hxxps://mega[.]nz/file/JtUlAABK#j7AUxiDvCSL9EvTvLZhr50r8-wNKl76t0rJjNC-IS8o

Analysis

max time kernel
599s
max time network
575s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
04/07/2024, 04:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://mega.nz/file/JtUlAABK#j7AUxiDvCSL9EvTvLZhr50r8-wNKl76t0rJjNC-IS8o

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133645396255141671"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2756	chrome.exe
2756	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
2668	chrome.exe
2668	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe
Token: SeShutdownPrivilege	2668	chrome.exe
Token: SeCreatePagefilePrivilege	2668	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe
2668	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2668 wrote to memory of 4100	2668	chrome.exe	73
PID 2668 wrote to memory of 4100	2668	chrome.exe	73
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 4104	2668	chrome.exe	75
PID 2668 wrote to memory of 3704	2668	chrome.exe	76
PID 2668 wrote to memory of 3704	2668	chrome.exe	76
PID 2668 wrote to memory of 3788	2668	chrome.exe	77
PID 2668 wrote to memory of 3788	2668	chrome.exe	77
PID 2668 wrote to memory of 3788	2668	chrome.exe	77
PID 2668 wrote to memory of 3788	2668	chrome.exe	77
PID 2668 wrote to memory of 3788	2668	chrome.exe	77
PID 2668 wrote to memory of 3788	2668	chrome.exe	77
PID 2668 wrote to memory of 3788	2668	chrome.exe	77
PID 2668 wrote to memory of 3788	2668	chrome.exe	77
PID 2668 wrote to memory of 3788	2668	chrome.exe	77
PID 2668 wrote to memory of 3788	2668	chrome.exe	77
PID 2668 wrote to memory of 3788	2668	chrome.exe	77
PID 2668 wrote to memory of 3788	2668	chrome.exe	77
PID 2668 wrote to memory of 3788	2668	chrome.exe	77
PID 2668 wrote to memory of 3788	2668	chrome.exe	77
PID 2668 wrote to memory of 3788	2668	chrome.exe	77
PID 2668 wrote to memory of 3788	2668	chrome.exe	77
PID 2668 wrote to memory of 3788	2668	chrome.exe	77
PID 2668 wrote to memory of 3788	2668	chrome.exe	77
PID 2668 wrote to memory of 3788	2668	chrome.exe	77
PID 2668 wrote to memory of 3788	2668	chrome.exe	77
PID 2668 wrote to memory of 3788	2668	chrome.exe	77
PID 2668 wrote to memory of 3788	2668	chrome.exe	77

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://mega.nz/file/JtUlAABK#j7AUxiDvCSL9EvTvLZhr50r8-wNKl76t0rJjNC-IS8o
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7fff16079758,0x7fff16079768,0x7fff16079778
  2⤵
  PID:4100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1536 --field-trial-handle=1852,i,8340985874433057399,4547539647915572315,131072 /prefetch:2
  2⤵
  PID:4104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1796 --field-trial-handle=1852,i,8340985874433057399,4547539647915572315,131072 /prefetch:8
  2⤵
  PID:3704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2092 --field-trial-handle=1852,i,8340985874433057399,4547539647915572315,131072 /prefetch:8
  2⤵
  PID:3788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2948 --field-trial-handle=1852,i,8340985874433057399,4547539647915572315,131072 /prefetch:1
  2⤵
  PID:708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2976 --field-trial-handle=1852,i,8340985874433057399,4547539647915572315,131072 /prefetch:1
  2⤵
  PID:2832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5200 --field-trial-handle=1852,i,8340985874433057399,4547539647915572315,131072 /prefetch:8
  2⤵
  PID:516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4912 --field-trial-handle=1852,i,8340985874433057399,4547539647915572315,131072 /prefetch:8
  2⤵
  PID:3536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5244 --field-trial-handle=1852,i,8340985874433057399,4547539647915572315,131072 /prefetch:8
  2⤵
  PID:4080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4416 --field-trial-handle=1852,i,8340985874433057399,4547539647915572315,131072 /prefetch:8
  2⤵
  PID:2584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4960 --field-trial-handle=1852,i,8340985874433057399,4547539647915572315,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2756

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4404

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
85d671433467d08b7b3551b5659b5abf

SHA1
b26b377c56c60384dc05a7c589589ea3171d5a25

SHA256
547b1064c14750ba625c0674525acfb2e385b6e62ec316bfff8f61d055053a94

SHA512
c09b4ea42414f8d00a1bf4e073ed27e4710070d7c18074b38945195ae2129a148dc40c386b04283fce595fbe38e97125a558750b22fe3842795988fd634c075b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
94c62fa85f1bb8e0537362ac7e346599

SHA1
8354cb08f4e6e8a97db1956ee4102f8022937fc8

SHA256
c4718e63e81f7dedac5443dadf416d8631c0fe55503392998fbaeeb7617be12a

SHA512
937af40990e03c42ec95f8add7a1b226283c03a47ec81aa0514b1371f8f2308b4fd19e8d4b89f452bb686a7becb067c30ff5bc5bcf403866ab5920f3534da0be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
250c7274d02ec534858c1969ecf16361

SHA1
5bbb8be1793ae769c9179e9964aebcef31e5f454

SHA256
4588982e853d3acf6bd4d1d58fb96f55d417c260ac8931edbd4ce565199a94fa

SHA512
cb1693f4335a271e880f1cad9a080006a958833cd2f3dd804a547ef24a9a72cb0fa0ef9c14e92cf2195ed006c22906d3d4497fd3d95bfd2de40b324c43df33ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
ba97321a231b220f22e08000e4d776c8

SHA1
c9105d48945ff5a5b8228bfd060a79fdf5c6f827

SHA256
9647a7515cde9bdf39efabdd70f02d9767cd456c337234960803269dfb163a7d

SHA512
6eb1bde28c70e2c25261db0c17b0f99b3da7fa0789cc854943fdda3bf6a5936ccbcf23ec6de34b55a51fc05875f2ea84a4b46f5d50008599e4ae2ac9576fca02

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
a62d2a57294ba0dd259facc1ef6967fb

SHA1
2941f4ece136b3b3ef182ac5b792aa39310b1f9e

SHA256
fdfeecb6da752df6abe1a2252e4ed7a5e229b630528442ef296b40218f4edf10

SHA512
fb66999f73529e5e82a8817cabe281bb796a5dc6be181a07d01c5cab9b36499966cd77172a33032b978669ae076a77a1e0b44abbecee3342fc2b1f7310938999

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
962B

MD5
c39cff3e6951c8182c833e2e6c816a92

SHA1
23882e314a753e898cf900e1734a320a000cf010

SHA256
a58fdef473c60be9cc1956613ef3f8f4d68b90bb4c0aed14f37fc71748224fb4

SHA512
6b0dcd73c3c9217079e25d092f1e0cb6817359d282664f284bd31ed0634e9d38208f52130ea2d86020643e7dceaee7fa38259b951466a8a185d0815f30a9bf26

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
536B

MD5
ca49a36836b920b0ec3471b1471890c5

SHA1
bfc8c17fdc8238b94c9572fa0ccca0081a05e847

SHA256
fe27a638bf088cc072a1311ef3d0c981137173c58202babc71bc1283cc788fa2

SHA512
6021c0ecdcce9971760b104b97908db44cfb5f5c946b04cfedee9da25e66f264ae9f6f65495134b86b92e90238697ba0f152453d28928f80f4fdbbd192df31ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
8c857ed3209a709927b2663aa9dba9c9

SHA1
e83f0598a8d110b54240280cdf81dbe5d009cbe7

SHA256
294119c99f41a8ea84e07fbedf0c3305ff9cf09ed83f6c21b0e3007cf5a7e23e

SHA512
8912fada26ef9d9236b1fd3285ec3917883e16d04df418f947a87bf202fc829ab676927e059c6fb22672e3104688ea554dd309398693459d78b989cfd13d030c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
1ff0068e58ed54d7122ec90d13875a57

SHA1
38d05230c5d6024ceaf2be69f4ccd0b1a27478db

SHA256
2ddae51287b61955c21302f3956a9d475be2eea15599115298cba02ad7f47859

SHA512
c78cef0cba02ce1c36ff0e740cd42edfaccb726cf622517b731ea0916b90541b5e1d4405aa18c9c4fca437781ce748c7dff2e04ecae28c7137977a11acd8e6b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe582333.TMP

Filesize
48B

MD5
9f6417b20d32dfe14587b5f02884752d

SHA1
433566691fb25f1c9783b9819a9beb80a9cbcc6f

SHA256
0d25b61327559960491acef38eb6860e31faddd11c818bf8422ec6535336cbda

SHA512
f61232d1b5d8e2c76df97c0ad784827376a7fdc80372885b5428717904978b006791be8bc145ff4deb33da449081fe03304740412dec60d871dd467b63b6ff47

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
138KB

MD5
abb4140c688de4423a0f2d051b629b22

SHA1
f4350458b1e1fae94a97ae717a99f30d8f4b278d

SHA256
d088786ed0416eff390b3782d72433f3463b95e4d40690d6c5dfe206e127b4cc

SHA512
bfce55f0d090914357c0c303dcff8b228dce96f83170865b60c496c9d7761db009ad01efd53e0b4b16f05fec523169ae7e1cd7e7b091e08c8fe2125d18ba82f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
191KB

MD5
db0349855f452164e37866fb756ea49d

SHA1
42dfcff0d14fb7403eed349099aa42442ca743ec

SHA256
9404e009d2848822eed1358d92fff13b3064d017a3382f0d133ca4d31b17a4b4

SHA512
cb6bf6ab3849684cb7655c6aa9f71dd49a6a536412a7e6ba7877cefe0e36d6d89875c172b5a9a09bef1e0fa7cc238d8953940c021eb0667dec4446d2eff63695

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
137KB

MD5
3cd8ce725de21addf9903b1e584b18fa

SHA1
a2ed1ff48b28de133bbb6b7065b33a01fc0438fd

SHA256
a85b32730726ff4bd2284101712cc1097f6c8719c701116c4d0c0edd1afd1be7

SHA512
ff8bba496a9688e5c0114bf18d7c50cbb098a68b5d0ec55d30ff2a836277082062047c92a35fb02548bdfd2a6f9ce99425aa9bbaf3800012856dcd4e454a1356

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
138KB

MD5
192d7730f3d9af8f4124d14c22589e63

SHA1
1c636c785c6aed26deea532f508a275810897214

SHA256
6a425aa033634f9a7fe26a9f1ea5f537fd6f2e21334a03e821e1591030f4bab9

SHA512
f39b58e108e4e20bd9e871b32350e2928e8745a0b731a7cb7ef5e737b192831cd56b19bd5a3bee2ad02a75b4caf58432fb74709153931784f55cc30e49bb1e3c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit