3786cff29938c32a4db0aac5973d04ceee722db44a3172e87238c7ad0c6f88a2

Analysis

max time kernel
1799s
max time network
1778s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
20-06-2024 09:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Injector-x64-SEH-On.exe
Size

32KB
MD5

727b7402379beb97ff2f5fb5db4f0ea8
SHA1

c9cae107f9ee66048a175082201524f7ed99bb26
SHA256

3786cff29938c32a4db0aac5973d04ceee722db44a3172e87238c7ad0c6f88a2
SHA512

0a82b7ce418bfaf169dc722593eb3f3873df745c669008be68afc5ff7486d3852bdb0a3c4b67fcb146a1c21c61ac321c865a76f043200deddace513915a4a9b0
SSDEEP

768:1HZtwPJRlNhSP00F0H6BApWv4JLuNbNwFH5gsuce:1UPJ7NhSP00F0HCApWUqhqvRe

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133633496260589625"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-200405930-3877336739-3533750831-1000_Classes\Local Settings	chrome.exe

Opens file in notepad (likely ransom note) 1 IoCs

ransomware

pid	Process
1076	NOTEPAD.EXE

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4224	chrome.exe
4224	chrome.exe
3736	chrome.exe
3736	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe
Token: SeShutdownPrivilege	4224	chrome.exe
Token: SeCreatePagefilePrivilege	4224	chrome.exe

Suspicious use of FindShellTrayWindow 33 IoCs

pid	Process
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe
4224	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2536 wrote to memory of 1768	2536	Injector-x64-SEH-On.exe	83
PID 2536 wrote to memory of 1768	2536	Injector-x64-SEH-On.exe	83
PID 4224 wrote to memory of 3092	4224	chrome.exe	111
PID 4224 wrote to memory of 3092	4224	chrome.exe	111
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 116	4224	chrome.exe	112
PID 4224 wrote to memory of 3832	4224	chrome.exe	113
PID 4224 wrote to memory of 3832	4224	chrome.exe	113
PID 4224 wrote to memory of 2136	4224	chrome.exe	114
PID 4224 wrote to memory of 2136	4224	chrome.exe	114
PID 4224 wrote to memory of 2136	4224	chrome.exe	114
PID 4224 wrote to memory of 2136	4224	chrome.exe	114
PID 4224 wrote to memory of 2136	4224	chrome.exe	114
PID 4224 wrote to memory of 2136	4224	chrome.exe	114
PID 4224 wrote to memory of 2136	4224	chrome.exe	114
PID 4224 wrote to memory of 2136	4224	chrome.exe	114
PID 4224 wrote to memory of 2136	4224	chrome.exe	114
PID 4224 wrote to memory of 2136	4224	chrome.exe	114
PID 4224 wrote to memory of 2136	4224	chrome.exe	114
PID 4224 wrote to memory of 2136	4224	chrome.exe	114
PID 4224 wrote to memory of 2136	4224	chrome.exe	114
PID 4224 wrote to memory of 2136	4224	chrome.exe	114
PID 4224 wrote to memory of 2136	4224	chrome.exe	114
PID 4224 wrote to memory of 2136	4224	chrome.exe	114
PID 4224 wrote to memory of 2136	4224	chrome.exe	114
PID 4224 wrote to memory of 2136	4224	chrome.exe	114
PID 4224 wrote to memory of 2136	4224	chrome.exe	114
PID 4224 wrote to memory of 2136	4224	chrome.exe	114
PID 4224 wrote to memory of 2136	4224	chrome.exe	114
PID 4224 wrote to memory of 2136	4224	chrome.exe	114
PID 4224 wrote to memory of 2136	4224	chrome.exe	114
PID 4224 wrote to memory of 2136	4224	chrome.exe	114
PID 4224 wrote to memory of 2136	4224	chrome.exe	114
PID 4224 wrote to memory of 2136	4224	chrome.exe	114
PID 4224 wrote to memory of 2136	4224	chrome.exe	114

C:\Users\Admin\AppData\Local\Temp\Injector-x64-SEH-On.exe
"C:\Users\Admin\AppData\Local\Temp\Injector-x64-SEH-On.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2536
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c pause
  2⤵
  PID:1768

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:2700

C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\vcredist2013_x64_000_vcRuntimeMinimum_x64.log
1⤵
- Opens file in notepad (likely ransom note)
PID:1076

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffa3167ab58,0x7ffa3167ab68,0x7ffa3167ab78
  2⤵
  PID:3092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1708 --field-trial-handle=2124,i,9665550298924646909,15911162760382254335,131072 /prefetch:2
  2⤵
  PID:116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1912 --field-trial-handle=2124,i,9665550298924646909,15911162760382254335,131072 /prefetch:8
  2⤵
  PID:3832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2288 --field-trial-handle=2124,i,9665550298924646909,15911162760382254335,131072 /prefetch:8
  2⤵
  PID:2136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3032 --field-trial-handle=2124,i,9665550298924646909,15911162760382254335,131072 /prefetch:1
  2⤵
  PID:4796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3048 --field-trial-handle=2124,i,9665550298924646909,15911162760382254335,131072 /prefetch:1
  2⤵
  PID:4364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4440 --field-trial-handle=2124,i,9665550298924646909,15911162760382254335,131072 /prefetch:1
  2⤵
  PID:2560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4548 --field-trial-handle=2124,i,9665550298924646909,15911162760382254335,131072 /prefetch:8
  2⤵
  PID:2804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4688 --field-trial-handle=2124,i,9665550298924646909,15911162760382254335,131072 /prefetch:8
  2⤵
  PID:3424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4792 --field-trial-handle=2124,i,9665550298924646909,15911162760382254335,131072 /prefetch:8
  2⤵
  PID:2768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4540 --field-trial-handle=2124,i,9665550298924646909,15911162760382254335,131072 /prefetch:8
  2⤵
  PID:4412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5032 --field-trial-handle=2124,i,9665550298924646909,15911162760382254335,131072 /prefetch:8
  2⤵
  PID:4980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4668 --field-trial-handle=2124,i,9665550298924646909,15911162760382254335,131072 /prefetch:1
  2⤵
  PID:3964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4160 --field-trial-handle=2124,i,9665550298924646909,15911162760382254335,131072 /prefetch:8
  2⤵
  PID:1236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3088 --field-trial-handle=2124,i,9665550298924646909,15911162760382254335,131072 /prefetch:8
  2⤵
  PID:4316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1852 --field-trial-handle=2124,i,9665550298924646909,15911162760382254335,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3736

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:1688

C:\Users\Admin\Downloads\Injector-Release\Injector-x86.exe
"C:\Users\Admin\Downloads\Injector-Release\Injector-x86.exe"
1⤵
PID:3028
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c pause
  2⤵
  PID:2348

C:\Users\Admin\Downloads\Injector-Release\Injector-x64-SEH-On.exe
"C:\Users\Admin\Downloads\Injector-Release\Injector-x64-SEH-On.exe"
1⤵
PID:744
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c pause
  2⤵
  PID:3356

C:\Users\Admin\Downloads\Injector-Release\Injector-x64-SEH-Off.exe
"C:\Users\Admin\Downloads\Injector-Release\Injector-x64-SEH-Off.exe"
1⤵
PID:2936
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c pause
  2⤵
  PID:1512

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
4dd8938c4295636f569dafd0b62a36e8

SHA1
a8dc1851d6dd3432377d975983071a80637ac81c

SHA256
5fdaa542c5c5f89c86a110e875b114ddcb58022963563a24b0e427e1a929b6ef

SHA512
857f796db9138bc2b104c44ebd62254fe66b030b7c89f611abce93fe73a39d960ae449d87774e2b7d1424a62af1d54f66b97b02889033f28fe922851bb2ef6e7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
77e138f7bb6ef4ae154aea53a0b94f54

SHA1
e3883c0b599f340d9567a5c5d64c20f90362b299

SHA256
4b0404d0f8b9d7f50579d5597d3118e8ba834ff6c91e8a8bd219d3601f8dde1e

SHA512
ad74486b41f3b7643a0800082ab1f575a1f1acf619e47237a45e6660fd12784aefd76c2772ab0c2986475a57d9f04f9b90fa376f6ed5875f7d6383eca0ee96fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
4cce2a8e5551e7e7b90d37c63a3f8255

SHA1
2480a6cc5e72d2ec6f3bad14aa3501a772768ce8

SHA256
a429048201ad110317b9922837acb18c76d4b197c05c3bdd7c69e0cdbece6092

SHA512
40c2217995af20fb6a5d3a44e0656e82ed8e934dd7bf615f5898814dde7fea97e2af78846f4208f944e153818dedc9397f94d8bad47b2c994829badd1d486fdb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
679ecf02b8ed3aba938461a4efe5ac0e

SHA1
e4b39c21b503489fdcf0391673b41ae4801bbf95

SHA256
164b2279296cd8232c6dd7db831ba5538cc5036676533ae5ee1745aca7864909

SHA512
ad79abbfaf4b9adb42f2a186514d7985c74e53ccbf43d358ff29eb49378c6075b91a9246106e6e5b882e49b7bf94ec62cce76896f0f9bc1a828c9c597a012488

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
d8bc45449eff1da60019ed7a89b0d246

SHA1
4314c8b54b0d22afaf3a4fc7f230b36cd5838dc0

SHA256
2daeb5d41889a9bade6e4b7374ebddbbab6dd8ebd603c066ecb5f9d81fa6a21d

SHA512
270379754621ea3f93c87250be830f39720dfa346f6bfc8b885eb8c72ea820e33ef87deeb85ca2b680dbda584608a22fcf230d5096a9e722f4d78a2ed1c0b62b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
3de6f8326f20242b14fad76bdbe4a491

SHA1
5da63ae4bb1c612b821c4ccd0e7ef7698e2546c6

SHA256
4e911c31a5072fc8ff82ee136638780b69b20c852065f1ef732e37813bdc56ae

SHA512
279591690b8087ca05ac12a346bab95243c43d555cff1ba541ee5bd33cc2551864f0cc0283baab83318c63803412801136ae4739ce8afe1df7b25cb3cc04c12f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
154aea81c969fb2e7b1e8aac5f99ad09

SHA1
487e1dc16cefb26f4abcb216866c4c62a6d5aaa8

SHA256
c4b601b9b9d8dbd21fa4abf50f9580da1f593bcbf14e759a94b1f1cfc23f8e54

SHA512
19b20945f7531bdb9bda1ecbbfef50c27839105ab1bb2b653991f9e7016ab13c8cc9ad3c1fb43e5c97d70150c59f36f09da94e7d538c88ebf17b8a39357eaa53

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
c680bb676bc5d3b79a74c5c762ea33a4

SHA1
0f37010c75c6884de3f1fa64fd298a9e8e43320a

SHA256
bf1d35204bbdfbb7e7a2200f0914079b2b0fa7ea2b73edbee16eb88cb205d0e3

SHA512
c7c93992f5b330cbae71c3889439b000b8c3dd674b1d0573e676ff861d2c197fe6c0ebf1093fd5db333addc91ba280a555cbf6d0694267514ee17d1a4a44f704

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
c5346be303006ec4498a78e732dc5cec

SHA1
edcd365439fe310fe5eb251590ae844a13da80f7

SHA256
3f2d6fe5e36eaba34ef5cbd8c58b30f3bc0b176a5d4dfd8114a7becbbb0e06bf

SHA512
e1b7f69c61dd89cfd32a547e20355f3258a41d3b15813077239bdf33448800c8066bc810baaeb7d542c969ca5fd58b0369cf170b8791a41628374dbd4e0b20bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
16KB

MD5
e0f4deeb173def99230e84e02da8c265

SHA1
cda6688e0603dfafef214d5a0d384d386a9f5a37

SHA256
d00f3e8eafc446b4c6c6a0ae4328c53425bb452b4299e1500eeb20b2bfdf56bd

SHA512
e47c3204b7b232b896f7a5af7084a2851078a22df102115f3e49997e36b649964b89a24c5bf18bb5e618deff66d6db8bdd3a95b1a5583272cbf85ffcd467c93c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
278KB

MD5
ebb40d4bb70bcc69a4342274a29c524b

SHA1
98ade308e5687470ba14dc5ddc073dcb76de8aa4

SHA256
64167d3409474adc70df96d4b7601d26c6d47943571f6527b93c71dec597ce28

SHA512
59c50bdf1a6b7490f72b4a7af304a766a1fd33c7e116939a280bfc5dae8c25d2b395c08372c2801136317a1daa5d0bec89da6be222ab940767e25178582cf805

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
97KB

MD5
0cb63358364246011401649c103d869c

SHA1
71db9f81e8031bac6afb26f23ce9964c40d793ee

SHA256
38275672640157f156ff99131c2c13c5448de79177fcbab526bdbb46a422258d

SHA512
5398af6606b349c53f304b665fe684809952c01df88478e68c9a537ee857d6c91c731693cd43de81810c297a3653bb09abc6d0eda0beb9e819e582a7810a48ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe595f3d.TMP

Filesize
89KB

MD5
c70425ad06d391b3d3ddad40584db43f

SHA1
5589f433069e1c5db7e6e0815717ddf671234ce5

SHA256
b78330e9f1819d568d0c0f98cdbf4709ac14fb1bb8b8dca7dc67d8adaec7a6b7

SHA512
adf2b271341a91b428ccf92b9ae9bcf3ffa31756df5f2521e035c4e119dfbfbecb89e4fc97b2f7376e14d07da634b47e627a7c7cd9879913ccb49c413f2de8ca

Download Submit
C:\Users\Admin\Downloads\Injector-Release.zip

Filesize
42KB

MD5
8aa716762532ef102e72f3c924afe960

SHA1
e3193eb06107d53c89f600962f687caf395c9f1a

SHA256
748cadb38bbb652d7fd80784eaf14927493af44c7b3f29aa9fed06875b0c9a02

SHA512
9553b25d6b6c0649c407805a839ad1c94bb3e1e7c2dffdd2978b8a559874b061f86a22ca6f65dc7b19b60082ea0bf901d80aa2c54ee680608ec5765e53f85f1f

Download Submit