hxxp://amazon[.]com

Analysis

max time kernel
1799s
max time network
1792s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
03/07/2024, 16:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://amazon.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133645024518463354"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2676	chrome.exe
2676	chrome.exe
2368	chrome.exe
2368	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe
Token: SeShutdownPrivilege	2676	chrome.exe
Token: SeCreatePagefilePrivilege	2676	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2676 wrote to memory of 4116	2676	chrome.exe	74
PID 2676 wrote to memory of 4116	2676	chrome.exe	74
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 2964	2676	chrome.exe	76
PID 2676 wrote to memory of 4180	2676	chrome.exe	77
PID 2676 wrote to memory of 4180	2676	chrome.exe	77
PID 2676 wrote to memory of 68	2676	chrome.exe	78
PID 2676 wrote to memory of 68	2676	chrome.exe	78
PID 2676 wrote to memory of 68	2676	chrome.exe	78
PID 2676 wrote to memory of 68	2676	chrome.exe	78
PID 2676 wrote to memory of 68	2676	chrome.exe	78
PID 2676 wrote to memory of 68	2676	chrome.exe	78
PID 2676 wrote to memory of 68	2676	chrome.exe	78
PID 2676 wrote to memory of 68	2676	chrome.exe	78
PID 2676 wrote to memory of 68	2676	chrome.exe	78
PID 2676 wrote to memory of 68	2676	chrome.exe	78
PID 2676 wrote to memory of 68	2676	chrome.exe	78
PID 2676 wrote to memory of 68	2676	chrome.exe	78
PID 2676 wrote to memory of 68	2676	chrome.exe	78
PID 2676 wrote to memory of 68	2676	chrome.exe	78
PID 2676 wrote to memory of 68	2676	chrome.exe	78
PID 2676 wrote to memory of 68	2676	chrome.exe	78
PID 2676 wrote to memory of 68	2676	chrome.exe	78
PID 2676 wrote to memory of 68	2676	chrome.exe	78
PID 2676 wrote to memory of 68	2676	chrome.exe	78
PID 2676 wrote to memory of 68	2676	chrome.exe	78
PID 2676 wrote to memory of 68	2676	chrome.exe	78
PID 2676 wrote to memory of 68	2676	chrome.exe	78

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://amazon.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffa5f7d9758,0x7ffa5f7d9768,0x7ffa5f7d9778
  2⤵
  PID:4116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1532 --field-trial-handle=1672,i,14582089224666004651,6390538596294386792,131072 /prefetch:2
  2⤵
  PID:2964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2036 --field-trial-handle=1672,i,14582089224666004651,6390538596294386792,131072 /prefetch:8
  2⤵
  PID:4180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2084 --field-trial-handle=1672,i,14582089224666004651,6390538596294386792,131072 /prefetch:8
  2⤵
  PID:68
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2644 --field-trial-handle=1672,i,14582089224666004651,6390538596294386792,131072 /prefetch:1
  2⤵
  PID:1424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2652 --field-trial-handle=1672,i,14582089224666004651,6390538596294386792,131072 /prefetch:1
  2⤵
  PID:3492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4652 --field-trial-handle=1672,i,14582089224666004651,6390538596294386792,131072 /prefetch:1
  2⤵
  PID:4472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=5112 --field-trial-handle=1672,i,14582089224666004651,6390538596294386792,131072 /prefetch:1
  2⤵
  PID:3220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5520 --field-trial-handle=1672,i,14582089224666004651,6390538596294386792,131072 /prefetch:8
  2⤵
  PID:764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5516 --field-trial-handle=1672,i,14582089224666004651,6390538596294386792,131072 /prefetch:8
  2⤵
  PID:2512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1696 --field-trial-handle=1672,i,14582089224666004651,6390538596294386792,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2368

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4836

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
060eb7a8acc784443f7785bdb72af8cc

SHA1
c393a25adeabfb0a1b2b36ac1ebb342c626a5099

SHA256
6cc0d555e8cfa05629ca115edb6f3c6b957db34b4e2f37c1d037b350fe02ecd8

SHA512
e25e3f4332d66b69fd48418d1c98e09498ad18d7c11dab5f4d6c6c828d32e135cc820835ebb32728b6c152b9374b0339260c211b4d7cdf5c23caa06521c9c2c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
12ca8b81ea26e4bc4c462a5ee7c3ae44

SHA1
a9b476792121bbbf653ce7d6aa0c718a1cea392c

SHA256
bf47d7c31c911b0cafb0e5a3304aa4185519efaec8b7f33e4e828d1e69a82328

SHA512
07420c0606492220672946c1968f92c654af3cebb0e7e688dd25d78b2e54f55b71739f535dd5070fc5788eb5ca105ef088639c8064146ab63da1a0e1d302ac87

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
a4bde9664a70e734321b4218b2f8ce25

SHA1
9715f4580ba8ded33ed39ba01e033eb330593dc0

SHA256
7269386f5f649d56bf1e49c6ad4884028cf507c69d1d4619f1bd3437870bf9ee

SHA512
45e819bf854836961bdbfbb5d28f3e093d13d59f4594b3d695cd9847f88a3e0f9bc14c8db92268e2bf495677caeeede7d524c02b5766287be9887015831238ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
0e95a3603491aaa0bdb3973629ca5f68

SHA1
af2bfa6c33dd402ce441ae836e97d2737df94218

SHA256
1ef33bc7ea87ca07f58dd3f38a39902adc8d2f57cc69940249ac3c966090b302

SHA512
1bf554c7c6752b25c87dfaec0e09e200af98e1768f8ff661edd31ebefc28e680288223a2fb2590f9294377ac3e4fc922a0734726fa1ef294bfb32ab25e1c0129

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
c7422e47c274b7cd89c3311c7c026c29

SHA1
3a00c43b4e469bfbf835fe6d83e2c7818e7493c4

SHA256
8f0a86429b3ba3df63172ad32e1ce3ec628616e28051b724fefcb7408bf15a71

SHA512
a6a8048a17debc318a59a0a09388f3cbd6ac0d8c056431a01e6754ca9dea411a068892279b7c67287d32ef91d316b752b436740669357aba9d190455060945e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
0f3a544cdef8cfcf42fa957522391e68

SHA1
e2840659d376ab0007bc9323bb39e059af63778d

SHA256
013846aadd96d4124aba9b8226c5ebb908f1e2db2da3235ae7d5daf12d70e0e6

SHA512
396ae69bb372e97dfa49cc11b9348ae39c5e95d068cbd08894a491273709ae2e496481359f9922ceb7e674da2ad1c428f1470d7f00c3c12a008355d303448b60

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
5ff642b7f6ad9369ce562d707e4182e0

SHA1
a89f49750a47ca3468f5433a1f11b7cc331f9b20

SHA256
a491a946a2578320343d630c639201d5b2bd2abe3b5f0c667656b8250eb99158

SHA512
9b99650c48ed2d535dab1286a05107f7bfb6f97c534cb5b76af6abd344359c35bd628da6950bf3dbf703863427c3c048b0da100e7d08a0c8c3a7e6e639f8d1b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
312559eea518ef5b7fe3a17749ee9c1c

SHA1
3116a2b0ebf87cc5da12ed48d876a9f7fe8dc382

SHA256
afd3031a5285718afbcb22bc7a1cf67758a7034f9f5771809ed986748afde7d6

SHA512
6c15f9361bfd858309b013445685a560c4ec3f50ec3b562c44af64fe07f1395541953be78dc9138322d55f0b77e4bed7e255f8ab6937f3fac567b2ad3ddb7a2c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
fbd45865642ff66923a3d7a9b5d9d420

SHA1
1c9285fcd654cd626b41fdb969c99d7056b2207c

SHA256
def1821b38861790ac454d19abcfad50988c6ffd0f2cc1d0e0081b662e30cfbb

SHA512
7e06cfb9d09d2f52b2a155c346eabd020857f8922dd6c1b3c37726befb3f023b4b152c09d84bfc92d78247d750a7326873935ad6deb6206fdf890bb5d6caa473

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
db5d511ade86a28ae24157db2cd5acc7

SHA1
9f730f8442d095e01780f0dc512277b461f5e9bb

SHA256
443a7652747033dd0f8798849773cd1df7774c730c713367a718bf42fd87357d

SHA512
572cc0818eefa716a4bd49efcf6cb81748728353f3c2c9e8853d74264a2a8d0951fe35fdab0b1281ae0c0785c3ad5475eeaebab93c7e5fd53f90c0595c60eea0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
76ae5f4709b2cfebb87fee7e4187aad7

SHA1
8c3fbbd213964a6372527b7c58ca3887221b6ba4

SHA256
f8a19fb706cbc328e96063c93c42e4bbe0fb48a8f1636dfbe157407b133147c8

SHA512
2b65f11236622da6b33801a3968f5fe945d3fbb19eda093c9239c5762205fd691bdeab415e87072fbfd4415d8d1573d65071d7043e7599cd13e50a62eb3723b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
440c2c854d03f9c77ec4c3d845c80276

SHA1
4ed670b6428a801675fa080832b87fff8af796ce

SHA256
a29d90fec5321ace32a43b9fc02fa8af31a2a075b79884579b55fa300bfa6904

SHA512
2abf0f1d5f6328ca979b15833a68ab7d245b079615b976417d369560bfc05780ea64f3985b9b2994910cd27cadfb6c570235b9e4f14da60f9a777fd576131bfa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
19ad18617e69edbf2c23d847b4f0087e

SHA1
91529bab6f77dd40d6ccb0cb11051facf56cf5f7

SHA256
6db54ca0747f6a220fa2584c9ac4a09857098cb30a87563e2327b1703779df89

SHA512
6695ab28140ae7fd300290c4c93a3039b39cf7e223deff1b03d4eccb8490a21e46da83282e16093919fc2e316011b5199da074a20cec06a2efc0a1d1ac86889c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
295b234cfcbb1554aa2544c2d00636c7

SHA1
55da68d4db06aabaf8c728a3a72fa68c88e7ce0f

SHA256
c54139f6630099db3314f0a0fda919ef0b4c731e7140b21f36d274d38f5e74bc

SHA512
6d1e7a89008185357356cd828cbcaf95bbf53ff9de71c317a9b521603702a66915852010bd0f5085b3aeec1ef5a067df02849771918a7e200dfe8fbed55b49d4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
c23fa427c64bb36fe1a7a30e93d6401c

SHA1
ac0c559bb81d3305a77b6d315d3759746a0f0d71

SHA256
9c259377d5470a34375de5356d46693ac1d50c021347ea9d48f33125efb1b62c

SHA512
66d488ebe9302f0dfc0f972459af079e556a67bc4f20c77ca5305e62cf4d0572176d87f33a35030b7e0ae63c2fd6439228d3766dec00046b6ce3863b53e8b480

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
dfbe46487c49a7fe6b31d2943074d5bc

SHA1
aca332e73a595cb671fddacb574c2a456db2fc9b

SHA256
355e8a1d4cd3329bcec5ed1a27e4ffe6e2b02531ed9b81606a11894e2e581b81

SHA512
b666d10293e16f4d54b3fd3192908417ad9e200ddd76e716d7668c236e944c392bf9e9049bc647aa31c31b2dce18e0edeb94245a1da7a0d15cbf4084cd238366

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
8582da9f7608ddabd6a718381ea89e12

SHA1
219a8be0c4972e49203205a7c70304dbcae59111

SHA256
8568e08f48d53ea74273e7b35c32f29a75c935d45a5c51620d6ef39d1df0d4b4

SHA512
2167f5d2976b1779aa4a80a985914b43eceafb23417436d4195924f055c6f405beceb28bacb0e783fe856ad91f742bba6a23530379b8f95224108179ff9f71b7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ce525a8e163af4207417e588e165de8b

SHA1
99a651f484e0084810b0b1cb2853711d76240ca7

SHA256
4bcde5f417f5b6718e0140ccca96d8e9c03abe29ef0739f0f9665921b9e2f053

SHA512
4bf38ca1586547e8e5b423a015053242ed6300eeca8f6f2fffd3b64561de8b9b773e5c4e5a6b53873d65c07507a27050e66fb38e9ed9c1215cb276d80cde3ff4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
6e97bb56e08ae48e305d841f4916ef55

SHA1
d511f0aa0299ebbc29359750d0e4ef045143cdcf

SHA256
5f64dda8e45446bca3f4ed3f230c1157881f4f237e59365e5df24462ef08dc5e

SHA512
e39a01c5dd43be5d4281d55c1a038009b3afc23ebfd18b18a8c9e521af07ce8d1ea79d68110f572c6cf9b8636e72669220f6f5cd7b1c895d736ea5879b26da4d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57c880.TMP

Filesize
48B

MD5
db711f31d8c9977e50a8baef02c38657

SHA1
066168bc6ef6865feb806cf2b5571211bb834c6c

SHA256
3006828c55343afda9db3ec4c81a50aaef7d7fa41b95381f621c7e3aafc70d55

SHA512
af2d37421e4ee7fd04a4aaae3bd545fda32483f9a8339f9f324b95a51074135b872d92beb63a43f59cef2e7c87e101d85da394768bc4941df97a1796fed5b614

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
136KB

MD5
2ea7de906937e7ee4f1194261e0152ca

SHA1
9476368ac724d228aef299cb34e71b97f4f82ea3

SHA256
836fdad476be12422b8e5ef2cb32a3f585633d2ef132f6a29451a0d761de346f

SHA512
382c96654479f45ad3f8c7d98043b7fd50928c94127222b9e347fb1a742ec906ed76f4758203fd87ed86ccb139229a06a200552f5602d594c99bd8abe6348ba3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit