hxxps://www[.]youtube[.]com/watch?v=Yf8qzQ0RGPo

Analysis

max time kernel
357s
max time network
339s
platform
windows10-2004_x64
resource
win10v2004-20240704-en
resource tags

arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
submitted
07/07/2024, 16:06

Sharing

Copy URL

Twitter E-mail

Reason

Machine shutdown

Report Analysis Logs

General

Target

https://www.youtube.com/watch?v=Yf8qzQ0RGPo

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Kills process with taskkill 1 IoCs

evasion

pid	Process
2320	taskkill.exe

Modifies data under HKEY_USERS 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133648420986466347"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2753856825-3907105642-1818461144-1000\{3051EC5E-655A-4688-BCE6-F457E494874A}	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4356	chrome.exe
4356	chrome.exe
3808	powershell.exe
3808	powershell.exe
3772	chrome.exe
3772	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: 33	4188	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	4188	AUDIODG.EXE
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe
Token: SeShutdownPrivilege	4356	chrome.exe
Token: SeCreatePagefilePrivilege	4356	chrome.exe

Suspicious use of FindShellTrayWindow 53 IoCs

pid	Process
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe

Suspicious use of SendNotifyMessage 48 IoCs

pid	Process
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
4356	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe
3772	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4356 wrote to memory of 924	4356	chrome.exe	81
PID 4356 wrote to memory of 924	4356	chrome.exe	81
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 1872	4356	chrome.exe	85
PID 4356 wrote to memory of 552	4356	chrome.exe	86
PID 4356 wrote to memory of 552	4356	chrome.exe	86
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87
PID 4356 wrote to memory of 1936	4356	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.youtube.com/watch?v=Yf8qzQ0RGPo
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffb9caab58,0x7fffb9caab68,0x7fffb9caab78
  2⤵
  PID:924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1672 --field-trial-handle=1864,i,1444794256866278065,14530345295690100848,131072 /prefetch:2
  2⤵
  PID:1872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1864,i,1444794256866278065,14530345295690100848,131072 /prefetch:8
  2⤵
  PID:552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2216 --field-trial-handle=1864,i,1444794256866278065,14530345295690100848,131072 /prefetch:8
  2⤵
  PID:1936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2968 --field-trial-handle=1864,i,1444794256866278065,14530345295690100848,131072 /prefetch:1
  2⤵
  PID:4120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3008 --field-trial-handle=1864,i,1444794256866278065,14530345295690100848,131072 /prefetch:1
  2⤵
  PID:2216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3544 --field-trial-handle=1864,i,1444794256866278065,14530345295690100848,131072 /prefetch:1
  2⤵
  PID:4644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4168 --field-trial-handle=1864,i,1444794256866278065,14530345295690100848,131072 /prefetch:1
  2⤵
  PID:996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4676 --field-trial-handle=1864,i,1444794256866278065,14530345295690100848,131072 /prefetch:8
  2⤵
  PID:5084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4672 --field-trial-handle=1864,i,1444794256866278065,14530345295690100848,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:3472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1856 --field-trial-handle=1864,i,1444794256866278065,14530345295690100848,131072 /prefetch:8
  2⤵
  PID:3864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5068 --field-trial-handle=1864,i,1444794256866278065,14530345295690100848,131072 /prefetch:1
  2⤵
  PID:1812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5148 --field-trial-handle=1864,i,1444794256866278065,14530345295690100848,131072 /prefetch:8
  2⤵
  PID:1596

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:4620

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x460 0x4f8
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4188

C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\New Text Document.txt
1⤵
PID:4004

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\New Text Document.bat" "
1⤵
PID:396
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:3608
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:4420
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:2504
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:3028
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:2024
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:5104
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:4580
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:1624

C:\Windows\System32\NOTEPAD.EXE
"C:\Windows\System32\NOTEPAD.EXE" C:\Users\Admin\Desktop\New Text Document.bat
1⤵
PID:1452

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\New Text Document.bat" "
1⤵
PID:1484
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:3544
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:2460
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:5004
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:3300
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:2092
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:2248
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:3996
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:2116

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\New Text Document.bat" "
1⤵
PID:4496
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:1016
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:4808
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:4900
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:4020
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:1708
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:4956
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:3584
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:1648

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\New Text Document.bat" "
1⤵
PID:4180
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:5072
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:2420
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:1292
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:3640
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:3244
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:876
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:1980
- C:\Windows\system32\cmd.exe
  cmd.exe
  2⤵
  PID:1008

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:3808
- C:\Windows\system32\taskkill.exe
  "C:\Windows\system32\taskkill.exe" /f /im svchost.exe
  2⤵
  - Kills process with taskkill
  PID:2320

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:3772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7fffb9caab58,0x7fffb9caab68,0x7fffb9caab78
  2⤵
  PID:4612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1720 --field-trial-handle=1928,i,5103959971443508217,18153182280546002176,131072 /prefetch:2
  2⤵
  PID:4396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 --field-trial-handle=1928,i,5103959971443508217,18153182280546002176,131072 /prefetch:8
  2⤵
  PID:3800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2280 --field-trial-handle=1928,i,5103959971443508217,18153182280546002176,131072 /prefetch:8
  2⤵
  PID:3600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3088 --field-trial-handle=1928,i,5103959971443508217,18153182280546002176,131072 /prefetch:1
  2⤵
  PID:4144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3224 --field-trial-handle=1928,i,5103959971443508217,18153182280546002176,131072 /prefetch:1
  2⤵
  PID:2400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3724 --field-trial-handle=1928,i,5103959971443508217,18153182280546002176,131072 /prefetch:1
  2⤵
  PID:4892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4644 --field-trial-handle=1928,i,5103959971443508217,18153182280546002176,131072 /prefetch:8
  2⤵
  PID:4464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4852 --field-trial-handle=1928,i,5103959971443508217,18153182280546002176,131072 /prefetch:8
  2⤵
  PID:4676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4992 --field-trial-handle=1928,i,5103959971443508217,18153182280546002176,131072 /prefetch:8
  2⤵
  PID:2364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4092 --field-trial-handle=1928,i,5103959971443508217,18153182280546002176,131072 /prefetch:1
  2⤵
  PID:1148

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:1600

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
1030d0994c68044a5086bbd3f66d4b78

SHA1
aa71a5d7d0a72a86db91a185af0e7e148982d610

SHA256
9babedc60618dac0c649e687630a0a48f603932817a2282d8bd2dae6cd06bf98

SHA512
ed7a5fc22db88ce1c1be3c9d0c54e2da24c42f7b86ffdcb0174cadd0ade82d4084b91258420fc571bc0203e0595494cb9f61c339348103b9b92065d5ecc85772

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
e31fc633a1e850a9b9de9c8783c0af67

SHA1
e94a41947155ba833ef0c4a8bccd3bb2c3406281

SHA256
eb2c22c5d0ee978f218c36bc3409f2e0a38824d8c60644e08a630f1623f0b8d4

SHA512
9e760b66ff902246248a5062f74c32aba837ec7a8b1ee863fea79e4af8c36106653d349134c4875c47fa18c07d46ff24e1a62f9b82019501376877cd62fb8a6c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
446bd835411f0b29bda9e171d68ab111

SHA1
5d18bc73e00ce44b1ccd60fc6dce7258b712d34e

SHA256
52770009f8e6aaee8ad22685e49ba0734b5fa91a241826db351ecaa6083bff77

SHA512
0928d4b2773423910ee8f7020d8b3cf59042d382afe4a1ea91c9314a128e12f30193fffc4ab744136a6c2b3bbe4ff924203ff10265d4e4921fae28558109db08

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
5df9ba357d9e02d79f82d086531a1ccd

SHA1
bee8c701d97499c1353ffc259e02e22098f35b30

SHA256
ca95733431ea4ecd92d722df24ddb0675d6c63d98366026cefdb464140a18ac3

SHA512
da1bad5e73ed318a55613c783557aabad8536faf7b2623e618cbebc31eeb02ad7e9fcc92729ab2f2bd87cfcf1eae532a8119af0bfdf6c8c83a348889686592a8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
86665e62b98bc034bf749f24992cc5c4

SHA1
266ec01c105c0bff759f44c36a5c61281f36895f

SHA256
df2625a90612b10464e3aeaa71e5f34aaddc6bcf05fcdf592928634154ddad7b

SHA512
34de8730b8a3f6b1e889cbc7e224f1dbf99bed10177674c547a31321ee6c5d2c1c1033fa777ff0bcd2f02fe092bc0fdb27eed9a2feb96bd06cb8c092c217a3de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
47KB

MD5
127b7a9f7009939d0ae5dd1a48386985

SHA1
f9e981f2fbc6df7e304803153fb6fe40f0dcb6ac

SHA256
9d8e3219c036313e8b27ecb7b91befc49de6a32352a5349656945a7525a89962

SHA512
b1a442d78f6adc7a67f8ee299d46817309798ff2a38a66af2ff03eaa276b3a7967fde34e801dc8488ed75b3110fd01b3a9763f792ce75e21fae190d4779c1287

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

Filesize
22KB

MD5
778ca3ed38e51e5d4967cd21efbdd007

SHA1
06e62821512a5b73931e237e35501f7722f0dbf4

SHA256
b7e1bfadb8d9c061f17a7234df012df7842ab1aa8fb6f9579fa3f0a3b4a75bc0

SHA512
5f6f02099ca8079305fb7e7f43ae4344d522271fe30379c0854d6a81b7d8adf408a50a4b799b5f52e6ed162ba6ce7fe97e24a2b9719df780e75683d3aa103d09

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000003

Filesize
808KB

MD5
c0637a08f2ba40c56260782d2bb3ace4

SHA1
a2bf4298414a764ff1342b3f48f45b4dc1669a96

SHA256
d6ab12688ec8cfe7f9235b18c7d7a4730d86278ba1efae0d715c0d054465781e

SHA512
736d1ac8987102028baef59d43ceb2fde71b3aab2f8f2d8d306846a457e2ac224908968ff7bfe34bb05beb7998223d393244cf5da84f9d64f8b71c9f0b2ca6e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

Filesize
227KB

MD5
e09df5a23acd241007ec35851474a7f9

SHA1
9802085247211e3c82c5e6fefc003e7c1f21227d

SHA256
846921a45a6d2203548059f9b22a5a5513105e43098da955bf402e681020bf56

SHA512
765b7cfa03aa7d750a18ad63c072c069329f4a7f7a594051c01700934497533ad07dc503c8b3892d5ac97f14b8b85a6f4868c7e5a1a4d2e40a7ae4f7514d1009

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
1.6MB

MD5
6d86c205a9b52b9d90090fe2652ba0d8

SHA1
0f9b8d05667b8428e7faa8f4e0806ffc5528bda6

SHA256
f1f9f5cceddb1eed63ea0aab3d1d6f913dd61744cb32337c6aaed8c4b121d167

SHA512
751adafea40d464636b62c35fbc29732c423590b0926170ddeb9ae80edfad9aff81ae23100017cd69383fed5602ef8822c076f72336fcaf0b267982346b60da1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
32KB

MD5
af5bf693b92c0d2c8441b3a6640c4ad8

SHA1
12ed4ac73239e542ab8d7fa191dddc779808e202

SHA256
b9f2c3f2ec75955d96309f759eaf9fb6bf576c238377491dbb92de1768a26012

SHA512
c2ef099832fc5e8f1e67acbd550b0590c0fb5c291761280a2e74e6a97763906b9c0c1a2295f285462ba3a0ed7cd5658f296e5f0f9c5d11a97ba210f352f8a438

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
32KB

MD5
cd3756106418d9e83a2baff9904ba221

SHA1
4c2ed1c1ebe119027db0fbaf7a64b408f1779b4a

SHA256
57ec0895e1bcaf08c769e2d6872f3f3657972f87fac081063445213dae4541ee

SHA512
5bf43ccaaf99505f7e8ecf2eda18efe260125accbc12f655601e2acabd822513e153f4b81cbf03a65d13572f11e9f13fd471006a0ce8f2665e8a594ff2d769dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
34KB

MD5
367d6749aabc56bcfd8fe6f68e8ec07f

SHA1
94603bfd837a6cc48b0b413d97e6c21294139f01

SHA256
aba7125a597cbea4846b275de47b9e35fb42202d217c321ad861b09d3b831b5b

SHA512
737b43474c49d945fcc767a082ae79734333de55374c35825993539376577af76175a966e633b8224b4ede6a42738f3298e5c42d7a307f37897857c7c65842c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
31KB

MD5
2d0cbcd956062756b83ea9217d94f686

SHA1
aedc241a33897a78f90830ee9293a7c0fd274e0e

SHA256
4670bfac0aeaec7193ce6e3f3de25773077a438da5f7098844bf91f8184c65b2

SHA512
92edce017aaf90e51811d8d3522cc278110e35fed457ea982a3d3e560a42970d6692a1a8963d11f3ba90253a1a0e222d8818b984e3ff31f46d0cdd6e0d013124

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
19KB

MD5
c7444597254c3ab4b9a6aebf59420d6b

SHA1
af57edf5ad540ae22782b52fc0f71ee59ffeebc5

SHA256
fb8bdf02d52305589b64fdb41330d16b0730e28a61b6fccf7fce6f142792deaa

SHA512
f23810b709e61804ccb51ad153f220703a02e255ac7ce48cc108c809f84678d65bc22e87312d9b7b3598c30de79ef892ecf5bc301415f6ea795810f58a418e85

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
55KB

MD5
c81ecd0806667682b70013669e13cb3e

SHA1
b035554be89ffc3a6d4b61658f4d8cffb1cdd4bf

SHA256
1663586f372335976dce40ac11492c66d585d824917c41f2d0f66536af43eadc

SHA512
7aa8e6887742cde2b2bea5f029c4dec0e41234433cd4e622df3ae420283f93fa1f17f36a9adee44caad46cace0f6c617a08f95d36c87ec924ddbbc47c25c2d2f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
24KB

MD5
ea401176818f54ad0cb8b6948f5445f3

SHA1
200034472a9c5f0d624369c0503f330def49b959

SHA256
8aaebbfcd564fde3441e3a911731538e54fb6aeec27dfccd388f5a02d567ef93

SHA512
ea6210ea5a916334278e528e85dfe03c621839fcf1efbbc4a0ae80492389e93620879e49931b4a46cdb8e5763a0c28522c6e2d7f51f7c3474d4b2e939a2860ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
93KB

MD5
c1cee2b5988facde99441327b35864e8

SHA1
b56d48e08529639fa437209c29b72b3292284ab1

SHA256
5bb2ff765cfd3e48b9a27fab19bae3cc62ad498f953c4907f45b875f931e5c73

SHA512
0b75dd37558602ea2307d7ecb368b27d2cdcf38f3bdab5a278ce11e13b1d7816c92d9f221b423d9d54a7189f5b05c283704fad4c0ac83fef02cf5e23596b9e1e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
23KB

MD5
e1b3b5908c9cf23dfb2b9c52b9a023ab

SHA1
fcd4136085f2a03481d9958cc6793a5ed98e714c

SHA256
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

SHA512
b2da7ef768385707afed62ca1f178efc6aa14519762e3f270129b3afee4d3782cb991e6fa66b3b08a2f81ff7caba0b4c34c726d952198b2ac4a784b36eb2a828

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
22KB

MD5
de69cf9e514df447d1b0bb16f49d2457

SHA1
2ac78601179c3a63ba3f3f3081556b12ddcaf655

SHA256
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

SHA512
4aebb7e54d88827d4a02808f04901c0d09b756c518202b056a6c0f664948f5585221d16967f546e064187c6545acef15d59b68d0a7a59897bd899d3e9dda37b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
835KB

MD5
b14006c92a28921e8835a3c4679ff003

SHA1
fb4c4baad9d5ef4cc8171884ffb012a2d2ac036e

SHA256
3a8f82320edd91032dec312f498710468622161badc5bb93491b5f79736cf06e

SHA512
6dadbdb1e47371d4f93b894f00939e575de72fc384a72515396f38a53f4e34db0878b5a2e30b7b7a6ebc04a00d80283e5cd32e88530541ad077447745d9d600c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
33KB

MD5
fe0606b7c65ddbc6e02fcb121a8376ad

SHA1
8d7059e99f7fe8142c43c61867206cddd0712f88

SHA256
063ade807b55547ac879998a26645d1336bccad0a2dc59a48ddc95b61c75ef5e

SHA512
aa27f8ac177238fbdeeddd07811b6d39a9e8f3d4674e058f499ec010939e437c763792205e4882165649552619dd5af1e430684ee6ee3875351ba771a115e863

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
211KB

MD5
151fb811968eaf8efb840908b89dc9d4

SHA1
7ec811009fd9b0e6d92d12d78b002275f2f1bee1

SHA256
043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed

SHA512
83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
768B

MD5
0824976f5d05ed99af092783804cb3f5

SHA1
d4eb8d8bc162992628ff8e88bf37b60afd1a7bc8

SHA256
c679119e68bd1b12f1b4dcc39adb6eef6d96841e65a9e4a7c629b25f0b5cebaa

SHA512
d262288a96ecef6f9a032ef830dc089c9f3781591d136bc5181d8a202cdf1ceb709d87b195ac11bcde4291b27030e51eae78f8bec7eb534b9c60b37729856699

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
672B

MD5
0ae2bfe8a65bfd36d2ec8b4c3b6ed62b

SHA1
48020739a095bd9376e11c7ff4a1433becb17a1e

SHA256
bd400f0e6cdb2bf8ff82c2f307f740db73ee128ef9e5cdb6d49e40ba2b5ed72a

SHA512
08617fc1834afd416bd72b465af8757a6350a39ded3236c93600cfd8f88eacc837682c2058a3c7cb92a94c6c664d7fcd8ea274d55b412403f101e65b994a5f4e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

Filesize
28KB

MD5
21b7424b97c4c3567786a22d306bcfda

SHA1
c12163ea0429a4a01c06248f069b1de623713df3

SHA256
6eb643589e6392e2d1e42264acdbb0a7893ce71020240f9ce435d8fc72567a1b

SHA512
3d8052af5dce623e33f090b282d16801016be8a5d0f17603b9d741589dc6fd1c4f05650df80702a8f022e4d74bfbdf1006ac7fd7b2642b7e87831128de521874

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
4e5e381942aec803db1e1cb5278d7a33

SHA1
e29158314cff39267c7471e6e73d6e740be8a020

SHA256
47acb3f52d8bbfe343c2b46b7bea283f9f74b58bfdd799351c1273896bed7969

SHA512
97213d37a3b1f318c3742d35ba217e18cc67e6806889ff7666c72e6e3af3c13ddeaa83d33a4f96525cb0dc218ff388b6229aa3e17f6d33fb7d5f042f29dbe6ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
152KB

MD5
17608e434026abd075a713f1716c8f54

SHA1
779e6da97de2cd349dad3fd09ed5a4c33bb12d2a

SHA256
20bbeade8084b5fd239d3fdd529812f4701e688f6c6b2aef3200ebeabb05a6c3

SHA512
ded55f9abe77fc1bb61a84f9b301685e585e00c928bf879f2a4480f177bf31a5852901f46a90e1f8d934b12a7a812f54a2b9947efd0fc89a225929550bc8d2e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log

Filesize
904B

MD5
5c49457b95a17af371b1751fed9674d4

SHA1
eac8bc26f0627342f980e6c4b19b268596af3709

SHA256
8a55b36173ac707b36b0573eb1002773a28bb34c3d92ce740e3de3b57b61426a

SHA512
76d69de7429b5547e714fafc85b8c5a79a1690cd6ce2d1f1eb18adcf9fb63d8b1917e17a9d0b02eb54a68145210b4e32009e01437e960ca96fe4be1add87e730

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

Filesize
329B

MD5
695d436ccf0d6039d8a78c5416442bdf

SHA1
babad533b00b1e23c87503b23ed32099760b8674

SHA256
d7b99574f0af82edc22f6fd1299ea79593c3c38b10fc62081a50e17cecfd1cc2

SHA512
536e6ba2a7f26b370f5884768cd6de70e875f87cfe1027d6d6ac8cceadea740646bfdf32dd6d7b1e5561a4466b24de46bdfbf955760823510a1824e7be7bc260

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

Filesize
20KB

MD5
11b7815e9e480267c51316eb783b8ab6

SHA1
8366fe90496e2053c6866e3c23f373731bdcaf1e

SHA256
4ec3d0b7494ef0115f102a50d231dadd92f8cd9200ac461df764561cde83cc83

SHA512
ee7cbd10c5bdfbacf7c0a90399800f9e466da05fa11a3695a97832474350d4bea219382585d92f0bba8bf499da0e1503959984b56927c517cf5f3ef703a34807

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
cea47dafcc9b40628677f283225ec0fe

SHA1
b48f66b4a20ee617623149b2e172d0d895797f76

SHA256
12ddfb014623d8a3c8ce310b9b91ab8200aa1a5720fa3bb8c2958050e693ca35

SHA512
795495a4f21e8a43a56517409d2ca4d4bc8fed27d321094c71854371f12c24cb3f45752b781c2ac66118e469d4bbfe31b1b02964471376e370fd7d47e9198e59

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
c6c7cbf6204e271d57cf4fda4d053b11

SHA1
0ebcb654f96ee381d7260dd2eca99822e499b23b

SHA256
0b50efebf9624846ba6cd91405805a71088309ff35250086345334e0877652e2

SHA512
e1c897c8deb62e7c1aaee787e283d01cb26513eda6f6d65488a1af7105e2f12d1808df00f623085fe864268772d3df1b900f0017631acd6cadb217de43b6a788

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
7f5eab873ad775b0a94ba58576d667c1

SHA1
f769590f2dc75abf9dec67e7651d62c6a1a3eac1

SHA256
930e08cdb7d2ce46c58e1b84daa17b19cde1e717cdca658b143ee15dfda23275

SHA512
6584f75d8359564d07c9710d91b18543eb0c063e82e189d47850ff3855e721f12a9f178439cbba31015012b69c6a895e035f0c200e1058ccddb680dd62b049a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Reporting and NEL

Filesize
36KB

MD5
86f0a5ca36a8a3af8b3bcc25f14b3b43

SHA1
dbce8817c4596565976abd175959c75e0b651d33

SHA256
21509567a2aba059947ba098ac4d372bfd391c168f8e895f3ed5dabe2aa4b60c

SHA512
36883db2a61faad0375fdba7fef76d6830bbc6288a5184e477d94497e7c811e2e13440d50e366db7ba2e2e1a18e376bd1aeb3a9ec754070a436cdad718b75e05

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
686B

MD5
23cfcc4e128f618193a6c5300bd88898

SHA1
afd4c77a6ad78054138dfa088b5785747ab32286

SHA256
e62ab7a7dece958e644715220ca711c1a34eb41dc89e0a48e2344db472c555c3

SHA512
607f3d30284b6c17ad1bf678030b5ab395dccf4dbbb975e2d469fb150a5d3dcff74cd4a1a26edb58d4ead649764811d74c5463cb4197ee70f297c4c3ad3d04aa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
851B

MD5
77d674b8484bfbd3e3030269ee04a6a1

SHA1
de709f36c7ba0ff107b99eaa7c92aa32b28fdde3

SHA256
c1bcb645594c8f39b08e32951e88d26a876a8aed53c88352c9194508ccd0aed5

SHA512
4490e1552933f1ce7619b58d3bb8b880eb07f6f8f8274a2b822735cacbe6fa583215fd5894542dbf4eebea4f791794f6f3f41956f3dcbf15ea0620711f80ac30

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
851B

MD5
594079dc24b508bdefdb34919d73c2c0

SHA1
0ac540052491a23db9b3f1a19ac8bcd72b747bd1

SHA256
ed4cbd9fdf118d41717037fd5cbf2333da2d3c4b72488d8b30a01a63b7e5b9f2

SHA512
44aebde1cd9c544367734548dee53515b692a7b1f0b9ebefabe7beab16e9403b53d901485e23a2a660d05144efa42d1d028f6baea8852a2531aa899c79e599d0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
851B

MD5
14a6f16684e7cfe3038b04780edcadd9

SHA1
54885633bbd7dc7ea4de52ba181cbbce13611d2c

SHA256
63b739b90b1869f7b7685d1f179b0cf7f20db2c4d89641711f826f9c698eb2de

SHA512
543be140de272feefcdf0d6e6e2bb660ae98a05954e401c7ee21bd0d643b549d3df46c361167482e46da1d005ddd0cf275e5938400c2c889bd244984598cf410

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
686B

MD5
9371ae14cd7d64a011ae13443d31fcda

SHA1
7bbebe50e7c1e80d3581a7c6f252311d1ed45a4a

SHA256
51e71d9aa513157092e2a3f7ee623548da71055e2e9dd841b48c2842677a7a76

SHA512
4e4aa7ce3b488aa818974a21181d9e2f49b6074df650cd8d6f2d106810e4d0e34c6559830cafc330757a3cd54e1fe841b88594710a5f576a28371002f36a6955

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
686B

MD5
e6e32c82e1644bcb044f98b38713f740

SHA1
e0429b37754cdaf5eaafd15455e9ad1b98ed173b

SHA256
8dc22a2d419cbb8a4c33d89b39af1751142c2f5d8de872dbf7630aed60cec507

SHA512
ca23d0cfd865bb9eab37035ad8f3a1ce9e4bea12027c0af941cf3734bbf8fb9c1d1007eed22b4e47c0958ad89aeba71c417f016b479c5a6cf9fe99dd1229b500

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
2ec584736fb008ca10f468278db50724

SHA1
ea88a47935b8518d18f3013ba5d9dbcf6763b99f

SHA256
0613c41cd6904206433c295d9963fbcecc2825988770ecb976add65491b73557

SHA512
8265cc9ef6b8e97482275a11dc1bb253ca9d4795ff2f275bb3f7d357b96acb74180bdd442616b1e41330ea23077c27639021b87974bfe6f473cfe5eda02970ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
ebc9a4778b59342df0dcca67fc022b45

SHA1
f30c95e321ee42c3946db95899ae44f9638e98a9

SHA256
ae1201246d0250e475df6b960034534701a2ec80a786fd326444270c6ee30d8a

SHA512
0e0bc092f7621d8de771137739c1669a3e5f055609f48a86eb16890617af949a5ca5ff9698e52983fd1a3a2c11edbc4210fa5d42c5f2be4d56697c87948a6e67

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
b7ff1ba14725e907ac72d7ec8f92d6b8

SHA1
ed1cdf8760f96335311d8e0f20e4233bf4244d58

SHA256
70f8e30e30ca75f06d8fbcf1aa5351218fe3e23752c10c24ea2488b921ec7e11

SHA512
eed8858bb2eb2e4b803bcbcf458ec2b692731d501dbd20be3a8df273645290eb6a7aeae191a6232c33d97aaa6b8ec918eab9f290916c08ef9d00edf2ab83e485

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
b58ec2715c206af26da0c2ef43a1992a

SHA1
ba8fe92a3f2c00e8dd9028d0b9529afbbe4f7edb

SHA256
b432355e4ccb7d94e083f385282ff39512fd658b57f00e6cefbe4d492e9308dd

SHA512
c737f54fb5559b7b131261b4747a5b033411f2dfd8f1abb3a0cef207f8b17bf854c6305691c3ac487245d4d16cb3b496e5906f1dbbc9f2eb19098e73414372b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
176f23815ed9b1f4d226d050c987e1c3

SHA1
fc85c18af77c178a3320648de0143145efe3629f

SHA256
8596bcfe665fd493bb35b815407c57c80bbe2a91f1ffa864df863ae32bc8d6e3

SHA512
47a48ee1381298d9a5554177c308638c2a15bc62522abc161f8a229777f6ca3e5116c1e5316e50c7691e2e8aa7ed50ad16d884213082fb36df06c372624fa3f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
16KB

MD5
f1b0c4562783ae136228fed7d05e0a9f

SHA1
0adb3d23b85c1b76a8b61a24d66ba7962d033594

SHA256
75de963f0d05a43d2cf0537dc1c86fd03d2ff16c80698aaa3f58af244d3cef04

SHA512
a5e358d790226abc43ca011f257cc250d6dbf1618329136330e907806d656e6e5856cbee0bd0a5d83dabb2634a781132b821f06e8e7ee26d0ed966dd759e5d1f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\88e5a513-0d60-4f67-982b-4d5afdd05cbd\index-dir\the-real-index

Filesize
48B

MD5
399de53a6311069d7d35931d95fd0bda

SHA1
39d18043eb6ad5f3efd5c980c2dee498fb0b7691

SHA256
86846ee56e8ee0575b1f46d5d45bef098af34f633c073322df5cf217ed4161fc

SHA512
b0cdb9aa284b1c333c67328228f8f0faa32266c46f3d08491fccbffa94454f906ffeccd679461afea71e144fbe56af8b1df4068485522939b716fdf2c1305708

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\88e5a513-0d60-4f67-982b-4d5afdd05cbd\index-dir\the-real-index

Filesize
2KB

MD5
7c0a471888821c7be919ee6fc90df73e

SHA1
165a1af9f9f7925a4ba25a9022d4b559665e2954

SHA256
3af7f2b06a7f4ad5b61c07ae3bd990098e3c404543433449341ee1f0b77e000f

SHA512
d907dfb9fd9210813576fff4238d1f2d0a2218246c7f768730f4123455e973d727ffa4b16af21a109b004c44367174d7570f2b374825e6bbf2a201d3448d60ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\eefa781c-5a2c-4968-91f2-d0422a26893e\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\eefa781c-5a2c-4968-91f2-d0422a26893e\index-dir\the-real-index

Filesize
624B

MD5
821cdf13029035e6c847f33811f52fd2

SHA1
1c8b1609339d6d35f4835f06b1ca1c62674fa889

SHA256
52254aa72f7f41cf377958f22c95d69435dda2fae5bebe7b0197f39ebd7e1af4

SHA512
21822389743d781f9c78b69592b95172229e2d9afd953004636b52fe69ea7016ee20a4024da2fb95194f0e005741b2782f8d2bbb0c948ee23945fed739d27183

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\eefa781c-5a2c-4968-91f2-d0422a26893e\index-dir\the-real-index~RFe58c196.TMP

Filesize
48B

MD5
a914cce759fb860306836ae155447321

SHA1
2579ac7bc467b1c207bbffde7162aa3861f85350

SHA256
542b6c4d24b9b7baa3c222548e99696d647c717315ba4bf6f58d38d677be4f35

SHA512
53b32774b5c3d22ed6ca401ad4a1d4aa39896121869702fc49c7a1ce9c8bf279322b1574b8df69c0a75e12f919b3c923ad13b45fc90327bdf011582dba866902

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
8750bdbd1b1c8832d7dd3e1f2087ebb1

SHA1
82faa0f994ff5350a5b5e85dc4220b675ec11307

SHA256
9b8e71301603e99fddb12dbec3ddd7c4fef5efd665ee0325da6f0eca09b948ae

SHA512
a4d1b6545008ed3d2f4881aa5effc0b170a921199675f71f96daa5926f4b06b05856ba66d629c19d8317a2e2aa1eb989c170bab7368bdb45f8665a8c24f3fb57

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
8169171190553ecc1b5d40be1e434773

SHA1
58833b1fdf32f268a868f84b5920596564ac5fa8

SHA256
5bb7ac330a3af8f7663b39842c46b37d33e4501eea7db00f4da13c4a7cd3a324

SHA512
84aea1d3c161e6ad7369814e5127704c9b486bc9475436f215ca971533c338c49d45ed139f0d7e335b5dbaf2e047bbc7e32b127b14bdfecf24d3965c4a0fabbb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
183B

MD5
15db00c7f98092b2ece60ec8eea945bf

SHA1
5d7097e75c598260304a131911443bd04c508ef8

SHA256
979f6f98a5443c70998ca25bd80c4870fc47efe847f3fa9c26b1f955abc758ed

SHA512
bf40b5fc08dcb1262af014701d063f536426f131afd7fc420445191ac7e5602b441ae6d0efa3b022f16ee3226fd05c813b7c4a5647367e7978c0fc8389a63dfc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
20c04bdf185e236df86034f3ba94a8c7

SHA1
a40d6b725a3d9f078229547c7ab35feb6d806da5

SHA256
a4dcbee909c892242a2db204722d16aeb6bd2ae2c8382d3c8888600a21c9c5ab

SHA512
478a67986da486fe6f1c85980a92ba7d8c3b8db227331602bd3d213dfc460774832c0ae80e0b53676972956ca790c0cc6261e7306875f96864c1d8f182a2e1c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
185B

MD5
7a3a06d8e09c8e13ed73762a805e17ec

SHA1
1df95a6f77261c6402dc4270888b207539af1d95

SHA256
114db9439b8f46f964365d06f534dbe6bd9c376d67bbc2fa323b545f7dcdb841

SHA512
ef9507313e882c79605fb56ce6118c082780af611d24ef610da4749586f265091ebb3d0317c2a3cf5e907f8a88b0ad11f48a354ccc02f3f5bd142e2e152508f4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57fe17.TMP

Filesize
119B

MD5
efd9a5f3ab4a807dad20c5061fda21fd

SHA1
de15e4299b44ae79a096871dda25d50f0e282a85

SHA256
11fac42823d5bf34c4914c8c614a250b3dc4620e25d8145b8095885a1d876c5f

SHA512
f91a5a0b25372aeb3660a6d86c91f48e956a9026436cd2c131bfdda3e65994255708dfbde21a4c6f7de8b3e56e8566f11648a55da6da2bb619f435facb64b6c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
120B

MD5
ca069341b42ace3480ba7756dc08659c

SHA1
f3dfd8e14ed7035d2925becf860038d1b41fa1f5

SHA256
1b9785457db2028bb05d00b4a9c81fd9aac1e8f0f8ee7dae42fad2f83de5f1fb

SHA512
86b814dfa161370fd1a34d6e007da776a216d2aededcc4a18fa1df749a3d73ea448961e33694a275dba80151ccf0a6d3490728a3c924955ad5b9c9fe13e7b19a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13364842106117886

Filesize
6KB

MD5
325dc6c30b5682cac53f5983433024ee

SHA1
c8aff6993ba2ba79c4683844605bd96db13f79a5

SHA256
03b6915f1d0c9449ad2aea6cd4e4d422175584d7acdda3185039999c2de744b8

SHA512
e68f72d9943cf9bc8877e51e2f488112b15c38db007d9b8373e12f746ae273638fa07f5d23d0756baeac684a5295fdf915a3a205c89dfc251935c8536ca4ce1e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log

Filesize
184B

MD5
9902d6b67450bd14b3a7eae67953d84b

SHA1
51c03bcfca390bb1cef6bd94e9d1fe4e9fe7ad94

SHA256
38bb75ccd2ce112bae6bf41ca2308194ae7f9d92ac01dab7a7ddfc4446b182f7

SHA512
28b918a70ad3912dc90136ba22a2256bc9ed9e615bcb0b6b82b7ec08399d989bf55a10494307f4e50c461699fc634a78e7034b00f6669fd7c333de8b59da53b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
345B

MD5
db99650c33d33554ecb2ea5ad7f4c9f5

SHA1
9248ef72f0a9e19c064588eb600faf6620a6d754

SHA256
abcd76563f51ed1612d87dc02e347e53994d426a5ef9893a9fee3dc93405b6ef

SHA512
de337bccfc7563e47d4d5d8c9bb8565782ee7e1bab13c5c69acef2e1b46654e5e2b71b6704b76dea45945b235e02e8dbdbed2d5604aa8611dd5fb9eb6057812a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log

Filesize
22KB

MD5
77b77d4fcc6c8b12509dbaeffcb1a14c

SHA1
0850d6538bc719079b64d5222aaa530437a43da3

SHA256
01fc6e88d1820f6059725cb3534f20c99115da8ec6375fedf0601e4e45f95c63

SHA512
df7282d4d97358adcc4a6a287ca28f67b521378854225b4a4ca10810cb0443cd5722f37a92982a02db7e06808744e1dadc9bb846455ecef95cba97fa5edd6680

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
321B

MD5
9a1a017d931dc21d5a8608cab274d1a8

SHA1
f8dc2037c7cbf90cfcc7ac7daab39101007bf05a

SHA256
b974dfb22c4b165232f1883222ac793ece1430481b62a6571765fda4cbddca18

SHA512
f396f35fc58e3408bcf47df72fc283cb350b63fd06632c29553fb6aa57cb31323a2170e4d8f49fe07ca71120a8e5efd235c0e767d414201a87a59a154912d3c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

Filesize
128KB

MD5
65be0cca3a78a9a767782a87e777e391

SHA1
364b27e123a1adffa245bd9f8b7f7140f41848e1

SHA256
c99dcccc7e272acd8bfdfeb249ce64fff308ed43874bb647bc5b924dde4974aa

SHA512
ad4df247397659e160791aaabd57b5290ad1334a6eb61c0c5080b9160c33803b64459e381bf9abab4c7a636327ed10c79204640aa97d1c4d6860b9a941e4acee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Icons\32.png

Filesize
673B

MD5
88dfa96f9642297ff88909ca4e0f7330

SHA1
ed8655bf13e6cc49395da4c760168c4148454b7c

SHA256
5e5eb084cf1a650b2e122f53d36f85b67ce6e39069e399a46a25dbd34f7be286

SHA512
cc2deedfeacf9f26e48cbb26e222a219905888b95634c7d91d6393b84248305ce8940816bdb3bff0f5384b9dad90f4e3905b229e06ce4b1023a1439293b240dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4356_1197542385\Icons Monochrome\16.png

Filesize
216B

MD5
a4fd4f5953721f7f3a5b4bfd58922efe

SHA1
f3abed41d764efbd26bacf84c42bd8098a14c5cb

SHA256
c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3

SHA512
7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4356_450008755\Shortcuts Menu Icons\Monochrome\0\512.png

Filesize
2KB

MD5
12a429f9782bcff446dc1089b68d44ee

SHA1
e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

SHA256
e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

SHA512
1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4356_450008755\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
7f57c509f12aaae2c269646db7fde6e8

SHA1
969d8c0e3d9140f843f36ccf2974b112ad7afc07

SHA256
1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

SHA512
3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
009b9a2ee7afbf6dd0b9617fc8f8ecba

SHA1
c97ed0652e731fc412e3b7bdfca2994b7cc206a7

SHA256
de607a2c68f52e15a104ead9ecbaa3e6862fdb11eac080e408ba4d69f1f7a915

SHA512
6161dd952ae140a8fb8aa5e33f06bc65fdc15ce3fbfe4c576dc2668c86bce4a1d5c1112caee014e5efa3698547faad3bc80ec253eedb43148e36e1a02ce89910

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
144KB

MD5
273722fb3251663e351eb625828b6168

SHA1
050f828210d45ef7d4af7fd43eadcbd8f5e49101

SHA256
bf0f3b399b2687c1923366446d2104b121ef3a6691e536b33d5ff95f70b0aaa8

SHA512
52d0d00e3b2e4997ea41862e7dcde0c4822bc185c38de7d14aafa87ba229b53521ccf0c012ec9810022e178fb14f7f4659ddb136ae0c4cdf944c8cf5bacdc1d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
144KB

MD5
16ba08d9b11f096d9a8deb6657b9de00

SHA1
577889e5e923bd7fcb290ebb37a7688b57a43cff

SHA256
3bb9bca7d3083cd4915a13b6b163334b44da7de471cc14c48a47c12b914aa480

SHA512
d2f861b90aa3bc1646df22210c59abc8e410e36e69960edfc318ec7ef22ed418086255c0c7c18d22fcdac4a264044f4c4810fe7cf9200800e58e074a21e26aec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
285KB

MD5
49c304e28887f4fe16e7415316b800c7

SHA1
d57efa6ca4d179c3556300a62a380647a8455720

SHA256
cffdddb4c47c511f90903ebb15ac24942dc2cf6f7c4b9cd8e8328d4e0b559338

SHA512
80166d27f465584726482f7cd746d1feb1bade12865f35bddbcd93f665e28132d239fb47e51c1428fc62e441fcb0046f513908ea297a80f200568a8e71bf8e56

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
144KB

MD5
3f5dcf9b97ef263d560af728d386c9f9

SHA1
79b7e06d381327869067bf3aa688468286d58c36

SHA256
659901994f6fa4ed24a182fb105ebb9683045e546fed853af12df88b14a82ba4

SHA512
8cd79b460d0f3aca31e5fb3066dc045ea0b09b7518e47d6044a6b80a174dea7083dc7bb1d78b06a79058ddff65c1f8cbf69baddb8431a13c5c1e0f10db93fc8e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
e89db303803cf179e9dd0a791abdcae4

SHA1
62f1842e6b50275a0f3f0e563a0fe693833723f2

SHA256
88f89539c0bb1708884b804b582a1f677895d13335f736715116bf24569301a8

SHA512
ef192bf1bc6ef8ac7df37a300cc3bbc8bd8a2c5b9aac92c055ceefa48d0164b4562732d627861fe543a15fdc86f8fe4320042e93042970be7f70d628e78181a1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_ydllgtqb.kbh.ps1

Filesize
60B

MD5
d17fe0a3f47be24a6453e9ef58c94641

SHA1
6ab83620379fc69f80c0242105ddffd7d98d5d9d

SHA256
96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7

SHA512
5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

Download Submit
C:\Users\Admin\Desktop\New Text Document.bat

Filesize
71B

MD5
7a5f6b6f13cdf523134a16b5315798df

SHA1
7947d344055b0f40de06316843fce3d8b0489312

SHA256
453afd4bde7ccdb7dfcd71fe946a7db15cac3fb2ba5af5fea316710f18b59002

SHA512
faea5547b7b04c9eef7f5892cff3320019ce9d136c6d8a6ca8b6fef86bb7b24867c64e838a9699b0c3fa21e178d24c7ec46d4b500e26fbbd6b1eae582f46b2c6

Download Submit
C:\Users\Admin\Desktop\New Text Document.bat

Filesize
77B

MD5
3ef6de44951605659adc7760d6b9477c

SHA1
67c546523da43846ce5763787e10e8cead9861f1

SHA256
dc9f00a2800b4a49958663d619fb0f5a0e721f238252c39b70b1d4a7f9029c3a

SHA512
6da8b43b499c39110e4901ed110414ae472cda6ef44bb4b8d7c831356080aca21c80a7ec20fef06a9a25c4673e19508f678a086afce8d0613b1d438dc9b2ccb7

Download Submit
memory/3808-811-0x000001FC37F60000-0x000001FC37FD6000-memory.dmp

Filesize
472KB

Download
memory/3808-809-0x000001FC1F7F0000-0x000001FC1F812000-memory.dmp

Filesize
136KB

Download
memory/3808-810-0x000001FC379F0000-0x000001FC37A34000-memory.dmp

Filesize
272KB

Download