hxxps://www[.]youtube[.]com/

Resubmissions

04/07/2024, 20:02

240704-yr36pawejn 1

04/07/2024, 19:59

240704-yqfn1aycpb 1

Analysis

max time kernel
299s
max time network
299s
platform
windows10-2004_x64
resource
win10v2004-20240704-en
resource tags

arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
submitted
04/07/2024, 19:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.youtube.com/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1403246978-718555486-3105247137-1000\{D57668BB-7B0D-4446-8FE4-1F3236910B98}	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4568	chrome.exe
4568	chrome.exe
3948	chrome.exe
3948	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: 33	320	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	320	AUDIODG.EXE
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4568 wrote to memory of 2472	4568	chrome.exe	80
PID 4568 wrote to memory of 2472	4568	chrome.exe	80
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3724	4568	chrome.exe	84
PID 4568 wrote to memory of 3440	4568	chrome.exe	85
PID 4568 wrote to memory of 3440	4568	chrome.exe	85
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86
PID 4568 wrote to memory of 456	4568	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.youtube.com/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8e103ab58,0x7ff8e103ab68,0x7ff8e103ab78
  2⤵
  PID:2472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1600 --field-trial-handle=1892,i,5358440160073070509,3777234694670529369,131072 /prefetch:2
  2⤵
  PID:3724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1820 --field-trial-handle=1892,i,5358440160073070509,3777234694670529369,131072 /prefetch:8
  2⤵
  PID:3440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2232 --field-trial-handle=1892,i,5358440160073070509,3777234694670529369,131072 /prefetch:8
  2⤵
  PID:456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3020 --field-trial-handle=1892,i,5358440160073070509,3777234694670529369,131072 /prefetch:1
  2⤵
  PID:4400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3028 --field-trial-handle=1892,i,5358440160073070509,3777234694670529369,131072 /prefetch:1
  2⤵
  PID:1596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4296 --field-trial-handle=1892,i,5358440160073070509,3777234694670529369,131072 /prefetch:1
  2⤵
  PID:2320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3288 --field-trial-handle=1892,i,5358440160073070509,3777234694670529369,131072 /prefetch:1
  2⤵
  PID:3504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4136 --field-trial-handle=1892,i,5358440160073070509,3777234694670529369,131072 /prefetch:8
  2⤵
  PID:2300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4660 --field-trial-handle=1892,i,5358440160073070509,3777234694670529369,131072 /prefetch:8
  2⤵
  PID:4952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4856 --field-trial-handle=1892,i,5358440160073070509,3777234694670529369,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:3668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5236 --field-trial-handle=1892,i,5358440160073070509,3777234694670529369,131072 /prefetch:8
  2⤵
  PID:4968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5112 --field-trial-handle=1892,i,5358440160073070509,3777234694670529369,131072 /prefetch:8
  2⤵
  PID:2196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5004 --field-trial-handle=1892,i,5358440160073070509,3777234694670529369,131072 /prefetch:1
  2⤵
  PID:3584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=1884 --field-trial-handle=1892,i,5358440160073070509,3777234694670529369,131072 /prefetch:1
  2⤵
  PID:4344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4996 --field-trial-handle=1892,i,5358440160073070509,3777234694670529369,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3948

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:5012

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x448 0x4a0
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:320

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

Filesize
227KB

MD5
e09df5a23acd241007ec35851474a7f9

SHA1
9802085247211e3c82c5e6fefc003e7c1f21227d

SHA256
846921a45a6d2203548059f9b22a5a5513105e43098da955bf402e681020bf56

SHA512
765b7cfa03aa7d750a18ad63c072c069329f4a7f7a594051c01700934497533ad07dc503c8b3892d5ac97f14b8b85a6f4868c7e5a1a4d2e40a7ae4f7514d1009

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
19KB

MD5
c7444597254c3ab4b9a6aebf59420d6b

SHA1
af57edf5ad540ae22782b52fc0f71ee59ffeebc5

SHA256
fb8bdf02d52305589b64fdb41330d16b0730e28a61b6fccf7fce6f142792deaa

SHA512
f23810b709e61804ccb51ad153f220703a02e255ac7ce48cc108c809f84678d65bc22e87312d9b7b3598c30de79ef892ecf5bc301415f6ea795810f58a418e85

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
47KB

MD5
127b7a9f7009939d0ae5dd1a48386985

SHA1
f9e981f2fbc6df7e304803153fb6fe40f0dcb6ac

SHA256
9d8e3219c036313e8b27ecb7b91befc49de6a32352a5349656945a7525a89962

SHA512
b1a442d78f6adc7a67f8ee299d46817309798ff2a38a66af2ff03eaa276b3a7967fde34e801dc8488ed75b3110fd01b3a9763f792ce75e21fae190d4779c1287

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
808KB

MD5
c0637a08f2ba40c56260782d2bb3ace4

SHA1
a2bf4298414a764ff1342b3f48f45b4dc1669a96

SHA256
d6ab12688ec8cfe7f9235b18c7d7a4730d86278ba1efae0d715c0d054465781e

SHA512
736d1ac8987102028baef59d43ceb2fde71b3aab2f8f2d8d306846a457e2ac224908968ff7bfe34bb05beb7998223d393244cf5da84f9d64f8b71c9f0b2ca6e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
32KB

MD5
af5bf693b92c0d2c8441b3a6640c4ad8

SHA1
12ed4ac73239e542ab8d7fa191dddc779808e202

SHA256
b9f2c3f2ec75955d96309f759eaf9fb6bf576c238377491dbb92de1768a26012

SHA512
c2ef099832fc5e8f1e67acbd550b0590c0fb5c291761280a2e74e6a97763906b9c0c1a2295f285462ba3a0ed7cd5658f296e5f0f9c5d11a97ba210f352f8a438

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
32KB

MD5
cd3756106418d9e83a2baff9904ba221

SHA1
4c2ed1c1ebe119027db0fbaf7a64b408f1779b4a

SHA256
57ec0895e1bcaf08c769e2d6872f3f3657972f87fac081063445213dae4541ee

SHA512
5bf43ccaaf99505f7e8ecf2eda18efe260125accbc12f655601e2acabd822513e153f4b81cbf03a65d13572f11e9f13fd471006a0ce8f2665e8a594ff2d769dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
672B

MD5
01676a2a178881895c74a48234cb462b

SHA1
0406b4471cb6067b9a97edb0c41601b3fe19d2ac

SHA256
5c235324d630c6182ff85085bc72924c2861f2d45361e6b3c37149abeb32462c

SHA512
f98c566b7981c47babc5104ea4d54de2e0ff49cf33a334cd8bda52cbc672146619f8ea09f52f0a29f73fa0a383883e35c60ccb1b47a46ec02f679a75420ac952

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
3f8ebceb3bd80b269ec5ee2eb7e6f86f

SHA1
5ba3125510bc61e2d0e1650a3ee2ef97109d3266

SHA256
ccb6ee8f819edd64d2bd18966d7d4f9a7b8bf25c7bd501580c2b53bb0bff5c1f

SHA512
566237ee55950e621cdb68a8156a01608e53051b52836efda1a0792ac7bd65c823f0da0b2b9a5f85fa0fb4cc5ea943bdaa643fd3e80568add1f83e17903252ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
7bf10dd6d205605f9ce261b2231f6823

SHA1
8fd1868a8e57f99c06777b4b513230b1670587f2

SHA256
2c39bd7147196a209309f7d08fb9871871e06b619d7eb9aafb2853c465d98e94

SHA512
e1dbf0fff580f2cb25776fbd0f2ca78f6237600328478b42679f64b2b26abaac747f3d20853834e4d2418a0ca836be39bb2b54792e8b7e4d6bd39c655f055f7c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
1d3d377d8cffb48037b8cabbe26eb523

SHA1
6f3d970e426263e50ae89afd6885030e3b6da9c6

SHA256
af83a62cea469de4e50f9847764ad82994ee4820ce9d1c7d676622f78ed35461

SHA512
0cf3ce94f5e3928e574b75970bb3a79c4625c14bf0a7a0ad0f35586443b6480ca682bb778c9a6b22602f3ee68a573d44d7030330edd37f731318d6e2cb899bc5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
859B

MD5
0c5a3748c6dff43fdd54c5024e822595

SHA1
a47631ee8bf48bd524ac6f691203145162e93781

SHA256
e1663b79579bc23329d5cd5d9ebe713ce6402da513c625e8c3e2255e530e39e6

SHA512
278f5ffbf4e34c5016fea6c1dfd70c4c3406fcce1f74e31cbec0793cf2ab74bda12aeefd18a354b4718a3f1c7563245d04a742f626f3b727a705310240affd5a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
859B

MD5
56fd3a132e875398e96c43473ca284b7

SHA1
a2b009dd112f517f72d323782e928f9d996d68f5

SHA256
05f84e563e89465b9c5f01fb68594aaf979671741460698ae4bb7bef82ad65f9

SHA512
799190c582f0e272f53c21cd63c45859c8327965cd828dd94f39ded7334a58c6245050543279e64ec9eb0885e885d634a3a78c5dc364e5ec339c5fc091515cda

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
859B

MD5
298a3bbf21af0fe05dee03f302c83de0

SHA1
d7080ace12e1e3788654aaf6aac94a0c4f513e00

SHA256
c6dad3cca9a5c9e1ee3dad93fdecba3be4648110e9da27b3aa307b82e4324a2f

SHA512
ad4c39a8a2edb198aab5caebbd341025cea48e6087ada4dc9f3e0f7ce1c4e5960f90c024c92cecf8a5dbdc6023a7e68ea12d4cec3d80356c05c8488e82d7b4a1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
67e072088269b65627e4a5620b841149

SHA1
054617f1e276e7a2f85611f8aa4f590736f8e64f

SHA256
953b4d63c731d1d681309c86bc6f99725d188c4455f057caee5838f520314c40

SHA512
08562bf4db70b3f38f46dbf28090088327440cead3fb09b3a603ec0cd798e5f054ff5f916ad86fa88998847ca5883848d9ebad9476a7ac47a95c7542d362621c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
87f16af20c89aea010001ff1974f1d9b

SHA1
8d37627d5f9ce47ca63b708c2b8a26727df14a4a

SHA256
f20a34705f970116a3243888fe9c0a4fd0ded2ff2d0e5cc6fd6c3a788e948f11

SHA512
58b419e727796297a722dda31ccc1c3bdbfe6473f6bdbd6bf446c87c01e8bfcc31d5600c05bb4bbeffc6b7576898395b28368edadc7451e592223f512d2b04ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
45dd1918f6e76edd0196c75fe0da3b4e

SHA1
cc35e5a227e3ff7dcc92c516f84516f6bb95a8e1

SHA256
74cd36babf8a3c81d79d741472b01c6bb1e3d12762f40d874746adca1f5c3619

SHA512
e1d1fcaf2bf0517c7a6afee1a6b2a094f4002ee4f3310715529d8af78baf564f9a473f8d5179918cefa01ee0e0626e05c0c483b9ea243bccdcbe328431d538f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\bc8063c9-bc00-46f1-9f12-ac0cda32f3d9\index-dir\the-real-index

Filesize
2KB

MD5
dd996ef03a2baa5d59c6b0fa85489c3d

SHA1
5159df592d658d80d1839e335ee1e2344862685d

SHA256
9e5c7acae9fe04a5b496d69b083a35340e9d50901e4452e456f36247de86929f

SHA512
bc030b4d7979e0234b552e75a0af76112a669818bc77a8cec338168be60376889d690b51970f7419afb0807619496128f1ed0cdbe5c5fae646f4a1f219add05e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\bc8063c9-bc00-46f1-9f12-ac0cda32f3d9\index-dir\the-real-index

Filesize
2KB

MD5
aaa6f8a0e78c56984c896ac40e00b337

SHA1
2959c48f8cf7092fd9bf9cb03a900cbb49727e9a

SHA256
03612678de1250363c6196aeca2dde8cc0ea59d3d6eaa3b9d8563e99802a4b70

SHA512
8a53bc2aa7aeeb9c9ec9540d78d69c25eddaf31fe465c78656d537fdfef0205315e40f2a059e65526d1e7958fed0ed257b052598ffbedf1d459504a0c620a91e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\bc8063c9-bc00-46f1-9f12-ac0cda32f3d9\index-dir\the-real-index~RFe57fbb5.TMP

Filesize
48B

MD5
fd5e5bacf2434709201a444d02f67f11

SHA1
d2ac3c1db649817497f5e8eba0701f7b96ce4329

SHA256
6d31030f27b1a80fa97e16f66a2e529bf4e6ddf7139c192b1aa15d7cc8f7c2e4

SHA512
7eba372fedd051817e837ffc670276ed19fa385a0e66f0401f5d1094a74c1c2f26b70f2f467dc79f72266dc479d27cf28195130bef3ae2d6cac495e0c5aa237e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\d71232e9-8bed-4a1f-90ee-6a46945e73ac\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\d71232e9-8bed-4a1f-90ee-6a46945e73ac\index-dir\the-real-index

Filesize
624B

MD5
93ac63e6effa516e2544e0f9901f9059

SHA1
ab56bd7e60a839d4537e9ef50f300fcde21e62cb

SHA256
4e1830a6c7d0988f16d4ef73aef77535ca2cda0c268f826c169600047b325cdd

SHA512
44d4d77dd3bc20e1d88db5b86cb7f1b66e2f2ef2027fbbdb1b6e61cd98f76a64eb3850733c0e3880049cd749b755b5434849cf8195d5a81bae1db70bb0ab8c40

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\d71232e9-8bed-4a1f-90ee-6a46945e73ac\index-dir\the-real-index~RFe5854e1.TMP

Filesize
48B

MD5
861996ba6c73893fab065575826a076e

SHA1
14763f26edfc80d26df7aa79a846761520295cd9

SHA256
2a7759596ba536d31ef8ec3253d8c9c9a89fa2e2071044bdf3556eada52ca6a5

SHA512
fa74cb8bae713df051373427d1124871fa837a99b5f79eebf36a5dd39dbfeda15550d7bc1288a2194c1b8e27bf041b247a392e3c8d65df3e673d16981ddb340f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
1401ae91f29d737499b09da80b9d19de

SHA1
fb426acdc1ae594ee78471e5f5c0f60bbcd4afdb

SHA256
2b08154015286d2b3458de5a84ab2a1851664e1839a112b7c4d8289bd9502a34

SHA512
efaecda528c0087079b6bdeda378723e730984382aebca2b39e66ed1a947a668e504f4d28dec829569ae953ae0780f3465fde53e7af4c3463d6c64bc3fa94012

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
187B

MD5
253b7e8d1c5454c170b39b6410b65744

SHA1
878e2e8f163a7c5fdfd0bcfbf369258abecea7c6

SHA256
deff577663c70076ac2d59823faa911d90713b6ff80d0ef01982db4bdca3a7fe

SHA512
9532b0cceed6eaf3074f558ae22024cdea45c81b19e12f7f3db4ee07458d01f4a97705526a9d6295c2675ee76522edf3f04f34665e0748166ea13d9071a0477c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
81f509198712c07b88e7cd4c695dcee5

SHA1
8c545e64dd38bfaaacf46d91ac00d2f596d03f1f

SHA256
0a1c03bcc3e27fe44916f40259dfe5b9387475015472b4422264b5916703e0b1

SHA512
0aef5e989fbf50e121c6c432f6786b1fbcdcf2c647e49e7857af1497aa616b1e88f5768574cbf17b9c8c6edc85f585ea5ebf73c9f5090c1589d6bb40015383e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
183B

MD5
dc6559de57907bfb89cd01002b5676bc

SHA1
d9280eb66c5075cd83a7f81d9b86a5c88a274bef

SHA256
d0ced580ebc208805af50c764ceb186a187910ff2e04b7a0b4512b0e3393e402

SHA512
189859f0e2a7540d1b752bdee5b77708b2af7434fb15bbe853dda5a78d4efa02c20cc88ac78c03cb57015e83718b8e0cb2959e93cc6e0a9e34ff21fdbedd587f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
fed9321ad9e8c2618d188d156967cda3

SHA1
ccfd6c20b7ba9137e7c80e2cc5ef66da48059b5b

SHA256
1d2bcaec6086540df16da5001ab88429aa4092b154fdcd7676665d3bb7f638e5

SHA512
5b7e3b029e3b786b643a105e4810797bafe226ff02894899635cbbd816eace0ca3eb6aedb32dd86a9bdb1af8ae0cb9a9918f1a6db8bb2fde75ff5835e53f6b47

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
178B

MD5
ab40d75cd291d5b40cc9fcf0e9baa48c

SHA1
eb89c72b0f59a781a3702d66f07ea4a6683c72e6

SHA256
501b79e7ae678e82466d4ac75642fffb2c397cb7b3d3280e12e8c3a95b852e79

SHA512
c6c8c8082d1e43e7541b8421e6beaa807281b102f32733f321685619985cd631674a0d2f021173ab62784bf8c1f0f27dd9b6a0a144158047c5643e9803f84fb1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt.tmp

Filesize
183B

MD5
4807e2436247e00689f48e701d9b7b7b

SHA1
39632659dbf9174ccb8fd630709b66ca646a7177

SHA256
83387671bc9475bc4f778d774f2c1162815e5cf39aefb159e4d3eb7823b686a5

SHA512
7e0b598daec4bb93d5baabbcce9c7036e3d6bd586c852d95a472f1eaa243577a1db1513c6ffb65d84fa41e09318e66aed83356daa50d9ad211d68a069ecaebf3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57c208.TMP

Filesize
119B

MD5
8be063adbb7ed2f0302112c7b7f6a541

SHA1
c7b73c0741d1989136928902fbc043eefafaf17e

SHA256
f364966c8001e15c526e4093ec548f990ba79666e54edb9d1afac3dd4a67b882

SHA512
0abaaf6b03245a8873c3c267b61e570e1c98ce25823da36b88bb18ec49f1f965ff16d182b22460e692a01ef4c9df1ecabd029757ed1ce898e6d95972ae716ebe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
120B

MD5
e5ea227f14a39bf2c4aff9898803ded2

SHA1
a81246c38e07a2011bb74a4a0d302e311cf79b07

SHA256
b2030147a6f4b156926ee78cd253e49b0ae293d41e32bf975554ad04f464bdac

SHA512
9f145f209e09e892311c076c426b0ba2b9f32642b2b23d221b3693ef61a2dd82ff503778d79b9efb30cab38fe5a238950fdbe265edb9f453b8887086d3cb6217

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Icons\32.png

Filesize
673B

MD5
88dfa96f9642297ff88909ca4e0f7330

SHA1
ed8655bf13e6cc49395da4c760168c4148454b7c

SHA256
5e5eb084cf1a650b2e122f53d36f85b67ce6e39069e399a46a25dbd34f7be286

SHA512
cc2deedfeacf9f26e48cbb26e222a219905888b95634c7d91d6393b84248305ce8940816bdb3bff0f5384b9dad90f4e3905b229e06ce4b1023a1439293b240dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4568_1654835767\Icons Monochrome\16.png

Filesize
216B

MD5
a4fd4f5953721f7f3a5b4bfd58922efe

SHA1
f3abed41d764efbd26bacf84c42bd8098a14c5cb

SHA256
c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3

SHA512
7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4568_345417108\Shortcuts Menu Icons\Monochrome\0\512.png

Filesize
2KB

MD5
12a429f9782bcff446dc1089b68d44ee

SHA1
e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

SHA256
e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

SHA512
1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4568_345417108\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
7f57c509f12aaae2c269646db7fde6e8

SHA1
969d8c0e3d9140f843f36ccf2974b112ad7afc07

SHA256
1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

SHA512
3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
144KB

MD5
42d63600cbdd7fc2f8bdd3fe23e0ec90

SHA1
aad5c0d520bc7c4c00ce7159adca4b6441690ca3

SHA256
c5e05e0c6ce63e1b5cd7b0fcb204d5ceb51d5719497395238d07315b6fb54b4b

SHA512
2a57710a341da74b5f8d0343503aa7b263ee2127169652de5fe66f719b1feeeea84624e3a8d720c28ef06c147ad6d9b4156632eddbd23150c507567f7f754b85

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
144KB

MD5
f5a5f7a3fcc6118845badadf5fcf0115

SHA1
17dfeb7b56e4f6497b4da2d0f9040ce1c8b16129

SHA256
9a2f3fc02a2647354b894638edfe8369f148afd6de31d406f35e810fdce12a05

SHA512
d256359dca08d07699962ea3a13af54da5be926f836de7b7bcfd944c1ff342d2aa7637bc30a2354f3aa762309624fdb1770870a6198925f85271775f139d111a

Download Submit