hxxps://www[.]youtube[.]com/watch?v=aitVHsg0rWA&t=697s

Analysis

max time kernel
299s
max time network
301s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
16/06/2024, 10:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.youtube.com/watch?v=aitVHsg0rWA&t=697s

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133630084312864329"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3808065738-1666277613-1125846146-1000\{59A77FF3-300C-4E8B-93A2-7E003CB85D66}	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2644	chrome.exe
2644	chrome.exe
3568	chrome.exe
3568	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: 33	1384	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1384	AUDIODG.EXE
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2644 wrote to memory of 4380	2644	chrome.exe	93
PID 2644 wrote to memory of 4380	2644	chrome.exe	93
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2768	2644	chrome.exe	95
PID 2644 wrote to memory of 2096	2644	chrome.exe	96
PID 2644 wrote to memory of 2096	2644	chrome.exe	96
PID 2644 wrote to memory of 4104	2644	chrome.exe	97
PID 2644 wrote to memory of 4104	2644	chrome.exe	97
PID 2644 wrote to memory of 4104	2644	chrome.exe	97
PID 2644 wrote to memory of 4104	2644	chrome.exe	97
PID 2644 wrote to memory of 4104	2644	chrome.exe	97
PID 2644 wrote to memory of 4104	2644	chrome.exe	97
PID 2644 wrote to memory of 4104	2644	chrome.exe	97
PID 2644 wrote to memory of 4104	2644	chrome.exe	97
PID 2644 wrote to memory of 4104	2644	chrome.exe	97
PID 2644 wrote to memory of 4104	2644	chrome.exe	97
PID 2644 wrote to memory of 4104	2644	chrome.exe	97
PID 2644 wrote to memory of 4104	2644	chrome.exe	97
PID 2644 wrote to memory of 4104	2644	chrome.exe	97
PID 2644 wrote to memory of 4104	2644	chrome.exe	97
PID 2644 wrote to memory of 4104	2644	chrome.exe	97
PID 2644 wrote to memory of 4104	2644	chrome.exe	97
PID 2644 wrote to memory of 4104	2644	chrome.exe	97
PID 2644 wrote to memory of 4104	2644	chrome.exe	97
PID 2644 wrote to memory of 4104	2644	chrome.exe	97
PID 2644 wrote to memory of 4104	2644	chrome.exe	97
PID 2644 wrote to memory of 4104	2644	chrome.exe	97
PID 2644 wrote to memory of 4104	2644	chrome.exe	97

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.youtube.com/watch?v=aitVHsg0rWA&t=697s
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffee7ce9758,0x7ffee7ce9768,0x7ffee7ce9778
  2⤵
  PID:4380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1792 --field-trial-handle=1900,i,1475981170673727916,2364326123875897702,131072 /prefetch:2
  2⤵
  PID:2768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=1900,i,1475981170673727916,2364326123875897702,131072 /prefetch:8
  2⤵
  PID:2096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2216 --field-trial-handle=1900,i,1475981170673727916,2364326123875897702,131072 /prefetch:8
  2⤵
  PID:4104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3188 --field-trial-handle=1900,i,1475981170673727916,2364326123875897702,131072 /prefetch:1
  2⤵
  PID:4664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3208 --field-trial-handle=1900,i,1475981170673727916,2364326123875897702,131072 /prefetch:1
  2⤵
  PID:4436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4512 --field-trial-handle=1900,i,1475981170673727916,2364326123875897702,131072 /prefetch:1
  2⤵
  PID:764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4896 --field-trial-handle=1900,i,1475981170673727916,2364326123875897702,131072 /prefetch:1
  2⤵
  PID:3160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3360 --field-trial-handle=1900,i,1475981170673727916,2364326123875897702,131072 /prefetch:8
  2⤵
  PID:4444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3700 --field-trial-handle=1900,i,1475981170673727916,2364326123875897702,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:5172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5488 --field-trial-handle=1900,i,1475981170673727916,2364326123875897702,131072 /prefetch:8
  2⤵
  PID:1844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5328 --field-trial-handle=1900,i,1475981170673727916,2364326123875897702,131072 /prefetch:8
  2⤵
  PID:1836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4860 --field-trial-handle=1900,i,1475981170673727916,2364326123875897702,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3568

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4208

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x468 0x500
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1384

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3744 --field-trial-handle=3192,i,2785050981002401924,4037047756083432660,262144 --variations-seed-version /prefetch:8
1⤵
PID:5972

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
46KB

MD5
3dda883b89b1f31dd1e8e0be2d4250e9

SHA1
ff69000e8307afcb2b4db7d6117b47975f9de06a

SHA256
e60268695e6c66a62ad318850e45954bb22d21f2ae62fe9f0c5490dcb1e69f9b

SHA512
25176c5acc9cf658129508ccc1b7fc8e93777cc59a404caf06a0e0eeb7c10b5276923aa51d56a99ebfd45d9f05b16f598794fb31ea0aa39565770b3c3b8c8c43

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
552B

MD5
6eb667fa01c7035ef590d039bd54ee00

SHA1
dd847e9134cb0faad3e416aa441d5172967db643

SHA256
3134956669e78153e5f57c7b961e778ff658071210f5741cb7e9473c7ce15f10

SHA512
6854bb55718fc56e28bc0f825f9c90f6c81b7009a835e65fdada0b2e9c96d6ad72c1524f4014aa8e2674842987c967be6c08d79569ad0ae3dcf15409619690ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
d4d41e12ccda6f353a2cc9860a200a45

SHA1
be6a506ce98e72843d01f957ea403eefc07f83ba

SHA256
b868e30c026ec32e80259ac767d74e650a9065487f16ea64c4c6f68f05d3d203

SHA512
d8172221e7357c7f166e2ebc2ca3d583fb219158b8f98c387fbe7e9210cf96b668aafb7d66c295db3bccb26b9b8a6ff758cdb0b55d52fed8cef4b4d868eac549

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
db66110c20fd85e7be3f64012c0fa140

SHA1
d5b2b8d3ec1937e81914474212b324f66eb85866

SHA256
914be9984214464f6b86941ac2ffebc59c0cf3ef093121b944d1abe1533fb83f

SHA512
6fc53f7feec004c8ac8db4749928c3609f34a529c52856246338dbbb468dfb640275a9299b46dc32916a681ec135f896c4aa9e4e3cc83389859ea2b7841d3134

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
b2b6203707bb1a3c436f0c958773d3c1

SHA1
6ab4caca64991d551ebb35cb655bddc33809f5b6

SHA256
b876fb234d0468ce0e124ed29a0fc079789eeafa26b2174d02069d7a38deabba

SHA512
cb97e74041596db827aabc32ee00c0ae265a111505f7afce4af1b4fffe40ffce82d203539ded0a5112b6404adafd298be4be294c2088c3119f45f66bc991443b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
6cd97d4542179047c15e9d50da0f35db

SHA1
b7f8893e2c06447a2d70b1abbe3a8a5edfc8341b

SHA256
2d4677506109969c1027833404106ee2437ade350bee31960821f6f6a2ffb2c4

SHA512
14119e194ffde09d9ed85b009a59d9178f92267afb41e4089f2e2737adbbb51cdaac18b538c7ce9b0bfd1610bfd53e0b6bd15e6d682c25c76cf8371633c494d4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
9d75696035361f04b9ec22003901cac4

SHA1
ccfd08f3a3895fe6af7b46f398182f21354b967e

SHA256
2bdd8a23a79134f5bb94977468d503321bbd592dc70acb01458c7d21ed7ac7bc

SHA512
07519fd34cd3eaeb38df3400a8d9e0efc14301cd66855eb80e34c701abde06c2ae58c24833c492171e381fc5138b0fca9b2305741c6ce09d16655bb41d072530

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
707B

MD5
a6d840e6ac42705fa98fa9dfd296e1ea

SHA1
e7b99c2bbfee1261d7c8f92a53bc45b053cb1456

SHA256
352fdca98dc8304191a6232b64f43bca87d568c10762ff2b643eba45faaa2119

SHA512
58ca5201f75177746bcc1d2b7420c829ca45775cd079b336a390a81c53168b54cb66ad8085321307f04131c582504d7161763e6c5ea76ab08d3f06949a3ae53a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
bd2a02dfbf0322260661d000f5ebf212

SHA1
0d30dc74ed151e16841a83ef58ae629119bc11f5

SHA256
8589d4d83a04b409965a3850d6b06c9166c499d589038a681aa00d5d1e7adf73

SHA512
82bb654f275f0a5d878028b80edb06b74ee013ae27b2e1f66e577abac3d066dce6f9aaa67d58ef66cce4457c01588a4a2ba128dd8804b4bd44723c672ff85e06

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
af635b23236c014f4b0812b3df43abbf

SHA1
271379a03737e44241ea88d369209975e7f459c0

SHA256
ebf508c5b3586f3c635dd61aec62b62da2d35e6eca467fc1045e20475d072af0

SHA512
527082e83ee036bcbfba4114ef6571f6760446788debaa37ea5dbe693a1f80f7706653329fa2a1b4b70611472efde4c392aa43f021191d0cf7e1badd69d06a8e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
c2174f32fa8feee834365dc7b600d8dd

SHA1
5c9ab3d5ce8852e186a1e357cccc142f520bab87

SHA256
2f89010fafd9a77a5866f0939bc82582259cf306a8cf1ef21c1e90433d4c2a1b

SHA512
7e697c0d88a70b54b83d66d893d6b85017036636e5f63bb2480db9384c90b9c85c74b97c7f3bb245b58efd62655cf7e4199ba80be763bb51886e5fcf896438fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\26fabdb6-f8d5-4b33-83fd-ae88f00d28aa\index-dir\the-real-index

Filesize
2KB

MD5
3e594d31929ae6e62b5ef6d5b4d8f1d8

SHA1
02591a13f7e4554408f3de1aa553b1ab5fdb1a24

SHA256
d5fa309dbcbaebed67b41199b7c146eb208f65f41664e6766cc7ce31b91e630e

SHA512
954f23bf1d47da4581f9c8fa85a58f77fc9730487fdabb5a20dbf32fcbb1fa6e365354e4104a945eefe09dd8a99c103c8154e0fad03cd0ea96807ffc84b0013e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\26fabdb6-f8d5-4b33-83fd-ae88f00d28aa\index-dir\the-real-index~RFe58a766.TMP

Filesize
48B

MD5
9393a0ce1500e467f4458b0191427ae0

SHA1
833bde6903a85af7fdb7c7f4ab9b570da4bd05ab

SHA256
6627d51d1393b629d957cdcab26a4463e95ae889f8687141c5ceee2d5535e898

SHA512
ae0b6003a459ec299772d6a84b2b60b7a7debb8cf5560f0ff0b32590440252941a8a8a9d787c9ab4be75866a53fbbc488bec0c7ad5a19af24b4938d31ca80f0e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\bb6f52e4-16e0-4645-a56a-147883b4311b\index-dir\the-real-index

Filesize
624B

MD5
a667284e76d5f5f5e02092323bb23046

SHA1
b531ae1f19ee8d6776f77d49e34f6348d90f3430

SHA256
eca1b7c6274f248da7694739e5369dc2d5a5148fd53cb0fc6a3ccadd4f9c3fa7

SHA512
1ffa98abafae11c13a983ac600dfd66e966d0b99190079f71428c6f8a74c239c36c7fedc63ac2dc4a708d5d1faeb220138e5b6f388a9b2550b67c95450baef36

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\bb6f52e4-16e0-4645-a56a-147883b4311b\index-dir\the-real-index~RFe58aa93.TMP

Filesize
48B

MD5
51cbb37f7f8c9836650d0bdc43980fd9

SHA1
613b02d97b300a397c8a874931f943028cc978bb

SHA256
1daa7ee24ba5e48a7fc7daa21185b3d19136e2f9b270ce25a1b776633965190b

SHA512
dfe171baca8424554bca0c3ec34830b31085c5fc95d0db908f5b532084cee7a03e532339c7d199938a873561d553d094beaeb86aae2779ab068130d78af6faac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
80f66b24dfb0bd610cb7550e46d26530

SHA1
84e09fee799bb13b334daf81cf006633aac90ab3

SHA256
f9c00dd6f12a347a8e24cd39226a88a860a5b4eccaef76006622d9e09a2c3fac

SHA512
44f44dcf56e2f049fdf9503f2c8f38ced3ce9f980a3cd34313952d804db51268492b124cc2e2a14e0231271758284eda00093579592de6e39b9555eb41e3600a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
185B

MD5
b07c1b2813630d9eb5315bc60211a559

SHA1
ced741e6b8ed6ffde81a2706c36e1669fe5fef6c

SHA256
3d10fb6bad29a362b1dde319cda9724f27c27ee25bffdb231e4e3709575a4268

SHA512
b99b7018b22277de281fd1afad6ab6b00774eb6732ed942a74f31b4f6a8ca40c7256a0ad7676d5f43f0a83c352b8195fe54be2c7ba83c6dcc3fa8855f48dd581

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
183B

MD5
7b0d18e139128bd8026c19a781bd8eb1

SHA1
b4d01f3444f068b488c10f57ba3d023d1f7dd719

SHA256
f5e5ad7fe0d257ef1af1e41eaf514e3cc583fcf14eba53823f5d78520dedc562

SHA512
10e2d947b9e87075cee09b60b7932df11cbbc50f46f432a685187fbbd108e833abd99ac0f9c2e6cc8f87d50250413b0fbeb9504cf8db688e4d7b67fb6a220073

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt.tmp

Filesize
176B

MD5
e4e169e5b19f42e7732b88112f639609

SHA1
fffa281738ba709d3a17d049abdff77cd6ffa147

SHA256
02a8ba9055ff85e95101f665ee74abc361f80e287fdf4da0d76dfc0ce71a0234

SHA512
ad898c847dc17efbf4eff93af291f8b72d5f0bc3ab39ae9112d2d3521eda076789825e1b33f9a317228e9a95d165322e2d3315d89c6f34be73d395006355f764

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe582c4b.TMP

Filesize
119B

MD5
2324d7cdec3b419ea1613480857b9265

SHA1
e1aa742cdebc6ca85c03ac01cf3659761e4d3446

SHA256
eaaf245ea048ad115a58b8e1781ad0148aa600ffff9b5237b2fee1b008df1e47

SHA512
4a7d18d01c9dde193b5de7645bdbf0e4a7c7b03bc1ff37ecf24ab92e1af2841fc713f55e31fa5b8b352a94c2a46d7795a66cd301ac43a432a8bd79c34ea314ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
d7ed81c9090834955bdbf171c1591d1b

SHA1
099765590dfd00d9afeb586d860889849e54a4bf

SHA256
b650f5be824a7540ca9bf6c980df016c293bc4fc8548fc0cd8d0b01c85a7784f

SHA512
a53c65226b80fc01b673e1395936bd266f906210649be8f085bb08a535cb92720a802b2d0cb91f5a423f4ca48f31e498007a9fe972ffa68a3aed6b7cb2c8af96

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe588b24.TMP

Filesize
48B

MD5
358af130972e4b4293bccd8f7a2f8f8a

SHA1
6e1c96ec746a89031cb60dde799023b7db950a8f

SHA256
cf52a4e3fcd083653a6ed5b98d98e27903b525213262bea8fbc23149a3629522

SHA512
365ef61ec570b74f9d628c492d73daad884cfab2f13a242b4f91ce69551bb8a69ec0500ac387ebf27b0ad92d9531886cc52f07df440654450c902b15f3639f6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\1\512.png

Filesize
10KB

MD5
7f57c509f12aaae2c269646db7fde6e8

SHA1
969d8c0e3d9140f843f36ccf2974b112ad7afc07

SHA256
1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

SHA512
3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir2644_1632997503\Shortcuts Menu Icons\Monochrome\0\512.png

Filesize
2KB

MD5
12a429f9782bcff446dc1089b68d44ee

SHA1
e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

SHA256
e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

SHA512
1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir2644_1846709290\Icons Monochrome\16.png

Filesize
216B

MD5
a4fd4f5953721f7f3a5b4bfd58922efe

SHA1
f3abed41d764efbd26bacf84c42bd8098a14c5cb

SHA256
c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3

SHA512
7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
b309f641a1ef5325d6625db56d0bc0de

SHA1
219ba5d8549e73af6c36d43854fe072cdd90ead2

SHA256
cc12347b4ac6d9377dc4776727da953e798ad80aaf35f452eba013505878127c

SHA512
bd0b8138dc063765dcdcb176477cd5aebfa6322c8114a68d51b2e22d169b7bb666100aa08ec10cb1e091a03e22cb5307950a4b4112a42b02af0ef30b8c59a9cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit