hxxp://socorro[.]tur[.]br

Analysis

max time kernel
299s
max time network
295s
platform
windows11-21h2_x64
resource
win11-20240611-en
resource tags

arch:x64arch:x86image:win11-20240611-enlocale:en-usos:windows11-21h2-x64system
submitted
15-06-2024 02:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://socorro.tur.br

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133628939922311291"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3192	chrome.exe
3192	chrome.exe
4520	chrome.exe
4520	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe
Token: SeShutdownPrivilege	3192	chrome.exe
Token: SeCreatePagefilePrivilege	3192	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe
3192	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3192 wrote to memory of 2416	3192	chrome.exe	77
PID 3192 wrote to memory of 2416	3192	chrome.exe	77
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4720	3192	chrome.exe	78
PID 3192 wrote to memory of 4452	3192	chrome.exe	79
PID 3192 wrote to memory of 4452	3192	chrome.exe	79
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80
PID 3192 wrote to memory of 4464	3192	chrome.exe	80

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://socorro.tur.br
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffaa71cab58,0x7ffaa71cab68,0x7ffaa71cab78
  2⤵
  PID:2416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1628 --field-trial-handle=1820,i,6480845594570114390,6287048731619543523,131072 /prefetch:2
  2⤵
  PID:4720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=1820,i,6480845594570114390,6287048731619543523,131072 /prefetch:8
  2⤵
  PID:4452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2144 --field-trial-handle=1820,i,6480845594570114390,6287048731619543523,131072 /prefetch:8
  2⤵
  PID:4464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2776 --field-trial-handle=1820,i,6480845594570114390,6287048731619543523,131072 /prefetch:1
  2⤵
  PID:1384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2784 --field-trial-handle=1820,i,6480845594570114390,6287048731619543523,131072 /prefetch:1
  2⤵
  PID:1840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3952 --field-trial-handle=1820,i,6480845594570114390,6287048731619543523,131072 /prefetch:1
  2⤵
  PID:3736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4704 --field-trial-handle=1820,i,6480845594570114390,6287048731619543523,131072 /prefetch:1
  2⤵
  PID:4768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3972 --field-trial-handle=1820,i,6480845594570114390,6287048731619543523,131072 /prefetch:1
  2⤵
  PID:3872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4900 --field-trial-handle=1820,i,6480845594570114390,6287048731619543523,131072 /prefetch:8
  2⤵
  PID:4672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3060 --field-trial-handle=1820,i,6480845594570114390,6287048731619543523,131072 /prefetch:8
  2⤵
  PID:2516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4888 --field-trial-handle=1820,i,6480845594570114390,6287048731619543523,131072 /prefetch:8
  2⤵
  PID:2044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4380 --field-trial-handle=1820,i,6480845594570114390,6287048731619543523,131072 /prefetch:8
  2⤵
  PID:1416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4388 --field-trial-handle=1820,i,6480845594570114390,6287048731619543523,131072 /prefetch:1
  2⤵
  PID:952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1444 --field-trial-handle=1820,i,6480845594570114390,6287048731619543523,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4520

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:2556

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
48KB

MD5
ea0b016133d497668ce918c0a3160293

SHA1
33df67d7287ad252cabb9e97915a286c961a7176

SHA256
1dc2905629c37e5699398bfc02939f91f3edf4cba0df0119496867f2f4f019e6

SHA512
acfd3595954fbcee14118d4ebc17999367fd8de11982102a9f6f703f5b289ef841dff18bb4d1279a7e001e37547517dee5c65174db0a09d85d1a4d72a53c440c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

Filesize
1024KB

MD5
20eaf6f70387e041bcfcc89afef09485

SHA1
8bb2aa4d92c2b535e5e4cbd713d466b96f9d5580

SHA256
eed48a88e21df16054f91e3800ab1688a1fe342df6f3a24843e64b46f7826f6a

SHA512
6c0c15a2b837c3387ec155b0ae013ff4fe66c3532e7d153d22113be473ac1a445b82b60223fd2d8d7387d0d1d871c826ac731b13587adac06bb38fb669a72fb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
9e4129db079ad9a387908166b1428266

SHA1
4ffbb9c498d6bacede01e2938c3dc3d0f9e4c7d1

SHA256
914736fdccb62614954cbd6cf36794d0813c18fd83c1b32fb8fcd0512d83d9b7

SHA512
a0daa19cab604430507428a1d1fea566a2a2fbcb6a3a2cd94f03f855c3baefc9cab707774c92eff1a744ab97c1f5563a711bfbed868a5a04ba57b255671fc808

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
bea915103bc096f5e456af7b9e9b1b32

SHA1
5a7959cafd0671a8207d9478c114b46dffcf6b48

SHA256
0569a2a7078a07919f5624813bb739d9e28597d0ce07f3e9848ce17b774903e4

SHA512
e4225915ffb8dc765d0584e9978f38af15e85755c239205f3fb3792b3c2e5e71099e04e0e731b5f44272c92459eddc4c784435c29caffc2e2fd34a25b6778611

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
4bfbc61ab4feb5a4687a0d1f5ac25809

SHA1
82a0530031285987cfbd723d6ddaa4bf174cce1f

SHA256
e125e555865f027684e518ca523431c65b0baef8da3e578d6dd29522e283e829

SHA512
81195acc1680efe2a97e86568e897296a8ff630b26e02ffcc2f63251e3eead22b41606382a449397b973fdbef01191e02e66c22e8ed6ea6591d16b7e7944471d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
98854acbe34267c994bd88150048fbc0

SHA1
d01bed18d110974de10de503e8d737a4aea440e0

SHA256
1c685fb51abc67321f157908503c6300cd7b38b3d4f89d39474a8e33022d51bd

SHA512
07b4f6cad19b24a9db05539e4e99542b39835c280ab110c7408cf6465d85a61e3a2969db476f2e70cd789e706a1d35186d0abae0e7b2d7b555e62b464c1f8d9a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
50d799a3807d4e5fdad37b306abee667

SHA1
f1893b20e9be1abd218ccf12d9d0b948adcd3b7b

SHA256
d35549fdc4216cce8fc3689da41875eff9494a2f43fc3121085a9e69a1cebdbf

SHA512
8c10a633a172cd260cc50bcc8bc5a4c1d9fd0753c8ef525b2f6c0459f35b9218e9f116cff285f9a67bd9c730ccfe2a81a5dc45875aa2941878703a5db590b99a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
4dd6ae50ff9f451f634b694184cddb32

SHA1
347d738cce86f1b874eeaa1c3f7a6168f940e06b

SHA256
8a452620f48d3ae146da79cefe0d8c97151309029e67693688caccf9f623d3bb

SHA512
02f8f0c87fd5f1e6a1120fe76a00fec7df220fc43c7b435f16c46bf6262d04a0fb06dc7e335f1969ed8d67d77827ecee580c59919a082fb55fb498b9960a8094

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
cb502d78ee4640ab8ce59acb2b31df40

SHA1
c2ac279fb5ac0260230c60238569c97e18bb9d6b

SHA256
060a16c94cb9250282d8692eba8aeb385dd04e3e6377591704bfcbe0178d988d

SHA512
b33dcd25e0687b2cb8232273eb5d57c7d2645959e34b2dcb1d8f1694e956563f6d510829ff13750dd416dd9021a24039ac855995f3cb68c2a7c5b7d91f5ae5d4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
4cf6a3a32b36bc3aea2d7d5e88f1f34e

SHA1
836f0030b578e2dbd3d5a3d56d8008c90214cdf8

SHA256
2f0d35e93a37c6325772ae9cdbff21b35dd3da8bdd408d188388795822f58e9f

SHA512
271b21679e5032f7286073cec16424a161a5ccaa472faa7d228e311e66a6d2fcfae2d32d30f8d54920dccfbb567a352294900ca338d942775773c2be189a26e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
c7cd66b49f66053e44ca1cd2a4cb9acd

SHA1
b60a4f48395cf7a2211668ad4bd28d85489f346c

SHA256
e253a35a3c55e391af6a3a1801d29c4fd6dddc610779b83edf1ce563f97e8539

SHA512
78df2d7ee7f6fc1b5fb7f60a4db70d010af1f010f20ba7597efaa7cc4e965499da1782aebee8ad00b4505e31aa597009fcff99e72543c7cc9228c9409ac8584b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
bdc9e9468ff59ac6a50ac9ca9e21e3e1

SHA1
8b3962253f2e8bcc70cf0461ef988e2444fddcd3

SHA256
ae0b196b2fbea86dc2e23a6a1d81a70e128335a951088f5f0892482bca8cbd5f

SHA512
0b7e2f5cbcfcd3a140a4db2c0027fd059ecf6550f35c5d0a7d3321ef7e99576a17a48cc6c0c32b3363a13291b54825743654a9193958c70d74a348eb7ae5c039

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
c8dc8509cee5dfdb44f2177b7e81c88e

SHA1
e9dfa63a1da87e4f7615e77b637485d1e66f7b67

SHA256
6546fa7ed55e6f0d407c09e575a0f06a410c44549c2e952c2cf39682ad569d5e

SHA512
6ebae55a012e8dc849655516e94f55c3fb346a3f6f6fdc55d83672314ccab449396ce6d6c2a1de09494fb140c4aa902476def42f1bb47165452a44daf6b03c3c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
138KB

MD5
7f53a1679c308ad8d5813b3aab32ef24

SHA1
19e320b9f5aa8b03f980b7fd3b82728f78d96ddb

SHA256
27f7dce9afc6b2310b7715a05252c8ddb89a597efe191426c3f3c99fb75f6df4

SHA512
a4e0d543de311da4b6ccd57aa35fd535fd02c40bbefc85186ef45daf73393ddfad1be8ee1dad96ff5cc3d0617461c2c1ab8b75e8b5e1312711904e2d73646ac5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
138KB

MD5
3f833484c5c89c0fe71b1f60d5da0eab

SHA1
bb1f22a88f9b6cbefa3a94e12c7adb81be01bcbc

SHA256
50280485a6162f7a8d5aa3dc45dae5fed49d0c5ba3dcf13c97ac5bcb5f8c7725

SHA512
e7288126466a52b72a0d12170043881be45d57cb4fc02acd69dd71fc179dffa8e998df0d816ee296ca7d10c5aa67383c51cd7101d4a058e813b1ffcbb4570599

Download Submit