hxxps://microsoftedge[.]github[.]io/Demos/pwamp/

Resubmissions

19-06-2024 23:33

240619-3jynfsxang 1

19-06-2024 23:03

240619-21m3lszgll 4

Analysis

max time kernel
66s
max time network
66s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
19-06-2024 23:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://microsoftedge.github.io/Demos/pwamp/

Score

4^/10

Malware Config

Signatures

Drops file in Program Files directory 2 IoCs

Processes:

chrome.exechrome.exe

description	ioc	process
File opened for modification	C:\Program Files\Google\Chrome\Application\110.0.5481.104\chrome_pwa_launcher.exe	chrome.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\110.0.5481.104\chrome_pwa_launcher.exe	chrome.exe

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exechrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 3 IoCs

Processes:

chrome.exechrome.exe

description	ioc	process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133633117952081699"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 63 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.3254930809\shell	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.3254930809\shell\open	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.3254930809\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Web Applications\\_crx_gpkmcolhnceikobakadkpfhphmboeeog\\PWAmp music player.exe\" --profile-directory=Default --app-id=gpkmcolhnceikobakadkpfhphmboeeog --single-argument %1"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.3050336838	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\.flac\OpenWithProgids	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\.mp4	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.3050336838\DefaultIcon	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.3050336838\DefaultIcon\ = ",0"	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\.mp3\OpenWithProgids\Chrome.3050336838	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.3050336838\	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.3254930809\Application\ApplicationName = "PWAmp music player"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.1477851557\DefaultIcon	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.3050336838\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Web Applications\\_crx_gpkmcolhnceikobakadkpfhphmboeeog\\PWAmp music player.exe\" --profile-directory=Default --app-id=gpkmcolhnceikobakadkpfhphmboeeog --single-argument %1"	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.3254930809\FileHandlerProgIds = "Chrome.1477851557;Chrome.3050336838"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.1477851557\shell\open\command	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.3050336838\shell\open\command	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\.mp3	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\.wav	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\.webm	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.3254930809\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Web Applications\\_crx_gpkmcolhnceikobakadkpfhphmboeeog\\PWAmp music player.ico,0"	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\.pwampskin\OpenWithProgids\Chrome.1477851557	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\.flac\OpenWithProgids\Chrome.3050336838	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.1477851557\DefaultIcon\ = ",0"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.1477851557\shell\open	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\web+amp	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.3050336838\Application	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\.ogg	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.3050336838\Application\ApplicationIcon = "C:\\Users\\Admin\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Web Applications\\_crx_gpkmcolhnceikobakadkpfhphmboeeog\\PWAmp music player.ico,0"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\.adts	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.3254930809\shell\open\command	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.1477851557\FileExtensions = ".pwampskin"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\.mp3\OpenWithProgids	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\.webm\OpenWithProgids\Chrome.3050336838	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.3254930809\DefaultIcon	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.3254930809\Application	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.1477851557\Application\ApplicationIcon = "C:\\Users\\Admin\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Web Applications\\_crx_gpkmcolhnceikobakadkpfhphmboeeog\\PWAmp music player.ico,0"	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.1477851557\Application\ApplicationName = "PWAmp music player"	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\.ogg\OpenWithProgids\Chrome.3050336838	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.3254930809\Application\ApplicationIcon = "C:\\Users\\Admin\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Web Applications\\_crx_gpkmcolhnceikobakadkpfhphmboeeog\\PWAmp music player.ico,0"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.3050336838\shell\open	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.3050336838\Application\ApplicationName = "PWAmp music player"	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.1477851557\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Web Applications\\_crx_gpkmcolhnceikobakadkpfhphmboeeog\\PWAmp music player.exe\" --profile-directory=Default --app-id=gpkmcolhnceikobakadkpfhphmboeeog --single-argument %1"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.1477851557\Application	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.3050336838\shell	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\.webm\OpenWithProgids	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.3050336838\FileExtensions = ".adts;.flac;.mp3;.mp4;.ogg;.wav;.webm"	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.1477851557\	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\.pwampskin	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\.adts\OpenWithProgids	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\.flac	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\.ogg\OpenWithProgids	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\.wav\OpenWithProgids	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\.wav\OpenWithProgids\Chrome.3050336838	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.3254930809\ = "PWAmp music player"	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.3254930809\Application\ApplicationDescription = "PWAmp music player"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.1477851557	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.1477851557\shell	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\.pwampskin\OpenWithProgids	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\web+amp\URL Protocol	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\.mp4\OpenWithProgids\Chrome.3050336838	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Chrome.3254930809	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\.adts\OpenWithProgids\Chrome.3050336838	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\.mp4\OpenWithProgids	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exechrome.exe

pid process

4780 chrome.exe
4780 chrome.exe
2244 chrome.exe
2244 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

Processes:

chrome.exechrome.exe

pid process

4780 chrome.exe
4780 chrome.exe
4780 chrome.exe
4780 chrome.exe
4780 chrome.exe
2244 chrome.exe
2244 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exechrome.exe

description	pid	process
Token: SeShutdownPrivilege	4780	chrome.exe
Token: SeCreatePagefilePrivilege	4780	chrome.exe
Token: SeShutdownPrivilege	4780	chrome.exe
Token: SeCreatePagefilePrivilege	4780	chrome.exe
Token: SeShutdownPrivilege	4780	chrome.exe
Token: SeCreatePagefilePrivilege	4780	chrome.exe
Token: SeShutdownPrivilege	4780	chrome.exe
Token: SeCreatePagefilePrivilege	4780	chrome.exe
Token: SeShutdownPrivilege	4780	chrome.exe
Token: SeCreatePagefilePrivilege	4780	chrome.exe
Token: SeShutdownPrivilege	4780	chrome.exe
Token: SeCreatePagefilePrivilege	4780	chrome.exe
Token: SeShutdownPrivilege	4780	chrome.exe
Token: SeCreatePagefilePrivilege	4780	chrome.exe
Token: SeShutdownPrivilege	4780	chrome.exe
Token: SeCreatePagefilePrivilege	4780	chrome.exe
Token: SeShutdownPrivilege	4780	chrome.exe
Token: SeCreatePagefilePrivilege	4780	chrome.exe
Token: SeShutdownPrivilege	4780	chrome.exe
Token: SeCreatePagefilePrivilege	4780	chrome.exe
Token: SeShutdownPrivilege	4780	chrome.exe
Token: SeCreatePagefilePrivilege	4780	chrome.exe
Token: SeShutdownPrivilege	4780	chrome.exe
Token: SeCreatePagefilePrivilege	4780	chrome.exe
Token: SeShutdownPrivilege	4780	chrome.exe
Token: SeCreatePagefilePrivilege	4780	chrome.exe
Token: SeShutdownPrivilege	4780	chrome.exe
Token: SeCreatePagefilePrivilege	4780	chrome.exe
Token: SeShutdownPrivilege	4780	chrome.exe
Token: SeCreatePagefilePrivilege	4780	chrome.exe
Token: SeShutdownPrivilege	4780	chrome.exe
Token: SeCreatePagefilePrivilege	4780	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe

Suspicious use of FindShellTrayWindow 33 IoCs

Processes:

chrome.exechrome.exenotepad.exe

pid	process
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
2244	chrome.exe
2244	chrome.exe
5248	notepad.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe
4780	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 4780 wrote to memory of 4268	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 4268	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 5060	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3924	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3924	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe
PID 4780 wrote to memory of 3388	4780	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://microsoftedge.github.io/Demos/pwamp/
1⤵
- Drops file in Program Files directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc80a9ab58,0x7ffc80a9ab68,0x7ffc80a9ab78
  2⤵
  PID:4268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1612 --field-trial-handle=1904,i,14382823763636524999,17004139136680399992,131072 /prefetch:2
  2⤵
  PID:5060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1904,i,14382823763636524999,17004139136680399992,131072 /prefetch:8
  2⤵
  PID:3924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2196 --field-trial-handle=1904,i,14382823763636524999,17004139136680399992,131072 /prefetch:8
  2⤵
  PID:3388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3048 --field-trial-handle=1904,i,14382823763636524999,17004139136680399992,131072 /prefetch:1
  2⤵
  PID:2504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3060 --field-trial-handle=1904,i,14382823763636524999,17004139136680399992,131072 /prefetch:1
  2⤵
  PID:3912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4144 --field-trial-handle=1904,i,14382823763636524999,17004139136680399992,131072 /prefetch:8
  2⤵
  PID:3068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4292 --field-trial-handle=1904,i,14382823763636524999,17004139136680399992,131072 /prefetch:8
  2⤵
  PID:2056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4700 --field-trial-handle=1904,i,14382823763636524999,17004139136680399992,131072 /prefetch:1
  2⤵
  PID:1368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4740 --field-trial-handle=1904,i,14382823763636524999,17004139136680399992,131072 /prefetch:1
  2⤵
  PID:4924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4192 --field-trial-handle=1904,i,14382823763636524999,17004139136680399992,131072 /prefetch:8
  2⤵
  PID:1512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5296 --field-trial-handle=1904,i,14382823763636524999,17004139136680399992,131072 /prefetch:8
  2⤵
  PID:3604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5076 --field-trial-handle=1904,i,14382823763636524999,17004139136680399992,131072 /prefetch:1
  2⤵
  PID:2460

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:4380

C:\Program Files\Google\Chrome\Application\chrome_proxy.exe
"C:\Program Files\Google\Chrome\Application\chrome_proxy.exe" --profile-directory=Default --app-id=gpkmcolhnceikobakadkpfhphmboeeog
1⤵
PID:2496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --source-shortcut="C:\Users\Admin\Desktop\PWAmp music player.lnk" --profile-directory=Default --app-id=gpkmcolhnceikobakadkpfhphmboeeog
  2⤵
  - Drops file in Program Files directory
  - Enumerates system info in registry
  - Modifies data under HKEY_USERS
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  PID:2244
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc80a9ab58,0x7ffc80a9ab68,0x7ffc80a9ab78
    3⤵
    PID:2152
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1764 --field-trial-handle=2000,i,4939299245439309981,9819172984957695465,131072 /prefetch:2
    3⤵
    PID:832
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1960 --field-trial-handle=2000,i,4939299245439309981,9819172984957695465,131072 /prefetch:8
    3⤵
    PID:1504
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2256 --field-trial-handle=2000,i,4939299245439309981,9819172984957695465,131072 /prefetch:8
    3⤵
    PID:3028
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3624 --field-trial-handle=2000,i,4939299245439309981,9819172984957695465,131072 /prefetch:1
    3⤵
    PID:956
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3632 --field-trial-handle=2000,i,4939299245439309981,9819172984957695465,131072 /prefetch:1
    3⤵
    PID:3296
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4472 --field-trial-handle=2000,i,4939299245439309981,9819172984957695465,131072 /prefetch:8
    3⤵
    PID:1704
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4472 --field-trial-handle=2000,i,4939299245439309981,9819172984957695465,131072 /prefetch:8
    3⤵
    PID:4692
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4536 --field-trial-handle=2000,i,4939299245439309981,9819172984957695465,131072 /prefetch:8
    3⤵
    PID:1820

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:1092

C:\Windows\system32\notepad.exe
"C:\Windows\system32\notepad.exe"
1⤵
- Suspicious use of FindShellTrayWindow
PID:5248

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
efdf336c3d3a1adb92b2ad84b9e0ddf8

SHA1
d12684bf46d8efdc7fe65d72974a64f8cfc83aae

SHA256
a3b64fe67ea4be6fd1cad4f43ab347f08f3c05afd11552101ddc5f80fd3e31cc

SHA512
d47956132f95e0f8c31b0d8e8b23a7748b4fd39b6acf746e65600499bb6dac8bf3ba64843a090e41066de86eadd02aeb9c1ebd3ab9cdee4bd9d7867febbb696e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
62a432379aaa8a8520ce103fc9b76422

SHA1
34501116e64933fde3d3ad79b6209601792e974a

SHA256
56bfc4155f82dface475c57449842d62af855b5f91cf81cce70194fa7c201825

SHA512
084341307b85902258ac5b10a1ba9e89159fcf1ba4201178988430dab020b0512bfa9da16353d3d236c50261082fc56729f4a4bc6550dca8d73712e621640c06

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
04132351f749c07fb08bc677ad2ab7f1

SHA1
97fa33e38bd684f2d4e1c919c03d283366b41f92

SHA256
243fdd559ece9cbeda0661faa743f1641b83ae285d599740fd88c64fb44ae493

SHA512
42aba9aa45fbd5c296dcf28bdbdf9d22ee27f0608dd1411c8deff25b79fa61465a7e170afd5e9a773f46b606c5519bdcddfc8dbb3472343fa558209527753a53

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
a88228447786bf8e7e2d4b2b47ef029d

SHA1
25e27233b3e02a800d876da5a8727fbc795551a8

SHA256
4aa1fbec1fd3d0c7475f282d5327f14af56665e3964aef6e33acb534f1cc735c

SHA512
c394ceb8027df778572d4c592c8778419e1d4a3646ed4ba3105256ee0a9cbba334dddc6a5d8dc23bc93f9f67ac83c8030e3dd907837cf6bbee74d0d46c2acfea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
67e5b522af39d62df922c849f4c287b8

SHA1
2559dc92b2ad9c5d71eb72fa6cbac6c2d2303f2a

SHA256
29a7d0c243b8b9b7e0794dd47ae5e8efc19b9c5ff42ae34fb0ef2fa2e82a7584

SHA512
ef50196c4c2316c5b9d3cbf37cad47a76f5fc3e55b40e0cf47e96365c9dd13997494d8b59c2c73d3a3d23e52ce15bdab413490f76b8bd59a2e61d835b7e87244

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
28KB

MD5
b0ba82ae4f8eb0e20397644d14764160

SHA1
cffbc1b97f0d898a7fc411015d6948026854112c

SHA256
6797b31c4cd0565184a9ef1559ca0a4ec3918ecb3e23e47a09b152d8abaf0339

SHA512
581f861b87ca5ebaf21071bd68f306219ccb44e38f4f2b0011b0d0fb2cf0da92f10812c2801bddac5aa2264e9eb6ad19ea0f14be7d7098910bae405cdc1e2cfa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
745KB

MD5
51fd92f155f389c6de96e1f5b7acffe0

SHA1
f484470cce852dd095516ac2c00c6746560fd6a9

SHA256
a2e1565644c44dd8e7029ae9a31af81307c53ebd9c5e8ffc15f176802bac59a9

SHA512
eba9830469b7bd04fb69e34d61f49b188a7c19f3bb3283689be45c1b56ccae3705373deb3159cbccd3600f2f97ab578574366938a4bc941e6b3de9500534b5ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
308KB

MD5
99bc4ebaab9b3635f8b5aba96544c728

SHA1
a32355dd6ba82cab865e28ff642eba038c1d673f

SHA256
980c10ea69d56ed02b490ec0cfd332e0d27d254181cf42368024549c001d1547

SHA512
8c2530c958d0c173a45d0fa1b6bd06673e4750ec14fbe5c06d91f38d1a17ada087db0924719cea88b542950a78ddf55faea96a45fe803846bcf450886abb0578

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
34KB

MD5
099033836cd7ed7bb95442d39fbb5985

SHA1
600699a2fa757f07aad0b97216aaafc2f640b97f

SHA256
ca9c2f60325051e3af9f02295d111c5784dde2038e3986f94a258028df8a7da5

SHA512
cc39f475931c4ed4aad3ecc017430f88cf2ada68a27d203bc0812cc4c9ab49b71c26599f2623d8af06378b4eb647ca618a86e4cac0a57824aaf58c2312c02635

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
59KB

MD5
caaa5222d179a24ca5540080c7018b99

SHA1
1f415a7a73a12a4c16f25709504f4e4e4beae9dd

SHA256
b729255f2e984a20fa0f0eb07e08368cf468fd17ff27a7d1dbb4042ec261d8cf

SHA512
71b4f878aa154ba4a8523c2e36faa8dbe3cfafa082b18796d8b69539dee9506253b9e55fc9b71cc2c9027d22ae08587b0e2ddadbc8d3395dbb73584d1ca1ebcc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
41KB

MD5
cfd2fdfedddc08d2932df2d665e36745

SHA1
b3ddd2ea3ff672a4f0babe49ed656b33800e79d0

SHA256
576cff014b4dea0ff3a0c7a4044503b758bceb6a30c2678a1177446f456a4536

SHA512
394c2f25b002b77fd5c12a4872fd669a0ef10c663b2803eb66e2cdaee48ca386e1f76fe552200535c30b05b7f21091a472a50271cd9620131dfb2317276dbe6c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
65KB

MD5
ff98fbe1604b2650a023c90913f19455

SHA1
74f199ad8e25236d5e1359012225fdc64b9af536

SHA256
6fac57b859afb56d347f70627b93996bee154529d6f3747de6c7bd9ecf1eedaa

SHA512
45e789ad0579066ad2bd08bfe142db98abb47a6f6d147b40c7e575dbe7ea0fded6ce81d17ec805fc41f91d17c113dd0c2629bb75e8d0d242d5eee19af81fb432

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
91KB

MD5
68dc38a8d4c69f1bf268a53b13436b55

SHA1
ba42e71b3ba5a866d4060c08f66ecb54f06f3d35

SHA256
f737a870db7fcb9a1f3e848f4101e076dc687f68fa3fa8bcfbf3153b69f219bc

SHA512
6045196fc8e4240288394765009db771d6b037a8033d6fd1af3d29d2d5624a8c515827875dff0a42d2af9cd2d9b6463b75af11d161258d5fa7671daa396c9c35

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
134KB

MD5
387ed93f42803b1ec6697e3b57fbcef0

SHA1
2ea8a5bfbf99144bd0ebaebe60ac35406a8b613e

SHA256
982aac952e2c938bd55550d0409ece5f4430d38f370161d8318678fa25316587

SHA512
7c90f69a53e49bad03c4cefd9868b4c4ba145e5738218e8c445ff6ae5347153e3a2f2b918cbe184b0366afd53b984634d2894fea6f31a4603e58ccb6bfa5c625

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
480B

MD5
04045dc1420e278f7fd7735a8bc0247d

SHA1
6f239c46397a38c42903485dbb15b79ebc2bda2c

SHA256
5c1ad37ecaae4984cce5956cf157cf5079da505ebefc87a23c9d0293e1dcd29e

SHA512
596dbf85f47e85934bb9376d3cfb023daa3acdef9a7e7a5f586f65f90504c16fe07777fad69abb11b8d4692ad8f04b7f6192bd6878fbee74d1a60bcaaabb8f50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
0c59703acfcdd137a0a74578c94adfd7

SHA1
41461191d8fb807c2969640dd17a7e86589a1d3d

SHA256
9753d3bd0f28929e9c3442f2f7ff6f8ecbda6d7563bf5311d8b1655eaada952e

SHA512
36540cb8b42e74fee74bf3f205d3a2b22d9057b063c7f1b8355f9be5f14710f8d86e1428a841fc7d3b478789985d9def7f587b5869f4c104458f973ca56e168d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

Filesize
20KB

MD5
e60499bf08a5c4c258cd2afc22cf97e0

SHA1
f2178a9ee1ca1a12a3ddd571a97aa80e9f703822

SHA256
0c355909ed8c0f745872d8f3519f25e974d389481230d8f08659d40481b3d29f

SHA512
d126e3f5858cbb5d01a6451ffdad7b821e4b62627faf4b85d55345302b8d1a9d4a65a994bf0f1bfcf0c96874dd50beef2671e357b8254f54b0680de70c019ae1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
152KB

MD5
5dde813a50a0706f0e6b4b5cd34bc5da

SHA1
e700c159a63daabef75486529729d3929fe9ed1a

SHA256
8dcb5ea77ea5c5b76f3faab9ced13ecad84ca9c04a5fa93978c52321fb56541d

SHA512
c91fd7ba957d64f998c0af0ff4ce1d3fb1864bc222406aad70c3c0c6711f844b35f5d4e3f92a6c3a9f235603cbea7fb1f6385b0f42d522a672b7a27f1127297b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

Filesize
329B

MD5
a0cc1bc67ec7b51b99c04a3e8c0b1a0b

SHA1
645b2fbae4e4e12ab620890f176db66f0a2eb8e8

SHA256
17d6eee2c006989d81773d26ba2f851958dfc1b2d4fffa1f204ef00b8e2c0a8b

SHA512
824094acddfa5cf0d75b6d47318558879e5acdaffc426439e3ecdd278b75cb9678ceb34168e5614019e6062748a1fd6b611008a0fbf292ac4842edb71ccd3389

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

Filesize
20KB

MD5
e75b8dfba385a2dc2c35255d5f8cf57e

SHA1
23b3444ee43c73b8991959fd7f7061e3a7428412

SHA256
54ed6e0c790339417492e7ffb4e52366d4ddf86c99a4286074860cd5d09cd646

SHA512
0036ed1f5774208980b807ab87132d755059dccf1539b63d99a7109b1339396194ca0da3bf31397bdd82e852d501c4cc516880d1cf69bac45f82ca3e48b53602

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
ffaa41c436240fecb2e0ab36a6ea2396

SHA1
bcf524c25bfe880f9c99ef18f65bb99ec2835b2a

SHA256
564ef3fa04801b3c4a73d80e225e891aa867b31326f3132dbeb5770830a8e8df

SHA512
688b5faa886df30e958209d77673e9aac1a17690bbe71b8e37f1d0f59a17686add89bac3363d56eca902c4a937f940cee1aeac58da3b6ea1d6f89544329638d0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Reporting and NEL

Filesize
36KB

MD5
df902a4c9a82f25f9014cd26411805f9

SHA1
194b5473b759d27de5b2d1898c6cb8f748d86a43

SHA256
2743e5e8f8a45d6f851c99cdbdfccdc529ed25b7d2114babd0a08d9b42725cea

SHA512
c491671095b9a4a4f039713f3690c0a7f135d67f424a603e12d8934a4b8977f4a4694bb1d57935de7e073ea54b7e9c18469a72860df28a82cebaca645daccab7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
692B

MD5
8511b7dbf0985756e78f98d14d2deb0e

SHA1
2a26114a4402f8cf40e54aa8149426a1c1b6556f

SHA256
82d2944e98d762b912ddf238556090191b1a71e4992a7140ae85442f6d406b04

SHA512
f8e17f35f5fa0cd1bee5ea34eb2f1ac5a2323a6e6caf02d9853fc71108fd5e1332e4e90eedea79c16d57f4c3da86446d46409a748947c303f9ba8cabb2bc2ff1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
9ff79b7cc3ce11ee2b870fcbcc41a8a8

SHA1
af8e9461bf00b1daa2b59f2f753a1b4ec8858c31

SHA256
37a22ca48422b68abde575bc5ba1870649e8854f1e52d9f17dc9d9f5b7796994

SHA512
64507784f55ab8c34510a68c3dbaf3d0552d423e3e5173c7d297be86bd2faed28c7a20373e639ff9b15c26199d2fcb161e529074aa1238fd4ae7bc957aea480e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG

Filesize
334B

MD5
5f8459bcc0777e22595c425c654caabc

SHA1
67af3a9eae5d607c4e77ca258b1bc599c4c80781

SHA256
4c933569be25cb80ff88af8fbcb948d010f307117c79a206e2e417e1bc2e0c1a

SHA512
c17b9eb0eaf76c526ed0aebbf563e67d98393b75e60c8f96be06bc1577ff37ddba55dd966f313defd1dbee5bbca8f53d657cf73a865d3ce99c9a954c54688800

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
ff3af24ceed35d1976c628440c082e42

SHA1
6b1c47a63dd28ea44b68a6a59f7d92cba26600f9

SHA256
75467902facec7654ebe9ccb56345aaa4b9438c3f1c0061e04b94f8e8e34e474

SHA512
a1e010c32465cbe64c9ad5b437eb2ffa71a197aaf78c298ffef168379fec71e3f3b372161acc8e9bcfb1fe06e664bd40fc5cacc25b4c06bd6c87997abb103b30

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
c5d5fe25d40ca5ecc75e4ffb6c996090

SHA1
2deab6fb07ff52e733774396cd75b837941dc18a

SHA256
129d399e90326d5db972644c96d36e59d7ad7cff2664936270bc24ff161678f7

SHA512
0c5fed80f24395a758830038b2532e42331f9d7fd61d6f68697536d086ecb480f1078b6ee5d37b5d3d64b914e4df4be8c61c3df5d930a89a7f16a24784cf4a5b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
57d0c3d3aeb002d9bbc1156e41c6d097

SHA1
29296c696344acaeb83df4d3d13781951fee9b66

SHA256
7459bf9a7ba4a3d31aa381d7f5d21ade53e996963f3a15c41ff42dee8b5d6100

SHA512
89df1c42b4283be524245399017aa907be220c3571764cf1c3bb808cd4e683f543fca81b75844a14c6cb28cb8f6e7f1994cb84d6345cda13a3f8c3f5815f8dd0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
00e60bee42ae01e61c24fed39df66af5

SHA1
f719386133a685d6a9a47ed7b44a26fec27ce756

SHA256
03c60cec25775956052e49e3d65e208ccdf30ff79459917d54622a20bf66438d

SHA512
ead8ed7f504b415d874dc7531ba985b05f99fdb7605494f4b658e00f7e7d951b4bf29d65e4a09125d634c1a2db55ba97cd6a14adb8beaea31ffee2d177a9394d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
16KB

MD5
9ef8dbd86b49677eeb3024685034f456

SHA1
da738c8b490eea5e4e3fa9ff7b0e55db298e67e7

SHA256
9f3f158e310feae1c9367960450f06aa0485dc421a4e763be1c47d890e83db3c

SHA512
8e621e3b89b580e5ff79f67a30702b0441a58789cab8cfdb66a30d32ae445978e15be08f1dd34983252a7182edb4f381b923a57d48d88241e7e4b7ac457d4bdf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\607c9ff0ba10c7279144be0aed81fbd9c1c02945\d0d39730-16e4-46a9-8617-c9290aa602c0\index-dir\the-real-index

Filesize
192B

MD5
2830ab5a4ff6910065547e73a605dfcd

SHA1
38c8a5fbd514d7e9b0a912dcfc6cbe0d8aa7bcb0

SHA256
284c54ea6a8f4dd2e814b4a150d88c4ca6e0d2c71c640368ae7193c36f75a787

SHA512
b4b9eae89cf9e26debdb823b9fdcc9cb1155a76b746c620ab35dc9b68d60a9c75d7794eecb3513086ce8582691715a5ca9ce2b3eb4fcadc16c7d87f850fe0bf8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\607c9ff0ba10c7279144be0aed81fbd9c1c02945\d0d39730-16e4-46a9-8617-c9290aa602c0\index-dir\the-real-index

Filesize
720B

MD5
15021aa2b2f80de307b6236755c0d6ab

SHA1
ffe5d4fa76fe05fd3462a3189ae87a61afbb062c

SHA256
032a0b82f097ec4c384d9b0ffcfdf6254831e9b361ddaf075184ad16d5513103

SHA512
4f0da5c768599a7000211c1fdab0b84ce25c151a8efc1923555d9b58926239451f650b68abfc8933772c8b4745111987f4f44654519969de728cbe35ea0d6cbe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\607c9ff0ba10c7279144be0aed81fbd9c1c02945\d0d39730-16e4-46a9-8617-c9290aa602c0\index-dir\the-real-index~RFe57925d.TMP

Filesize
48B

MD5
328a38fd91e10ca7c4db458db4548f6d

SHA1
8748401b404c78110b4c3e5bce04105b2f001d11

SHA256
8c5ba62606d9e40ad99e3778a8824edb61987ba824ffa2dde7efb08edb30e68c

SHA512
2a146849be8f4ce577f0d07a3bd8023fdb76862a172014be1b37f819f2b551818dc0f8964e720317688ac7a29856fa536bbbc1a7f39cc73e421ae3bf3ed4922b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\607c9ff0ba10c7279144be0aed81fbd9c1c02945\index.txt

Filesize
131B

MD5
bafcff75ed936996d5869a00cc6740ec

SHA1
bf01ed534312ffb8163a91a3eb25ba8fa1d562d7

SHA256
500835a31e99d5f7055cec44db45ab19f55dd3a439348d511605aeba85cc0274

SHA512
609138a66e9e56b06b5641b57ddbece96e90f8de9a9e33d7b98bd2194dd07c8d47f4b039322fed9f4ca8abf04d9cdac16e8f5ab672f4b3c8974144cdc45e3786

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\607c9ff0ba10c7279144be0aed81fbd9c1c02945\index.txt

Filesize
131B

MD5
582fde5286df100711e309b21314cc38

SHA1
7afbc8c5f3c12f2d3c9829c7d07e1426caf28962

SHA256
1045506c9c9080e38b7e0aa06514b3bd60b2c0c9261bbfb4f060466c65367e2b

SHA512
5f1a8a195099c6088c772beb23323dea29095b8143bf086c54bdb7f05161d93a6d9c173117dddbc11d0398156922d16c7796ad5651f920e784702ff766d2329e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\607c9ff0ba10c7279144be0aed81fbd9c1c02945\index.txt~RFe57926c.TMP

Filesize
136B

MD5
ced7486b366aed3b62186b6bdc183f50

SHA1
de6f5dc0bc007823c0520a01e0ccc48c394cade0

SHA256
bb9d80b156e05f924781e163dcfa8ea9f5aba64ce233322fe81b3df80e005c7d

SHA512
92d26202dda6051866ad5c33f3c218e138f4efb7e156ded281fdcc9974570d9b2e05798b815e436a9d3cde2dd9c99b10b80d165e21bcff29ce3764cc1d7d0983

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000003.log

Filesize
3KB

MD5
a3104fe3548c027f86f78eef9140ec26

SHA1
6ee97f07a03e40035a1408eb18009f1e1a9c1506

SHA256
5cdec90cea76644a72a4a5f217ef4d6263ada2c72985457dd63644a0e64cf5c0

SHA512
e4d615ad841d1a93d125e4cc9b02ebd6c83bc87000a41909befc965a6fbe302a25027fa87f73e635a54d6afab0dac069908114f860be8b33cce200d08ceb344d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG

Filesize
336B

MD5
721288a67ba3e52786be4314027aca45

SHA1
834e04d1d954ab5cc2df810dadb80b8fe592b0e8

SHA256
5321b2507ce958b1d315e14b8f970ca52586abcba891456f59ce216afc9be0b3

SHA512
735aba077ca0f5d3a0d8b6d5a0d51fc63d1f3344938045b81c2a92e741415d8932b20dde5a0e6565c9dc6dd2c9a688344c958f5b18d660ef53a2db6364512c75

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
120B

MD5
82054c7a217d3c4b1f1639209f571483

SHA1
468accfa57ecc11394a9c29f5f1d9cc9001f02a4

SHA256
9eb86d7f203d04b7b31df40c33cecac177dd5627de74838e687d7405fb19e68d

SHA512
308bad06985c41d7f6e899fa9eacf0bb380fad56ba09e5da3afcc37e703d5e5eb58697cd2d365358232dc6510ad7e91d11dc114c2991645f95932adee5488cbf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13363311808492490

Filesize
1KB

MD5
5664bd10a28444f626c32ba719c8cbed

SHA1
eee80102d2c719d8522311533d1b9b51981209cd

SHA256
1f5a8d1d853a179a7a4cef88715b5b2be06099dc27df92f687d15fa865349586

SHA512
08e9d71225741ec359481b13b09e89ce57de2eb8cf24127d12c129f3b1d0f0359471bcc3cddeb6b86e28f1c93f685051d9cda56063a13910166a67196461ab00

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log

Filesize
112B

MD5
92d1173406eafd0733a7c12b992318bf

SHA1
bf6f7cb4a3d404d48afeb3119c5768154e97b8c2

SHA256
53a9752c853e1d81b469fa4c56788d65ac165a60ddcb791e73242aedf6563a73

SHA512
fc51bca314c266ca7d38ce8e22388e98c66585ece0c0bed609bd05161ee07a0b93591194894890fc049da5f9fae0f77772586a01a2e530fbe6b2ea7a3bb754dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
345B

MD5
bb1282e9306db04bacfea19008b6dbe2

SHA1
a2756afdf4bc6d88475da293dd273715cb61bb71

SHA256
a6803ac38d64d9447265d66077c46a594e331577018a20998e4667879cd6b230

SHA512
1eab3ab2c4f1e8df949f736737ce26a86ed67b2249cd6077fa363b5202b8370bb59d154e4435970c5808904824f70024766bd6610aa81db6b9d7ab99b74e2b2c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log

Filesize
22KB

MD5
92cc015cd6e4363c3d2f8a46c605a721

SHA1
97fe626a4daa6589b32ea99c02c3a3e6a8434095

SHA256
7c6dfa10e6ffa0044fa8f9017ca575eefb5b09e51a8c91f7ce1864387dfb04b1

SHA512
0f38727e3be5083fd47dc8addf493abee7f916b16db48a829c4e6e879c2a99e7dffcb67b08702e09c512d6d5258c3077e8a62112eb6f289605900b6c5fbbfd60

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
321B

MD5
d0bea8561923e3b06982b3358efeb0f4

SHA1
debc4cdb2e8a5b563bbf095f05111ac06f0b372e

SHA256
d778eb621a87193cfffc5a8eb4a8542587cb12ea89540337554055ac6ce55c11

SHA512
33c2ba4ce9258d065aefa6a4a65d9508832283cd73ac2e4d250019caac0a060b6d5c61b54260ae3f397306524de1960520f8812ff66566efb3af2007a5520253

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

Filesize
128KB

MD5
0549d0b0e843463fb88995bbb593120a

SHA1
ef0589257545a116abf03976951a3965e0e3a91a

SHA256
44c4e275f26b75ecb0b612baeb9ccf8c05c9490171a6e0d96b1aef11c132c271

SHA512
570ce209b8e1d22fa48cb48223fc8bc253d4ec9af67542dc35f8bbadd8f9d3c686bc360a9f8049038a16aeba678f6e7fbdacade85f21ff43c78bbea5a0a04794

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\gpkmcolhnceikobakadkpfhphmboeeog\Icons\32.png

Filesize
1KB

MD5
886380ab67ad934e21f6db8a8fc36637

SHA1
f7d76debc0644a033a7e6a4c7fec0b617b116c57

SHA256
a9a46e711b356605ad7ffd019d025c509f5eef23007d3b1576b0e2f9460377f9

SHA512
6c51519d540c3c7c91fdbd5fc2f58dcd658589aff69e21a8b9f26ac5a91cc209cade21c31d961edae5b56532bb18b704e7d1dc566faa4df0ee45dfa43331597f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager

Filesize
44KB

MD5
fe0bf0d40aad684bc6c55914018f7623

SHA1
ed971c33679303376674849b5d601c4016a4071d

SHA256
232578ef89e499c028fc08c9dd9ff4dead31bfb297952ff14b40dfaedfcbfe89

SHA512
4b464d670d68f785355a85ee021751cc30a58f52f46f88038ef2687176fdc6131612dcecfd1e745776485601ae4f2a8b49ae28063a1f6268102a997d4d278e13

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager-journal

Filesize
8KB

MD5
9b6a384715ce90b3b207ab6535c45e34

SHA1
bc72c249fbcc35e8cc66a7fe6dfd161d732101c9

SHA256
f61145fee41fab3a3c24c6e47f31d5e8042a2b4af349c73143dff9d81f465d85

SHA512
a771c3494157c17fcd79e84798fa4acf0ddf351da8d5862033529ea8273a22c4a6eca1363abafeed43c6a01fc36817d164042a426ab108c4d5a4c5dbe83376c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log

Filesize
1KB

MD5
ccb448d447db8e17cf25fb16284a5265

SHA1
03a9777a4d845a64101ef2425236f44aeec2f8bf

SHA256
5bed11b6130bce7713e739debf07bca91979bec75634faa2317bbd794e151180

SHA512
cf40fa127ed0aa6a56db8e62a808dc273e3349742d0f0d92993739986e859848efa8d19cb9021ca40b6b513c2af9a5657fec5219ed0dbaf78c34e2161d345da0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

Filesize
320B

MD5
09803fd5c4b943f7be99b5add0cf3951

SHA1
52d8312090149b34b9d1e1589b050e5d66156d27

SHA256
94ed56b3b316e047bca32a94973098a15f726c58c2fc28ac4a08ce358318f168

SHA512
79ab64f75293d0ebd3a70741e3b3454828332efab4d4c7c8efa22fe0eb7819efbf14804d25490b401f7eccfbfb00533a22bba9c8d208fe2e4b1f99e79b694285

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log

Filesize
889B

MD5
23bc6d6f3609aa61d92dd839f68489d7

SHA1
bf6efdeec808b20970dce0363ba9b5b42aafb20b

SHA256
2f240862566e4ef1ce34da50db812c172905a525037d8fc9958aeb9e36c5b1bc

SHA512
ac8bc531248793eba38ed4418607d30edee0ed520ec928188a14beadd30221e876db0e7ebac30c1971706db77a40f74f65496bc9238a1724bce26795d28dc86b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

Filesize
338B

MD5
4700308b0e99f14680bdcde4436e5fbb

SHA1
83167686cbd5a528c1c427945521bc333e194286

SHA256
41115ca5b0f1537f48c94349ee1939b45b4f6b7f57be5735145b21261e922c06

SHA512
4080c9dd0f7d13fe551fa802efd6093d73897273a59d0878288fcc474586f6e4f0bdc8b1b6d9106e5454c19d56bcaa9dfb5b085d05bddc21d105edc0f611e87a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0

Filesize
44KB

MD5
1a142f0537980cb726da8b0f5d7aec13

SHA1
6a671dab2b4e6fd012f193b2b0248a9daf94f399

SHA256
11ffa6d1ae980727fab87d091d575496c11f996895f65e77e76d48071fa499a6

SHA512
4c7b7a87773c0866920fb7cdcf6d1f687409aa7377dd76858820820c4b842132cc3bd1086c83720cbc721f6f3438b6d1c387b1062b7396b90d5191a8a79db911

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1

Filesize
264KB

MD5
cb60d59f834c561dcf42e0d0ef311acc

SHA1
1e212e3d6f87d9ee091a3cb9b2ef728f3b86de95

SHA256
36cb389dd482973709f189b145a7f731bd1bdffff4fb4e138ab485bbe7930240

SHA512
d1a253ef95cd4a56619c63ffbd0957800c25b84566766354be4e23665ab285f53db014e19432cde1ba7f06528687885be61e522f6bba0f0d497b8f609eda0132

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_3

Filesize
4.0MB

MD5
05d7fa39e9874b4b9855ad5a4c28bc7e

SHA1
ccfc398534c8a045dd99d67bb394266ea48a1204

SHA256
db275f0c781cf166a7ef0e69b6602d1d2f31b8e8fa14b8d0f36eede42b84a52b

SHA512
51310f2a744475b4df60c4a58bc94cd6d15b694140f3ce44eb11d5c0819ba13042193ea33900379f262cf429efd6629dda20d3754fee7234eb9863935470deb1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
009b9a2ee7afbf6dd0b9617fc8f8ecba

SHA1
c97ed0652e731fc412e3b7bdfca2994b7cc206a7

SHA256
de607a2c68f52e15a104ead9ecbaa3e6862fdb11eac080e408ba4d69f1f7a915

SHA512
6161dd952ae140a8fb8aa5e33f06bc65fdc15ce3fbfe4c576dc2668c86bce4a1d5c1112caee014e5efa3698547faad3bc80ec253eedb43148e36e1a02ce89910

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
277KB

MD5
c45f4b1f8fc1a20ea96636ed5f669962

SHA1
c0229af8d7cd5cfd6bc1d0d922b25d9b40828f3a

SHA256
06077596feab4ee7c466751f5e225540adf3ea7630702627411f462c2d63c356

SHA512
7316afc90da9a185fd4ca2a9f3c29787966a221c7b8b848d49ee3e9455d24e6e24d52eb9909bc1cf5bcde1b83607f760a9cb248420702822449a22df309f7d5e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
138KB

MD5
13e38cb3cefba12de28a309119dca2df

SHA1
6cf21e3fc7311a98900526f54542c2ca90e974c3

SHA256
9b47102bcb56133f6a95cb5df54e1ecbdfa9c40cf37ad14fe8e120efe5fd5dd4

SHA512
a7118d0796b0b05bbbdf6f6da518923d1b12430caf31b91c1527d54c006efe604636491f1dfcc0c0dc53c685536ac8717ab67b3971ec7e496d390d40eae2bb06

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
138KB

MD5
ab19d1193399da285085c0a6bf2eef0e

SHA1
bc08c4503c263cb7e2a76d68231a8938ecb6d29f

SHA256
a6f4e571d83dde2c67bc3d72fb34fd37a094ea0d1f9567e48511405d50f91a5d

SHA512
0d84f5548de2016676584b26efa4eab624adffa85d2f45502e301de312d323b556f94d20adc88254192101604cb2756271313967e567ab5e73821cd462a427b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
\??\pipe\crashpad_4780_TWILIQRKQMKUXKXP

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit