hxxp://meatspin[.]com

Resubmissions

01-07-2024 10:54

240701-mzmyws1app 1

01-07-2024 10:47

240701-mvq5razgpp 1

Analysis

max time kernel
149s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
01-07-2024 10:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://meatspin.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133643049189274013"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1404	chrome.exe
1404	chrome.exe
4588	chrome.exe
4588	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe
Token: SeShutdownPrivilege	1404	chrome.exe
Token: SeCreatePagefilePrivilege	1404	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe
1404	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1404 wrote to memory of 2424	1404	chrome.exe	81
PID 1404 wrote to memory of 2424	1404	chrome.exe	81
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 1320	1404	chrome.exe	82
PID 1404 wrote to memory of 4516	1404	chrome.exe	83
PID 1404 wrote to memory of 4516	1404	chrome.exe	83
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84
PID 1404 wrote to memory of 2784	1404	chrome.exe	84

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://meatspin.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc763bab58,0x7ffc763bab68,0x7ffc763bab78
  2⤵
  PID:2424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1708 --field-trial-handle=1876,i,7032837268637756374,8375687465184142511,131072 /prefetch:2
  2⤵
  PID:1320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1876,i,7032837268637756374,8375687465184142511,131072 /prefetch:8
  2⤵
  PID:4516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2184 --field-trial-handle=1876,i,7032837268637756374,8375687465184142511,131072 /prefetch:8
  2⤵
  PID:2784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2992 --field-trial-handle=1876,i,7032837268637756374,8375687465184142511,131072 /prefetch:1
  2⤵
  PID:4204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3012 --field-trial-handle=1876,i,7032837268637756374,8375687465184142511,131072 /prefetch:1
  2⤵
  PID:1576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4116 --field-trial-handle=1876,i,7032837268637756374,8375687465184142511,131072 /prefetch:1
  2⤵
  PID:2524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3300 --field-trial-handle=1876,i,7032837268637756374,8375687465184142511,131072 /prefetch:1
  2⤵
  PID:4732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3260 --field-trial-handle=1876,i,7032837268637756374,8375687465184142511,131072 /prefetch:1
  2⤵
  PID:1368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4640 --field-trial-handle=1876,i,7032837268637756374,8375687465184142511,131072 /prefetch:1
  2⤵
  PID:3092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4140 --field-trial-handle=1876,i,7032837268637756374,8375687465184142511,131072 /prefetch:1
  2⤵
  PID:2788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4744 --field-trial-handle=1876,i,7032837268637756374,8375687465184142511,131072 /prefetch:8
  2⤵
  PID:1120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3116 --field-trial-handle=1876,i,7032837268637756374,8375687465184142511,131072 /prefetch:8
  2⤵
  PID:3828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4236 --field-trial-handle=1876,i,7032837268637756374,8375687465184142511,131072 /prefetch:1
  2⤵
  PID:228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4996 --field-trial-handle=1876,i,7032837268637756374,8375687465184142511,131072 /prefetch:1
  2⤵
  PID:4972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=1660 --field-trial-handle=1876,i,7032837268637756374,8375687465184142511,131072 /prefetch:1
  2⤵
  PID:4680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4836 --field-trial-handle=1876,i,7032837268637756374,8375687465184142511,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4588

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:2000

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
211KB

MD5
151fb811968eaf8efb840908b89dc9d4

SHA1
7ec811009fd9b0e6d92d12d78b002275f2f1bee1

SHA256
043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed

SHA512
83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
528B

MD5
a74efcac9881d27f31f7b79bfa532355

SHA1
cbae98cddbeff297e6745db20c1747ccf5a2a3bb

SHA256
f05e6f3a3d716bc9e2dac48bfde444fdcfc2d9ab0cb2045dbf8afff24345f9f6

SHA512
76b27edbb92660ab000315f226eb84a1a1d1fbadedd9685112ad00addee716a96977f9dac25396992a7c196493ab08f1e3ca4b57812e8ef2e7df9daa26c2d664

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
9b61aca132a873702ba6c94219a4a0d8

SHA1
803c3998d53df88f3a67f79664558ce22be61fa3

SHA256
c8b30e0e0652e529cf6ecc00537c0c80abb396a98a250b6562862843638d307f

SHA512
a003a1e91edf8201cae2577cc8fa432a279f6ad6237ce6877e3d9fb72703564bf7f8a4b7802ae7ce2063b47507996cc60f8b00dd3f551e3e36897aff0b6fe0ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
e9563ea3628032bfc742f8e5cab261d3

SHA1
6d144e8ec7b51fcb035c393167d2971c090dc0f2

SHA256
95a1239962103f6a026e1304b983fa98c083423daf84d782298d1da85d86e8f7

SHA512
bea384a84ad6db6c0dfeaccd9900baaf300d6b120ae7a0420bc239ede9b55521fcc9eba34972408eba3110d0f6237364f41e9eb8554c1b93146c99742fdb8273

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
58273e1c02f5e3972c4bfeb5bbca342e

SHA1
259a95aa951b6a891075d3a21434a83d7c5164d3

SHA256
2b3508dfa0083556fe1a3f1245749e267607891e5eb5cda0605db8fab322a5d3

SHA512
f20d392eb7298731273482d916c74d4444178a85265a3eb4b9fb0f72ab086014f710fa3ca369fe6bd98274841d70e5ed874b76d6ff03907df88c443eca4c39db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
87be51a9b8745e1030151ca2f81d846d

SHA1
2bc6bdb1c55f7c3f1c1dd698f8f63ea303e71649

SHA256
0c26f2ff6c5294f2b846364d6e7deb34c971047567a555198c8dedc6ebae350d

SHA512
2a0397858c422b3df2587d12b7e5308f54a6f8cb0c07f215f175fba0b465c5073a02f2f9fb32cdad035069ee7af00afd8b1aeabd341a14a42ba0a6e607c0647c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
8bbfb8d2658b6bf2f2718d9c243169f0

SHA1
2cfe0f3ab719a4687620c4d02a17cffc8a1f211e

SHA256
b99da37774d222fc4f3969df6c11988d045e3fb8a3d78d862abdcb861668555d

SHA512
495762f2cde742ddb6da7602242c1efe2ff3fb4119d36ab3c12fb9c21ad76caeeaf0b2dc87227bc13cbde63e06621998346c1d47dde8f3c7af7ffece6e990bcb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
3bc4ad0467cc92efce1035e95a1a9ad2

SHA1
13b253b108c4c50f63fb11ae28f788cca4075a19

SHA256
76598f3ca07faff19fb49d1ce773d5ae81de3ae65e185af08f8de715984014a3

SHA512
b931c46b8a465d6960f18d38f2121e6fa1a19fc57a78fa04a77768c5468d1973bf406d20165ef7e30b12faa7ea6c189c9a04cd12a30ddab6de318cec91c9c0f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
42079602ad5fb24015d262ebaeb67651

SHA1
9cfd8e1495422e96cda09e2f2a7e102ddac91e18

SHA256
b148a04296400b7617ea66d38d052bcdb3382c549d8167c5ca6a96ff2eca693e

SHA512
17f90b038e6116da82723b20d043966b4a8fb283d824b30ef7577ea1caeae0850a33e8eae259105d32b975fcb5411e0b0fb3ade272780891539e708861427ae7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
f30b7bb2a0cdfd2097bd51ce13d1acc4

SHA1
0a9aece58712c0ff7a56108026a0983b8e6e9ea9

SHA256
e1bb97e6af411285788ea553fdae39597cfd9b9a3e89cf47b3ef2b6299604dd4

SHA512
da9a0ebe57e7150a55a070ea8ce410983f265ba61412aac7b3b7081261f8a366545ff6e5a109a8a6ba3917607e5ba7a4121b8a4ca5044ec6e5ae3ae44734296c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
a792144a9810a65345b664fd8cca5cbb

SHA1
e47bc791348394755fa47a5854920c84882ddfac

SHA256
d362ab1324890901fdc2e9fd12a2958f73990e033e17466611f971b98266ec89

SHA512
00aae93fc8af399616f10325d15e3d205e685f0a27e7bbea559dc8cd6835a16fb03fc7b5be635a88ad369823dc3852d7fb9d19c368fd93885ddfc893ae199020

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
129KB

MD5
b5e11f620543fa9f3e49afa95640e8f8

SHA1
eb8540c66a68b41392200cc4cad517701c924ac5

SHA256
8793d75cab38ec09c007fc7baa9a5c9e934bab379e7b95e94e3b39f443a6d5e4

SHA512
0404a22b5b05432a40402c8a5e4074b3f0ca5e1741cbbefdcee16d752bd8d95bd1fd683c6d933fdfc9683c104b66d964813c3fc08cd14783c58974e212a3a4f6

Download Submit