e7c86a734df3942463079883b96930f223b3cd40b501d32c3d143687d546d444

max time kernel
81s
max time network
69s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
01/07/2024, 15:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

NXOV4.2.dll
Size

1.5MB
MD5

2fd3f4348ffc36ed2edb18c1c204bd3e
SHA1

1295a7987084a4c31a561518b4ea936ba05701eb
SHA256

e7c86a734df3942463079883b96930f223b3cd40b501d32c3d143687d546d444
SHA512

97fc477cd153ad811ceadc60443af544137fd5197c7ba99f6dc05e19aff3d8d364ab41efdeb87b067327d2f4b331173efe1daed3804d8594bf62e046f5399d73
SSDEEP

12288:jWcvWYVU2jcnUh2+gkE+sPIdAfBXjvtQ2U1YMGI:yzUh2+gT+fMfQgI

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133643221107278497"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2444	chrome.exe
2444	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2444	chrome.exe
Token: SeCreatePagefilePrivilege	2444	chrome.exe
Token: SeShutdownPrivilege	2444	chrome.exe
Token: SeCreatePagefilePrivilege	2444	chrome.exe
Token: SeShutdownPrivilege	2444	chrome.exe
Token: SeCreatePagefilePrivilege	2444	chrome.exe
Token: SeShutdownPrivilege	2444	chrome.exe
Token: SeCreatePagefilePrivilege	2444	chrome.exe
Token: SeShutdownPrivilege	2444	chrome.exe
Token: SeCreatePagefilePrivilege	2444	chrome.exe
Token: SeShutdownPrivilege	2444	chrome.exe
Token: SeCreatePagefilePrivilege	2444	chrome.exe
Token: SeShutdownPrivilege	2444	chrome.exe
Token: SeCreatePagefilePrivilege	2444	chrome.exe
Token: SeShutdownPrivilege	2444	chrome.exe
Token: SeCreatePagefilePrivilege	2444	chrome.exe
Token: SeShutdownPrivilege	2444	chrome.exe
Token: SeCreatePagefilePrivilege	2444	chrome.exe
Token: SeShutdownPrivilege	2444	chrome.exe
Token: SeCreatePagefilePrivilege	2444	chrome.exe
Token: SeShutdownPrivilege	2444	chrome.exe
Token: SeCreatePagefilePrivilege	2444	chrome.exe
Token: SeShutdownPrivilege	2444	chrome.exe
Token: SeCreatePagefilePrivilege	2444	chrome.exe
Token: SeShutdownPrivilege	2444	chrome.exe
Token: SeCreatePagefilePrivilege	2444	chrome.exe
Token: SeShutdownPrivilege	2444	chrome.exe
Token: SeCreatePagefilePrivilege	2444	chrome.exe
Token: SeShutdownPrivilege	2444	chrome.exe
Token: SeCreatePagefilePrivilege	2444	chrome.exe
Token: 33	4636	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	4636	AUDIODG.EXE
Token: SeShutdownPrivilege	2444	chrome.exe
Token: SeCreatePagefilePrivilege	2444	chrome.exe
Token: SeShutdownPrivilege	2444	chrome.exe
Token: SeCreatePagefilePrivilege	2444	chrome.exe
Token: SeShutdownPrivilege	2444	chrome.exe
Token: SeCreatePagefilePrivilege	2444	chrome.exe
Token: SeShutdownPrivilege	2444	chrome.exe
Token: SeCreatePagefilePrivilege	2444	chrome.exe
Token: SeShutdownPrivilege	2444	chrome.exe
Token: SeCreatePagefilePrivilege	2444	chrome.exe
Token: SeShutdownPrivilege	2444	chrome.exe
Token: SeCreatePagefilePrivilege	2444	chrome.exe
Token: SeShutdownPrivilege	2444	chrome.exe
Token: SeCreatePagefilePrivilege	2444	chrome.exe
Token: SeShutdownPrivilege	2444	chrome.exe
Token: SeCreatePagefilePrivilege	2444	chrome.exe
Token: SeShutdownPrivilege	2444	chrome.exe
Token: SeCreatePagefilePrivilege	2444	chrome.exe
Token: SeShutdownPrivilege	2444	chrome.exe
Token: SeCreatePagefilePrivilege	2444	chrome.exe
Token: 33	4104	chrome.exe
Token: SeIncBasePriorityPrivilege	4104	chrome.exe
Token: 33	4104	chrome.exe
Token: SeIncBasePriorityPrivilege	4104	chrome.exe
Token: 33	4104	chrome.exe
Token: SeIncBasePriorityPrivilege	4104	chrome.exe
Token: 33	4104	chrome.exe
Token: SeIncBasePriorityPrivilege	4104	chrome.exe
Token: SeShutdownPrivilege	2444	chrome.exe
Token: SeCreatePagefilePrivilege	2444	chrome.exe
Token: SeShutdownPrivilege	2444	chrome.exe
Token: SeCreatePagefilePrivilege	2444	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe
2444	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2444 wrote to memory of 944	2444	chrome.exe	83
PID 2444 wrote to memory of 944	2444	chrome.exe	83
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4632	2444	chrome.exe	84
PID 2444 wrote to memory of 4780	2444	chrome.exe	85
PID 2444 wrote to memory of 4780	2444	chrome.exe	85
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86
PID 2444 wrote to memory of 1064	2444	chrome.exe	86

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\NXOV4.2.dll,#1
1⤵
PID:3608

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbcab7ab58,0x7ffbcab7ab68,0x7ffbcab7ab78
  2⤵
  PID:944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1736 --field-trial-handle=1632,i,4510672692655683898,2291294661764062831,131072 /prefetch:2
  2⤵
  PID:4632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1632,i,4510672692655683898,2291294661764062831,131072 /prefetch:8
  2⤵
  PID:4780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2232 --field-trial-handle=1632,i,4510672692655683898,2291294661764062831,131072 /prefetch:8
  2⤵
  PID:1064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3080 --field-trial-handle=1632,i,4510672692655683898,2291294661764062831,131072 /prefetch:1
  2⤵
  PID:4916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3088 --field-trial-handle=1632,i,4510672692655683898,2291294661764062831,131072 /prefetch:1
  2⤵
  PID:3176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4240 --field-trial-handle=1632,i,4510672692655683898,2291294661764062831,131072 /prefetch:1
  2⤵
  PID:1044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4408 --field-trial-handle=1632,i,4510672692655683898,2291294661764062831,131072 /prefetch:8
  2⤵
  PID:3444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4556 --field-trial-handle=1632,i,4510672692655683898,2291294661764062831,131072 /prefetch:8
  2⤵
  PID:2392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4496 --field-trial-handle=1632,i,4510672692655683898,2291294661764062831,131072 /prefetch:8
  2⤵
  PID:832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4724 --field-trial-handle=1632,i,4510672692655683898,2291294661764062831,131072 /prefetch:8
  2⤵
  PID:3388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4940 --field-trial-handle=1632,i,4510672692655683898,2291294661764062831,131072 /prefetch:8
  2⤵
  PID:2524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4676 --field-trial-handle=1632,i,4510672692655683898,2291294661764062831,131072 /prefetch:1
  2⤵
  PID:4972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3084 --field-trial-handle=1632,i,4510672692655683898,2291294661764062831,131072 /prefetch:1
  2⤵
  PID:1048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3212 --field-trial-handle=1632,i,4510672692655683898,2291294661764062831,131072 /prefetch:8
  2⤵
  PID:1368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3316 --field-trial-handle=1632,i,4510672692655683898,2291294661764062831,131072 /prefetch:8
  2⤵
  - Suspicious use of AdjustPrivilegeToken
  PID:4104

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:2984

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x300 0x428
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4636

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
0cd429098412849541cb95afaf497de7

SHA1
34fcdc8c1708981ab8e69a9ccc50ab898d7f7df3

SHA256
d987cb1f82d1cfa20deebd5947b3ce1b9ae9ca25cb7df736727c507a3a17700a

SHA512
955809ff9150048d9b739222dfe4c1cc7b4f330cab2858b74ba1b8af8514f1d97268812c0ef81a3d926c9928fab845515a0fbd834a8dd1d0db39359001ce5f03

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
202KB

MD5
9901c48297a339c554e405b4fefe7407

SHA1
5182e80bd6d4bb6bb1b7f0752849fe09e4aa330e

SHA256
9a5974509d9692162d491cf45136f072c54ddc650b201336818c76a9f257d4d2

SHA512
b68ef68c4dcc31716ce25d486617f6ef929ddbb8f7030dd4838320e2803dd6dd1c83966b3484d2986b19f3bd866484c5a432f4f6533bb3e72f5c7457a9bb9742

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
336B

MD5
9f5ed360f0028794b47a301247d1f054

SHA1
550e81ac077ba3a77fb509711e16bd4de9b7de19

SHA256
04a3899738af861ce4465194e8faf5af8ceed10ee979b4bc0e1e489b8975134c

SHA512
5f168a2975965fa3282117c2d24bc06fee3bfd29f160d4cd7ac2feff6036c5807e474d1228242b74a85bddfcdc1014151c458d0ce68c431272c0efc434927c6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
fa4b5a07d5374cb208e9c6d7533c957d

SHA1
f0271d999bc41c0e60bb69d31fefc5075e44724d

SHA256
3b1dd251098d393d7312da38d82356d3a42492693e87b8563cad3964f47f683c

SHA512
574465ed25795656c2e2fb10eaccca79b0104176b349a8ad08d272a79c816d7f013ac8ebad60983346f4f077de8a68c3f8c78dd78301a4d261334d803778e26d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
f55e323421b1c3fc39c8986159bd1ea6

SHA1
5283437fd40920a52e339d572af612333f3a7ee3

SHA256
bc7330711c5071f444b111882407749e2f3483672756bfbcaa13849b2ccc7b8a

SHA512
24dd5a240528b4d5d01cb18a5b105fbfcf79e04ad655a8a6dd398802fabcce978ecf5454a7c0c7c02d80535becb14a3a071bdd9f91619d7455dc80626405ae12

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
37c712c30ba6451987f007276db27d8b

SHA1
9633967bdd2d0c4e0e7636cbe88bf256c5864c66

SHA256
cef50ac559bcae6a31553477a86753ace07e5b188170ec787e86576dabf9a9d9

SHA512
d238c9968329af9fc185a7e04db811f75f18167585bf24331aacfb0d0b59f1a454d75421afe12b0fc308d0e0363cfd05724a0e09cad152f79c6fb5e4f4b11c43

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
6bc600ce539708754837919fabf00f04

SHA1
e171a6e9f92af6d8ed4c8795a99f830ca9017cfd

SHA256
3aae6b46db5d6c140b70d89e07c8ce9acc2603f471857d83cdeab132a123e3ff

SHA512
9bd679659b827c38c6a3ffab192bd278e9bb7150dffcf90c67bc3390e2382ccbb63d82ed56e340ba0552d214794edf5e8836f23114c24a5bb20aa8548b31443e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
837619b75458d09ef333c5740459b6ff

SHA1
c9c5f399bcd8cae61e3f267f2b6389ca9d2dbc28

SHA256
d9461d67c747ccd52c2f53bbd6ac99912744711cbd56f43d373902a5c0d0a5ec

SHA512
4acc7502c3d80c0db10a14902b4b012a29ed8dec44ab58314cd741943ef6cc06992e49871dfe86af937f2174c0b2dc8608cd144a9c5c01f91a8e1a59407f5100

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
90c7bbf168c95a6afce87a5a0cdb1157

SHA1
6e86703e3a2bec25e1485b634b81bd293cc2ac68

SHA256
21e41f87d84fb24b060f1c346859f13d406deba55718cb9cb2607a0719d00539

SHA512
11dd234730c9921decfe65d65da6b32fa3fc27502de8ec996f622634ae73e270c224a3c9b2b78bf7d701940a72d0a89f43877c87787999ef003f892b950ee777

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
16KB

MD5
e8926c1f9c32686815ac696baa4bc88b

SHA1
6d3290428ede113e4ffb903cb2a15bdb4548e2a1

SHA256
e3a31dc33c08a8a4bf7a8de3cb3b10fdef826f2b6c5c4c45800104c2ca5c03dd

SHA512
99c0844b49eeff31263b08327f5848cd08e7e41cd921e7517ff64a650bd5b20c95cadb11048283ab81c29eec0498f1844e249710828f7f5f2cee35bf849b48d4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
269KB

MD5
1e090bd6c9184d9d23d94dd898fa8616

SHA1
50f69fdca44e87543d721efacf832e2b2fdf3452

SHA256
7e13c8c68992479069aa3e2d748b0eb3ebef37dc197d9cf38934654c3dbb3657

SHA512
15b2d6d84bafed75c1b1a8d83f48c744a12abd2f3cb7c47f9e3ce4108640552f928ceb8eb2d0cfbd57beb583f39c228ff250b700f7693a545d0dc0d65aa7f941

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
269KB

MD5
d4139a6acbe47c6b417ad967b9de2861

SHA1
be640cb88909891f70d0a4e9f99a4ddf45df6bb3

SHA256
d49dbfe62b759f9160f5655a4b8a63e7315ae23abca10a4d7861a1a4c41c1704

SHA512
d48dee803e8642ee9c99f55baf818c1aa4da18cbc8ca52ae8fdec839bba798b12a2c57f017ac9b1d679dffd9d324516796c995d0d6c15baa184431773ed8a7a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
269KB

MD5
e4ef58995857815793b52b79ddca9bd9

SHA1
c89155e103e20386285c8992fc4cc44d758fa1ab

SHA256
0a73c43a8d0910956c0c0b85144e5b4dd9b5d6a3813e60b1de936580788bd010

SHA512
b3ed4482287171a09a759e1efb3cef7c94a32d718735ddea41549bf74b2553366ae56d30a70d0338282d6f8ce79bbe813f8de483ea6a0f692b9f3eec38aa43a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
89KB

MD5
b4cb1519689ed2158227e2f50d082c6d

SHA1
71e37a8f6c36ff4a5f9a44797b4945334a0e2fc6

SHA256
2c640ea945868f70ac2b5271a71c57a0d126bb0f3f21d90053a91b939f0e7e39

SHA512
c830918ac65aab1f4c78a0e0315a65f0243733f446bf291a94499ba58ad51ea5875fa7a8f32500bf405749ecd8495b6e4eee1f3791bd410301a994d990296f7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57c331.TMP

Filesize
88KB

MD5
465a076df9ec67decc74549dab0235b9

SHA1
b2640475dc59800ddbc26c1ed6074a74257ec990

SHA256
a51c25db61abb4bedf7326544b9f0894e256807ed939ca2c0f027b0e6e4549f8

SHA512
c1965708e49281fbe382f5363f03aee8b85f4cab6075f308c0a1efccebbd16245f94815c5d52a1ce04951d2d6396c3780d32122e404ad21f7b83b89a725fe84f

Download Submit