hxxps://scanner[.]topsec[.]com/?d=3744&r=auto&u=https%3A%2F%2Fmaknastudio[.]com%2Fpkyos&t=a4fe2e96fe6815a71cc8a7f1ae1196e6fbcf1f08

Resubmissions

02-07-2024 15:31

240702-sx6k4syfrd 10

02-07-2024 15:26

240702-st8lasyene 1

Analysis

max time kernel
188s
max time network
192s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
02-07-2024 15:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://scanner.topsec.com/?d=3744&r=auto&u=https%3A%2F%2Fmaknastudio.com%2Fpkyos&t=a4fe2e96fe6815a71cc8a7f1ae1196e6fbcf1f08

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133644078950714415"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exechrome.exe

pid process

4500 chrome.exe
4500 chrome.exe
1576 chrome.exe
1576 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

Processes:

chrome.exe

pid process

4500 chrome.exe
4500 chrome.exe
4500 chrome.exe
4500 chrome.exe
4500 chrome.exe
4500 chrome.exe
4500 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe
Token: SeShutdownPrivilege	4500	chrome.exe
Token: SeCreatePagefilePrivilege	4500	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

Processes:

chrome.exe

pid	process
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe
4500	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 4500 wrote to memory of 408	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 408	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 1800	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 2732	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 2732	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe
PID 4500 wrote to memory of 4756	4500	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://scanner.topsec.com/?d=3744&r=auto&u=https%3A%2F%2Fmaknastudio.com%2Fpkyos&t=a4fe2e96fe6815a71cc8a7f1ae1196e6fbcf1f08
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4500

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffca11ab58,0x7fffca11ab68,0x7fffca11ab78
2⤵
PID:408

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1700 --field-trial-handle=1888,i,7296898952391185249,5000202951227458421,131072 /prefetch:2
2⤵
PID:1800

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1888,i,7296898952391185249,5000202951227458421,131072 /prefetch:8
2⤵
PID:2732

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2052 --field-trial-handle=1888,i,7296898952391185249,5000202951227458421,131072 /prefetch:8
2⤵
PID:4756

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2908 --field-trial-handle=1888,i,7296898952391185249,5000202951227458421,131072 /prefetch:1
2⤵
PID:5112

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2916 --field-trial-handle=1888,i,7296898952391185249,5000202951227458421,131072 /prefetch:1
2⤵
PID:1328

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4708 --field-trial-handle=1888,i,7296898952391185249,5000202951227458421,131072 /prefetch:8
2⤵
PID:4924

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4092 --field-trial-handle=1888,i,7296898952391185249,5000202951227458421,131072 /prefetch:8
2⤵
PID:4504

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=1664 --field-trial-handle=1888,i,7296898952391185249,5000202951227458421,131072 /prefetch:1
2⤵
PID:4108

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3412 --field-trial-handle=1888,i,7296898952391185249,5000202951227458421,131072 /prefetch:1
2⤵
PID:3232

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5044 --field-trial-handle=1888,i,7296898952391185249,5000202951227458421,131072 /prefetch:8
2⤵
PID:4344

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3932 --field-trial-handle=1888,i,7296898952391185249,5000202951227458421,131072 /prefetch:1
2⤵
PID:1440

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4900 --field-trial-handle=1888,i,7296898952391185249,5000202951227458421,131072 /prefetch:8
2⤵
PID:4792

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4380 --field-trial-handle=1888,i,7296898952391185249,5000202951227458421,131072 /prefetch:8
2⤵
PID:3012

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3376 --field-trial-handle=1888,i,7296898952391185249,5000202951227458421,131072 /prefetch:8
2⤵
PID:3988

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3388 --field-trial-handle=1888,i,7296898952391185249,5000202951227458421,131072 /prefetch:1
2⤵
PID:1988

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4368 --field-trial-handle=1888,i,7296898952391185249,5000202951227458421,131072 /prefetch:8
2⤵
PID:2724

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4364 --field-trial-handle=1888,i,7296898952391185249,5000202951227458421,131072 /prefetch:1
2⤵
PID:1756

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2420 --field-trial-handle=1888,i,7296898952391185249,5000202951227458421,131072 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:1576

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:3404

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
1KB

MD5
f94e35ee3c8c5c2b0c8d1351625237fa

SHA1
b85afbccf144853aa87876ff292e09f692f7beab

SHA256
8914688bd6b88f10a59e693556626e3e2c9998779e87ebe1cb13451a4b6f1a83

SHA512
93b192c75e6085b75b96e048c2f5c5db9933636625e97fca72461ad909c2b1b365ade823872b9407257363b9bdbb0600677a5241f9d42467516a464aa8b62235

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
7KB

MD5
6b096be2c60fc988b7de9e4761d690d6

SHA1
db269c7d2610d4c100e7a9457fd50ba9158a8509

SHA256
4033bbd5de323d5e51ca46a1327780eefc592ef27b3e5a1a681fb512cc68c598

SHA512
a8f7f0b68812c4e43c1e10abe92cf30623ffef1ec2cc6fc5914fa0599a76b97e3fedc142d15af1f74103ba06b616f3d2db161301a120a6a156d56a4e9b36d856

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
1KB

MD5
0973dfb28733325fd6f29de41de4d822

SHA1
0e0fa27f03b4445346acc276312ac70337ad7bcd

SHA256
da65fbedf5724a1103d5e9d4dfddfab611f84df1892065ab19349715f34c7106

SHA512
a6174f3120f037db6d0c9ff41a19c6e30703775f9ccdf2d88b7f204709847bc7ebe00c810d00beeb81909d79b1c42766356a9b41ef730cc8510bc43594d7becc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
5KB

MD5
4d03218232045506ec9bb2d3049d337e

SHA1
1679f269fe4286fe2e4a1a1e04dc2099f49eb4d0

SHA256
f11674e3f9b04d4b10c64e89f4c04634eb4cbcee8829591e3edcc74cbcb3e382

SHA512
145f315d749a4420b36e7f0afe6af1dc5b47ecd1c8b0cf5b026865af8c857f712817ca909d582e81ab37b282edbe5f189421256ff1c43c0a64ab6e46db98ddfb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
857B

MD5
202370fd9752fe6f8aa480bf47ca5ce0

SHA1
2f41fd9494f031a3f95e0048ad85ae0a0a291022

SHA256
1a74c6a45368dd4291acddc61072a68fd37cbae1ce74139f753f24971c0146e4

SHA512
1ada48d7a0122c90381f46917d7a671b0836d38f3e30e98b61f7329135a5dd291fb6f451fa7e3a21e7b70fb3f48b9d8fb7e2d622968a2194e1248103b79e0572

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
a9a5fb7ffb0031b7c3a0a4257e335c18

SHA1
b784897d41ac95036bcd058af49ab3228194716d

SHA256
f73606dab23989e0f93902380337e8bf7381b9b5d4366d2199cf9fadc31a343b

SHA512
502991f6a1d78dc8da2e7d8662a0dd0440390024ce0e38b36b93a701f7bd79a9d8d34328a43657cbb53108e43e2236e41c9ebd9b396325b0ffaa7c28d1d3c262

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
2KB

MD5
f17f5ee0af3ef5058e59fa440249e54e

SHA1
19ddc752e6a1e4345bf1ddb10444af11fe8c3c6e

SHA256
eea69f3859d06b89290b4e1485805cac3662a995a31d1da981dea274d5438c13

SHA512
e6b529187ba8c712e3d822d7c71b5e7bab31b682bc2be8f23f7b44120d64d07c255e20878b292ef1073a55061af4a56ea2487c3dfe2ea7f567b4fee23c11b871

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
aeb2ad2f79df050f9da731575094ccdf

SHA1
73f184f53429f2528d6758ad71ab72a29e1b572c

SHA256
606f362de2a39685df706d562161f5d80ecdb733094d9588f9debfc6bac4088f

SHA512
e3b632644d95351cd7d48040c249d27fbe805dcce480c665524cca5086cd2716e89ad242a48b9ecdee19fa042a9b743ad8564d1556a6b885a6d4fa04a9b2dc03

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
4a9822ec8c7782d3f0e45bfda521ae0b

SHA1
4028a213ae04ae6a5e5d5465ce9b976ea3ba43f0

SHA256
c741b30ca38b7a7bed0313b153ab174a16c476c77e23caac5ae08a709f2a9da7

SHA512
255ce59e516becc905117dbdbcb7201e25dcac5d9a978d0517b11c7782fb1232913abc08b424a68d8d4c281d4ae819a2da41082a00a4d7b1938289002f5d2240

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
37478798cb6422c306f6e809c69d1fff

SHA1
ef6fb4c486ef453d092236a5a5882b6b69cdb65f

SHA256
d9370a2f0dee8463edbf227e11ec7e0e6ead22abd40d5ffb505dfe5d2f86fd50

SHA512
3c0a84bdf66260abdf4e4025f3204897173553c27d6fcda37bd04948c0e02cac6e7c8ce17c2cb6b03ae409bcba06777fa959d4d3e966bf25d404b72b2a81cb31

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
255KB

MD5
c03bc5cdc302b91fdc1010f64aaf3838

SHA1
ecf91057a49caaa7b1e26937173cb88e7e5ec3e0

SHA256
1140039cb27e009de363931e21c43383c78c5fada3052c3b2866352382004b93

SHA512
8e8866a316a1752092be254fd21e999dcee06bc18d87d89ab5759075b8c2a84e1a9b7b71d7d1b61c81e13820ef574d6d75246565042d2882116feb7c10d8b666

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
Filesize
91KB

MD5
8cc11f8c1c723a153cfa126daad3cf57

SHA1
da97cf4491d988a032f78500ff35a445bf33fde6

SHA256
1c647f7030a3f5732bb31970185913f2183df583f44a246b46262932985edee4

SHA512
58a8dfbab759ce5265615fb3176b26079eff31d61f49af8c99dfbdc838a1e54a3989d69601be916e1365b0a988bf542812f9f7030e92759d4f06383ff4022b82

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58726c.TMP
Filesize
88KB

MD5
32585c625a102399702bd675cd8fc2b3

SHA1
ec9e13d121b43dcb3e60353c1a8f8c6795bb78ae

SHA256
03774ba74cd5e61a6cfc5d3928e06457f86e511c14064e534fa50d103ada20cf

SHA512
8c4cc948d538c10d70f425ec3bb2a248bd0b81d4b5a3f168fc89d81edce84377b599345a4ab13659accc5be26f48fefd5b2f209b49ce73d5c304cca5c4480f49

Download Submit
\??\pipe\crashpad_4500_KQTFXRWTCKQERVMJ
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit