hxxps://kdrive[.]infomaniak[.]com/app/share/1139471/2ad970dc-2197-4ff7-8509-a6c52c5dee76

Analysis

max time kernel
149s
max time network
141s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
11-06-2024 15:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://kdrive.infomaniak.com/app/share/1139471/2ad970dc-2197-4ff7-8509-a6c52c5dee76

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133625927810988464"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1552	chrome.exe
1552	chrome.exe
680	chrome.exe
680	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe
Token: SeShutdownPrivilege	1552	chrome.exe
Token: SeCreatePagefilePrivilege	1552	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe
1552	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1552 wrote to memory of 1096	1552	chrome.exe	80
PID 1552 wrote to memory of 1096	1552	chrome.exe	80
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1532	1552	chrome.exe	81
PID 1552 wrote to memory of 1356	1552	chrome.exe	82
PID 1552 wrote to memory of 1356	1552	chrome.exe	82
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83
PID 1552 wrote to memory of 4700	1552	chrome.exe	83

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://kdrive.infomaniak.com/app/share/1139471/2ad970dc-2197-4ff7-8509-a6c52c5dee76
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd7e24ab58,0x7ffd7e24ab68,0x7ffd7e24ab78
  2⤵
  PID:1096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1696 --field-trial-handle=1760,i,5833921950643783348,6548901581409993744,131072 /prefetch:2
  2⤵
  PID:1532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1760,i,5833921950643783348,6548901581409993744,131072 /prefetch:8
  2⤵
  PID:1356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2224 --field-trial-handle=1760,i,5833921950643783348,6548901581409993744,131072 /prefetch:8
  2⤵
  PID:4700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3064 --field-trial-handle=1760,i,5833921950643783348,6548901581409993744,131072 /prefetch:1
  2⤵
  PID:4300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3060 --field-trial-handle=1760,i,5833921950643783348,6548901581409993744,131072 /prefetch:1
  2⤵
  PID:4104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4700 --field-trial-handle=1760,i,5833921950643783348,6548901581409993744,131072 /prefetch:8
  2⤵
  PID:1892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4456 --field-trial-handle=1760,i,5833921950643783348,6548901581409993744,131072 /prefetch:8
  2⤵
  PID:1064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4396 --field-trial-handle=1760,i,5833921950643783348,6548901581409993744,131072 /prefetch:1
  2⤵
  PID:2164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3340 --field-trial-handle=1760,i,5833921950643783348,6548901581409993744,131072 /prefetch:1
  2⤵
  PID:2200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4924 --field-trial-handle=1760,i,5833921950643783348,6548901581409993744,131072 /prefetch:1
  2⤵
  PID:1468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5068 --field-trial-handle=1760,i,5833921950643783348,6548901581409993744,131072 /prefetch:8
  2⤵
  PID:1952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1792 --field-trial-handle=1760,i,5833921950643783348,6548901581409993744,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:680

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:2524

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
7ed6e6a33ad981fc88bbce96de98ab31

SHA1
5384edebf431e53cb9f28383ac4e7372dbe69b0a

SHA256
e4142761212891bea6e036b454587f9df2807633bc4b228c61896da6889cee69

SHA512
2bce9578172162cf5c71be32de62e0acfe69270e85461eeda61a569241df70f8ac5e91a75dc9631e11cb74a5e18f817a146c6a988d82c45dfdead79ad9bb823c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
960B

MD5
1e9499ca88c782ed6c665a79e6f2f1a5

SHA1
cb6929583a264d304a753ba90efca560d0624607

SHA256
04db41fd6d18a90e24279a69472f0fcbcb23e4cf86bb178198d824a44ece78e0

SHA512
38520054cb0d9f454720304c17ad4f36d7b64f9b1823293d3cc11778619615ce9f27710597b64d2245194899dff3bd9562ffb7e4cc8e7d0c20308b606036da80

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
ce7dc6aa2d75bf4aceaa9d76ca8c4b5b

SHA1
b88320e917123cec953575e8baea61e3ee5869ea

SHA256
7ada9970f70eadb98eec21af48fea939584fc4fa9bf9b340ca1f65c3295d6f0f

SHA512
df12e39be523b04a2fc88fdb68211d578b2121ed38cc8e55ed678e4a73bf7735132e59b4d44daa22e229140f731c0462fc14e92f47c78611496a28312510c411

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
b887b49b58485a0ccc7a08da2596c557

SHA1
455182dbba54826a14dcb3e5317a84cecf445d11

SHA256
0b315f5b533394da94aa9479015cd476de40057779a17199c72638d56ad6bef6

SHA512
4bb4bfc2ebed51f1bbd67ebabbac77af90f8f3615534461adb8ee43358e0b17924fcb672368108fced8649ecf453bba61702fb445f26370a199d64c138d05994

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
574440f979ee2cf937e0f95aa832b41f

SHA1
d257a6ee59c010c86764caa2fd8f28341ef9e110

SHA256
85dbc567e19a1a7fc57ceab1dc4071004c1727dc338e656d6dd39cedf28bed8b

SHA512
8193ae373617c50d69e868a733303fca0045fa7e874b9816c9f86d7ddd61fc8580496b211fcddce6a37c370278b0f6bc2d61b04bffc9dffbfce7f0150706c3b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4f82c38f5720915e5832a3691c704160

SHA1
b7f4e4091b7df5cbab51c605f8e581d8be8b30ff

SHA256
dd65254014b49350ff3079dd149d118b479d9bd577c9c22326ad30491862dbf5

SHA512
8f495528baad3260df40c4fd766be160c1ad1080f6bff4803414a265e62ba36bc80a23087e70f6582125c9628112bcc5c6ac19ba2a391914aa3588ed2ba0130e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
5061c43a7dbb6370f3fbc4032f343e73

SHA1
dae138a07e78b0847bfbea91716aea53b2729131

SHA256
919bbc19f7380011c0b307e229c671b95ddeafe1d7a63295bff4b5a6bbebff02

SHA512
85b503712cf180affeaa14b5134cbd59400eff026c10af3259d7162c28476fccb565ca5a270e17e437c790ad3f84a05b47bef1c4e2d885f380cceae4235c2d35

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4276974a9cb76aed269770448655bdca

SHA1
d8934882a509cd9fcd3befe46a3a7fbc53d02896

SHA256
81e2a66cedcca9cec99ca53bffd6fd1c6b384e54abd664d9a3996165de95913a

SHA512
dd0bcaa5ca7dc3d4cfe648f04652db57c753a43bb8ba3a86a36bcc167c681b6572c2a56cfd834a33a2f398913e84b3c853ac3ba645e37d4b96d29f14f89903e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
48639b77034ce5f91132bb795dca1a03

SHA1
9a733d1d7b216e543955ff254da374e104314a1b

SHA256
07f0b9e825e38a27d3b1999f7861b3fa6078601d2f090bd7c338f7332a66a7f0

SHA512
4a15d10ed936edb4f37f9ed4d812779fc29101ae4829b4fa86d3b4a36bf58e6044a85cfbf8c70c4abf093a0f8a84ea341f9c904cfee9829c6b59b6bbf2bddecb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
5f6d71a2297d37671d27d3f1726f9e92

SHA1
a3c9e5866b1f50f24a85df063630545e9601af23

SHA256
866e91489e85d48e68bae1afa8c62355896bf7f44f161586454fbd02b6f26f97

SHA512
e7c927cbf567b63c76c846e7a53037382067b5e7a6909cafaee73f4365172c84875b088257cb2687e6dbe9e0124abad1c20ec4ebc428e396d441b883df6419cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
227826f6dd8971093855bb6773b5ba54

SHA1
eacec8bd3d0d674b0914e8963767de6a99cd977f

SHA256
a5470c5170680b41ae9d6ed60fe632ac36aa8c378057820193b4f73a20cb8251

SHA512
0f44d77374c3e1baca8753151d55dce17130c1ab05c567cfdc8794d384d75ac203f6933a27cfdfb6bc09f905690b22b4c95e533c7bfd92f7ae01a68ab3821300

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
54937b863fbcea9f807bb977fa1721a8

SHA1
57995b85a5edb9a548e12428b3b4928ba47bdda9

SHA256
929cde07144ec7f29b12af9d1783d4ccd409f6c17314d1308a57d0d7199eaac9

SHA512
e6791413db9b8edf1da3cbc2fcdaaa6aad66be18471cdde2e8e606ce300f5777f9535af19702282197bad4865c37b1aa2c4f29a18cd51ebc4dc0bc009804960a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
91KB

MD5
2239b1ec9d0ae133ca483ac54d28b5ec

SHA1
90bfd6101ec4b0d654c42c00a211e275d669e410

SHA256
887abc024cb6b7d55921ee11e7e4e9a245b6dd1755453ce77caf8c99f5b050a9

SHA512
4afdfe3fc6e2d84d3117e5bffe26ad95e0053792de2e56741cdf9b96a4f1a42d630d176dda7797275a46fefa498339ba24e5bfd7322c3e2f5c3e98141c58ff1c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57f31a.TMP

Filesize
88KB

MD5
c117913305b5ccede0a8bcf9c44d8b18

SHA1
35b213ba1d30804a935221efa26107a36fd4be48

SHA256
f3b49a95bbdb13c7cb39233550bbba6b89bbda243d3bb38d83a83f1d6469d28f

SHA512
d4403b239c788b42842764dce57410d5a697164d427fed40c6fa9f0f7659987db77bde409372808e097c4716920bebf471981a8dcddc73a98b5883b4fc57c550

Download Submit