hxxps://github[.]com/Endermanch/MalwareDatabase/blob/master/ransomwares/PowerPoint[.]zip

Resubmissions

08-07-2024 19:27

240708-x55q1avdnk 8

07-07-2024 21:20

240707-z6stya1blf 10

Analysis

max time kernel
490s
max time network
493s
platform
windows11-21h2_x64
resource
win11-20240704-en
resource tags

arch:x64arch:x86image:win11-20240704-enlocale:en-usos:windows11-21h2-x64system
submitted
08-07-2024 19:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/Endermanch/MalwareDatabase/blob/master/ransomwares/PowerPoint.zip

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
5088	[email protected]

Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs

Web Service

T1102

flow	ioc
44	raw.githubusercontent.com
3	camo.githubusercontent.com
7	raw.githubusercontent.com

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133649404708148922"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3590242114-4229536887-1276274119-1000_Classes\Local Settings	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3590242114-4229536887-1276274119-1000_Classes\Local Settings\MuiCache	MiniSearchHost.exe

NTFS ADS 2 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\000.zip:Zone.Identifier	chrome.exe
File opened for modification	C:\Users\Admin\Downloads\Hydra.zip:Zone.Identifier	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
996	chrome.exe
996	chrome.exe
1072	chrome.exe
1072	chrome.exe
3976	chrome.exe
3976	chrome.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
4560	7zG.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
996	chrome.exe
996	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	996	chrome.exe
Token: SeCreatePagefilePrivilege	996	chrome.exe
Token: SeShutdownPrivilege	996	chrome.exe
Token: SeCreatePagefilePrivilege	996	chrome.exe
Token: SeShutdownPrivilege	996	chrome.exe
Token: SeCreatePagefilePrivilege	996	chrome.exe
Token: SeShutdownPrivilege	996	chrome.exe
Token: SeCreatePagefilePrivilege	996	chrome.exe
Token: SeShutdownPrivilege	996	chrome.exe
Token: SeCreatePagefilePrivilege	996	chrome.exe
Token: SeShutdownPrivilege	996	chrome.exe
Token: SeCreatePagefilePrivilege	996	chrome.exe
Token: SeShutdownPrivilege	996	chrome.exe
Token: SeCreatePagefilePrivilege	996	chrome.exe
Token: SeShutdownPrivilege	1072	chrome.exe
Token: SeCreatePagefilePrivilege	1072	chrome.exe
Token: SeShutdownPrivilege	1072	chrome.exe
Token: SeCreatePagefilePrivilege	1072	chrome.exe
Token: SeShutdownPrivilege	1072	chrome.exe
Token: SeCreatePagefilePrivilege	1072	chrome.exe
Token: SeShutdownPrivilege	1072	chrome.exe
Token: SeCreatePagefilePrivilege	1072	chrome.exe
Token: SeShutdownPrivilege	1072	chrome.exe
Token: SeCreatePagefilePrivilege	1072	chrome.exe
Token: SeShutdownPrivilege	1072	chrome.exe
Token: SeCreatePagefilePrivilege	1072	chrome.exe
Token: SeShutdownPrivilege	1072	chrome.exe
Token: SeCreatePagefilePrivilege	1072	chrome.exe
Token: SeShutdownPrivilege	1072	chrome.exe
Token: SeCreatePagefilePrivilege	1072	chrome.exe
Token: SeShutdownPrivilege	1072	chrome.exe
Token: SeCreatePagefilePrivilege	1072	chrome.exe
Token: SeShutdownPrivilege	1072	chrome.exe
Token: SeCreatePagefilePrivilege	1072	chrome.exe
Token: SeShutdownPrivilege	1072	chrome.exe
Token: SeCreatePagefilePrivilege	1072	chrome.exe
Token: SeShutdownPrivilege	1072	chrome.exe
Token: SeCreatePagefilePrivilege	1072	chrome.exe
Token: SeShutdownPrivilege	1072	chrome.exe
Token: SeCreatePagefilePrivilege	1072	chrome.exe
Token: SeShutdownPrivilege	1072	chrome.exe
Token: SeCreatePagefilePrivilege	1072	chrome.exe
Token: SeShutdownPrivilege	1072	chrome.exe
Token: SeCreatePagefilePrivilege	1072	chrome.exe
Token: SeShutdownPrivilege	1072	chrome.exe
Token: SeCreatePagefilePrivilege	1072	chrome.exe
Token: SeShutdownPrivilege	1072	chrome.exe
Token: SeCreatePagefilePrivilege	1072	chrome.exe
Token: SeShutdownPrivilege	1072	chrome.exe
Token: SeCreatePagefilePrivilege	1072	chrome.exe
Token: SeShutdownPrivilege	1072	chrome.exe
Token: SeCreatePagefilePrivilege	1072	chrome.exe
Token: SeShutdownPrivilege	1072	chrome.exe
Token: SeCreatePagefilePrivilege	1072	chrome.exe
Token: SeShutdownPrivilege	1072	chrome.exe
Token: SeCreatePagefilePrivilege	1072	chrome.exe
Token: SeShutdownPrivilege	1072	chrome.exe
Token: SeCreatePagefilePrivilege	1072	chrome.exe
Token: SeShutdownPrivilege	1072	chrome.exe
Token: SeCreatePagefilePrivilege	1072	chrome.exe
Token: SeShutdownPrivilege	1072	chrome.exe
Token: SeCreatePagefilePrivilege	1072	chrome.exe
Token: SeShutdownPrivilege	1072	chrome.exe
Token: SeCreatePagefilePrivilege	1072	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe

Suspicious use of SendNotifyMessage 36 IoCs

pid	Process
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
996	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe
1072	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1028	MiniSearchHost.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 996 wrote to memory of 1044	996	chrome.exe	80
PID 996 wrote to memory of 1044	996	chrome.exe	80
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 2836	996	chrome.exe	82
PID 996 wrote to memory of 812	996	chrome.exe	83
PID 996 wrote to memory of 812	996	chrome.exe	83
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84
PID 996 wrote to memory of 4344	996	chrome.exe	84

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/Endermanch/MalwareDatabase/blob/master/ransomwares/PowerPoint.zip
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffdfefdab58,0x7ffdfefdab68,0x7ffdfefdab78
  2⤵
  PID:1044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1644 --field-trial-handle=1796,i,1985739291327434826,9630807052110946729,131072 /prefetch:2
  2⤵
  PID:2836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2024 --field-trial-handle=1796,i,1985739291327434826,9630807052110946729,131072 /prefetch:8
  2⤵
  PID:812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2124 --field-trial-handle=1796,i,1985739291327434826,9630807052110946729,131072 /prefetch:8
  2⤵
  PID:4344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2992 --field-trial-handle=1796,i,1985739291327434826,9630807052110946729,131072 /prefetch:1
  2⤵
  PID:4880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3012 --field-trial-handle=1796,i,1985739291327434826,9630807052110946729,131072 /prefetch:1
  2⤵
  PID:404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4596 --field-trial-handle=1796,i,1985739291327434826,9630807052110946729,131072 /prefetch:8
  2⤵
  PID:736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4332 --field-trial-handle=1796,i,1985739291327434826,9630807052110946729,131072 /prefetch:8
  2⤵
  PID:1064

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:3380

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0x84,0x10c,0x7ffdfefdab58,0x7ffdfefdab68,0x7ffdfefdab78
  2⤵
  PID:1668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1568 --field-trial-handle=1944,i,13967902200221152858,9555159728865328349,131072 /prefetch:2
  2⤵
  PID:1524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1856 --field-trial-handle=1944,i,13967902200221152858,9555159728865328349,131072 /prefetch:8
  2⤵
  PID:3084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2224 --field-trial-handle=1944,i,13967902200221152858,9555159728865328349,131072 /prefetch:8
  2⤵
  PID:1536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3064 --field-trial-handle=1944,i,13967902200221152858,9555159728865328349,131072 /prefetch:1
  2⤵
  PID:4072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3104 --field-trial-handle=1944,i,13967902200221152858,9555159728865328349,131072 /prefetch:1
  2⤵
  PID:2732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4348 --field-trial-handle=1944,i,13967902200221152858,9555159728865328349,131072 /prefetch:1
  2⤵
  PID:1256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4600 --field-trial-handle=1944,i,13967902200221152858,9555159728865328349,131072 /prefetch:8
  2⤵
  PID:3948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4752 --field-trial-handle=1944,i,13967902200221152858,9555159728865328349,131072 /prefetch:8
  2⤵
  PID:4968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4900 --field-trial-handle=1944,i,13967902200221152858,9555159728865328349,131072 /prefetch:8
  2⤵
  PID:1548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3900 --field-trial-handle=1944,i,13967902200221152858,9555159728865328349,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2324 --field-trial-handle=1944,i,13967902200221152858,9555159728865328349,131072 /prefetch:1
  2⤵
  PID:4088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3292 --field-trial-handle=1944,i,13967902200221152858,9555159728865328349,131072 /prefetch:8
  2⤵
  PID:3104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3504 --field-trial-handle=1944,i,13967902200221152858,9555159728865328349,131072 /prefetch:8
  2⤵
  - NTFS ADS
  PID:1912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5016 --field-trial-handle=1944,i,13967902200221152858,9555159728865328349,131072 /prefetch:8
  2⤵
  PID:4392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4856 --field-trial-handle=1944,i,13967902200221152858,9555159728865328349,131072 /prefetch:8
  2⤵
  - NTFS ADS
  PID:2508

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:1988

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:3232

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Desktop\" -an -ai#7zMap11911:68:7zEvent14825
1⤵
PID:3956

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Desktop\000\" -spe -an -ai#7zMap1142:64:7zEvent927
1⤵
- Suspicious behavior: GetForegroundWindowSpam
PID:4560

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Desktop\Hydra\" -spe -an -ai#7zMap14991:68:7zEvent12676
1⤵
PID:3536

C:\Users\Admin\Desktop\Hydra\[email protected]
"C:\Users\Admin\Desktop\Hydra\[email protected]"
1⤵
- Executes dropped EXE
PID:5088

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Desktop\000\" -spe -an -ai#7zMap8625:64:7zEvent20852
1⤵
PID:1772

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
1⤵
PID:880

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:1028

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
90ea04adf5a286ec4a38a48020e71755

SHA1
5712ca22cb5193df9221a9bc69d6008051c4c682

SHA256
8431c5677a85295c840b40b605d2563a7ce20ea93ffb98c11e6ec4204cc34ac7

SHA512
fc02f4a03802002a1300ea70be3b10b74956a7fc7c116722f9771e24c3cbfc4d0763043ebeb2fd373a3c8cf480770cf9b1f5324e350ee277c13de0529c0720b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
954ace4cad62cadebf7aa2c299e5a458

SHA1
5b56d0720f75ee5cb4f4cb67cb9ba264a5593f0d

SHA256
aaf3c719ce64355a5d8e851244848f06952f1d103e9a6543333f2f2483b7514d

SHA512
00d16ebb0b7055b3de304168375f0563a97c4c36538cb90d199b30641e661473ad32caf4179fb2574f987ae9dae091c2591eaa3301aa719ded6e6ef215f5dbbe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
3457124273dd0635f5b30f391d65d070

SHA1
10c44b9979015ffe2f56593f741087345a4c1311

SHA256
359b50a6095046f49b418e558e590214e211aaf18b43c1fa291a1d4beb302093

SHA512
0d6fab69c4be3f6b2f7cd69c3a72c95d4e0312cb413080833374e5e5ada26e5e1543ddd77afa6ed93010179918dfc6684dd615cd2e6dfd63f83eb197d65559cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
fe0733a6810ea020de79c304f62b34b0

SHA1
9e148d8a6883165c98d9a0894dd5b7f46927dce5

SHA256
35ca04ab759971b1325b5d26ffba9bdb152de4d1c9e3aeecc26ce128d513761c

SHA512
3ba995d45e627dbaf7c683c5bcc7b7da9203ace12cb51bb483f3bea172855c726837222c64f412e0f10afbedcd6d4d62dde2daf4a2e5059fb5cf85a9efb8929a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
f67891b7bf314db5f8e7e6ece2fed84a

SHA1
f6d46629663fa6d7ce834c8da7eb4ac57dac40af

SHA256
0ed7ff4d1ffb7668f55981333119d1324c2cc647b3d0968a3094f0ad406ca258

SHA512
25fa7cf8b26dddc0ac2edcb7f281200b381189349efb6f36735e2742da9fecb6921f1580d31cbe2fd6003403415b7b49936a60ca2eb6da44849a4056dd7ed035

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
46KB

MD5
9718cdfa1d1abe93b15b21c4e7ed0920

SHA1
67087ba72dfc2998409972dce8a4343f35ba83ce

SHA256
b081001a2ecc00ac8f331ee3edd7e0581e6e2ec067e6cefc229fcd18e38e573d

SHA512
6b31f4126c86439ee9e5370be52fe916d4a0c01f56a79e0ff99c70b663cfd0a8358c59cd1b56df46eb2b5892e8ff426cca35f87349cbb05673be82072a2e6543

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

Filesize
20KB

MD5
628ba8d31375849e0943894669cd033c

SHA1
4fa6d50a37fa2dadec892474d3e713ef9de2d8a1

SHA256
80e3440c312f921afe33a7d4a3d11d1d2dc7162f8f50b748b796f424441d10d6

SHA512
d4406493dc8767c479460f3039b038866549feebf392280384da08adbcad2e871720d046220cb67ebe3ab75c14e06a31df2fa7c0f2c17f91eda26ba0a709d27f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000003

Filesize
37KB

MD5
838ff1c9432529e8767cb82eedd81504

SHA1
b19d6bf6d966c59592600097d27bc4dcbdd20bdb

SHA256
eb231ce985c270c3f38016ec8095b7f350952f971452fe6500d8c62bb886a97b

SHA512
f1239ceb6d557b06867e5cc487dde32d72e035154de3855e52b4e66d2aea1582b07c0fb0b0a1a1369caea3e58a876fdf24255fd774e9b4417376844abe1574d4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

Filesize
37KB

MD5
f31a1ab9f483d9db21349522e39dd16e

SHA1
01a275d7fc1c4f578fa506c8e0bf9b7787dd4806

SHA256
463800c9ec072ae72a4f6fdc1f2f779c792cb7ceb6f57c7d1231eabefad2bd9d

SHA512
cab9bf13c36b854bef939e1d09c8d896caf1d7c20f6948f70f27eaf2869e49c8b9be728b4c95926ba869a987516a79d3193d416b0582b7570a58269c8caa7603

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
25KB

MD5
6f0d8c2d86b40b21934ff819a3961667

SHA1
2e411280d2191d0f9732fe01ebc522aa87363b34

SHA256
8ef59cad09decea1d3b42a9ddd4a9b25a6c7d7bdac03d0621b4bef1448276c88

SHA512
b9406b8e4f3ca0fb1a45d3ce677d12a84c83c9c1039be109b0002c4a42435d68107cacaec2e07474b7e9d48e6e00df1734e33d1b18d6aac7a604ea6500e01024

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
20KB

MD5
0f3de113dc536643a187f641efae47f4

SHA1
729e48891d13fb7581697f5fee8175f60519615e

SHA256
9bef33945e76bc0012cdbd9941eab34f9472aca8e0ddbbaea52658423dc579f8

SHA512
8332bf7bd97ec1ebfc8e7fcf75132ca3f6dfd820863f2559ab22ac867aa882921f2b208ab76a6deb2e6fa2907bb0244851023af6c9960a77d3ad4101b314797f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
56KB

MD5
a3fc500be9f5c8dd0f13cf52ed7a551e

SHA1
54a21a2c36b2a39f3d219e0f3bebe16fd35d4b0a

SHA256
4bd614768b6b3b2648bfb816e4f19cabab02a70ba2b4668763cb6e8cc0cae1b8

SHA512
aa79a060842cf41d855a8cd37563f5b9a80ad5e1e12f1dab6d603d12e66b36c42ffb995100fd964bcf690bffea35d4f7d58b043a4f33db2f9ba3434f511465cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
53KB

MD5
8fcb818bc23425964d10ac53464bf075

SHA1
396f40d25a7d38eed9730d97177cd0362f5af5d7

SHA256
8b56333cda4211c50ada778d598348b8a846d557ed9117d8b265e004db31e9f7

SHA512
6ec7588257bd1261f9b2876c3aa57fba2b6bdc33a2a68830c8d8d539f449c552cf6923a5e8afb5e665d12cad253a10d68ad665d9eb74ff8250c6daf2f61e6da8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
73KB

MD5
670f33fed2d675ce88331ca66a9fa3fb

SHA1
8f3c98a08799216cb883cd67c06be75188ec1bed

SHA256
2ca008e2aefee1a9e1f76f0183926ed6cbaddac56e0eee0bc85cc76e37ffb528

SHA512
6c4f95780f0b7b97806bd9e898fd068b0c837f4b8f14d771e799c8850aeab423c274f4a2a24ca3638740a17f1d3daa00601b8da7246b0088ce8f2ff17192d11d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
132KB

MD5
01088b35a7144b96e1c65db9ecf5aeab

SHA1
3d5b4a4fafdc3867adca4a4a640d6296bba06f82

SHA256
66616d0b8be2030b1f40d1da2a80bdf930172335226111b7965a4480bb584f1f

SHA512
bf639e6539792c3ebab0ddb646b795a1cb14e4359fe97726db69ba2e082debdb920c15d5eb96a552613ead61ee4320de0331c02aaba3f14dd83956cc7affba89

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
22KB

MD5
f2b3b5ae31aad5857de6b472b4b33502

SHA1
94b2968bcd37264d68fbd1189eea5271bf0399ff

SHA256
afb3b56c3fb32ea5657cfe81ed543e4f216ae5496476f567a1c800084ec6cb03

SHA512
bdb04854ca0a9cae61cf4c3e3a48ae40776a19da50d95ad54486c0c07a083328105739d8dc0235185f3d86d5f5a3104dfbe92c31357550803946402949e73b70

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

Filesize
21KB

MD5
329dbc0fc2ffc416b29bcb919df54c63

SHA1
2ce4525aaee6a876df4f866dd85250bae2385572

SHA256
4cf05494e7b784b7dfab5fbadaf457aebd3040471f8751c135e7440c91d7c040

SHA512
14e25ec3a04a912d5309118d6410d9ead8f106f032a961c9359006fdfb1599568c22caefff49eb4abe0050428d5021618f1369f25de4c6ab8f55213fe285b612

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
2KB

MD5
69f4ad1cf16f60814273c395ac68c0c7

SHA1
7b02ed59a7178e6de6f451e339dcb6da601c33dd

SHA256
ac613b21da9e71c3211ca91be23d1fd3bea65f93bf98612e7f71592db35ed5bb

SHA512
5cfcee259fa41c023a4f9f7b782cd29f917f6ac6034b095c5f3ba8c3e1e97a186271264a0c6b8cb73d7bf2f78c6eb97dfb95977e8590e5ab3fb2bbba347a639a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
9940592861dc78fa7f1809b71c5021c1

SHA1
830eb05514f048c6d6b2d20a1a42f696a2532434

SHA256
01ecfd4d2647774036cdc2a5266aed1a2a2cad8d44f3a5b8c3def7ded83c69a1

SHA512
add79024752ee892ddcdf5c947087735569e63b298bb4d21d241120a6aca507d0de9d1e416d12d7697999b18bae905b0a604af246222bdc3529c953a4993f31a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
a34f78deb93dc4225ce2a344b996a0fb

SHA1
9924b03e0c34029f75f092f7fd9113c7bd508533

SHA256
78d3d52b6a2e07b8077688c31733d5ec5f84a4d62002693b147b93384999da07

SHA512
42de074d62ce1f7a6315b1b7cba0a6e6b23287c3cd30c83adc420857aa00d792b01dae14fb09500c392ae532b4ca4ccad7c198912b113abf83ebd67507f48c19

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
50ee99ee1163be68822c33888835445e

SHA1
83084c58cbb4fe4e45148202914dc26aa36aab9b

SHA256
35e55642e6daae8dfacfc4dba3f6adf2125dabf3bde295fefb6c8a92a702e25c

SHA512
c3f8bae4194837eb659e7ca8c1ef79728e2e2c927dc91d167634d13a6a8087a5cb23944ed849fa7e30ccbbe03e911c89feeeaf6b2c4cf63ab0573e6229ef4ed4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

Filesize
317B

MD5
b267a929a74e8857e50bb0542c688e42

SHA1
70741a3e58270afc37729484fc70f821c641c973

SHA256
8f5c8f44b847781c6a7fe1c1d739a53d0ea0a52eeebd814575ba3ef4914629ca

SHA512
5f9d511c17a9816224f042dd98a24c0e73bc42443f80d08bd3d7b1c13a8f8741d8455a5489b15cf8fc5817b12db74c3206fd78ecf0045b5e3e891335d911bc40

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

Filesize
20KB

MD5
ec5b5937bd7c6118a06ebe8625c9335e

SHA1
2e24da632f5fb75436f4328cecd67220618be421

SHA256
a9068dc606be0fa2f3a272ac8b3948428214fe1f7b97ebaf1ddbbfd8e0a8dbf6

SHA512
9271a462caa8ad6e204a9b1cea3dc4e8f71ccbb72c0c53380e9963d8e2b11ac66f8cfe36b39246428483b35b39534f9c2a75700ce7760635b47a71e5cbff1e54

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
152KB

MD5
579565e4e62af948a7b68a3212c26b6d

SHA1
da504f3d11a087bb5f50a4616a7a856ded6061ab

SHA256
463f570bbf0fec7142b79c2f57b0bb4591e47496f2313a590ee7d9b810eb1ec2

SHA512
83be03c3f343ac609ca5138dce92ea60a82a33956cedcf935a073efaee547dfe56d2c5b5453b425e5c1eea36cc31a00a445f0b581564ecfc544d3305319790ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

Filesize
20KB

MD5
fddecb18b202991369e52cb56248e4b2

SHA1
79d30424b0b2bc6ba28e7e75a91508d85301d6de

SHA256
446a91a815ebe452f59e4300766cd7ffe7da63f73b97a68fab7d94bdad8d3f3c

SHA512
1b28362651eabeeaedf716ec5e0f99a28852e84839afec8250525aa0a12b18c8e4a40d3212e1b12f48ef9f0c979c40f49974cc0fdacfb78b5806a9ca53cb9032

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
ff992053b1abc49a4420f727c1087cc6

SHA1
d6cdc4e803a9be27a8ae082219ba9d573ccea452

SHA256
8639635ec7a39b3b07b21ce4097c445b1a700a170366c2e63761b8007e520f62

SHA512
e5b30cbfff739925c99361a2ebda72306e7e55bb267c97b61a08cdb73aee75a2d98995b6b4457d6f1c3e5fc3ec51a7d848d7a0b8debbde5d764187ec7464d759

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
e912a9e4d232613ead766d55ee749b72

SHA1
4bd7e8d8fc95a2434217dd50d0a7825d288ced21

SHA256
767bc42964c13a5e598a1aa296f801e020a4783054bd202643ebe8191945da97

SHA512
f6e18c1bcefd8b3a6debbac1f3c16b1b3b56a9ee0fe713483366d69e708144ab386efc4af22d4f463a1da13165c9613017777bd3fdd7dcddbff5ffbff59b5c83

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
cd73bb1f2a45046dc55dae09a49a5d0d

SHA1
fe481a3e26eb5be21b8a732738fb1d9c8e637299

SHA256
9ed7f56bcaa5c48198ea9c67d1fc7e5b69ca22975ce3216359256d641a80c920

SHA512
7424e5fdb1c2d28c880433ae579dbe788efe35f588224b4e96a9c829cef5cae474fe2aad33a733f063aa5264ec847eee54c949d958d1b9973aa2cb4f86db33b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
af3baf350c5c5c8e8c164e44941107c7

SHA1
dedd24b312c5299c24447b80088d0b3d6b670a52

SHA256
5ad5337dbd92b24915fe2c87ea4d7bed9ae0b6f17adce4e8ee8b8ff65c1a8383

SHA512
51f0be019ee00121766d5099b67b24640fc44133b6f4f9ff4c5917139d12caf233b2854b58cb4643ceba80645c3697a6af716537d2b55fc9c502a3f0f7f39d06

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
34d61954af90f0c0f9846a9b9b7162ca

SHA1
b5282edba9d100d6ca37db6ec2c2e85483fd6721

SHA256
7c76f303b68962b12b21f40ec044f1662d15b7ca6e817d577af33b9d3cc48113

SHA512
3fb2bde5d9cea2e93bbfc80e483c776f66fd10a6a6708aa2a832fac0686ae17cfe058364681e8ac7e098538f5260df37b7c172784c087438dce952d0b4dba1fc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
f80e4f7f4a0be09620f5537353d4a4c7

SHA1
eee647c36a0b458fb3c37f4c336af373859823f8

SHA256
e3e83d29c52a9880552c551638a9f4f8204f7d978d635c07984d21af15c3bb13

SHA512
51c3e608ed1c27e3e1cbe78a2fb87a7addcf5b2d96c3a7f5f6e982b60baa69eeae1cc66df2fe88dbe78cddbd9d19c16f7dd91ab32be082ff8ae1c8d154262555

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
2d45257980f567d8c987def3d33a0969

SHA1
644604de6fb0f769c0148c088fdc1649fc2387b9

SHA256
49ba8ed17d4299ed94c16b09023cdbc57556d2593fd6685bcf1c48ba8a56bf32

SHA512
ccfe30e2652d1cb5836be2d06322cb3b38cac23073d6f0ef290df47b80118fc326eea78d84c462fd4042bc8d45a9f8c7c1ca4f3f1466a8b1947756eb1fb50768

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ab92cab2fb631d3348fda03dc23a5177

SHA1
f19d37fa778dfee08ababd2ed9732a2beaa1a28b

SHA256
40058db4bbdddffec74ede7695ddcda13609b1c815d1e18795b709cd3813a164

SHA512
006483fc891b77d748d45ee27d84bf904e455f8b810899589c43a209914f0740249d5088933ed11754e014e9ed4d90937ee8f902b228d113e0a564a7187055e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
d30ca62b2c34e621a4827964750a5e83

SHA1
6be89bf5dabe5e2df67660450ebed77bb8b81524

SHA256
fd1d06176acbfd86e7bb09f83c755cc1c03b75d2bcc590096f98cd971085983d

SHA512
7aa3c6d5cd64b2c79ba81e7803084f4ec084bc09810fb42017994ad65ba0789b2097ba91dcd280c182663bc80a38c4d811e31b44c8bddfa0843c6aa4dc434b45

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
eaf9f31382364ecce16ccd94f57d57f3

SHA1
d7a3557b9e361d2b67a7cda76ca27ccd54a9c35b

SHA256
0dd5333ea4609100c2924d22c61cd0b5f01ed2f2400472c20e8bd4a44af5a31e

SHA512
bb906dcab0eb9a6a57410ded66c057c8fcb1b249ee5caf1d17dfe4de54d5360207a8d96db55cb343faa7a9b2b6a0066f66141a9da386bd6153f91ef8c7884558

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
6b7ca2940d695bb794d52c952780d9d0

SHA1
ba62508003c53ca73302cdcf8c504d1ea00af619

SHA256
cfe40befc668d168c8756c18d1d44557537d47c23d7883a3820d16f45cda6f26

SHA512
8e60e188bcd43c92d02c04f0dc3a1fd4fa87f6284d148a90867e1a10c677225b29de9d2f0f734bac45bd2935b52fc591cfca6c9793865019c533b26521c69982

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
559d85df9404c4094aedbecdc59b38c3

SHA1
65818aa4a0c1531e48274bb1309e4b55eabebc0f

SHA256
9000dfa60945e93b35f14c0e0e844ae02b4a64599f541714fc177008702361c3

SHA512
17704509082b0ab014d08159560a325f774be54e968a97cac1e30e2a8f986bf419e5f2aa07f9341974024f124d5af517c212ddf7e5c95dd0a9d1c2762d3b0856

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
8b02f1dfe77a0995dc9ec33a8f67c530

SHA1
1c51b4aaef565b7ec2b0e5554d6c2416b934aa33

SHA256
f149082e06a4e9b59fa1f0d5dabd62b7fec2e682026e41c67df3421c350c4b50

SHA512
9998be9ac2c4f639e8100f001ffaa9a9c2b9f7ffb1e2e9bf8544db97899af764e1d77320f0dc12a5a11ec48eb56ba7e17437dec6dafccd60dd5647903c54476c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
f1907af4592d224e62239837b9606d25

SHA1
1b83ddcfd0c6265c79135da2beb941f7dcbe402d

SHA256
0800dd2173090ef91b32ec225c982b4f8ce2af06d51d0adfff6e1bee094f9fbd

SHA512
e2fc61b366f983fe78bf03c2883d9ff4478e23e98112d0af48a6d039f16045788eeaa070aa3d42bcbe13dab5c768eaa1035657c994eb5e284d0353af407fb718

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
fe2cfe540ca6e35f8c6f98d7307aed3f

SHA1
385aa6a18701e9b897dfba78e2c59af7c5ba7553

SHA256
b504dcfcde3b52b99baceece9e302a6353cf13a155016345f78e3d1aef3f6fe7

SHA512
e1a356b9d8033b98012dd456ff17354e4c0e81fce9ef7a5eda06ff135484aaa259b63606ecd0f424b286b1f08b1c4a4bddbee89b3b961ce99652de9956237072

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG

Filesize
334B

MD5
a2bd79683207874e4fe833995062082c

SHA1
9c9eba5acf4c2330b56f637d2d72577eb516371c

SHA256
c5c117d65e333a6429deac511ac40dac881004f1159a2cd90886b8dc87ab7559

SHA512
7ff9e8be6b80029a9e4ec1b18a8f062fd3a6395481694e15e4d291089a450b7701f68a9b0aa212948deed578e26b3ea2b6370568b83929911882a2cbbd1836e7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
8ef6cae752edf3331405b432621ea07f

SHA1
9cce393a6674a76d70534390ef8e60f58f5f96ee

SHA256
21022aee71701ac3f90f12b5482c22f0caad5d189c2359b0e64c16d077fd9364

SHA512
fa0c629159ce684f977172c7ca179c4a506984b0a70e90e62589d8a28256a1b6a2cd5a5abd958c4b9006253356ed9271ec26d81a1fdd0f0b9a66300c87db8e8f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
aeda7de0ff99ef4e4fed4b635a951a12

SHA1
08612bc75c87843b52f6a6bb7c4de85ba6f5a2f7

SHA256
aab5a1c7d8e44fd7cf7047cbd2453ba0967bc40cfc9b188a9e9f2af328dc9650

SHA512
3e8d3918d7437c95795c9b08b2e5e0e758b8ad8005c82dc9404ffb5388dc777923788d9e4080ca47803b2ebba86699ac626c40d1cd1fe69bb15ddd785ba68eaf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
d9478071ebdf7ad45a0831c0d05eba4e

SHA1
ddfba349e22d298dc72f4560d891759a81d6ce9f

SHA256
db9cdae2d9ae8f754a1d8cbcb1788f6daddfe9852697d3da4b0c4b7227b1178d

SHA512
cd534136cafdbe960b85e1428c7414858ca6a427cad72aab7f6bc345e1e55586827ca077c06a765251dd669246b407c2122d7e1d20659922ffec7cae275755af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
1763576a4c6f6543752de58936c4ddcd

SHA1
879b396f686f6567cdbf4cc713b33f8410da09c5

SHA256
dd9e06b64756bbdc4451adb8fdf0b1f8f328894ac0fd38de93da9bd916719890

SHA512
dba516d6728a0203d907ca26354a69cbf5082e60cbc8ebc43551d7f7b72d3d38137c5de08af0b8e0f2e1269dd642bd6c7674d57d49c9ff6839b4876aef7e2139

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
d8bf08513e91fc3699b5a0dec11447c4

SHA1
145a954b279c490841beec177aa633ea2b4a2e4a

SHA256
deafff4ea3866695c1f957eb79c7e04210080d58e04d06509e5d64acc48f0ccd

SHA512
256f31ef73edde008805de1de12c366ae3d5554037e1a8f6a3076edfa5a73bf83812f78d35b7cc29df4767da6a26e6eea016adc8cddd33686504e4ecbb459a3c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
d0362408418101c0c2d1ac92f29b05f8

SHA1
ba0fb81fef28320338d96f1fa43b473dc6bd599c

SHA256
f19d69febdcb457b1c9a24c32598ebefc92135513f71fe422305cdcffe48cc91

SHA512
315b8e471b390897a5c9548fe390d273007a347cbc0e0ebc873b44b71b434c28c9a354686917b87e4f5f779d79007eb4bf54b8f3efdba134deee72b22c7ea35c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
16KB

MD5
f3d38fb6bebab0c899ffa238700bc32c

SHA1
f232567de74e6fffdeff7f1f7df98947a6deadd1

SHA256
fcfb9f1cd02f9183d3dd8af664d46ecad944a1d189451cce34a481bb2d60cf54

SHA512
757c738d9bbfde1fac33374ac5bdda166436b063435965783f4f6914d496747d3df8914d97db1ba4f5a13638b059256740a92bd8b2c22a7c2ffb4b0021350b8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000003.log

Filesize
2KB

MD5
9dd92b1bdf9fb532f67823f5ce0518dc

SHA1
f7e9a2787c3fa59a3aaa1c101d47ef7658d10bfc

SHA256
f703c5c4814a912cc4410ba79eeacefcec8f65afd7b914fe08327c6afe8f2437

SHA512
dea2e448075b3e6acd809cf3aa18b5aad2e5c25d207c07f09a467f8444ffbddb962e50734d1ab00036ddd979683aa37e7fa520c0e269f7e401389e921e2c9335

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG

Filesize
336B

MD5
68f3d68ae9a679a241e2d5c74e7d655c

SHA1
4adbffe16156634db4dd6a8d746bafab727f7170

SHA256
5adc756d288719699e7921c720809e2a6253d9d96b01bff92975287d844b7eee

SHA512
7bb6647d7c6e1b66cce0ae2d3b2de2a012c5a744121edd3375afb56308f353f35b3a53dbc129128aafabf639069e79cc3ce834242272243910ec72df85037dfa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13364940471449437

Filesize
2KB

MD5
b7389ed5f9c8d77a51415586d6c89e70

SHA1
6a7791f3294d6cb28531cdc09040c768109a06a3

SHA256
c7cd201e92644519f8f753862a5203ba7c667db8ed8cf61778e1700ce17419c0

SHA512
16057193007eecb84a7f7f9296b433c46087294b2585d996002516998d20fd8255b87928789dee1bf8d12649114bcf206f65a4893f31aeee36b4e3e36ba7f0c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log

Filesize
112B

MD5
bef2eac9c9d6c2626b979f074f58a7c4

SHA1
98f44e8b08493e4d7546fbd6f6a13b3c744dce4d

SHA256
ce0e4d0fb468cfd914ad83daef32751b30be8b9434562c4166b825e3af8166f8

SHA512
7c9fb35f23980922429a1a46477eb482c128d914ed06e2d21e0c4946aeb33539d614dfaba657a869e84f2d6fc4f592f38270730e27409a914306c5957f0687d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
348B

MD5
055f31000256334a5f65c9aabc913c46

SHA1
ef3798fc826b04393d00085c0157ff5b02000e5c

SHA256
1199c0240380c0aeaa9428882f87572ed7aaf3596c4c09d4ea8d51a12c1f2a04

SHA512
34a99c0ce317881d78bcddfb5798b7ce1055f17567fa6695fc87f25067f5d5f1d5e944668afb3a6ce8e2baf37cd76c12564e5482418f5c63f4b77c420ade831f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log

Filesize
15KB

MD5
8957fb8cd61553da00a33e6747ad1a9c

SHA1
2a5d8f0470a625340380c415a74df60a27d40cd9

SHA256
e3dba6050023b34825a4e078cc8fc71ff95e7c755f1ff5a28c23f7a12ab83880

SHA512
3a42e7dc16f142610b815916e38ca5e06a21cb6e867bb06f69e516cc0553ec70aa9d7b19e415a520fb79f9847c3249458fcf345d34baf6c6fe815d647ae0c091

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
324B

MD5
305a77539984eec55b814e8545ffece3

SHA1
8cfe45a6b9e2522b00e348117c94b29b84e81abf

SHA256
ea7c301c488b0a7b8fd10b7893b1e0db30d06e991f62d49c718f7882b0135b96

SHA512
660ccf9924d55b042f131e5e74942c5e63616b3cabc23dd2d6490210b61b33fd00e65f5e9a5d75d066f609f8a558a9ce6c110f9d937589877cf9c1baf5fcd4a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

Filesize
128KB

MD5
887c4ee4972e75dce2643a67972fdea7

SHA1
9e8a2e2ee29063f3bcf06dd2675bf88f2835da19

SHA256
dd87287bb016d27158989fc01d79de733426d017f9bb8378b11a6405a1e2fb1e

SHA512
c0cf74146d487d3b9f22e72f06d6e40f9f6b97f713cce056ec640477000d93854148dede066318dbb7e5303d9b69bea7095d8da49585b4c321d0f33ae4a5f4d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager

Filesize
44KB

MD5
e8b16b93a6aa86bd0c131df4b04ced04

SHA1
d5796ed7418fca7b5edffa9625dd8750fcf0d734

SHA256
eb62bb0a9ff685bcd3a23e604305361f181813a44bd3eb98e2e5fee7e1063ec0

SHA512
aaf1a33ae434b2bcb2cf84aef18ca0293e505fca117530f427381ebf7174889c5f31b673eb16f50f19e64b83a05a10f0243dbbb3831506d1fa4e822144238e55

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager-journal

Filesize
8KB

MD5
55af512a4f7d04980532ed5d63be7de8

SHA1
6f99dfa72b836e84d6a94678c765e48d57ca00ae

SHA256
ff0fa76ab2baf6bffbab3a40d0528b1e8ad6558ce6b7ea9d442553eee8cc7d25

SHA512
63f4db4d531c3d3beb9ffcd055cf26080e89ea7f9c15dbfe32f0d82ad3a5c792d1241932827825cc0347f42ef99bdb07c8a18e3b9c4c574502e7f7231c907f0c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log

Filesize
1KB

MD5
f0901f6a67cb79c3938224f78ebb2eee

SHA1
c5f73b3317b85e42dfc37386408e1ac853b6bef0

SHA256
38a4f27f4def0bc6b8d0baf0a64bcfd11f82a96c8635ae6173c9d1f0b4a2a3d1

SHA512
583b983eff2e39bc264b0e504e12b2a9569e7ec3c51328bb3011bb3b0d31a6fa92e8b01dc1a3aad26cba60fa871ed07b980f472a6733c0920c6b3e732c321bb8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

Filesize
317B

MD5
d8bf0eb185163ab1f2bef099424f9261

SHA1
a156936b92b486cd3f31e48073dcf7dceed09f27

SHA256
bfddf63b4e7009af25c616e88ca17d0c1f52668c4dda4324f7dca9742a6bf6c7

SHA512
46c5190e9e2f622e9135cf499439452ccbfa78d5b97530e2334b0c456c04571624da73f1e4a7494b5484adcfe20e76d9756ddfd8463516b9a8812303aba3382d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log

Filesize
918B

MD5
28bdd0478b44f69a9846364437ff5ea8

SHA1
9c02fec58c9ba56c5081153c1af777b94e76f34a

SHA256
6c0ca7b22900be7c2efab1cfd6c183455f127a3957f56cb2cd31f7a7286a6d79

SHA512
30c352132a2eaa33493685d92a80a2851c7b7d803e383eb1a464addd5e70190ba640b1b8b8a6f41703fe0259320efc7efc05c304726e9b364341d380168e1546

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

Filesize
335B

MD5
c36d40869adcd8b299e199a7b383345b

SHA1
9883e1cf8e822c5fe6f90b329951b9dc9fc36c6c

SHA256
be4ddc357cafbdbfa0da7f96acef430615fbef946ca1e963593a991a74cec9ba

SHA512
be4f7046d0d02810ee8f39ef28f9286e7f440ee8fdf3c38d473c303878a404af5b51d8c44e9c9be29329fc5dfad88260afa3df5de9a0e0f8976080649021eaa9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0

Filesize
44KB

MD5
cb98052da704223c5e7734a63977df89

SHA1
ce72a3f54f4138ebd81480082762512651b6467f

SHA256
1fa885d06f5eca86597920816e6b455aa08dd5723a2fba3ed98344d9b130bfc6

SHA512
3445b1d580c2ffabad4d2a09dbc4b0e8404cc340736889ac69f70f0d399d2ead8e7d8f705bb021c473719090c01a0c26d673130a1f43267240c80b8af24a40d6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1

Filesize
264KB

MD5
5d1e7de4c859c018c40febcb29c456eb

SHA1
5339b0d12cb95e98fc210824f44af650ac1002e9

SHA256
658d4ba6a3d6dea5a7bbd2e2cc818dc4252407fc80d7261db7e6b08d72b666d9

SHA512
9735862cae109163258ec10233d5d36760090ff34b073ba3cb4cc1a13c0b39be14d168a8e7806f5b44e842a647b08db52b12d4d7ff41c270ba5089d1befd66ac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_3

Filesize
4.0MB

MD5
fa1882b71608aa7750b933d7cfd9c485

SHA1
54afac5a532d326804e3c15878d45d259676e676

SHA256
db2d39fb4b15d28fc03aea17efe728c8d63e2a95041aba67b1678b9a19b4f045

SHA512
06d9c689c2db083c24251496029304bb585a4f0d28d96e82ff8c10334aac991ffe0244982e0a83f9c3878b6845d2cea9ed0e959ce27842a86fef897e7a68abb9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000006

Filesize
18KB

MD5
7fa256624917a79d0ebc9f37578c1226

SHA1
1629ad0efd4808b44497b6485185202e754a9866

SHA256
608f8f28b6eed7c6baba09b709755096baf013945fe3441f2a4a4c56b512fa3a

SHA512
a307b7adc9ea2d9269eefa2d400d6edc5b2687c33863a4a7b7552075b2a422ec7b7115e31f85bf292b19a69c7c328c4a6c2ea38516112ffdc87356404c497af5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000007

Filesize
17KB

MD5
90212060d89ace4c26b6bf9fc106eba0

SHA1
8e6c6b7d560b56d0698405b9e2e0146fd191d11b

SHA256
654571861aceaa83e185bf15b86d8c62833dc6f7b1edb72783f25329bf4c57f0

SHA512
3ad5dccfbceb23fd2e6217b7bae30cbbfa90b88c301ee67b972cdc9b7ae971cf09f2cc02a39b481a5d3dda5c3a6ee223d39714c31222cda55db8c14330c714a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000008

Filesize
16KB

MD5
400ef9cd25f6dc069a844df55fb1975c

SHA1
8821d72dd660e71b3a23902a5271fc95fad863af

SHA256
1e2649a9d38ec1986968fbad62bb6b72e44e3a294ca4f8ef842be863bf2eb918

SHA512
2f829c7f5bd3cc52e6e2f59e7516052dd95e6a22ca9925fb4ba22ae2aebe8dc312a450acdf8201a8f1efa53a5e65d97680479c050c5569d1b3dc7841c0f92a50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000009

Filesize
16KB

MD5
db7cbd9b6280b6b8224d74e178480ec7

SHA1
b0a5ee0cc32feadcab3281d658bdb5dbb2f2a71c

SHA256
4cf1f54778f3a46a9c1196ce97a6f3d0a0cd2cadcb6298c76e469f57e407dd06

SHA512
30d7be9566fdfa62d0ebf6442a1dfb7f52e45ffee407963bcb1de19dc4b2020ee3bffe752cf903e27b8920ab55d58d29ca64d89f994fea9cbe18e43b3d9bc47f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
009b9a2ee7afbf6dd0b9617fc8f8ecba

SHA1
c97ed0652e731fc412e3b7bdfca2994b7cc206a7

SHA256
de607a2c68f52e15a104ead9ecbaa3e6862fdb11eac080e408ba4d69f1f7a915

SHA512
6161dd952ae140a8fb8aa5e33f06bc65fdc15ce3fbfe4c576dc2668c86bce4a1d5c1112caee014e5efa3698547faad3bc80ec253eedb43148e36e1a02ce89910

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
144KB

MD5
1ecfb4e0f9a75b26e82adf92d37152e7

SHA1
889a2b50a1f5b1d294c8ba04d032e34a1506e20a

SHA256
48c96543e6050b0f2381d5260ff60cf2ec10957ec1d2ea2b16e577f96780859b

SHA512
afadb9519349a0e5fef80a1d379efd3e8c53e507fe76256ae42d1a8883958d6004785c42b787f0f4d3328ffd40d487ddaabaa6de2e473551c14c64e953cac753

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
285KB

MD5
137eb1a772a3a74b5ff9948e1e167f5e

SHA1
ade2f08c9baa7c2e52fc924ffdbfd5d96e0f2122

SHA256
c7e04924ba85d9b939f238487f90d803d817aa8255ef5ba17b728ebdc096386d

SHA512
57ec5fc9c094166f372ca523f646dadb9c8341650993aa40024217f0702d230d306121dfd67b57e135f593471d844213c6a57089b51ebb9278f2e18c72132e4f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
87KB

MD5
39542cadc63f6be79e766dbbf14f8e19

SHA1
cb8495a8a16e797fa3ee5a3738f24844387d97ce

SHA256
b4115c0a0426534402058527b55f66fd04756e991db8208d4bb01ed763b6b79e

SHA512
392a3c2e85cf288513ffd9edb2fe6ac2534905737f927c1c0b410839d886b5b2f3df60b6c581673f57608d1d2b9d19eb652ca37822795e142813078f664b5cef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
92KB

MD5
3dbfadb2c36c56e25a652c2ce9717504

SHA1
169abef26b65b003be0686000850f7954dd78cdd

SHA256
2ff7ad7565faa6040fcd829f37496eed6120e78cc9ed496832c258501aa23477

SHA512
3c477c58aa930bbc72295b9e5b72dec47a293807651f1797612c7d22a371a66a7b93fd4a2f81346fc4de9e0ccce68fbf861fe150bd71be1bb07342271c9d2015

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5a7ee6.TMP

Filesize
82KB

MD5
059e09ad428dd8cf2c16ff264d7275bf

SHA1
cbf263c37a91ebef1c54d033fb6f5f1f8c853400

SHA256
9fc7e357ed86227987ff23f262f486579f1c3f62ad37957db1c784f205d19a46

SHA512
b8a74bd7ce3bb8d92b24ea7ff760165132ebc0388348295401f2804ae7cfd5fbe80dfb37b0b4a68ecdd8898af7f73e403938cc8cdb235dd7ec1c1c281d336989

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

Filesize
10KB

MD5
e178e3a4e65b242de2d3eef8e8f628b1

SHA1
50573bfba7a9809fd928dad63a74add973a8b7f6

SHA256
9a1ce4e33235ecbcd4528cd83ce05f38291b01313bf6837ea5e8e306dd156f29

SHA512
fffc51ac29a4c5f5d8a6cd3d461c29608f5b7f28c02244a888092c26d7fd59ccf6a8d1f7a75d21718ae9d20c95cb7b698ac8ba69e5b24597ab5f685d7f204977

Download Submit
C:\Users\Admin\Downloads\000.zip

Filesize
119KB

MD5
d113bd83e59586dd8f1843bdb9b98ee0

SHA1
6c203d91d5184dade63dbab8aecbdfaa8a5402ab

SHA256
9d3fe04d88c401178165f7fbdf307ac0fb690cc5fef8b70ee7f380307d4748f8

SHA512
0e763ff972068d2d9946a2659968e0f78945e9bf9a73090ec81f2a6f96ac9b43a240544455068d41afa327035b20b0509bb1ad79a28147b6375ed0c0cf3efec5

Download Submit
memory/5088-808-0x0000000000350000-0x0000000000360000-memory.dmp

Filesize
64KB

Download
memory/5088-809-0x00000000052A0000-0x0000000005846000-memory.dmp

Filesize
5.6MB

Download
memory/5088-810-0x0000000004DF0000-0x0000000004E82000-memory.dmp

Filesize
584KB

Download
memory/5088-811-0x0000000004FA0000-0x0000000004FAA000-memory.dmp

Filesize
40KB

Download