB

                                                    MD5

                                                    7ff38c5d3a1414778631ecd431a4186b

                                                    SHA1

                                                    5d2e261a95742907fad0a16478419eacc151bc88

                                                    SHA256

                                                    36d9c6816e7c2c5148bcf21c6398633fb25f8c396815cb335c84d4a6e0eaea9d

                                                    SHA512

                                                    81ef98c65abd6f13686c16957e50fd538a5c23f6258ea000f37ad976a41115b80ed89ddb707b67b35ddf79ffec0afeb4c46d5a291011883e5ae8945ea204a1f0

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    6KB

                                                    MD5

                                                    06a57948ffbbe616d475a558a451eeb0

                                                    SHA1

                                                    8dfdc0bd7b0c89c2139d23d6b67cbdf1ed85d348

                                                    SHA256

                                                    2437d83f468d2e1dcd18013c8e54df4ffde39bb0e86a606bcb8df4643000c01e

                                                    SHA512

                                                    f398ca812ed92911f9aec4ab847af4dc01d8dfad7a4795d3b263aca1f2b59e3cbfe0c1b84b6d256fdc4602b9203950abbd8841fcdd22887eff2fcb8095002887

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    6KB

                                                    MD5

                                                    a09782338fc8dc6e2b327ae4db03853f

                                                    SHA1

                                                    1385d725ab43575b34aca38ca1971d97e7431f03

                                                    SHA256

                                                    4f7f5d652147a13d2012ac74ace81c4aba3655790544e5f740f5749f75565766

                                                    SHA512

                                                    336fe03bb5ae14fc5a43cbff20c435ce7f00e6b01fd6c2a549521d9ef7f4faa18c634fed71da7faaf3648f2f01d908cde591f0911ef14f3959fea03d45d13662

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    6KB

                                                    MD5

                                                    a668fe868a28057b7d3080511f0b24ec

                                                    SHA1

                                                    43e46cbe37aa0c744a366659e75707f2cd455027

                                                    SHA256

                                                    36269cd205001ab1d84e25de7cdbb165edb6de5ea3eb1021ea145d7d15970e7e

                                                    SHA512

                                                    1c8ba85012737ba93b5f2d7fc6613afb427694083b9d59d604d095942889410a6edaff512e0864fc70c22d3aa999d68083319ccc5317005fd4709b30ecfca418

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    6KB

                                                    MD5

                                                    a898dc5a166393aa0ee28d3e8ef261b8

                                                    SHA1

                                                    197bce710732a38b30ef6ca88ba8552257824d5c

                                                    SHA256

                                                    3a3447d97faec4ec2a49a4b29d0cb95f45456d89878b3cb0c69835e8192cfe69

                                                    SHA512

                                                    cde73ac738cdca3b416f8d4dd89a5f8804a92ebaeab600167edbef5193ce3830d6137b8c83e4d8e858c8b5e864efca15c92db310ff5078a9e9861a7a87372d5a

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                    Filesize

                                                    6KB

                                                    MD5

                                                    644dbcc86e1e05a8292e1724eaa24088

                                                    SHA1

                                                    f35c7929861721d46a7232472ca60efd9ce67f60

                                                    SHA256

                                                    f81dc06744da316148098f403cbcb9c8cdce8db123b5cc408c2fe79e9eced89b

                                                    SHA512

                                                    fa76b3669d7894dcb86d306d5dbaa44a57864465059979bb0374b7ce253dacb17214c4941c731f473aca8f01b52a9e909be9191f7ece2a1e150fcf7be610b3e5

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                    Filesize

                                                    128KB

                                                    MD5

                                                    b06841d23634855ce46ea910ccdb031f

                                                    SHA1

                                                    896db8beb3cbae5c4b47cc1df835be49b7cbff98

                                                    SHA256

                                                    8e66ee95eda12edd7ce956b2a980b268c1b4742b3e4873ede3f99f79f431b26a

                                                    SHA512

                                                    95974bd4c90196ac13cf2a88eeab7ff801fbe648b58a2ff91ffa599e1c67728fd0b7d1ae6e84ad235381520bf46cd0ddeff2875b5923c5a61ac3a35f2e53e0f2

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                    Filesize

                                                    128KB

                                                    MD5

                                                    d557bbc4c6fb2d1ef52635feddaeb7b9

                                                    SHA1

                                                    362c86a30aaba03cb94cd861c4ccf543118e90f5

                                                    SHA256

                                                    03e97af4977cf5b6cb14a6453ca2d9e988117cf7185bc8c748b7241d699ffe2f

                                                    SHA512

                                                    0c60617435124db84feb926db072039b7ce447e38f7232462be18a9e094b26d0647b1d2aee4dbde503f6e1a5f41b6227b1933fc5f7d744994687bb25b68bb789

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                    Filesize

                                                    128KB

                                                    MD5

                                                    8c0e6c1fbad440961e069842777de384

                                                    SHA1

                                                    542b51f5c243db81428b062bd8821c2ecae14025

                                                    SHA256

                                                    7f560f651408e89f33db6cf61c731fd7fd8b57e6605de0cfa416dfa087ae5158

                                                    SHA512

                                                    55af3efff9f24c92134c5375a9257fa45eddca53140f3059b937b68f8c9d00ccc2f193e7eb4cbac333243123c5e2c2a77173ea962844d0372dfc0fb0c9018625

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                                    Filesize

                                                    103KB

                                                    MD5

                                                    ed48dbd0b54085b8252366801558e0d8

                                                    SHA1

                                                    a42ca39225681edc8d64f88e28a67bc624a49607

                                                    SHA256

                                                    27d573e17b0e7c5c3f8c81be703d965ca8ed5e04004d52fff1ddc5bf63c4e815

                                                    SHA512

                                                    4b4a3c479c6769a9d6f6e74f7253fbe110c7c02daa1415bba27c0ea6a9f6631fd15c47516ac4a0768f1e9c9916c2f4dfdde5c416d0be33eb96fdd843f779fbb7

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe587625.TMP

                                                    Filesize

                                                    97KB

                                                    MD5

                                                    0e15078fc51251c320f1c75b0b06d158

                                                    SHA1

                                                    fc31376efb6bcfdb26b8a9b49b02d7ea78ae28ac

                                                    SHA256

                                                    b7db9896f88938f2fbda00d3d753609b1ba137394ae470d6434ef6d873ea4315

                                                    SHA512

                                                    a09a4e7b809292825179a2441e49325d9d79ffe42bc7513ae743755cbad3c2f4335d1f6aedc0e0bf8ee994411196f93a9cdb5977ccc23ca10f3643a53668e564

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ff8894ed-cd67-4e12-8a4e-65db2ddfa5e5.tmp

                                                    Filesize

                                                    101KB

                                                    MD5

                                                    a7ced48c9f823a40e3287a5fe7e3f037

                                                    SHA1

                                                    1829f61cee51f472a927b87a7e4d2c47d72d2755

                                                    SHA256

                                                    11479d2ad3c5b61fafe7e36b315fe3eb18f1649962f3876704f93f3fa699cc15

                                                    SHA512

                                                    623321cea2431c7bcb861e4e223500e6f0197fc616072b7ad71e264c434fb03b392067e304ec19de8b3710809633a258a85a9b91c14f85bc17b58eb4b4e521b3

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

                                                    Filesize

                                                    2B

                                                    MD5

                                                    99914b932bd37a50b983c5e7c90ae93b

                                                    SHA1

                                                    bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                                    SHA256

                                                    44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                                    SHA512

                                                    27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd