hxxps://github[.]com/Babyhamsta/Aimmy/releases

Analysis

max time kernel
1049s
max time network
971s
platform
windows10-2004_x64
resource
win10v2004-20240704-en
resource tags

arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
submitted
09-07-2024 11:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/Babyhamsta/Aimmy/releases

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133649978923379600"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3960	chrome.exe
3960	chrome.exe
2840	chrome.exe
2840	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe
Token: SeShutdownPrivilege	3960	chrome.exe
Token: SeCreatePagefilePrivilege	3960	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe
3960	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3960 wrote to memory of 4348	3960	chrome.exe	89
PID 3960 wrote to memory of 4348	3960	chrome.exe	89
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 3060	3960	chrome.exe	93
PID 3960 wrote to memory of 2976	3960	chrome.exe	94
PID 3960 wrote to memory of 2976	3960	chrome.exe	94
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95
PID 3960 wrote to memory of 1992	3960	chrome.exe	95

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/Babyhamsta/Aimmy/releases
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd10c3ab58,0x7ffd10c3ab68,0x7ffd10c3ab78
  2⤵
  PID:4348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1604 --field-trial-handle=1868,i,1359096489656393702,9291263249920581350,131072 /prefetch:2
  2⤵
  PID:3060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1868,i,1359096489656393702,9291263249920581350,131072 /prefetch:8
  2⤵
  PID:2976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2212 --field-trial-handle=1868,i,1359096489656393702,9291263249920581350,131072 /prefetch:8
  2⤵
  PID:1992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3036 --field-trial-handle=1868,i,1359096489656393702,9291263249920581350,131072 /prefetch:1
  2⤵
  PID:3792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3044 --field-trial-handle=1868,i,1359096489656393702,9291263249920581350,131072 /prefetch:1
  2⤵
  PID:1608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4344 --field-trial-handle=1868,i,1359096489656393702,9291263249920581350,131072 /prefetch:1
  2⤵
  PID:1712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4548 --field-trial-handle=1868,i,1359096489656393702,9291263249920581350,131072 /prefetch:1
  2⤵
  PID:1656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5084 --field-trial-handle=1868,i,1359096489656393702,9291263249920581350,131072 /prefetch:8
  2⤵
  PID:1072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5160 --field-trial-handle=1868,i,1359096489656393702,9291263249920581350,131072 /prefetch:8
  2⤵
  PID:540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2796 --field-trial-handle=1868,i,1359096489656393702,9291263249920581350,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2476 --field-trial-handle=1868,i,1359096489656393702,9291263249920581350,131072 /prefetch:1
  2⤵
  PID:2524

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:2324

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=4384,i,5028538196072658126,13960315633709835247,262144 --variations-seed-version --mojo-platform-channel-handle=1424 /prefetch:8
1⤵
PID:2060

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=2840,i,5028538196072658126,13960315633709835247,262144 --variations-seed-version --mojo-platform-channel-handle=4220 /prefetch:8
1⤵
PID:1292

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
211KB

MD5
151fb811968eaf8efb840908b89dc9d4

SHA1
7ec811009fd9b0e6d92d12d78b002275f2f1bee1

SHA256
043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed

SHA512
83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
313be12f7a78da3e3385bc109ff948ef

SHA1
568856b4cbf1e3f7d5463a7666009a4e56afb102

SHA256
d39539eccea5941e82095979915bff3732386cf38b4b0b4edf52da5fff61b633

SHA512
6eeab0afda5fd6bc53f93e2c6ff995801474947ca3ce135829f4a681dff949282a3b20f9005424083b1ceec3e4bb5dd3fb522c99eb20eb4c650dbf56fcf5f9e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
e27d1a362a176b69ccc7f4d636fbb19e

SHA1
d26b22c850324cbf3b79c223ffd08b4e8cc21f7d

SHA256
915ca13584bbecf37d9d1f9512020157d62b2aba7e305bfd086c3d604f1c4416

SHA512
011aca104f944178d3af78b57be5bc6118bdeab364c689a84504c33df2d69d2eb5bc6cb49288b0c59d1c98e64b5d950686b75e58f499c8dd0b7354d11427a9ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
c509ce69a2c77fa0bdbdce047e62ccbe

SHA1
20c96b4838e47326f7748ed978aba5c02b1680d8

SHA256
2b3009953121e1132f07761d2057e84bba30d0c5f99d938cb0acb22a52f014d3

SHA512
09c88e322b4d88a5780b7c119c760d0d4835a20f234a568e54417954da7ce3dfb27127d271baa729bcf0e1c0f7fd93c73e0cfc788efc29cfc796aaa1fd5e48ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
66b4de3232915bb6ff662901b4693743

SHA1
58ba70fc574d764ffd04cb49e9d3bacf89d0df35

SHA256
8a6d86db156fc5ce8ad0678d590979a0caee49cb507f672a43afd2007345ab58

SHA512
42058ef6d89dbd51f3b31e125a1492835359b369c29bac87f1f323f5514b88d9f4cc470517cb175ca8d0c75ff7418003786c3c2c28a4ef364c5c1bbaa654ce2c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
6a367ae371a2b258cfc5c0e86dc8d27d

SHA1
6409144534003c22727c443cb761ca54dc09b00a

SHA256
50f257d56d2bbd29b788c23ba4fe858999e181b2d22a81290ee426baedc6a0b3

SHA512
f12d38f1aeb9d9d2604e7fe8b2a83a24c9f09a41cc317e118b3f288014c123b96937eb3daf4418b381e3a53c30b3225a9ad0d0e10ba88f4ec8b3d9c749dbffcf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
2543db27273ae6db35134f3b7d33eae5

SHA1
a74ac5ad68cdec9bb4baf57b421383b83528bf69

SHA256
c2c9553e30427a4a186a041ed8e1c5764e7dc621fc6cc55ce6a42a1a5f078b40

SHA512
f2c0c04ef4caa272de9e075b9fd461e094fa441604ceebb1d1d4650c6254b262ff0faf59bd6a96509da71d5338943d2e2eb5bd1015766f7b714bc380cac10bbb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
3b9a5d427e04c38227355e35916c5fab

SHA1
ab48105ba39152e365cfe84bbb1a097a61d6c914

SHA256
78b9b98943ec78c972b872dbca687e65adeb296e956bee4f403e82f5aa32f58e

SHA512
731de829b9ada97afe7499eee659fecf7a58299fe6e6ef12619d80750cb7b0ebeb8fadbdc59bc9d878043ed0a6929833f23c8948d179c3221e283bc8f3e555ac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
0460833e8bc17be18d1814d33025395e

SHA1
f7b4a0db146296d51a198e8b119b7450564ecf77

SHA256
a50f1f747b41f1a7f787c05a140d292723a67d218d59314b2e574f7d557dddf3

SHA512
b014ebf527edabad0a1b964d847ff408e68411e692ae7c0745a73e9fc29bc60c3e7bb30418b9afb8d82b7c91b493ca51d0443f4aedddb7b485b1db79d5cde4b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
9f91a294e1809505ef0ab54dd9194a3e

SHA1
8e76eefa4c625048eb14da0613fc1025dc902755

SHA256
5c7e5e9d42b1e849426db49d52857fa9ebc12aa054ac61d77b75a385eb467117

SHA512
fca1bac380a8d306cd29be42152278abe5390b060441c003d463f64b2626ea4d74a9df7a5b6f0a924b16749747a790d6c60b657190d5305281296bc39723e643

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\a9e37d52-b1bf-4d43-861c-2bef14d40355.tmp

Filesize
1KB

MD5
6ff3ef57568bc4f0f74dfc1059051887

SHA1
62c9576e2f26716fc3de7ab6d25721e0df0c8e4e

SHA256
9c0acd661d7d46499438aa6f2f39c4cb4b56a39d3518722b62a8f8542cfeae6b

SHA512
1ef3d24d465c830a92b35b48b2ea6bb69c2dbfcfdf5115ac779a6b7acc2b08e86b16058845314df9161d26dceb15e39bb3163819c8b530bed7e2131bdb76fcff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
5f9cdb9ceec1f8083b326f0d5163f006

SHA1
b7522cc8e632f3d2fcebb5deb2c1fbbafdd86d43

SHA256
1f1ad45b5f9bed9a7b49f04d2ea565499dcecd122c30dbe009741531e4b3e3d2

SHA512
0710f377e1f645d035fbddeff615528d1bfde324718ca94fc62d9d1b4d8a4df6e4884821d8decdd3dc1b03ee3eddaf53040b6aae01e6ee56c03bc481d08e9488

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
144KB

MD5
2ede0163c755343069aecae121061b13

SHA1
781e2bf1400b6e1c6a84fa2e540331e2d81afeae

SHA256
080386d789f82756418893dd0f42bd54dbf375d3d670b374592dfc9a9d2b2fad

SHA512
b4f4d6ecbeb608de38ac84ebf8055c2c83aa8aacfc35eedf277d405cbf8960123dcd9f3451925209710cd31515354e08f8726378449f4532c87face5e6a0e06c

Download Submit