hxxps://mquince1[.]wixsite[.]com/big-battlefield-bike/post/day-one

Analysis

max time kernel
1200s
max time network
1199s
platform
windows10-2004_x64
resource
win10v2004-20240704-en
resource tags

arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
submitted
08/07/2024, 14:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://mquince1.wixsite.com/big-battlefield-bike/post/day-one

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133649215207930734"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2268	chrome.exe
2268	chrome.exe
5040	chrome.exe
5040	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe
Token: SeShutdownPrivilege	2268	chrome.exe
Token: SeCreatePagefilePrivilege	2268	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe
2268	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2268 wrote to memory of 3084	2268	chrome.exe	83
PID 2268 wrote to memory of 3084	2268	chrome.exe	83
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 1724	2268	chrome.exe	84
PID 2268 wrote to memory of 4484	2268	chrome.exe	85
PID 2268 wrote to memory of 4484	2268	chrome.exe	85
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86
PID 2268 wrote to memory of 3672	2268	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://mquince1.wixsite.com/big-battlefield-bike/post/day-one
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcf076ab58,0x7ffcf076ab68,0x7ffcf076ab78
  2⤵
  PID:3084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1680 --field-trial-handle=1864,i,951447303659272068,7993999717703292652,131072 /prefetch:2
  2⤵
  PID:1724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1864,i,951447303659272068,7993999717703292652,131072 /prefetch:8
  2⤵
  PID:4484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2212 --field-trial-handle=1864,i,951447303659272068,7993999717703292652,131072 /prefetch:8
  2⤵
  PID:3672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3044 --field-trial-handle=1864,i,951447303659272068,7993999717703292652,131072 /prefetch:1
  2⤵
  PID:2384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3064 --field-trial-handle=1864,i,951447303659272068,7993999717703292652,131072 /prefetch:1
  2⤵
  PID:4180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4452 --field-trial-handle=1864,i,951447303659272068,7993999717703292652,131072 /prefetch:8
  2⤵
  PID:4512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4604 --field-trial-handle=1864,i,951447303659272068,7993999717703292652,131072 /prefetch:8
  2⤵
  PID:4384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4608 --field-trial-handle=1864,i,951447303659272068,7993999717703292652,131072 /prefetch:1
  2⤵
  PID:1816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1532 --field-trial-handle=1864,i,951447303659272068,7993999717703292652,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5040

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:4132

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
2696e7048a66515be32ab7deb57d8771

SHA1
2daed84fdd9e11b3e0e5dfdd34692400ba3028fa

SHA256
21a8102a45a6fd8a51d06c40395a4a12cdbe74012a0e2239fe527e09dbd9205a

SHA512
b378aed0de306c3a34a7db4320902e3b89022017d0c3c22dc321616841fe921b7c9af6b0181e684a81d6569ce3cbcf95c40e16a559e51a5882d233c2dfb0a052

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
8d50faba7a5c2639bc2722afe8adf127

SHA1
8f4c2f9aa181df6b45f4f77b35ba02f3f893a0d2

SHA256
714c2ce2d8eb8685470d4a903635c5eb942ecb32bf8d7e17a9d7e2213b83f538

SHA512
efcadc1f71049d081f1cfa8c9f6eb00d5d32e981da249db144ac9a82c871eb6d8710342864b09575723ba071ee4b5c534343fc11e2f261bf7d9ad404463117e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
25d55988204def9b5e183d759aaed020

SHA1
ca407337b698f1c4803bad3b3c75f9b8d08e8fc4

SHA256
627e361e4114c5f62f049c08362bf94d8285fc1daa197abc03b70b251a4a74c8

SHA512
1cdae218a5599a2d14f143adffca033abb2e893c18c6645bccd392fcfd262f6199388c774944a6d5024a31f142c30c4212fb6e183b801d509615cdb6210dad79

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
63599a03d371f708abe6e3117783d1e4

SHA1
d1bf402ad4ec9580d9109ae29ddb07461e607acd

SHA256
be1ecebe56617af2f5324caccc3e116419b761a6c9b00bae7f80a6f2ef262dc2

SHA512
616040c7c115230e59da86cc7786a70682af40ec89610748415de44649811d4dace333a09eb4b646f9102cf69bd62594e0d16a0cbf0b630268acdb7a871e600a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
c1583685654f7568fd4d708bd3a0c9f7

SHA1
1d48af868dc066b2e19a559a83e63a79cd8d5808

SHA256
2e528ae5f3bfcc13684cf03f8f085023881d9f686f7f795780dc83cf03e0cb74

SHA512
d8852d2586728e9b56c67fb84ca991e87df03a102e539ace594aa1204b7d73a62469e77112c5b717ddb517771fa0bedacdd981c6950c121e729e0e83e600b54c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
0bc5c107e744d1899fb4ef09b117c1bd

SHA1
2028f9ec5767d3825b2101fc65cb101e41fbfdc0

SHA256
1f80e6dc3995543b54755e887476319d89ad3b6de281a607a41f6e83bd162adb

SHA512
e0f6ec3d9f9456caba3121292a8c458dc5b30ebcd7bd56cdba11f97f20ea83f1ddf21f6a205f811d9bb09a533a152abff79ccaf457ddedbae63e789202f37100

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
84420857aade94db94af933c38495d7a

SHA1
9b41db6964d93d178e9cb28d6475c0f0cbfd580a

SHA256
0253c57d74de1ae719a879604aed41b939adcab79647a7e4449b436bc7730ea0

SHA512
9b00f86d75e8760694415fb2a363c36f567c26149bf85026091a73575fc56602b162facfd7ec5dd65909cb2599fc5d78866061d38a32f411569a6965cd4ec11f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
d85871191ddb594483746d8ceaf7c244

SHA1
963f04d46a245c76fe322d58b677b91af40e032e

SHA256
ec2b89b61e556c24e13cd1e4a0d1c94b13ce38fc812cd1b4153ace67467c5cf2

SHA512
61b17268c560528d0ab2ff2bb07676725a5c568e4e6cd77ff126aefc7b1362b9cb138297d03262b2e8ac27f42c6d1191a9b1a579c10221a8a74531903a3d8d75

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
55112ede7bacca5fb0f5b3f950fe53b9

SHA1
ae311a24d55cf051a25562cb255f49220899776b

SHA256
bec62f44a15a9fc5a8719878d6996035cac835f8eb79380611df6cc99c401b57

SHA512
b53f9afc5c4389cee552c13652fe4b3b00859d2a971d8bc2cc496d86014f2b45f4e9ae70385a93c1a9c9244c60cffc6d2468ec2fc71db66a3c61b9771c31ab55

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
0826bcb59c49d77eb7130ed20f39defa

SHA1
d7f252e1de35592974d95fc2e8be6cf28c220bb8

SHA256
6ee205471b4297acc03ade79de2d8039fd939671043fc61fc652d427381b629c

SHA512
3dca363d4506b7cf5d5fe4a45367b1ec197ac6ed4cd9360e202f5f6d54369a387edbeb9e91d0eee307431ebf553df8849bdbbdd82c9fd7cc85c3342e96a912eb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
a3f8c9887444f5da6e536d781b51604b

SHA1
f96ac8323546c2ec2207c2ee8dbd8f8f308dd71c

SHA256
fb5e2a3588460bda298f2397998e1b5f500cd48953d615fc6984d5e167175b3f

SHA512
b8b91ef2857e43fb59bf4ea42badd65a650617ebcacb78cc05b72d6cf76eeeff0158b86e17ee2040b83b0d705917851684246613d70f81f98cb0002c80d4a117

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
acdd38b18d4e589771c5d5404902d082

SHA1
4aa870c4aa490115d9bfcd4eb8bef1adffd8fa56

SHA256
abf0ddb6f1c9d6ee919a0b8e97cb6a2ced1cb05ebe9bdb36392afd2016a3da95

SHA512
8cce3350a9c27c143009e302397d8de121d07e55788fee1b3b77074384d31b6c6748af5c068157e83f187a6ed619eaba1b4d226ff41c459f008e06763d2db77f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
859B

MD5
d4313ddba243eed008300e85f5d13fc8

SHA1
0585b5c0827103d70dc39c063eb6005306fdc035

SHA256
d1289dfd55f8fef03bf7c5a7330cb013ccb43e176f6bc51061b129180bd90333

SHA512
1a01306e46ec54d07544fb490a2e2a9b47458fae4f736385305511744e79d1ccfe13281f5236fbc90ac245461f73758b047e7fcfeb45d54b52fc1842a9c33ee4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
831934c8b685b68afdde614d48b16c46

SHA1
0a35fbc912deb895dce9a9016f0439d8ecdb8bff

SHA256
1c5ba6010540678f93936256580ce23add2625b28cd6e2b697786ffcd7a5a90c

SHA512
c526a1cf37f2e35502ea16307d8b8518f9caa133ccad56cc1e9b5e4a3191a0d8cbabc0a2fd0a030991fc4f714a079414da2606ca69838206889b66bfbfcad7d6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
7c48952b8ab0e2d4fea98db7fa154ab5

SHA1
83c7972fab49e8e3597507f79d75c943060b4fe6

SHA256
ce9aec65597d6626cf9dca4a7a9836ef925851c438bf03c1d748c2be3c2271c1

SHA512
add709d7f393eda540640f22b2fbc115a5e403d5e209344fb68f0c20bfd1fa3dae841712f53cfd0e5a03ac617f2372b1a7fba7446d23e1a2308c60e376cf779f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\a2efab3f-c9f7-49e7-aac4-ed19b155e009.tmp

Filesize
7KB

MD5
c59fc102f403ed905d70de8f5534e4bb

SHA1
10934316d9e06ccd2ac42e7a8327215c385030ad

SHA256
1c6c7b9f762d22ecb766521be0aa0c43e367079e9a0807fca2b0e0f9f1d97fec

SHA512
0ff784198e815154d64f55ce0317e33ab014bb9686d9580df2822c9c0f49981d7e018af93be558c2ed913489e8f6f8b21701220d5d862904231d4277fb71c205

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
144KB

MD5
dfb83a2527210695b666d71644d71e9c

SHA1
5f75eeaf717d5cc6acbd1bcb767570ab955ffa87

SHA256
11dfa906c53468c29dedba82c464623749c23b8ef5c1083b73aeb518932779e2

SHA512
3457f7b1431bf67004c6f6487fa0a28d8d65fdd9ca46f3240c51db342eb3b69ed085382e848718ce3928e290728472f362f5359e054fd7edb5c6ccadb2e1fe5e

Download Submit