Analysis Overview
SHA256
f987e29fce44fe31665f5054db69f57bdf378fab1eabbfc2f9c7bf47543428f1
Threat Level: No (potentially) malicious behavior was detected
The file file was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Modifies data under HKEY_USERS
Suspicious use of SetWindowsHookEx
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Modifies registry class
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-10 11:49
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-10 11:49
Reported
2024-06-10 11:52
Platform
win11-20240426-en
Max time kernel
149s
Max time network
152s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133624938512151545" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3062789476-783164490-2318012559-1000_Classes\Local Settings\MuiCache | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\file.html
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffdecc2ab58,0x7ffdecc2ab68,0x7ffdecc2ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1540 --field-trial-handle=1804,i,6148597885100390887,5673090145046203471,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=1804,i,6148597885100390887,5673090145046203471,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2136 --field-trial-handle=1804,i,6148597885100390887,5673090145046203471,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3008 --field-trial-handle=1804,i,6148597885100390887,5673090145046203471,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3036 --field-trial-handle=1804,i,6148597885100390887,5673090145046203471,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=1448 --field-trial-handle=1804,i,6148597885100390887,5673090145046203471,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4872 --field-trial-handle=1804,i,6148597885100390887,5673090145046203471,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4508 --field-trial-handle=1804,i,6148597885100390887,5673090145046203471,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4856 --field-trial-handle=1804,i,6148597885100390887,5673090145046203471,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4444 --field-trial-handle=1804,i,6148597885100390887,5673090145046203471,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4632 --field-trial-handle=1804,i,6148597885100390887,5673090145046203471,131072 /prefetch:1
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4872 --field-trial-handle=1804,i,6148597885100390887,5673090145046203471,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2220 --field-trial-handle=1804,i,6148597885100390887,5673090145046203471,131072 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| US | 104.21.63.106:445 | www.ezojs.com | tcp |
| US | 172.67.41.60:443 | btloader.com | tcp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | tcp |
| FR | 13.249.9.41:443 | cdn.amplitude.com | tcp |
| US | 104.16.53.110:443 | otnolatrnup.com | tcp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | tcp |
| US | 172.67.73.78:443 | www.mediafiredls.com | tcp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 44.230.64.103:443 | api.amplitude.com | tcp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | 60.41.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.9.249.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.53.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.42.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.73.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.69.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ad.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| IE | 52.17.55.191:443 | bcp.crwdcntrl.net | tcp |
| FR | 18.155.129.39:443 | tags.crwdcntrl.net | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| IE | 54.220.158.112:443 | bcp.crwdcntrl.net | tcp |
| US | 172.67.170.144:445 | www.ezojs.com | tcp |
| US | 104.21.63.106:443 | www.ezojs.com | udp |
| US | 172.67.170.144:443 | www.ezojs.com | udp |
| FR | 13.39.145.251:443 | g.ezoic.net | tcp |
| FR | 142.250.179.78:445 | translate.google.com | tcp |
| FR | 142.250.179.78:443 | translate.google.com | udp |
| FR | 142.250.179.78:139 | translate.google.com | tcp |
| US | 104.16.114.74:445 | static.mediafire.com | tcp |
| US | 104.16.113.74:445 | static.mediafire.com | tcp |
| US | 104.16.114.74:443 | static.mediafire.com | udp |
| US | 104.16.113.74:443 | static.mediafire.com | udp |
| US | 104.16.113.74:139 | static.mediafire.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| IE | 52.215.133.162:443 | bcp.crwdcntrl.net | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 104.16.53.110:443 | otnolatrnup.com | udp |
| US | 205.196.122.19:443 | download1078.mediafire.com | tcp |
| US | 205.196.122.19:443 | download1078.mediafire.com | tcp |
| US | 104.16.53.110:80 | otnolatrnup.com | tcp |
| US | 104.16.53.110:80 | otnolatrnup.com | tcp |
| US | 104.16.53.110:80 | otnolatrnup.com | tcp |
| FR | 18.155.129.103:443 | woreppercomming.com | tcp |
| US | 104.21.96.72:443 | www.ovardu.com | tcp |
| DE | 18.195.150.72:443 | www.opera.com | tcp |
| GB | 172.217.16.238:443 | www.googleoptimize.com | tcp |
| GB | 23.214.143.61:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 23.214.143.61:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 23.214.143.61:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 23.214.143.61:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 23.214.143.61:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 23.214.143.61:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 172.217.16.238:443 | www.googleoptimize.com | tcp |
| GB | 23.214.143.61:443 | cdn-production-opera-website.operacdn.com | tcp |
| US | 8.8.8.8:53 | 42.215.58.216.in-addr.arpa | udp |
| GB | 23.214.143.61:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 23.214.143.61:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 23.214.143.61:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 23.214.143.61:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 23.214.143.61:443 | cdn-production-opera-website.operacdn.com | tcp |
| DE | 18.195.150.72:443 | www.opera.com | tcp |
| US | 8.8.8.8:53 | 67.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.179.250.142.in-addr.arpa | udp |
| DE | 18.195.150.72:443 | www.opera.com | tcp |
| US | 8.8.8.8:53 | analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| BE | 74.125.71.156:443 | stats.g.doubleclick.net | tcp |
| BE | 74.125.71.156:443 | stats.g.doubleclick.net | tcp |
| US | 216.239.36.181:443 | analytics.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.36.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.71.125.74.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| GB | 104.86.110.104:443 | tcp | |
| US | 20.189.173.14:443 | browser.pipe.aria.microsoft.com | tcp |
| NL | 23.62.61.160:443 | r.bing.com | tcp |
| NL | 23.62.61.160:443 | r.bing.com | tcp |
| NL | 23.62.61.160:443 | r.bing.com | tcp |
| NL | 23.62.61.160:443 | r.bing.com | tcp |
| NL | 23.62.61.160:443 | r.bing.com | tcp |
| NL | 23.62.61.160:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | 160.61.62.23.in-addr.arpa | udp |
| NL | 23.62.61.75:443 | r.bing.com | tcp |
| NL | 23.62.61.75:443 | r.bing.com | tcp |
| NL | 23.62.61.75:443 | r.bing.com | tcp |
| NL | 23.62.61.75:443 | r.bing.com | tcp |
Files
\??\pipe\crashpad_1044_VMLDQDDDVSSCDBAD
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 740841d74d8345119ffc924d46ebf732 |
| SHA1 | e231aa3b6f3601b87247ab23d20b160ca17b746b |
| SHA256 | ea51b20e370118e193507f898df8f81eb189c59d87c60adbd40d0503602fdb67 |
| SHA512 | caf00fddefc21af0c42842dafe267bd5e7e34f95e92e0596090c184abe4cb5a91bb78c94e8c147939d5c4053b930e2a80536927eba5949ea599af49c7f9c4718 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 107d126546f4549d6569859909d361bf |
| SHA1 | 026b311482d581e8829c8b5630503edbd51a0920 |
| SHA256 | c1590fa7e0e9836d1eada574b27c678e42bacf77fad4b9cddb9c60c79767bf97 |
| SHA512 | e1616c3012417af66646d7819ac99c32dc5d1c20284fbef9d512b3754604dd4a4de8b6f8bc65ea054759ed5b529c49947bc521abeb9dd611e60cd3be6d04e58d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d1ddf1dbf21439f4759a4696dadc63a7 |
| SHA1 | 9eb159c1df16657684dda9ec396eaa07ee7f2fa6 |
| SHA256 | 6169e296641773096f6fcf82da5d90b479ded01f1f5c74974d28c24e77f0aafc |
| SHA512 | 109f16cf639ed7bb0256db0e98743ef7f7f9c9b491ac0f720c98a57c31f39202a72ed076de3e3f039a99d61fd7a6198c26b0e427d19f079e60891c0461f4d385 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | bf4c6239db748fc7591c6a28044854c5 |
| SHA1 | 3abe880c1979d24b3e54144283bab0198b095187 |
| SHA256 | 5e256260422179a2831b294dcef2f8abdc7026406cf662fc920b1acf28bb15f4 |
| SHA512 | 7c1b27459c81978956d28295a51bbb66d37e5b59db4f37f475cfff7a0b01c62516de6b26e0fbdee3e355df9479924fa10af8acf67746268245f60c692dba1d8d |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
| MD5 | 2cb9e3f89741961748d38d15dfecc8fb |
| SHA1 | 11f89dfac73dfacb194fa01bf6e7fddb38c1f6d7 |
| SHA256 | e76dcf1390543fde2ae6fd8263e90df10923df9dfe78a5fb588a50654577fd13 |
| SHA512 | 20557311d13320d2f7c8bfb99e49c8af30dbcbace0faaa5101f9ea893a017a55100bf2b3c466c9d9cfe4fa8a8affcef9223a870abbcf571492fa90abd0e748f2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fe20bd65be92182709ad486942d120d8 |
| SHA1 | 6ea2ac189f13b6a0ed1c53a83d790a590e839a52 |
| SHA256 | 3a914819eef1f616ca5c118d119c3086002cb997ad8927ba20484533cfe8b887 |
| SHA512 | 599b6b23d6ab2b90b68dfb1746d05046b5186c37dc06cbd84e155c42cbb05a88c3b7cb9762aa4f070291d9bc0b759b00960d1b11f71bd8c2a010a6787e6b7245 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 970772a0efd099a24d96444e130d97c5 |
| SHA1 | c46796026960878d78e742b5172d7df78b5ed344 |
| SHA256 | 9fa4f18624054a08df8df745990e47b954a7b95adbbd25f0326ac4822f8fe510 |
| SHA512 | 30ffee91b399514721f657dc579cad8d36a93e97f8dbe96f53906a22d4f17d73577d1fc5d7a6ee635e37e1cbe94448995f02e488927cfcf2270c9c7b53b296e4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 410d45514e4e61388952a86795b1a957 |
| SHA1 | 7b4ffac9bb4f980bacfc581947b515faba2a0e7f |
| SHA256 | d0909674427bdab00913fdee0955f614e85713e817ad29e68ca070a6f09170fd |
| SHA512 | 825925770c551faedd105b6b90abb817c4aebab6dec0570ff9db7734cf796c568236a7ebf5b005d4911ed6d6a1c651f2c4473e8c39a1514eb0f4737d7009e4b6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | d84e07c0ca4b80fecd252d16758126da |
| SHA1 | 355bd5482759aa3d36db2a1a6c2be16bbd582157 |
| SHA256 | a1673be034dfffbd8f133cdcf34180f01c8455cee52e428d9ba8c01082146cd6 |
| SHA512 | 133cfeaca0f9cc7fddd9ac2dfe71c4d79e68a8932067719d3d25429e5022bb2bbe64a31ea07e7e787bcda3193a698241c9b309fbf1953b1ecd4530733c8593ee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | dd6304bacb8216a6f8cb0fbcb9a063e4 |
| SHA1 | 65f9669f1b43f686f5275d3c9ceb3cebe9d6a5fc |
| SHA256 | e1b4b1c1e913875e6adb7507331b2d33bfe64ba11992e1605dd44e6935327873 |
| SHA512 | 7856b59e8da82460dc40cb751e546b025c1c66a5a3e8016ece065d5a4c1ebce8b3dddc5ced9a4517c367be7e32b086b4e36452f2418c59f21959a14cda07d1e1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e5193eb4f730c1d92b5b53e4d14786b1 |
| SHA1 | 115729b1d51a0e9bb715d8e443103bff02a3049c |
| SHA256 | ca8c0919d1cdc797a7bb277748e8bef4fc53600549224f2d266e31eb6c1299e6 |
| SHA512 | c744ce1da63a1a15ffd3ae9cf60f602b1de0440fb753a79ac3376095d9de1d6fd16a85543a3a3e5af776de0179bb8030906274e1e2e35cfeb30fcd4ad54e1a41 |