b223e2619c0adbed570342953791e08c36213a3efab5fae7d552455054033a4f

Analysis

max time kernel
1800s
max time network
1810s
platform
windows11-21h2_x64
resource
win11-20240704-en
resource tags

arch:x64arch:x86image:win11-20240704-enlocale:en-usos:windows11-21h2-x64system
submitted
06/07/2024, 16:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

download.html
Size

18KB
MD5

adbea8a9a905288e26125799b59bcc21
SHA1

0ce2dafe48dda985cf28801a69347b6645200284
SHA256

b223e2619c0adbed570342953791e08c36213a3efab5fae7d552455054033a4f
SHA512

9162a3ad6b07860ed26953395269a8754879a4840d0c7b0e41e9f8917b0d65cc93ccaeb2d2e675ac7f4bc3367b9d7441a5b2ded53ba1a7aa4eb147d223b1a12d
SSDEEP

384:FOynoRp51uZsRqLBR1fzl0zGhzsRqLbSnzmJsRqLyRtSazlkz8DzsRqLLRWiz1sG:FliuEDz

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133647584126204465"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2304	chrome.exe
2304	chrome.exe
4948	chrome.exe
4948	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe
Token: SeShutdownPrivilege	2304	chrome.exe
Token: SeCreatePagefilePrivilege	2304	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe
2304	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2304 wrote to memory of 5080	2304	chrome.exe	80
PID 2304 wrote to memory of 5080	2304	chrome.exe	80
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 560	2304	chrome.exe	82
PID 2304 wrote to memory of 2756	2304	chrome.exe	83
PID 2304 wrote to memory of 2756	2304	chrome.exe	83
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84
PID 2304 wrote to memory of 3852	2304	chrome.exe	84

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\download.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x104,0x108,0x10c,0x100,0x110,0x7ffdb1cbab58,0x7ffdb1cbab68,0x7ffdb1cbab78
  2⤵
  PID:5080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1508 --field-trial-handle=1808,i,10108369971991202563,7816757348562015059,131072 /prefetch:2
  2⤵
  PID:560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2036 --field-trial-handle=1808,i,10108369971991202563,7816757348562015059,131072 /prefetch:8
  2⤵
  PID:2756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2196 --field-trial-handle=1808,i,10108369971991202563,7816757348562015059,131072 /prefetch:8
  2⤵
  PID:3852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2932 --field-trial-handle=1808,i,10108369971991202563,7816757348562015059,131072 /prefetch:1
  2⤵
  PID:4728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2936 --field-trial-handle=1808,i,10108369971991202563,7816757348562015059,131072 /prefetch:1
  2⤵
  PID:1976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4148 --field-trial-handle=1808,i,10108369971991202563,7816757348562015059,131072 /prefetch:8
  2⤵
  PID:3796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4408 --field-trial-handle=1808,i,10108369971991202563,7816757348562015059,131072 /prefetch:8
  2⤵
  PID:1408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4500 --field-trial-handle=1808,i,10108369971991202563,7816757348562015059,131072 /prefetch:1
  2⤵
  PID:4408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=2936 --field-trial-handle=1808,i,10108369971991202563,7816757348562015059,131072 /prefetch:1
  2⤵
  PID:4340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4524 --field-trial-handle=1808,i,10108369971991202563,7816757348562015059,131072 /prefetch:1
  2⤵
  PID:1504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1008 --field-trial-handle=1808,i,10108369971991202563,7816757348562015059,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4948

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:2208

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
211KB

MD5
151fb811968eaf8efb840908b89dc9d4

SHA1
7ec811009fd9b0e6d92d12d78b002275f2f1bee1

SHA256
043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed

SHA512
83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
a1684cd380370d5621b5f1cd805074e4

SHA1
ca04f152cadd438b2a86c3f961ddd081ff56a99f

SHA256
f770e079ea24912d244cc973f22ffd1859f567da840be390257a29e6023503c3

SHA512
44202657658d6729e7b6fe569c1ada0e3a77ed0cdeb8e9d9d3fb0c3be4df0c78cef6756889c748d03d54f4f37232d157ff3b9b177ec1bbd3d1ca6686d533def1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
b241bdc946e6776f25091b70ee2c586a

SHA1
ae424f003fe600295310e7802d69252601c17c95

SHA256
bbb72972420155477790334c4554fcea5a06db680453ad3d47e33fc3001b37d6

SHA512
c8299a5aa62544b8d733878ecc10bc62c469e9ee638b5194a97ab6c5f0023ab27629e094b90270a0971a03f1be264af37ece6390d82ef7c5a2ede6c3bc2632f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
bcea461af343a7874906ffca7cfa1953

SHA1
64d523fbcb0073ef9e87a652df796d8cbd179886

SHA256
3817760aa0de1a2a2596461747ef386d1e56378ef1b7aee883df4432e04cab27

SHA512
1f6f1c987b09b9faecb85f53be6d72d055a1542a0ffce8825250e06216598f44ee6feabb66aca07bc06eebc1f6fb8eb3f521e2a334f08a4a5f9b67fa99c54fe0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
b0878144f714aff1f1a49669cd1ce2ea

SHA1
7b4e0120fc1d18e7250710143c205e4388f1bab2

SHA256
2c00e36e605766c0d0e740374affd47d062cfb2894f1a19b9dfb3c01cbd7cf42

SHA512
e035cf2400943a674cc1e9e59fc0ee5e77f1a7466404c28ad1b995eea1a45dc60c5f5fb56f4bb70db896e437e799b8db7e02636af4204e782f4c01b77d614951

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
323077077a3316a096686487870ad430

SHA1
4fbe061b194e4f74303c5592f5bf554928000c03

SHA256
c7daca817e8382ab5416be6ed0bdc370d3c4089bdef20810a2b0d97ee8dd211f

SHA512
60aa0edc4c7e2af36122ec8455644265139792449a4384bd722cf163bbc7104543d20f8b2a1a0399500c527e098045cdd2653b5dc43d97368e905c158c34038c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
7edf2407c05b4fbaaf300ad5238ba395

SHA1
50caba7d345ada55c8901d39479573c9c23c18ec

SHA256
6bda92a08640a33d8f8a773fb234615a977d8fd3e53817bf6841d5cf98e3f03f

SHA512
61ceec459f1627ac974501387f0a3776d41acf75e10bf90a433f9c6889af5a3e876f162703ce0d339783d608fb3556927993c423f669b339a7775cf8e565a48e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
62022ba0f591230464b3c8cf498b0de2

SHA1
89be0443c7fdc3f3c5ae5bdf85d66435a29b31b4

SHA256
b8b0508b6a30efa90adcce36ccdda0dde77018a56478538ee81006e2a6e4fbdc

SHA512
7b323a1bb50418f9f4adf2fac6060ad9e6d1ef71bb560525d8ca8cb3a3d7017fd1e525e1cf00c5fe498726ac0f2872218bd230c8b3216e0f49da9ae6e9e0fed3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
e5b08b6760ab4209b26c83f8fb90a9bb

SHA1
7a5e2f607f3215161cc650ccf2d4b4a9fb4460fb

SHA256
c457937f8e3f6475f057ce85ee1d35c5744d0b65809afe0ee7c7b8d94fdba488

SHA512
16f10546d761acdd838a7996321bcd10620617ab8fc87023c9037d907279f2766486e393f194b8496c8a27af3cbe049d29fa17837ce0b4f3ac12b71c73b328b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
d20f6fc2b65bb4ef24f9d4667b720b79

SHA1
26b18a121079b7fbda089b7d80d0a205fce92efe

SHA256
6cc1470eb72780220cc619090d1b7322951dda0d1eaddd9656f051c9b200f3c2

SHA512
8ac96094a441cedf5505e084b3253b2c924b57c4b011adccb7ac9bf0063c7f29f93ce1c79a9d15d3808d81846db45c3a61f0816522bcb9927477ff9555cfdff4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
144KB

MD5
e3698103c4183f46537f58c3925e36ae

SHA1
1d9e0b06f5f6678195bc12df276ebf930c7eec29

SHA256
e1b0f047037122c43d65b2d7617bfe4b3483e6e8621e5e490a498ce180234da6

SHA512
f66ed96e6cd9c21cd3376275aa23ec0d15368a7d938d4bdb59149f09c51eb5872d26258a3ff4027ef7564053586cf088b7e6886dcb203649d1cb85ffd03ea9cd

Download Submit