78224fdb64cc3f6c06d5d3843c1a1445f82556b370cf1df4af536e68119c4dd3

Analysis

max time kernel
120s
max time network
126s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
10/06/2024, 21:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

resources/app/node_modules/adm-zip/methods/index.js
Size

128B
MD5

74d54dda1e050cad9b31da325f92fb01
SHA1

683b0412f3bdb3ae54cd809e37f456dade4d046a
SHA256

d67714f1a04be942f90be77069af3ff4214aa8ee84b26edeff3a87eb0d8e2dc0
SHA512

88ff974e69207c427ce1c9161489a275c4328ba392da65b268614fd5c66ef9feb10dafe1464dcc5873221de61bdb045dcf47092760c973ec06825158978df3e6

Score

3^/10

execution

Malware Config

Signatures

Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2356	chrome.exe
2356	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe
Token: SeShutdownPrivilege	2356	chrome.exe

Suspicious use of FindShellTrayWindow 35 IoCs

pid	Process
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe
2356	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2356 wrote to memory of 2380	2356	chrome.exe	31
PID 2356 wrote to memory of 2380	2356	chrome.exe	31
PID 2356 wrote to memory of 2380	2356	chrome.exe	31
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 2656	2356	chrome.exe	33
PID 2356 wrote to memory of 1592	2356	chrome.exe	34
PID 2356 wrote to memory of 1592	2356	chrome.exe	34
PID 2356 wrote to memory of 1592	2356	chrome.exe	34
PID 2356 wrote to memory of 2116	2356	chrome.exe	35
PID 2356 wrote to memory of 2116	2356	chrome.exe	35
PID 2356 wrote to memory of 2116	2356	chrome.exe	35
PID 2356 wrote to memory of 2116	2356	chrome.exe	35
PID 2356 wrote to memory of 2116	2356	chrome.exe	35
PID 2356 wrote to memory of 2116	2356	chrome.exe	35
PID 2356 wrote to memory of 2116	2356	chrome.exe	35
PID 2356 wrote to memory of 2116	2356	chrome.exe	35
PID 2356 wrote to memory of 2116	2356	chrome.exe	35
PID 2356 wrote to memory of 2116	2356	chrome.exe	35
PID 2356 wrote to memory of 2116	2356	chrome.exe	35
PID 2356 wrote to memory of 2116	2356	chrome.exe	35
PID 2356 wrote to memory of 2116	2356	chrome.exe	35
PID 2356 wrote to memory of 2116	2356	chrome.exe	35
PID 2356 wrote to memory of 2116	2356	chrome.exe	35
PID 2356 wrote to memory of 2116	2356	chrome.exe	35
PID 2356 wrote to memory of 2116	2356	chrome.exe	35
PID 2356 wrote to memory of 2116	2356	chrome.exe	35
PID 2356 wrote to memory of 2116	2356	chrome.exe	35

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\resources\app\node_modules\adm-zip\methods\index.js
1⤵
PID:1732

C:\Windows\explorer.exe
"C:\Windows\explorer.exe"
1⤵
PID:2580

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6239758,0x7fef6239768,0x7fef6239778
  2⤵
  PID:2380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1164 --field-trial-handle=1260,i,13326066507005472683,5906196979701514209,131072 /prefetch:2
  2⤵
  PID:2656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1500 --field-trial-handle=1260,i,13326066507005472683,5906196979701514209,131072 /prefetch:8
  2⤵
  PID:1592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1624 --field-trial-handle=1260,i,13326066507005472683,5906196979701514209,131072 /prefetch:8
  2⤵
  PID:2116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2036 --field-trial-handle=1260,i,13326066507005472683,5906196979701514209,131072 /prefetch:1
  2⤵
  PID:2128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2336 --field-trial-handle=1260,i,13326066507005472683,5906196979701514209,131072 /prefetch:1
  2⤵
  PID:1648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1456 --field-trial-handle=1260,i,13326066507005472683,5906196979701514209,131072 /prefetch:2
  2⤵
  PID:1788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1276 --field-trial-handle=1260,i,13326066507005472683,5906196979701514209,131072 /prefetch:1
  2⤵
  PID:2620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3340 --field-trial-handle=1260,i,13326066507005472683,5906196979701514209,131072 /prefetch:8
  2⤵
  PID:1888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3580 --field-trial-handle=1260,i,13326066507005472683,5906196979701514209,131072 /prefetch:8
  2⤵
  PID:1552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3596 --field-trial-handle=1260,i,13326066507005472683,5906196979701514209,131072 /prefetch:8
  2⤵
  PID:2744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3240 --field-trial-handle=1260,i,13326066507005472683,5906196979701514209,131072 /prefetch:8
  2⤵
  PID:1080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3816 --field-trial-handle=1260,i,13326066507005472683,5906196979701514209,131072 /prefetch:8
  2⤵
  PID:1672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3660 --field-trial-handle=1260,i,13326066507005472683,5906196979701514209,131072 /prefetch:1
  2⤵
  PID:2876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=1632 --field-trial-handle=1260,i,13326066507005472683,5906196979701514209,131072 /prefetch:1
  2⤵
  PID:1976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=2344 --field-trial-handle=1260,i,13326066507005472683,5906196979701514209,131072 /prefetch:1
  2⤵
  PID:1564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=1160 --field-trial-handle=1260,i,13326066507005472683,5906196979701514209,131072 /prefetch:1
  2⤵
  PID:2752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=2368 --field-trial-handle=1260,i,13326066507005472683,5906196979701514209,131072 /prefetch:1
  2⤵
  PID:324

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2400

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\42c92bc5-fbf0-44c3-9e0e-45cf798d8127.tmp

Filesize
274KB

MD5
1b598d891d824dd36c882c9d1159a844

SHA1
307003198ec3ac421ef9c770235f672d8892aaf7

SHA256
cc240ea2b2fbc10354cdd09209d104e2d7077729f980f4190b638bd0f89c1feb

SHA512
65db83a09a9c45ede68a205991a0f55284ef4680131097059c8d7ff3f53ad46a011181649f762152a9b2ad3adea7544311dcea346ec9247813c701c118d8e194

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
987B

MD5
fe97d38d1649535d505e37551f5f2af2

SHA1
c8374ad261fcc0ce8f3a8733b9c5889a8d7412f0

SHA256
8028ac8c29fe09e0645fa5d97bf443bb880cb155f23eb71aba250ee2b4be99fe

SHA512
bd8f8466b0bad9941268f21062d97f239415cc6312f9dd9554314ddcd317a6805b9b0fde530747261aa36bfea6c3194e78ce385277e82bcd4137d00c52e4509b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
361B

MD5
c45076cad5dab910f4dc53a35ca2ac1b

SHA1
99d6773398c6135bbb48e0f2bcf6d3c7637462b6

SHA256
8e491dd92354eeeb0dc7dcf746b333cebbc7ce582ecdcf92ac8b088b9ea47f5b

SHA512
e2f9892411703ab0e49c02db3a801d7d43561d38344b9554d7e4334ecb19bf20ca20d38a1403578f82937655d6efcda913253734cf5e18fecc2cc63ad45b2610

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
361B

MD5
f5a9bbfedab94cfb02978626a4ecb4c0

SHA1
e563aff18b122bb7fc6066c987e106777ba83a49

SHA256
61f2c0812a540671056710b74c3c3be533287d997d0cdf6e956454fa4e835da9

SHA512
78796280f3598e574ea4bf199f1933e6fbe41acbc009de8e3bce798e279d0b331175b6ab241056d71124f8e1e03e4d659b9f7db0f0dd144efaa54c0c5267b8aa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
3ca59636975dc88017be10f0105e556f

SHA1
15deaf7f4125d130f7fe9643c72afb16a68ac2d8

SHA256
633b9980a3f009cd7a11d578aec9ce3a401bc73d0c3cf9c3cc47115823a95529

SHA512
344b0988347aac7d602640ac46db592ee935d89da1602e204c540d5b4cb9d9a2c72eba5da121f46abd0a83887099957a9ea47afb8e9482322761219e414dc4d5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
d89222d401adc21920beefe42a26d2ff

SHA1
4262f8b72de99612f0d1bc83e8e7dd6902ba19c0

SHA256
117183395e6f3af435113241880e8be70a3e61d563e7fd09e0657c703cadaea7

SHA512
0435e722a7902e4a4a8d8fce1bc9e68fee78c4ef5d44e2a88641e4dbb13524fa68a1abf454e24896d615de14ead4546a39d203698a726d63d61dc02b7cb77b84

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
d7598b6165840ad349b01323bdf9f358

SHA1
b2f5ff6338f01b2de352042164a1598dbddbb289

SHA256
d17314b0431b625eadee87c4eee7305738a48f8e2170a03a1fda1b46e17dd23b

SHA512
6412faa08b6fa118656231d14ba9a57f233ed370ac68302e2ecaca883525f5267a0931d91ffb879bd8014273b503c4e21210b74449800ac0bc8a7c24698f84b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
274KB

MD5
e83d6bc5fe35850f89c67f230c851833

SHA1
723edf470bdd4597cfa598b94e43f1435373665e

SHA256
8f843117bc5d45473de141cdd83bc8cc7fcacc3131772ed29b2b1a74a3c7a520

SHA512
24bf3d01699623b9ef2e952a08a895c0aa77dcbc21e56ab2b456c058a3ee827c2adf82601fa8220f5385c97466ba7cf538cae18d6782c63f99a7b13c4ac05bb3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
274KB

MD5
66b29e388d851811a635eb353aef926f

SHA1
4b5edcf6921aa72cddc18bb5ccbe43fb3263c4e6

SHA256
caed1168fae1fbd7b9bcca6d4bfe97ba5c0478c839ed1f09fa0410c0b888ea64

SHA512
1f5c37712049ee0f407db2f78b85eb5654a5f922749f0c7ff1f191b999c0f03d5319f0d1e66bfe48dd15a2d15d015b09b0d2c9a27ba41fe954b3762af17c20aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarDC90.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit