d53a7858a392b314ef7e63d5d8d2f7fa8b6067dc0b9cc926adf219c0c4c0b768

Analysis

max time kernel
150s
max time network
152s
platform
windows11-21h2_x64
resource
win11-20240611-en
resource tags

arch:x64arch:x86image:win11-20240611-enlocale:en-usos:windows11-21h2-x64system
submitted
03-07-2024 12:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ZOD-master.zip
Size

41KB
MD5

ae6438a5a41352e5b7b37918259bea69
SHA1

684f4e642980875422c1e666ee349d9aee5c337f
SHA256

d53a7858a392b314ef7e63d5d8d2f7fa8b6067dc0b9cc926adf219c0c4c0b768
SHA512

28b14be2cadcc3d37afd2a501e553bb5d8df42cb376609c587348a2bfd3eab35e81b76ff2f61b1951a606739834eda607f9dc4334ea60f00bb806edb269c9784
SSDEEP

768:XUMiHEhp2vCIODrhNGkAalt/bp2GiKlIPJV1Aoi+vZPJSFmGiU0Jv1uwiX:XUKP2vCF1Aalt/keIPhDjZPJSFmLa

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133644851478806587"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2394516847-3409208829-2230326962-1000_Classes\Local Settings	chrome.exe

NTFS ADS 1 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\ZOD-master.zip:Zone.Identifier	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2532	chrome.exe
2532	chrome.exe
2460	chrome.exe
2460	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 18 IoCs

pid	Process
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe
Token: SeShutdownPrivilege	2532	chrome.exe
Token: SeCreatePagefilePrivilege	2532	chrome.exe

Suspicious use of FindShellTrayWindow 33 IoCs

pid	Process
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe
2532	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2532 wrote to memory of 1576	2532	chrome.exe	83
PID 2532 wrote to memory of 1576	2532	chrome.exe	83
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 1428	2532	chrome.exe	84
PID 2532 wrote to memory of 3692	2532	chrome.exe	85
PID 2532 wrote to memory of 3692	2532	chrome.exe	85
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86
PID 2532 wrote to memory of 4548	2532	chrome.exe	86

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\ZOD-master.zip
1⤵
PID:4688

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff9c440ab58,0x7ff9c440ab68,0x7ff9c440ab78
  2⤵
  PID:1576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1568 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:2
  2⤵
  PID:1428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:8
  2⤵
  PID:3692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2172 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:8
  2⤵
  PID:4548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3132 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:1
  2⤵
  PID:2780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3232 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:1
  2⤵
  PID:4160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4288 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:1
  2⤵
  PID:2604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4172 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:8
  2⤵
  PID:4708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4584 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:8
  2⤵
  PID:1660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4536 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:8
  2⤵
  PID:3264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4788 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:8
  2⤵
  PID:4696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4620 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:8
  2⤵
  PID:1060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4768 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:1
  2⤵
  PID:3612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4260 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:1
  2⤵
  PID:4920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3340 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:8
  2⤵
  PID:2124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5112 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:8
  2⤵
  - NTFS ADS
  PID:4712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3536 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:1
  2⤵
  PID:1484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5348 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:1
  2⤵
  PID:2316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5508 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:8
  2⤵
  PID:4952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5532 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:8
  2⤵
  PID:4364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5188 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:1
  2⤵
  PID:3892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=3536 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:1
  2⤵
  PID:1672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5928 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:1
  2⤵
  PID:128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=3536 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:1
  2⤵
  PID:1312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=4736 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:1
  2⤵
  PID:2364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=5836 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:1
  2⤵
  PID:2132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5768 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=5964 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:1
  2⤵
  PID:1700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=5584 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:1
  2⤵
  PID:1584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=5784 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:1
  2⤵
  PID:2832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=5628 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:1
  2⤵
  PID:240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=5576 --field-trial-handle=1740,i,16535736095192641206,14529401799856622905,131072 /prefetch:1
  2⤵
  PID:1468

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:2768

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:2288

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
70KB

MD5
c71e661f482d2a7bfc565060281b324f

SHA1
4f66536e4d59091e4ce33e84207965c51330ecbb

SHA256
60edc95aa4f8233ce27dd1b122a78632a0b9aa5be0f183b27a08dd9fc58a4932

SHA512
7bf62c927d45ba24d1465977e8d741b2aba4faee95f7d3767fbbd781c62b3c6bc97e1fb9f525d43f3c77202ae6f8904f3389c3ffc84c306c43be876ce4a180c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

Filesize
47KB

MD5
127b7a9f7009939d0ae5dd1a48386985

SHA1
f9e981f2fbc6df7e304803153fb6fe40f0dcb6ac

SHA256
9d8e3219c036313e8b27ecb7b91befc49de6a32352a5349656945a7525a89962

SHA512
b1a442d78f6adc7a67f8ee299d46817309798ff2a38a66af2ff03eaa276b3a7967fde34e801dc8488ed75b3110fd01b3a9763f792ce75e21fae190d4779c1287

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a

Filesize
19KB

MD5
f1835bee43eb0d3d612f66e06ff4bda5

SHA1
d3cfde687ff861ffe9e5eab708dafea3374eaf3b

SHA256
150991463676ba1d0dfc77e7dc1cf9820264e52aeb620558aff0cdf9ff1e1914

SHA512
499051a8b1e65ff71e27547b4ede86b8b7d96c2b43843aa44f899d32b578d4e6d5e6838201cd39218eb1720af29b5f641dde386ab81cfd948c6e28f1ff9bb885

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002c

Filesize
97KB

MD5
f03b625b41e6669d63dd48c535134432

SHA1
d09c27990544a1694e0541ecccd0d7095d8af953

SHA256
827f422d8f2a5181e9f316c0b7e076a45d72367c47d8b765d4e811fc75e4fa40

SHA512
d34528736eb3767d8b0a9fcc533cbaf5d87cbd0726a2e251934dd3253070848df9e3e2e1b1b54a6b1e967383b8d289bcf31cf1a9ed0b11a7f7a335dcb1592f25

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002e

Filesize
809KB

MD5
4e0fd939c1a363d23ccae3d7929df599

SHA1
599ce43eebeb61aa36c08116ba84fcc81ea499aa

SHA256
33f2573ae756a04677c62a4a3953160c169226145256d90b0443f0074fe2522d

SHA512
7e269353327b150346b4601a92ff91f6ebfce2004b62f03ed55f977b9ce9a520ede65940eadb85b007e0a6778c7af48d4cf38c028c168e8962cb56388ceeb2f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002f

Filesize
32KB

MD5
d2fa74eca9d32a4d2e972aac6374e508

SHA1
44d505f520ec8840633b7ec0534a98a135f0c261

SHA256
ef08e7461ad13377993a74ae88ea9afcac9d54c3051fc9291cdc1df89ff339ef

SHA512
a6c545da622f610d174431ef09cd466834bf47c14fd9cfa6571a4207452844a161958adf6c30370facae99a446fb7d0a33ef0d6745024430c9c977043ab00f47

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003c

Filesize
206KB

MD5
37271aeccbe5f5ec4c6ee97342525e1d

SHA1
19d5f4102b5a8cdb5fc527477ab12ea335627907

SHA256
fbc8e048168de5b7be1460d488ae927ee4387c7b4409a4cfd8e93702b6a1ed28

SHA512
ff337e686df50e85eb1a63ad582f335c10b0107b840bf121e2800c6c5d694347fbefefce40b4c18838aa2ecd50c552d6383206e1c8132e5c6884721689ef4403

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003e

Filesize
329KB

MD5
389bc2bf98582752a4b510949998b379

SHA1
22d770c03a3dc8f2d09a185cb54cc12539a8d5a4

SHA256
a19c339bbf0a2c72fd8a8649199a72738ba8e76592d1346d55d0caee436fd391

SHA512
164c3ae54ffd18dbdb692480ae3e028bfcfc39bf762416dab64ba6991dd40250344ad36c0c15f73074609fe0072ca770642697a666f27397d95594f843904477

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003f

Filesize
106KB

MD5
12db4747c919800260d71579c658c235

SHA1
62cd7b4d1646452e4fcf800e5c726785fb3eafbf

SHA256
1db7e1a8992d246c5f8f45ac7bdede320af040b05933ea88452b2363e7cffa5c

SHA512
cb7cb75b01d6eb46741c083de628a3a378b5a8f1c93c89fe2249fa37c37fed7f1060799a354754b365cb53da74ac270fa9e586967ea9dbb44a2bb9d9ec4d01cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000046

Filesize
163KB

MD5
d5d7675604340f99633218bbe4793104

SHA1
ca1df39b7a903dbb856a555db75770f6222e7dce

SHA256
f7d966e98dacbf184660988f6b4482396b517d391e4d0475ffae4fa6f40971c6

SHA512
bd202a6a44ba24d784e3a55556b02d7c20738553832bb42d7aa3205b069913e524c08cf0a348e255b6f0c697f118f190bb5056695ee9d37d37296b9675964236

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000048

Filesize
42KB

MD5
54476cef20aa3e041c5b14de32a5ab6a

SHA1
032a1be25a46f795208b0365455d34e1e3b17760

SHA256
189be432c6fdba1e70841382153b3b2ac08aee391c80f6259066364be3ec461c

SHA512
0b8ba7bec920a0b73393fdcdb8fe399473965646b32ddee7a6734fa222476780c40b8ff74e528b12b2844cc15278bf0c065ffef32c227243829950623946d56f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
a03ecdf7c11069a0b64943174a75dd70

SHA1
fbb4c3f9efe6de56973fca844a6003796069e05b

SHA256
353a76e64dd83cb886023f85cf6c790c1a77519911894df0fb0fda1a9ebb5cfa

SHA512
c23ee79d5679d815f6246689a3f82d69401013c721c09578d02437f2e20068c2e794e767f520b1daf850bc3ec436ba2d875480ebefcaae59f958433ee36586b7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\000003.log

Filesize
61KB

MD5
3c1fb06f5db97b84b1877cee16ac69d9

SHA1
d88164a22f02305d1d378c6d1dea3f4dc377abf3

SHA256
48b34c16bc68f33fc1e9245acd527682b6b09555702fe3497044a4ff31bcea35

SHA512
bdc80ed3fdd2243909e096746e2b91c7bad4de7b0b30679fc15ec0244d215038d5cdec9912747e0ca0200b6712c4a81728be8d58568bf6cb5aeedff5de320c4e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG.old

Filesize
389B

MD5
2f9fb9474220de85951ba4e8915df01e

SHA1
5801e21b432728a89caf0572a03dd36026389830

SHA256
090fcd4113693a3778ba3db29c3c43f6a38e3cc20fb524c3c81aa8905685c863

SHA512
86cf208ff47d95ab2dea848ad188d75dd8f923393ada69cf3a4495a91cd511be77eba35885f6cdb9a6cb457c6cce586c5e7dc551a39fbde40d4f149d3ff2c990

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG.old~RFe58e79c.TMP

Filesize
349B

MD5
bced6cfb9f61c0d46583de38e551b4f7

SHA1
cc65d049d6289ca3739e5def76686553e4e72d33

SHA256
452c585db5b54ba6d275927ef37c5a192bab85613c763224939cb7f59573d0c4

SHA512
9eaa68fc61f20d2e8f0b05922e8c5f2f4eb9668e74523e47b28837008ae05574feb0c9f2586a9c23c1739157b8cd134d04064eb64f91d2271d977338c570707f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
c83bffe19681ec14d07e908e64783a67

SHA1
689abf692b46ba31e0d56ae96fb77b32af85f62a

SHA256
ac5e40e265d80aec288f6b2f814d8647c6c52c6b5cb623ddecd44b91cfa69dc7

SHA512
d1c347b1fe5b4161f109f236492c2f22ca387272d70f1057c1a2b2f5549c198eedb939228971f49c830b3c0b59a87f5b2d5083e0235ee7fc87da56a09bf79a00

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
fb809e3989bbc2893c76eaf33f3a10b8

SHA1
4cf0f813dc238d64ce7b300c52d43534231eddfc

SHA256
e0e0844a7013b2223b9aa7996170b3f1c08b89dbd67ec2ee3b430504265f91cb

SHA512
4b9decfdc558dd1eca12f5eca05496d2bbf97362f34e0f142d33db07a1a177617fb124293a75f182c467143d26a8246c1bbde8498dd45328fbbf606eb8581a56

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
da3cef3c23a95c97927ed5c637fad9c8

SHA1
5372fd48e3e0ce19bf06ebdd3fa8bef5ee671f32

SHA256
b04e6af54907b0787b50fd796b54554ece03f102f4d87a11c0271a9d54336f74

SHA512
68130dd03371611325d4336d256da603ea7b47925adc6bbf8cce59d51c46ed218eb654ff46fb21a22702544dfb0881acf01e7d38ae92c1d5c2972c84b78697a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
d2c6da40ce5753a39980e97349b88f4e

SHA1
9605c3d19a454000ec6696f0cf11cde3f7ef17cc

SHA256
fb3b0e825d282dcb56b70f58136cb64cccccd35061910101e85b72617949b975

SHA512
9e4a8302c8e43c4fea0a8769dfa4c7ec7a7d3c6915230959656203cff9ab09317afc9f7fa7eeac98740d0b01ab09b885733edb8963e7e52cc97aa8404adaee33

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4e7192a5e0b250ec0ccfdbcbf3236fe5

SHA1
fed96fb73308f5bc48b5e9a933d60a73e974e489

SHA256
b2bc4efa84e0ea6703193252be132181722b10e38272103c12c23020893e4fc2

SHA512
f4d55f31318def63cfc5c49ad3e0eb56ec9eede417c5b3c7ede6ed63c091108ec3e48b04732900d06e19d1d433e89a326ee0c2186abff4d80f12859610e2829a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
23b83455fb5064ce8cbc20745d8ed73c

SHA1
fa0d40e9b9f792cd598c8af1360ce5216c36a1a4

SHA256
2c3b4d549c40b8babcbda6221df1a3da2e101d9a3d70cf96e1706772da5aafd3

SHA512
e47082ae89bdbd9e664ffdc9748ee58f9f32c4ffc816b8a32ec6060e0c8aea6f77c92e1fd88c3c4745a3b6cccaea73f447fdd8aeba865b87f309f289eb0a27b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
717725f18a4ec7e749e1fe9f48a3117a

SHA1
e313ffd0f70228d710404e7db8932a8db9fcf8e1

SHA256
a50a42f75d207dc829381120ae05b1a200d4e91035f1360391173f49ff2b51fa

SHA512
c6e3bf057c31fdc21e688e05dd943dba860d5cdafedb0c92d416cafbdd6484fdd9918a7fc66938b239f59dd0b209ae4220df6734b1ffb07eff4cb14a0493c4e6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
bb018c2e97a4d5174708172a451fba49

SHA1
faca3fc4d85310672901fc0117e188fe8269c145

SHA256
a2456a557648fa3f15a5c8530b9c692ac3bcc04685ab9a84b726095ee4021e7e

SHA512
a3c5a7e3952a5ded68b2a020345af7e281dbffb9c1b6e71653c960ef31d6270d6c9a5f2ec834c1c8c5c8e13740a196c40b94b5e6baf0b857bf58b1d14c4b5823

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
cdd921d7144f5ce5b13fb03c17adf957

SHA1
b72b4d15a2509c46bddeaee22d21cfe7cff71fa0

SHA256
4a97b56648b78e93d4e7b2447084b71a79b631228330de4f01124d0b90fb9b57

SHA512
162730d74ce001795f1d9a16f0b6a03eaf84a04f32f8d4e16bb900fe23ac345103c79c48e1ff9d6ad62b8974d8758566e0a15fea661d7b786357e2592f8d8f7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
b7960546cbc678564e1e2ad5c2351b4c

SHA1
8554fa2054685d0a06e35ced6e039f8b04cb3048

SHA256
8197b4dcd8bd0c6baea96dabd1078b7d1652d0d185e42f68b07dc7060d79d25f

SHA512
865d4d96bde10a3eba9ec106853ad3bf5da3d60cd16151b7b123cd1aac25fecc92817bd796530cd526837b750e8b2999ca4ea964fdc85d2ecad01f440dc1897a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
b69d4cb7f6d02107789f7484006faba4

SHA1
fe00002865c0bfdd26e09a31b23c8f9815a9ba40

SHA256
c8964aa01452b5f0f70440705cf7d341612d70a539af8a6fe1d76090cfdfd743

SHA512
ae0446fe3418d1025d201b57aebcd926661e0ff2a84093a6d688a74ac7d5af2202bba83b28f2ff743c7a0170d3e0f9fc7a632d9d2bb75f05e0a857417bb167c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
e2281fc03ca5fd5695a9ad38f1bd43ad

SHA1
df8d433882df168da498981dca6e2653c00d3b17

SHA256
e5eb54d6b7f41dac6d691a2a0bb9ef38e96668c45861fbc629a86e7988bbb847

SHA512
36063b2a6cfcb1744f6822a13d7ceb646ef5e979f286b625cbd2b471256298df8129a2cebeb01c20190de9a948749d8b72230e2cd58bacf65cedcd8db920ee25

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
da7ba46f9520f225a363a6ff8e9420e1

SHA1
c2854b4c08ac9260b13fa4bb6c9108eb982e3a31

SHA256
b79b80ff571045ad25d301882a5aae9e19cfa4d18c24be88c1262b57be7f5d71

SHA512
895a26157845d29d28725c4f04c91d466df7d2571217314a29c2e12ca55e184d5d546bd616f32557a99664616a433d6205936b3834282b3ba398c2996b0e7872

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
1ace95f2cbe7e28349b00319bba75055

SHA1
29e7c8b3b11d0b92dccebf32acbd2764190da9ca

SHA256
1d0fd9f755406743f4ea1e35493ed1d8b7b874ed847cb27a5e8fb0315f24b246

SHA512
76d5b81987e4c2f8226fbc9f887f152b759306dc138077b9501be16bb8ba0b3fd823afc3dd24d41f542d8be2d5fb0eb84e767f1e976748c21f743d08b19f7303

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
4fe74b9cb0176926b589dc2b8d11fa54

SHA1
b32efef84e98b1f1d12f59c77c1c37da177d5975

SHA256
ea2fd30f66c72d984557195e5c040b27bde646f5180d550e3b3852f9c2c9f829

SHA512
a6347851d9199f747a6a544e9295ee75981cc7256e8144460a1847707f75d664a023319d73897899aa8a4bf4e9a5d5c4742b7975462636a8da352ef838d6e305

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
16KB

MD5
4b703d90e6407dad365be164a5b17145

SHA1
ee9f2ace6e4d06086a7c146a41e532ecf056aae9

SHA256
238f0f2f5947bb399e92868c62f9b85d61f65b69f7ce985ff766227897737613

SHA512
6b83e14d31d2bb2b12398550803feed4626f702c9b8b81d7ad8250fe7e93bc7dd3bae8314a9ae1bde0ba476d46105584698ac14d8e8f27cf596ac0412da1bee3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
94275bde03760c160b707ba8806ef545

SHA1
aad8d87b0796de7baca00ab000b2b12a26427859

SHA256
c58cb79fa4a9ade48ed821dd9f98957b0adfda7c2d267e3d07951c2d371aa968

SHA512
2aabd49bc9f0ed3a5c690773f48a92dbbbd60264090a0db2fe0f166f8c20c767a74d1e1d7cc6a46c34cfbd1587ddb565e791d494cd0d2ca375ab8cc11cd8f930

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
14ddd998198889e633d589bdb62d850f

SHA1
1dbde369254604dc984012f85e41c393b2d4389c

SHA256
a98c3c404c7d3778a90418abc3f0145579c6bd7c23d5969fd6776acd18cfdebe

SHA512
4f6cfc66b9ece98ecae93035d76ec7b0e1ef48250d230ffdd321873f5129e03acea68d6a8c7faae9b47b99b20d64d789340551c8672c9eb62e3915b2fa8eda7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
2cd67bf52759e346719f71c2d619ed6b

SHA1
a4c21de5ca4c6ca2fd3060f42cc91b664345d71d

SHA256
0d87c52a9976c4b600e64d9fd84e748e4063dbf1b221bc054c44a122e487b167

SHA512
1e61445351aa2cefb00103b73d2ab5c02299d39bfe52d017219e183c9a44765e8520405ca8a49d7df5c72081e11fd6d04551c897236f82a4f13e874b382e1a1f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
5f85cab874cc650bb98562c791e1a02a

SHA1
f4b93c55195d8b0c0fa8691f375a1be087151e30

SHA256
9390fe1e218dcfcb3d52e88432c077448ba8e371dfe7e68d1d627e7a671a8d45

SHA512
2846788906dcb5c594cf753c724c647c7616a933b51d54d300aefa2ee434a9c981362db9a25bf544e121212c11c6ea8f04828084534542ee74ec2704a9130e79

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe58b282.TMP

Filesize
120B

MD5
9dc38ff49fc3bb7ca19d05b94ed83440

SHA1
8e9906413d1884670e733a4d24baa4daa847bde6

SHA256
7d1981dc2768f3e8bfa76d8f8625a84d66c93dac57a7383d3ecf40f316a4a944

SHA512
fcd1fe5c08a2823bf74f52d6fd8a1a4f31251c37313e043661b94b6b24c32ca94c39f4253bbdcb916ad7dd56d58d15a291fc7d6de2bfaba4811dde70b7cabec6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
279KB

MD5
1c6981af3b26070f0876ec2a11c266cd

SHA1
c2593645d52ebd7fc96efb0fc2c9a71205fa0f80

SHA256
eeab57db9a9553bca5d249ad9d28ca2e6df9adbce731539ead27b66b3702a3f2

SHA512
6ba36e92e153065d4b49347237bde645e42f8ca55e5e5ba6fece7cfedd59e96d1233c6259ee46403d77bf1cbb4b2f6b942e20e765745009057cc2fe8c3ce0742

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
279KB

MD5
bd1426ea2a41a69f9e94f6c946910b1f

SHA1
24ad9c53f149b547804e2889dc4c572c5937faa2

SHA256
ac4a07915b6d5cb55123533e7c9cd8ce6a1d16f0c36866c4dbf9ccee2e8be405

SHA512
6081f7bb8e5afa89587be30f1ae877bd9c67f07d040f939a9dd1c08425d70be8351d03c4c026b8469cf98a3023452eda2256e86a9b2880530516d0754c302e81

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
279KB

MD5
cf72d15e7d5ebf44009e3288a5732423

SHA1
786cfdc373d1577b6e26e14f3b5186b815700313

SHA256
7378ff029b71e88efcd8bbb98ca3f827e9fc9b0c029c67e5f785b209562821b2

SHA512
7212ea7721af327cf568e91eb0a475b4a126a5eac1e01c6af69ebe4813c4f2b28b3a26d8755aeb1b75b6f3ac8824c38d98e0f072fcb56f7f9202fa1d55a339b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
279KB

MD5
e3133c1f771cc01efdc3bed03a7d7f00

SHA1
d6595709367b031a6892d8f23613f3db6fa9b2e4

SHA256
a6884305da084ca931934dcb826e63bb564b3200d49ac6898b2651c952d25684

SHA512
9debc11420c53c9ad92867980791d120636df46d84d723ea654249a6879f624f23c6210093f1ce59afed2aa1dfe1d72acbdbf1f0f39ef80ae6e22ba0bedd1eae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
94KB

MD5
aff4f2c947bc0dc6441b4a1630a7c9a2

SHA1
86555a840dfbd8756ca8b39f92af886260d562dd

SHA256
bda972490d876e5ed3a025b18992bc4ed08d241e025db2e7690c4128d282f2f1

SHA512
edf1564fbbfe1da853e4d8f397f6009b87f4ed86472528e28b5d598e864a7133e753aa811d43cc467ae81961ac28b16be1c4310b8fd946ee95dba75d8fe03515

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57effd.TMP

Filesize
82KB

MD5
c5a04c59a7d42a503dc630dd1098f713

SHA1
e80f770bfb93aea8424a5ae9be33746719ae28a9

SHA256
75a477ca139ad347d8f2e6accaa3fb992ab923ae34bf87d4a390f4299e940d5c

SHA512
c563d18cc086e430e3723e746377236cbff8d53aa0467cf949ea82ffa11ed6dfc5fdda9dc25f417dfad8be11cc2fa14cae4c22dc932ab5a01afcd921060b11ef

Download Submit
C:\Users\Admin\Downloads\ZOD-master.zip

Filesize
41KB

MD5
ae6438a5a41352e5b7b37918259bea69

SHA1
684f4e642980875422c1e666ee349d9aee5c337f

SHA256
d53a7858a392b314ef7e63d5d8d2f7fa8b6067dc0b9cc926adf219c0c4c0b768

SHA512
28b14be2cadcc3d37afd2a501e553bb5d8df42cb376609c587348a2bfd3eab35e81b76ff2f61b1951a606739834eda607f9dc4334ea60f00bb806edb269c9784

Download Submit
C:\Users\Admin\Downloads\ZOD-master.zip:Zone.Identifier

Filesize
149B

MD5
4ae118452f09bce34af4868ce038c106

SHA1
74a2858ba5376d2bd9c389359acefe95e07d6bb4

SHA256
b48f8adfc4a9153880e7030e213b50071919fdbb7872f62d083c89d12b67e1af

SHA512
02218946b0e96b602e2e61f62efdaeab6a9fa0f5430d4177e60f3c9bc71b14ce8e67930c78f8c02d2b8854f9ef8c92a60cb2098577b1eb262eaa98979d835de3

Download Submit