hxxp://sp-pages[.]info/

Analysis

max time kernel
300s
max time network
299s
platform
windows11-21h2_x64
resource
win11-20240611-en
resource tags

arch:x64arch:x86image:win11-20240611-enlocale:en-usos:windows11-21h2-x64system
submitted
02-07-2024 08:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://sp-pages.info/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133643837430428591"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exechrome.exe

pid process

2060 chrome.exe
2060 chrome.exe
4976 chrome.exe
4976 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

Processes:

chrome.exe

pid process

2060 chrome.exe
2060 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe
Token: SeShutdownPrivilege	2060	chrome.exe
Token: SeCreatePagefilePrivilege	2060	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

Processes:

chrome.exe

pid	process
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

Processes:

chrome.exe

pid	process
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe
2060	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 2060 wrote to memory of 2572	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2572	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2140	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2384	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 2384	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe
PID 2060 wrote to memory of 1964	2060	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://sp-pages.info/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2060

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff9fad2ab58,0x7ff9fad2ab68,0x7ff9fad2ab78
2⤵
PID:2572

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1500 --field-trial-handle=1920,i,13549540673235957620,14234722053991271040,131072 /prefetch:2
2⤵
PID:2140

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1752 --field-trial-handle=1920,i,13549540673235957620,14234722053991271040,131072 /prefetch:8
2⤵
PID:2384

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2172 --field-trial-handle=1920,i,13549540673235957620,14234722053991271040,131072 /prefetch:8
2⤵
PID:1964

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2816 --field-trial-handle=1920,i,13549540673235957620,14234722053991271040,131072 /prefetch:1
2⤵
PID:3264

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2828 --field-trial-handle=1920,i,13549540673235957620,14234722053991271040,131072 /prefetch:1
2⤵
PID:2420

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4108 --field-trial-handle=1920,i,13549540673235957620,14234722053991271040,131072 /prefetch:8
2⤵
PID:1972

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4352 --field-trial-handle=1920,i,13549540673235957620,14234722053991271040,131072 /prefetch:8
2⤵
PID:1152

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4424 --field-trial-handle=1920,i,13549540673235957620,14234722053991271040,131072 /prefetch:8
2⤵
PID:3932

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4460 --field-trial-handle=1920,i,13549540673235957620,14234722053991271040,131072 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:4976

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:1352

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
312B

MD5
3a28aaf453dca24c6923e555d1ca6ca3

SHA1
3437e02bdac503cb056732d8bc6a94ff4fe32ff8

SHA256
87af602b036537df5b7abd04411fc7982a4917b99d930781f74f80f7935d26fd

SHA512
03cdf33b19c111ef70dbe49d99d59d84586594b6cd18a6d55c9e25234e89447373e6b8df7e1d8f6dcc1ae8be38e0ebecc393d10bb7d457e6a3613e7d59ad1c0f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
336B

MD5
94602e0be8220f0bbe0ab7540dde1cfa

SHA1
497d0abe1dde61d50aeb83a265827115af164152

SHA256
044d35567df3b34fb6a53800a7239f58552ea2d5e3b6327157e1effc56245542

SHA512
3f42001c3990e2d58c651714809c9969ac7337d7fb986c8b239217b737242ecb4f5a65462f641b8345032708eededf534d2e2eb9270db43c57076d3b8cc2d142

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
192B

MD5
ea60b92eaa8ce58ef17132e209bd9ee2

SHA1
79d54ea84fa66fe2fd9b28493dc91ae523997c40

SHA256
e3273555de4ce22b0da65add6286a4f52cfb8b04801759c7837405bda52256e2

SHA512
8a02cc4e20595e01fd98928ebc94424bd5de93397d4be95fcbcb62aebb9d5cd19652dcc214fa0e6357be3cbee682b334970b6888135ab63db2454df2dd495ec2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
2KB

MD5
75c588aee87c5529d5c5c1b1f945ee04

SHA1
23e695e8c6fab904f21008601496c1cacbd7a9a1

SHA256
dd73f7c895b27ee1e105872bfa49e4093ed2416056f195b696fb726f0e05e2c6

SHA512
4a054838491235f80f0441006067ec0826575a9148d75db57124cfeed8401f350831352ec89cf53c9b43ae46749027303af5d889407feb61af308814c7161f20

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
2KB

MD5
935f0bcd0747bd5f70bd9ce24ee58ad7

SHA1
a4f5747440a0b8d8d75e61b9a0f3bc6577b489a3

SHA256
e1b3df53be5c919efa57eb7a68c7c14ad9211bf466aa3b577bf20989c84b68d9

SHA512
a17bded65683965629e03eaec7307584b3b7d89bf2b1590e90a01714883a2e48633955732064caf4c3264283a250379543bdf246758b8107f10fdb1b37d8a6b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
523B

MD5
0bf89a1a419ad9a1bc64ee8fa745199f

SHA1
af1a5e888aca04dc89e5e6b8673bde577d63b6c2

SHA256
ed08d256eb06287c68f6bd6a6bbcfa16d8f68a94741656b8f04017e606e94a26

SHA512
2e1463c0712a5a0e3aa95ced50f5db8a2d9219ed3c8282fce5cc2b758d22e20f1388640eac0f7d7ea36111f5725e9db92af51f9ba3ed6074a25ce1ace987258f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
6f76050051ce1f6d9ffaa3da8954ed00

SHA1
11f0d233f2bcb9086aeb9dcdedf79600c0bb81e8

SHA256
71509a7a68d943d10c8bb7999cb56a7048fbc230440823935bfcc27088982ee8

SHA512
b2c5128a2408c5b49f0f743129d01c8147053a7ac9da1f7b4740204657e9fe9a7f511f2a1c7bc9e0437f2ee45d0ff0242857fae37f9038502c122738a9be593a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
1b5cb8418e5b480ec96163a5f3b2f329

SHA1
f0ad2628960546655d73d1076a8d8223d3a328bc

SHA256
954f0147ae6d35c534ce8948ed07b2016cdc979fc69f2e4445ea847c32024c82

SHA512
e899443462c2440b8505ab77d418b6c57e85dc0f10b56ced5709562e1b16abe03d27f23201c5b6a6ef79916ccfa6215a017712f7b47c843919e91cf8798b6f87

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
e623e746b3e1ef644916fb81a2ba6744

SHA1
e5a95c0c53e4794f14d481e2a38f56dde00743e6

SHA256
f50433cbc47a2866837c68f79120f57c3df04c78dd7b3dec281cf2065600d261

SHA512
f0b0395ddd6e495242ef1c348f727ca1d73bc5b1408e9aab608994029ef98f9810294c05e0f58b99727166717590df9cee804e85d92013ee10e046ba7838cd92

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
138KB

MD5
2502c4adfa3c19af788ad96bba70d981

SHA1
eb09391da85aa3bbf755925cf646b8f8bed696b8

SHA256
d3cd1c9f28ee4766edabed75d2c8f9c979954731b8f087b9f064550e81f1fc3e

SHA512
d2272d1be6b3483c7938151d8775de94d704add8ea6bf46229948a296e4a5a6a31f12698d4b3380015f4d7c1ee7e58644fd2f5067ae5fcc3e18d5d939f1df701

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
Filesize
84KB

MD5
226c21719302234da22561e7242f0b4f

SHA1
56453529b239a67fdbf9dff4e9371ac47ea528f2

SHA256
f8ac9eb9ab1e61476740a538596ee2d51a98f2bb6b739c92825462bbda4ecd54

SHA512
6c2c95a094837e6392e5eeb5605c87f19b1668bc3861c8efaa10ec7413edf6fcf4b8e08bc4207ca29ee76e613c2210cb45fe70cffc06908babed6f7264a224b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe581d86.TMP
Filesize
83KB

MD5
45ab74f8ae36637dfe9a638d7767507d

SHA1
ad06b797a7ac400c816fde28677e637803a590e1

SHA256
5bc8fb95ab00ff22007ac439bd6d547dbdea848186a8b6568e471ee3bee34ea4

SHA512
1666358afb78e823a225023cbe2484898d575443a9741c8278005be1941066e19c30b239a8826a30e6140c2c766200a6339044aee25d4b092c3d556a9de4b03f

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
\??\pipe\crashpad_2060_HFRWVSNINBSOXVCA
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit