hxxp://getgreenshot[.]org

Analysis

max time kernel
299s
max time network
301s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
28/06/2024, 12:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://getgreenshot.org

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133640515983545139"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3728	chrome.exe
3728	chrome.exe
3200	chrome.exe
3200	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe
Token: SeShutdownPrivilege	3728	chrome.exe
Token: SeCreatePagefilePrivilege	3728	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe
3728	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3728 wrote to memory of 2244	3728	chrome.exe	84
PID 3728 wrote to memory of 2244	3728	chrome.exe	84
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 2816	3728	chrome.exe	85
PID 3728 wrote to memory of 388	3728	chrome.exe	86
PID 3728 wrote to memory of 388	3728	chrome.exe	86
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87
PID 3728 wrote to memory of 1936	3728	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://getgreenshot.org
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa5c8fab58,0x7ffa5c8fab68,0x7ffa5c8fab78
  2⤵
  PID:2244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1716 --field-trial-handle=1880,i,13325305925637040335,6754738663674821957,131072 /prefetch:2
  2⤵
  PID:2816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1880,i,13325305925637040335,6754738663674821957,131072 /prefetch:8
  2⤵
  PID:388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2196 --field-trial-handle=1880,i,13325305925637040335,6754738663674821957,131072 /prefetch:8
  2⤵
  PID:1936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2984 --field-trial-handle=1880,i,13325305925637040335,6754738663674821957,131072 /prefetch:1
  2⤵
  PID:4480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3000 --field-trial-handle=1880,i,13325305925637040335,6754738663674821957,131072 /prefetch:1
  2⤵
  PID:4436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3576 --field-trial-handle=1880,i,13325305925637040335,6754738663674821957,131072 /prefetch:1
  2⤵
  PID:1788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3000 --field-trial-handle=1880,i,13325305925637040335,6754738663674821957,131072 /prefetch:1
  2⤵
  PID:4008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4604 --field-trial-handle=1880,i,13325305925637040335,6754738663674821957,131072 /prefetch:8
  2⤵
  PID:2344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4748 --field-trial-handle=1880,i,13325305925637040335,6754738663674821957,131072 /prefetch:8
  2⤵
  PID:3732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4636 --field-trial-handle=1880,i,13325305925637040335,6754738663674821957,131072 /prefetch:1
  2⤵
  PID:3392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5124 --field-trial-handle=1880,i,13325305925637040335,6754738663674821957,131072 /prefetch:1
  2⤵
  PID:2452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4748 --field-trial-handle=1880,i,13325305925637040335,6754738663674821957,131072 /prefetch:1
  2⤵
  PID:1920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5296 --field-trial-handle=1880,i,13325305925637040335,6754738663674821957,131072 /prefetch:8
  2⤵
  PID:3312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5116 --field-trial-handle=1880,i,13325305925637040335,6754738663674821957,131072 /prefetch:1
  2⤵
  PID:3832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4356 --field-trial-handle=1880,i,13325305925637040335,6754738663674821957,131072 /prefetch:1
  2⤵
  PID:624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3156 --field-trial-handle=1880,i,13325305925637040335,6754738663674821957,131072 /prefetch:1
  2⤵
  PID:1956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4744 --field-trial-handle=1880,i,13325305925637040335,6754738663674821957,131072 /prefetch:1
  2⤵
  PID:1620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3244 --field-trial-handle=1880,i,13325305925637040335,6754738663674821957,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3200

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:5032

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x300 0x508
1⤵
PID:1680

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\534e8071-88a6-47fd-a1df-ff986ddad680.tmp

Filesize
138KB

MD5
0cffadfb6bb1135a3f368dec409a135f

SHA1
93acd4a712a080563270d8f75509e2af032fba53

SHA256
1352c7b96c319421dc7d8c4801e4e60a837cf6d431257e0e2ef78a7fc9e6aead

SHA512
e416fcb8671cd24e7d66723ac0e9fcfb588a75d74a66af444c9230590c738606ea621c6e12deb6ed5586685d2987f56604cbf7562d37ecd6ede9fdb2b3b01d0f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\5f32d153-1966-4301-a7ab-f57dbc8d3f3d.tmp

Filesize
7KB

MD5
0ee7148ab71734b1dab7ee5621b0f75b

SHA1
627e5f530264d7778c6805207152b85b294c21b3

SHA256
d8b7e666bc8bb12cd333a9b9dddacea22d53b406cf2bec3b35db8337831cc349

SHA512
a0897480ddfc0ca9f8dd1df7ff05118dc2d153330dd1759f5a76b880a010d6cedede1ddcba53e949f628d7944815ad30cb831c2e836eeab238cf98d7cc5bdb2a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
29KB

MD5
674b847b91b54605881f679e4a57384d

SHA1
49279a9b38b0629e6f9ddc745bb0821a5e462d99

SHA256
1b2d044f43fa14d46d571f956231797dda83bc4dcc8b6e5e5e202738307aea68

SHA512
fd33d41983406aa7190b896b52981caf1d55de47b6c60d8174cbf6c729c773f66ccd9ac29db5e5415df9dfdb30abb884e512b32767d61ef912a48791a0a7785a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
33KB

MD5
d9aef891cefdc9f91b58d3fd0b4b49e7

SHA1
eb63d7a5fce684511996176dda60fd17f3c8ded5

SHA256
47a337217883398274fb991b2da4be719176623ef83febf20842c2abafde13f9

SHA512
e8e73bc14a2c59968864eb54581af9e9c69d3252ef365201646abd3c822e5376b89d15eadbb7834a647011d21248aafda8ab2cf052cc5bac735ec178c893b2bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
20KB

MD5
2136a81ba740f2e18b56d5f970807d02

SHA1
0161fbff22d67f8f44e7d76161d45e907e0400da

SHA256
6f68d307211489bf15be640ce0793e3b8c289aa8ede24020e1cd563ee67e4c79

SHA512
4cb2f23404437fc8774671e4c7c63e7703d8e24b20954c623563b661d7dcad577e0e2d93edd8936382f067f8d046f84419419dfdf3572dbda1d4db1e7f74dd3c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
51KB

MD5
8be6f48b627578078f297298ebcdafd8

SHA1
0b72cd70bd6960a707dd5c0837131bb96ca8bc16

SHA256
cd5f06d62f08c664f260496d48e8315b5188833a391212f88acafe34574038d3

SHA512
6621641597f76649412bbe8dcdb31bba8ffc16a00e72dc4f70b6be1d6e9307d4d7bf98ca197e9ad55725584d9869bc22dfdb0a5de3b0667ae22dcac1e5cf63a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
143KB

MD5
fdabc57dd35afd344da9e234d342704d

SHA1
5a57e8cd1f85f937be640eca8e9fa83cf8ea2665

SHA256
75d47cbc792655f7e96a1f2947d3ce852039b3b008e4d256f84cdd18b6962917

SHA512
f2908591f80ebcc26f16e0f6307701262dc77d4e348b9bf129ddd90793d3d80a71c9f12b59797523edbe15dc363fd633099e270d916e22380b234b64712b1914

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
19KB

MD5
c52f3521639f61d058b371c90f7340a0

SHA1
26cda00aa74d363215fe8e5de80878cf767d9747

SHA256
98dadb40ba05b9079b6c7cfdcdce83a11764b15cee748e1d6b06ef13e94f1736

SHA512
ead5c9d264cb85f32a1e4e7ca84df51b2d8fcad89abe35b8a9e461cab914224e5ee9c3b0cbcaf720ffaf43566b9d9c958667024e0e6988f948640fd782ff3f23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

Filesize
56KB

MD5
e451f601563bcbd0018e61de1831a181

SHA1
0b5b8270d03067af9080a1065bd29ca80df45151

SHA256
3dfd5794e1b9c3f6c7330a83ba0368039f130e710efbb09d337f98df36ce4efa

SHA512
6505301e36adf591afadd6f2bb9f506297ae65ab0ce59f8b24a48d1bda8bb3a5e4e80dca967b353793b1b1529388038b768d8f21ed8ce8326a50826f21d000f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022

Filesize
41KB

MD5
fdaca5e48945d7d291ac18c669c20713

SHA1
9ac11ec8a4b42077be939b37ce5bd9569ced8a04

SHA256
45f300dc10b33ea56b429bd8a4b9e261aa74947dc65728eb5d09a48b3d6fff92

SHA512
4432b654452064b395d42c1ab1eafe6875a92a9f602c2f92a1185c01acd96908090803ae7924dae784af16a2ae5449cbf68e3f7450c94adad4b2526b4048a566

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025

Filesize
36KB

MD5
9067c5c69370871491a94477fa2c4c1a

SHA1
e6e2025ddd41daae464c64147f7d717f6cc8321a

SHA256
e62294592635a3e76cf2190de4505716a2635b47329451964d2c9f961273171d

SHA512
3ebe8bd26f5ae0b87d9e5f117b075e1231a8734bef4ba9a263330a661d65ca5486764808654120d4bcc97027a51b65ed3828f13ec4e5ef847b1d51103423fe57

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000026

Filesize
91KB

MD5
5dacf34e6be6cb8bf2b86022500da14e

SHA1
ca112567837d31bbcaa6ea6041207d5899720144

SHA256
943f528ae84d021adb77d629a25d2cf0138c976da3648b0ae7e854bf2adb6b8e

SHA512
e4377649dd2ae062d6391042022c4d309d24284585a3637127bf2fa73ed86173992deb9c38e0a5ca14c2ff3e6753d1fc3af9d6bc6d9297477bddcea54a20d12b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b

Filesize
102KB

MD5
46d8aa407d3d9d60bf990edf56914d49

SHA1
e94ab5ca659cd43b27bb37a4d8c272857a7db051

SHA256
1c526c81d55acc9d8d2701a6d14127cc234d28e49b728f266361622a2bcdc7ae

SHA512
4406bfeeda2fecb3c75ea7930c0a23660ac8aaa570a6cf1611777003eb98f428404ef963a0e04f344a12f78b709dbbbe4c4ed63074867105961177f52129d493

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002c

Filesize
85KB

MD5
f5791c84a59b31d85d957e9769fb046d

SHA1
a87a9a3d260602b2cc39b2fab528e0fe0a2c6036

SHA256
762aa3d6c54b9a5dfa658c30d5ed7fa0a82c717128d88d629b70db90b78716b6

SHA512
da0a14f4da4511430266a374b81f8928c3a260838fe55b0e57a3eb1d46d681492dc80e3dcc7fbbea40076c8c202820ddba76e79ee3a0dc71fd8788c3cefeb0e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d

Filesize
104KB

MD5
3cb5cc16464f4929fcbbe0426fd6a024

SHA1
7a7c29fdbb230858e11171e787cbf60e50fa3013

SHA256
6c74a27c057a09378fa69644728a6efe10d4a678fc435a6a04516196cf19a8a3

SHA512
a544068624e61a329220a52a69a33ef1ee414ff2ff92c8151649ccb2a5055bbe48ee0f58dbfce47602db857dad11b839ee48bdf01f8522c67dc345d2ab21ee0a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000039

Filesize
16KB

MD5
01d5892e6e243b52998310c2925b9f3a

SHA1
58180151b6a6ee4af73583a214b68efb9e8844d4

SHA256
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d

SHA512
de6ca9d539326c1d63a79e90a87d6a69676fc77a2955050b4c5299fab12b87af63c3d7f0789d10f4be214e5c58d6271106a82944d276d5ca361b6d01f7a9f319

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000040

Filesize
103KB

MD5
6cea50c3c5d7d656d47d7f2d25067367

SHA1
6677c314d9c07d519eca6a3dcde254cb4b19feba

SHA256
4f11f47a40b1a1b86ffe897a9b7899c5f259299144648e9ccedcdf5ce7643074

SHA512
3d6ff5b6369c6f18d0fded3a9ec397d5bfe50a0d65c3a88866c877c0f8c16d4e810f91e78802cebb300188a12f710a6fe5c3a54878b9915f08c2a177eda9359f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000049

Filesize
20KB

MD5
a7ab7d8bbe25bdba0c20d649f6acbb2b

SHA1
f7173497fdf3447cf5eeac1f53c4fe7051e96251

SHA256
facd6aece89d8c8907c8854c76675ec67d4ec6fa2ac636ef6867b72e7ab3c761

SHA512
3aac440201db70fa9b7313a9dc8b3cfdbb76432ff122e8d0ac35a4e8958a4b8aa0453272e68e95f3628b14a55e50f337d65ed444f3ec539f99f30ee521eb59a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000068

Filesize
128KB

MD5
35fcc7335ba5826364816a9cb13efb29

SHA1
8249860ab24246f52b6aba66e0f25cbba9b55c91

SHA256
ddaaeb6772a523d163fb711626caf0f3e238c0c0d7f5d2e7f544f0460a6d72fa

SHA512
55b6c21029e7f65d9ea31892742ad8dbce0201cca00da352d2e8e5c3a7a98b14ff2f7e81e24e20fbc17e3a10493e0d7fc29771419744686fe8e475164d421ff1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\13986ccd40e3a0f0_0

Filesize
303B

MD5
13b2746d52eae445089fe274568c8997

SHA1
78d7ff5d0cc506517f08f1745758a34545f2974d

SHA256
abbd6ddaf5007faf31303c741612aa8b58a69dbb2a80ef1c2f7240f018ec705c

SHA512
fdf87dcc05b2a571600e7f068e72dc935c9ee09160edad130fe97e20c1f3a3b1e65f3b2e98f089e5747257c0b904b74d00975872a79e84231b75d67e311a02ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5e4168f89ab8ec3b_0

Filesize
273B

MD5
1247f6ff3cac52832b869ca0e2999043

SHA1
802c1f9b5da819e59d04a5b086bc6ac06a4a2ce5

SHA256
0f5c66f967aab9b11b91183c3317e4528ff78a479b72f6fc473b679dfe444f7b

SHA512
325433c24fc8eb70ce15e2ef6a00cf8f691c169d36620ee7b28e50d49f6296d22b391c32999b5503bd2fa01ac9e82c2363778d4e4473851d12e577f41fc920af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a50bfb37ab8e1c9e_0

Filesize
53KB

MD5
93c789379dc99ec805719b61de70a20c

SHA1
6000340565fd3413eb8c01d347a39d828ea618bf

SHA256
5f67733d561a1d3ff0d476ed47c532dbdf6f46878a98c9a38ce1e9d788262ad5

SHA512
dd3e218f252cc3553fd4c19d88ec44aef57f1566a9826cb4926ab6ef9772393165403a9eed7709afb714f0f0b5c04494540fc51317750ab765743785d9ead7f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
9266e626bce23d2bd81fc9bada114a16

SHA1
371300bcdb459ed897cb803785340a0e7b4ff637

SHA256
6481092861f2aa2321cee7e0d89fa73cfe828bc0b29ab3bc1e15cc6dba3eae13

SHA512
a8e05a4506671ab55e647b984063263f70ecd8641a93c1665d6aabca243d0375e30b0472f9cb8adec437113dcdd9a387d4399f93a0097c2fcf3aa719f1732c73

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
e6f1f3b8df1aa9ef4846ec44e08bfd53

SHA1
7209500062d0fc8344a6962ec65758e6c6fc2c99

SHA256
f1d40e9ca5500c0eec72f3e4cb9b307319d6bfe1dddacf2e6ed7e90cfae96b0f

SHA512
a6e8b775a6581666969dec09d8f19d31ccde4e7e8fb99b744a87589b30b20544eda78a7fc7ac9f960f970b38697a08b336a413fc3afdb042544e9db63da03a42

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
7KB

MD5
9991eaec77d4faab8d269759fd88ec19

SHA1
551e469791de86e76091444af8acfc77bed7e774

SHA256
1f2468c5911ec6271399b8cd177aafe488e4e9a8c9f327a4eab00b1097935ab6

SHA512
3f5669a9c9371d47f0c36de53c0e7e0d3ab9907a1b43bf27e6aaec43797b49c2070c5905963b86d7c8340868351deb73820e4a1aad7b762d46e258efcdd51b76

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
4d38e3e27b9396dafd71d5e7db8c8fba

SHA1
c66741f48e848bcc050057a803eec6b685400281

SHA256
0138c7cb13bcc44d66fdc78854517525c2d27d59739085b0c0cd7a018fb2425a

SHA512
262593004481d3230026443ea301e0c9bbddc119e5c965d79419b6ea9e0595582e9cb76a15d686d2964aef302da6ed4512de7c5c7883d0c825caa5c229abcc02

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
691B

MD5
6ec9a4ff12fcc1ec1dbab1f925a08f83

SHA1
fe4ae067d0ab270a78ae54835075dea962c682e2

SHA256
a6a2fcd004fa0243900598d24eabca4166b9246556a8f2bca3a63443da581f4a

SHA512
59a8d1254757d5b6b3622f137aba06a3cff1fb68b9940a551569ce028986b3b3bac5cedd9f08c66e32f5d41491a487560a74d5d30e0c74bcf2fc835d7df81478

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
b10acc2cf6c65e0df0534449967e9519

SHA1
35e00684d38b045c67eee10a539950d1f950b1d9

SHA256
2d61273c773318ea071fb06f505d5a5209189a1a1ded0c6508920a67d0c6cfbf

SHA512
0803714711b4efca9996923c6cbc00a8f3bd5f9bb6d6114d8b5513e4a7ea9089fbde4cfcd9352046b34330506901bf035280b6c1545537b6b1b7d9172113a571

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
5c93e3b10a95acb06bfad569aed36277

SHA1
0299be9c77cdf823f2793c09cf391a2c814e23df

SHA256
4b961a5b68de119cb3845ba099adba5770a492df0dff83bf73037e229ebaf808

SHA512
e3cde161df7f2b186d1c1c64ffde5de9c6dda360b778cb1540271695dbeb20748b5266fce54880e9ead3c04c50e5b60fe533bb00aae2ff2a6878971216b734be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
72efd06e78c98694e21aa78a7b9ff9f6

SHA1
a185d5638c1d35ae42dd8ed468f21098a599e70e

SHA256
6409d7fd689c038663544ca128c6a65074cc404ac15624f2a669b7a13face4a6

SHA512
a117caf1f725125aa836a7696d6d2ee247fefe868dc13f82cce585783fe2878e87bc8a563fe54a04de454afdb05ce90ede4d8233cce2a3004aa2528c58b7c96c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
7f6ac75cf9878d38bc5bc41bda269095

SHA1
773acfd0b1085b81b582a01b3bd4207e3d2d0a22

SHA256
ccde444771d7ca49993bc32b4ee81cd5fc1f6aeab301b768bc72796e10b064a5

SHA512
433031dc735e9284083e2823a27fd65f61c56c086ebfe2985d6de6f57563fbceb359b77645beb894340f9964746f688fd0ab220949c18cb3c627b7dbfd8485e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
138KB

MD5
e50f1d6afeb8823419d8b5d5e187c897

SHA1
7b604113001f6dfcc3ffcd849fde787421a9da0b

SHA256
928e49782cba6ecdc776856710e4aa997ffa15993e8238c0fade788a708e28c5

SHA512
75338114bde3c3184d427da67296a64a0a631ed85adc45d0d72b30fe332cb8f9d3f6936b0d6549a58dd8cc077d969420d82a52b66acaa5a1caac9d721d9ecc11

Download Submit