hxxps://www[.]mediafire[.]com/file/wk98v3qh6lbyuz9/Lightcord[.]rar/file<@&1243196051440013332>

Analysis

max time kernel
38s
max time network
1024s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
30-06-2024 23:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.mediafire.com/file/wk98v3qh6lbyuz9/Lightcord.rar/file<@&1243196051440013332>

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133642646809136709"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
916	chrome.exe
916	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
916	chrome.exe
916	chrome.exe
916	chrome.exe

Suspicious use of AdjustPrivilegeToken 62 IoCs

description	pid	Process
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe
Token: SeShutdownPrivilege	916	chrome.exe
Token: SeCreatePagefilePrivilege	916	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe
916	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 916 wrote to memory of 1668	916	chrome.exe	92
PID 916 wrote to memory of 1668	916	chrome.exe	92
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 3564	916	chrome.exe	94
PID 916 wrote to memory of 872	916	chrome.exe	95
PID 916 wrote to memory of 872	916	chrome.exe	95
PID 916 wrote to memory of 400	916	chrome.exe	96
PID 916 wrote to memory of 400	916	chrome.exe	96
PID 916 wrote to memory of 400	916	chrome.exe	96
PID 916 wrote to memory of 400	916	chrome.exe	96
PID 916 wrote to memory of 400	916	chrome.exe	96
PID 916 wrote to memory of 400	916	chrome.exe	96
PID 916 wrote to memory of 400	916	chrome.exe	96
PID 916 wrote to memory of 400	916	chrome.exe	96
PID 916 wrote to memory of 400	916	chrome.exe	96
PID 916 wrote to memory of 400	916	chrome.exe	96
PID 916 wrote to memory of 400	916	chrome.exe	96
PID 916 wrote to memory of 400	916	chrome.exe	96
PID 916 wrote to memory of 400	916	chrome.exe	96
PID 916 wrote to memory of 400	916	chrome.exe	96
PID 916 wrote to memory of 400	916	chrome.exe	96
PID 916 wrote to memory of 400	916	chrome.exe	96
PID 916 wrote to memory of 400	916	chrome.exe	96
PID 916 wrote to memory of 400	916	chrome.exe	96
PID 916 wrote to memory of 400	916	chrome.exe	96
PID 916 wrote to memory of 400	916	chrome.exe	96
PID 916 wrote to memory of 400	916	chrome.exe	96
PID 916 wrote to memory of 400	916	chrome.exe	96

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.mediafire.com/file/wk98v3qh6lbyuz9/Lightcord.rar/file<@&1243196051440013332>
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff894969758,0x7ff894969768,0x7ff894969778
  2⤵
  PID:1668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1788 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:2
  2⤵
  PID:3564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:8
  2⤵
  PID:872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2228 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:8
  2⤵
  PID:400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3212 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:1568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3224 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:4344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=5252 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:1624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5728 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:8
  2⤵
  PID:4908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5420 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:8
  2⤵
  PID:220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4720 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:2492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5384 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:2300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5768 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:1968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5652 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:3172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5960 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:3280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5972 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:2060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=6252 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:3600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=6404 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=6544 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:2100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=6572 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:4480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=6608 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:2512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=6736 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:2364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=6752 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:1096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=6760 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:1936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=7500 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:5452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=7760 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:5820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=7892 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:5828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=7900 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:5836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=8156 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:5864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=8496 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:6328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=8500 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:6336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=6532 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:6528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=9164 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:6612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=7772 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:6700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=9196 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:6708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=9416 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:6860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=9396 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:6868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=9696 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:7000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=9668 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:7160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=9712 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:6000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=9852 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:5992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=10260 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:5988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=9984 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:6680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=10456 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:7144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=10380 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:7140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=10480 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:7244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=10448 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:7252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=9972 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:7404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=11112 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:7428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=11064 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:7576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=11256 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:7612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=11056 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:7624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=10432 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:7796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=11840 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:7804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=12004 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:7952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=11800 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:7960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=9360 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:4000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=12396 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:4488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=9908 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:8216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=11260 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:8244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=12604 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:8252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=12612 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:8408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=12740 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:8416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=12940 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:8564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=11004 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:2
  2⤵
  PID:9112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=2784 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:7204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=4024 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:6044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=748 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:8
  2⤵
  PID:6032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=9232 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:1
  2⤵
  PID:7976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9852 --field-trial-handle=1904,i,11437827089105116974,517796309457756782,131072 /prefetch:8
  2⤵
  PID:8412

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1244

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4160 --field-trial-handle=3084,i,4016110471176367543,14287608422419064331,262144 --variations-seed-version /prefetch:8
1⤵
PID:3828

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3888 --field-trial-handle=3084,i,4016110471176367543,14287608422419064331,262144 --variations-seed-version /prefetch:8
1⤵
PID:6240

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
1b1c7598067ac7758b37cae98d3d74e8

SHA1
b38f03f2323192a9ef4f05a45cc62c5bb6efa8d9

SHA256
29fadfa8dd1c3adba728d1ffc743a2e42debfab804e570798bd11ced584fdb1a

SHA512
4378c0a23bdd8fc43e6ba3f81da7e2eafd0962589ed64ddf1f63b7c2531d69e84da584df97b0f921708415c6f720b3b66858e2f91699c18f8a7b4e2ce5574d89

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
c5397598f97d58de26821e260030a7e7

SHA1
f73c9fe5149b8159930bae3ec30ad0ed7ee163a7

SHA256
e7575680ccc65e661aac53bcc6db966a843add65cdd7386338a23c13a4243f1e

SHA512
433b22930032e5a3a26c1fba8542adbcae247cf3192a822c43530bc6d4e6cf8f6a7d0fcda55a22ae68f4393d657924d7f4044d312eaa76ede389c59cd4c07477

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
c49b492eca1074fc0936021917445661

SHA1
0eee0b27920bc6b9f9e63ade648779a26d58384a

SHA256
dd63c453729926f1139b7577c886d782bff2c485a0a73bd2879c25cd931add67

SHA512
ecbc665dce56baa26dfcf632d274caf082f1eea118dbd25e2ce147c1934d8ac677f86f53a5a6359f41817ea3d4ad39b5c8c3a0c57a46fad1c1bb9ee679ef3e8b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\226401ac-bbe7-44fe-b954-8b3317272d4d.tmp

Filesize
18KB

MD5
fec339fbe3d57cbcecde08e60827a982

SHA1
256bc2065091ea96f889b4dcbe06f6e411f4da1f

SHA256
a664b3f99b1c765e359fc3b7dda4149768d96a0acafb025b8a6c4f6cc00d6e26

SHA512
35e0e6dbb4ac183ac2003e83377a9341022d1ffdad18bc7fd734127ef0f711aca00f0577181b5713fb2dab2c2cc557b36cb2beaef8e8d25c6e9be69655685dad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
d137afbd68043efc04788db57a8c84ce

SHA1
0c1ee0dc7ed92b2020e9712a20b198396d9976d7

SHA256
7d5bec28c4f6f9e1b27fc25164a771696355fbcc1aba9295b90216a5c3819e6a

SHA512
89696fc57976aa398f8c8cac42f5cf81b2dc2dcaac541fe2feb81bda281b582e3cd4b987fcf7055ccc5c489ae427c93400a1f8fe7f70dfc5bf160ccbe6cf8140

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
19KB

MD5
cca6d7b11da8b04c85575a9a6734680d

SHA1
f65aa2273f9893b65002978e837258fc72e7566f

SHA256
93a750db9443006aa802660f60aac45a4ecd8c48899ec70cfccedebbdfb6bdac

SHA512
9d864b3297246030c12888666252712db4d1f7aa5426d2479d872e927ef4f81f03a887910838ee2791237dcccb133ef3b2f2a8322aef5cb79330ebd25bf59335

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
18KB

MD5
f582f38038d4e8ff390372678e317eae

SHA1
c042b1fe0f27436a969ab4067cbf7f972c913d20

SHA256
306db0adf05ff212f1d4adbdf85d5e64e1b5073cc64eb48f2ca90e8e9e767b71

SHA512
72e845133f6c6b8ea566cb25cd26b1d3250a0d25fd8c623f5de5877f369ba25c767800db24f4c40563bca42bfbdd97ed1ae1780f13782cd07573c2d210e045d5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
19KB

MD5
2d13408269d5cc9dfd701bb07816bea9

SHA1
281c2bfb39ebce714488753817680a73e4358933

SHA256
3d7cbd3f2a327317022221c23a2deacb4b6cfdbdb0837e2931b910451d7874dc

SHA512
cb8c0cafd299c4fcf818de5b8f89a13c7eacf996610ddbeb416134953bd55ca782cee1e053fecadcf196890422c31ce935ca905ae4c8b71fd51764e761bf3a84

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
5e1241e456e46efbfc04dab4a7e3f2ec

SHA1
bd0ba8d886a3a2b3b4e76861a59ef7c35717f0db

SHA256
c53502085c25bab4a0b7bfc3441c6b0122307d29afeecfe036e99918961cfb9a

SHA512
30829c0958e03d1ce6d2f8b23bdc959dc1f30391800503fa1d0e318baff962cb456363aa4b7584fc49411ce3512240ca765416025dde3d9d6bd17eb7fc3b82b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
4bf2d383b99ca45d87f12aa08b147d68

SHA1
ef6f1bdf28d37a9069e3ec9051741643e00b4027

SHA256
6d8746d948bdf741ebbf2948c52621f2f15e36c02cf54b343500c1c72af23ef7

SHA512
9ccdef0888fb0af4ba8eb7765605443cca10d582a8604578b83008094fd2ed85e5324582c0eb275d374b33539803cebd813c5724ce6faaa6690f9a5d3c3b9e96

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
d1f3ee29441b95615ce8d931b1eeaa15

SHA1
20f08aaf90a8899ef5f402a23ce28144fda47054

SHA256
2391ee18ce2e8ca42ea6e23fcaf8de6008ca0b9685fc8039ef2e91e5a3f8d4bc

SHA512
459b670fc66d5edf582845474a74638d70d20d43947bef72e36cdde0b95807d6d850e066fb442969520d4fe56fda0b90dc85b4e011bfbfb32bdabfae40bd7632

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
8d3ee6879fb749e3f151611e805012f5

SHA1
fedc4c0d85177498cb32c8bb6b5064fad23c407b

SHA256
531b718c768845cb055d13824e251af5a04af85a4ac9d6f067a70d6f097d84e2

SHA512
933bdae0a9fd7f31ba20e8c41c841a19a642b12e92c898719667e2b1952e88e8e750f94a8e6e9790c4ec2182ca978ff44e7f4bea0ec89f132967171dfe8daa92

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
4b3c64734b7d5977ac07457b10d5a689

SHA1
2d731b0a97aa94b266562ef1467946b4e3b78ffc

SHA256
dc0ca26809e142e1fcb5f17b40e7b0eea3be6edea3b890c19b10ba73db205f9a

SHA512
8b6d08ec4ec345da2e29aef9890dbb7e0aa6b563b57fd44caf7770fb523d8b5596c64dd9388354301d0022aac08c7c099dce0917228d84f9d5098ea43c7757e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
83ebada8e3a9795c8d19f832502595b4

SHA1
6d17fd1c0f8287ad4254ca01892e0d7d8973d282

SHA256
bfd74c2020b752de5ba1887b68d1ca4559f6816fb329c6451f8843979586782c

SHA512
2c1e99a0bf67eed631217a632d799a0d79ed85e1676ae935a735fc62f5db19753f2a17aece5a9bdb2ce7f550c83bcac1f839a7ac8b5a4f3138d68620c72158cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ca28bebcb056e69bfc77c0bf7babf819

SHA1
6e55d53bcd3777a97aa3deb3d9b3aab8893c1c07

SHA256
ff6212f5fb4016f489d46275bab9041ba2550a5a3414ad9b08e9a10a703b3074

SHA512
572b27d239536225c9b935cb24b342bb6c230888af1628f52150dd0af387eb4b2713c8341079139043d1f31a7f276e93df139b5ed0985755a472ac7601afad7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
b91f4889246838b42fa90753862a57e0

SHA1
3e7ae3d4f698a809fd9a95dba6d2e61fe0941c57

SHA256
26e69137a11c663084c1cdd0aab0ab3035d08bc7a9d02fccb05a938c2a4c119a

SHA512
d4019ad3ebf455e50e3b8000185a8859a04206b98f3212f2687f4d2e55d56cf58a93d84bdb4d195ed311800d83767cd9569c07f14171e1fae8357303a71971b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
0f5eba412caf506123e0a737720c7227

SHA1
69d77f4d2473744f4309d24114a4b08b3559ca4d

SHA256
7f806fd3837b47ee2884e7f4995eb477075f7c1c3e7b326d12dd17bf58fa0051

SHA512
12ef484adda79e3e1a58f4be72f55843e239d649af64af8f6df7337837a66fbac9f977dfe0fa7bb62ec9aa18f7b82fcf38e7e0961d61293bdb245cf1b4cda15a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
d2332c0474474003b3a029738db76642

SHA1
43cf18e75026cbc41e8e475dc9befd5fa662d3c6

SHA256
6ca0f0cc0210d6e39c3c0ef5cdbdb75f299933ccd29d36db68fef889d70b18d2

SHA512
44c59df0694991dfe1c4475f840e9887874e65b110828e20bf14ce8459ed01cff4af8f8bd022ee58ab9020f1bfb7b8a358fd2045fa8b9251e60208f3089ee166

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
2a0c83bc4c2a595fe5bc2b217bc66e85

SHA1
2a2661cbb6e170cd4fa30edaebeee864c86a12b7

SHA256
0cba32a8bcac08dcab7e29dbed30671da7ff08811254a5559cc90c2fc683fa62

SHA512
d1f9968c80e699da6a740af3f3802f7456d7e0f5240e3f56f9cf3a1eccc3f42fdb3cedcdbb3b104d58e5ed15f41c4453dd435d18890fdedad53bb880f31a22f7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
724fea48759ddc1bf35cbb180d92af58

SHA1
b50d61875223b4cc87f0912735e11515059c408b

SHA256
1a57109de967513123e73d4ae1e5b662040c10932132e5c58e191fcf14a6e4d1

SHA512
0c77af56e864fe115e7e583df38d3e0cae48b69f57fd1da965b03d469c06556ecf3116f7bd6524b1d18fba655d63389e1ba3e5d9fd2c33479d2a2d8b7716ca8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
109KB

MD5
e46a778dea990ab7f96f714b9c017278

SHA1
3f7de14f3ed220d73c89034071d43c5f9ab88c7d

SHA256
d89d353543bde271e52163772198a400ff9a1bf155db1d5f75e02ce1e255ebbe

SHA512
469602303c3e3a1cde68330951332b93fbe6f526d168ce685353cffebe995017e29072c2c688af20cd6ced6c12a53c95d20b58c53d60b0df4192bf6533edd1e7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5b4850.TMP

Filesize
103KB

MD5
5b774a04bda7cf489928e212e19ae2f6

SHA1
a92f7a90563986452420fa4f5a77872d001c4dc4

SHA256
696e14aad4194118d4ebcb852248af7c39e7785aa99067979cf28c6d4dadf78d

SHA512
ab3cb4be56354ff7970de7f8399f1d10a233a09242582342cbe603995453b871a5384b22f1b75bfa77c1f62864aa4038811f5282cad38f0361225b8543dc268f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit