fc8809545e851fa681b06126005ebea45a76bbde397de81e041f71ceb9827e38

Analysis

max time kernel
599s
max time network
593s
platform
windows11-21h2_x64
resource
win11-20240709-en
resource tags

arch:x64arch:x86image:win11-20240709-enlocale:en-usos:windows11-21h2-x64system
submitted
12-07-2024 11:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Ransomware
Size

164KB
MD5

fbd2b555c4c6174e3bad0d54310241db
SHA1

694b86d071a6a89a908e8ebf9b30cc518c728ff0
SHA256

fc8809545e851fa681b06126005ebea45a76bbde397de81e041f71ceb9827e38
SHA512

71043011e22485c4196fafd4fab5830fe09d85616f15cb24ad9fd4396c4f3c2d072293026e57112acd044ec20159305a91556c50edbb62fa6d06656aa4d35044
SSDEEP

3072:I8Lya4KM2bVinYjqPok8ValLPfkgLDoa3AncKEWV+vuI/1Ntn4PB1CTjYCFe6Z2U:A+oj52n9dH5M2vkm0aOCl3pId9Rf9Tvv

Score

5^/10

Malware Config

Signatures

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF	chrome.exe
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF	chrome.exe

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133652581525809230"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3766757357-1293853516-507035944-1000_Classes\Local Settings\MuiCache	MiniSearchHost.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4288	chrome.exe
4288	chrome.exe
3992	chrome.exe
3992	chrome.exe
3992	chrome.exe
3992	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe
Token: SeShutdownPrivilege	4288	chrome.exe
Token: SeCreatePagefilePrivilege	4288	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe
4288	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
3524	MiniSearchHost.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4288 wrote to memory of 4424	4288	chrome.exe	87
PID 4288 wrote to memory of 4424	4288	chrome.exe	87
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1496	4288	chrome.exe	88
PID 4288 wrote to memory of 1172	4288	chrome.exe	89
PID 4288 wrote to memory of 1172	4288	chrome.exe	89
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90
PID 4288 wrote to memory of 3068	4288	chrome.exe	90

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\Ransomware
1⤵
PID:1720

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:3524

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0x108,0x10c,0x110,0xe4,0x114,0x7ff9ddc3cc40,0x7ff9ddc3cc4c,0x7ff9ddc3cc58
  2⤵
  PID:4424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1840,i,13044262612271515856,9934838164887505980,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=1836 /prefetch:2
  2⤵
  PID:1496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2136,i,13044262612271515856,9934838164887505980,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=2128 /prefetch:3
  2⤵
  PID:1172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2184,i,13044262612271515856,9934838164887505980,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=2228 /prefetch:8
  2⤵
  PID:3068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3112,i,13044262612271515856,9934838164887505980,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3208,i,13044262612271515856,9934838164887505980,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3420 /prefetch:1
  2⤵
  PID:3012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4468,i,13044262612271515856,9934838164887505980,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4452 /prefetch:1
  2⤵
  PID:2032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3796,i,13044262612271515856,9934838164887505980,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4648 /prefetch:8
  2⤵
  PID:3368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4608,i,13044262612271515856,9934838164887505980,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4612 /prefetch:8
  2⤵
  PID:1692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4956,i,13044262612271515856,9934838164887505980,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4960 /prefetch:8
  2⤵
  PID:4384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4648,i,13044262612271515856,9934838164887505980,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4960 /prefetch:8
  2⤵
  PID:4040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4572,i,13044262612271515856,9934838164887505980,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4296 /prefetch:1
  2⤵
  PID:4612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4260,i,13044262612271515856,9934838164887505980,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4356 /prefetch:8
  2⤵
  - Drops file in System32 directory
  - Suspicious behavior: EnumeratesProcesses
  PID:3992

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
1⤵
PID:1668

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1056

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

Filesize
211KB

MD5
151fb811968eaf8efb840908b89dc9d4

SHA1
7ec811009fd9b0e6d92d12d78b002275f2f1bee1

SHA256
043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed

SHA512
83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
9d138d9253f027dd47254044ec5694b0

SHA1
0016fd0647a952abcee17a2a24f1e88f790eae15

SHA256
820214b94155eb844b57a6cc5a60b0de2a6bd81c00c7f925fb3591a2ee940936

SHA512
700b4f45e888c8d3042ac79b87d39667a0879e51fdacf1ff6c30ad7d71603d85b1fcd32c768d94b92842cd414b72d1bfb29a2e6acdef5d80bc9353f0bc918d76

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
cce11164977f327e1dfa6e7e0e9de9af

SHA1
fa006d5052c5e555e1b0917596d2cc63973d2465

SHA256
fd56a85ee0cd8bc037991963e93ee14db4f998bf46edc23a347ae4fa315a2234

SHA512
486bf1b846d5dd721e17d35cf03d3200ab569e36e9a50819a5593d7c7d4d14ecd8239f1874232c8cf3c097dd23cca7458308adb671dd907dd271053a68911eea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
029ff625b0b8d11a2893f62df1df2b70

SHA1
c69299d58bacef1494331b6f970ca5bae668ff5d

SHA256
ff4be951ce1478a660caa43ec5198c070f0e4eb74c1025d4b1f70dd02a26e314

SHA512
6e098e61a254dda400936ee42590fe4983183abe5959e5f51c421c01db28371afab1188ae10b70922e86c285ae69b0605a60bb000b33608dc73450e46f613493

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
9031715ed777421676ccdd4f81345c38

SHA1
b9d36f580e1647b74575ec832f1579f527faecde

SHA256
e577e336c041be2c5a0744a8b0efe0b993e20715b5fc15e3cc5c1ea9995c300d

SHA512
2d079a55ed98b4a8dff205ab1273ebd6e0f948316a214e1ad1a9bef1f6a9e705deea52fe09098755813e0fc07440182820ba1b97fd14c0fd9ba9312ead8029fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d338c74ce1f1328d7ded91945f95733f

SHA1
490632226c12cd58d9bc22b9c2375a7fcb33c34c

SHA256
9e11fb8d277d6542b24e4e856fabc640cd7af71cf4eaf8d916931db51a4607f9

SHA512
9a69aa9303ae111d81765f4968cd96cbe53ad38b9b541b7932a3ddf94201e8600d9ee0eb2be350815c8c44f5707e27588fb4a2cf6c7067262c58657a34a4d8a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
6be513b0df0ef2e9693d9b68a1f1920b

SHA1
9f353d9b8a9daa7a7123421574dff7f5790b52dd

SHA256
aaedcf9b7334d87df50184d7e98ab3c544967b79a36bb854018b5ccf451f038a

SHA512
9787a18ad850eb98df98615706bfcd7fb4a7377873a4e216f70fd70b81331089106b5a6553157121a7705df5853b88ae71d1d229130a9311b8b219a485b4b268

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b2248f573e2b7fc07e8a45b176ff1a0e

SHA1
26750225feaf40ba94599c26a5eef96efeea2449

SHA256
fd34197bc44d290e157b3af21a016b6e2154ea1fe769df7e9d0b33530ff6dccb

SHA512
44a0a2e63b3b6382f467df19a25a8923dc2bdce207e078d8b4b0ea9c491d38ab9e3eb3ac7aa3699ecf100ff87920618ceeefb28b537eebdd44497bd2f3f71d9d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d28816fe45c917228341dd92545c9097

SHA1
1f7f7a953a6f465278b68e2d212ecf86e4db6920

SHA256
48cd8b598eef3d562bc3dbff9c90b6f5c654d5dbf8123589b29edd4bc7b4bc83

SHA512
12916d935939785f188222bbf1151962e038a6087beea1fcc335bd70a42ad9acbfb9ec616528aefb93e06f1f8595d0143b8d62edb0f92e1959be074d644dfb78

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
ef30f34699d30d7bb6bd4a0164c02013

SHA1
242af4e3a4fdb264d9fe074877aafd9b9c909087

SHA256
1eca4dec5b7017a7e6fe4fcebf6681570aaf1b1fc8cba82aa1c3ea1fd7804ad3

SHA512
a1782f2722735a38afedfd7ab81221e54739ba48d4d32bf76c8c7096b5caea2a9286a0e6997c8a7f28eff0d6bc6cddac6e24a55ca636539b64a03bd03dbc1a71

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7715ffd5d3c6b0204808845c742b531b

SHA1
b3ff1327e6b2d43e8292cb9c4f01c223d3f69fd8

SHA256
cb74d9864d4196a14a8795a71864682b3f8d8642ed2bec5bae1f9aebe5e8c229

SHA512
74f4b1b5ddba85c3006318ba573c63c6e75228dcd9796d59170322f73f089e0cd362f7622e1f7007858fe08e84e3792e45eef819ab160762f9e9588358569afb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4c3a513bace259291642655124af007c

SHA1
69ff7e488e4097f2339e7447f58f86f74519e069

SHA256
f7dd8d0b051a10393fdc030b95f4abf85b8a8f618f36df53dd82c638e7845411

SHA512
037687bd5317b5d6a865e2e60155d01fb91917ec06c084bfd8bc14f2fcd02acedc1ac43351769a9fc57a3a3a4cd099dc8e58482b68260b33c34bbf3913216489

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
9463a466cd0e143feebd452f8b8bd5b0

SHA1
3546f9c695e6a2e9d06e30a5bb21758f9a48c888

SHA256
bd3c7839f5bde3c4b154945eb4ea6911ce18271c502bab006618d8df2e0b3b56

SHA512
eb31c723fa512b4120a79decc22a8c1a3c1082339c4b8db3488273f12dc01984a823717eb47b8d8182c184c6a45cacbc012452c73a9ee78be7af55a1657547fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c22ae359457147456f5d48adef6eb37b

SHA1
521ad183c50a413d518862bb079af7a4e22ada3a

SHA256
4a3c1c56a9fab2fb9bea17adf74f2ad461057be282ca658ee2324c8876830864

SHA512
40b25a98c7ecc3d7b1018839a9a3f90ae28b773325936dbc5cf002a847c15d1b2da53ff76aea6c60d7ecb3f89a326837caae1fcc19521d852c17b701be341968

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
b000ddf64a839a72c853be377494e942

SHA1
47fd1b0632debae6765586a1168a7001b39a417b

SHA256
4339bcafb2154e02168dac03dab26271c7cc24dd72d2fa234ded581210824177

SHA512
34e6a80ba3f1d362ccbf9830b8152bb686f046efa3cb2a73aeddd1fbbcd86d42fe416f03d4ce297dbcfa324bd7a5b6b25255b779b866146ccf620a714af0c674

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1a298f6710ed050fe055f02429250482

SHA1
f60836b010d66abffee89951e3e2f9b6f8107727

SHA256
9ce86b30753ba3b11e18048545d539b39c31ad898361476c72a924f43e664d8a

SHA512
aa1f36d52478d441ae2054fc77a9eb053f990c24265215944045d846b5297e1de3f0d40c48b336e87bbc54f3e0dba3198b3abd883a0b03f37c08d410c5c7faf2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
33dee61687d522f4999f1ee22bcac893

SHA1
c1fc9f66142e10717c37e8db7f5769009d60caa0

SHA256
8c41b1dbe8aea7fb013c0621538eac9c2507f38c9fc64a60a633c652d92fa5bf

SHA512
270c51e0fe95f344e6105af00c7c0e0f879e7bae2ba2c7b6e22f5c9a97aca85e8d54c29832b8ba5a7844687a2c4ba2f1fa7d066ad3e21958bb24d00fba29a6a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
90d0517d97303d20f24328324161cdcb

SHA1
282938c9c0c18159b15758f096efaee0f32d14ec

SHA256
e15ccd39b0e566bec61c84c3fb4459659844f55c9e49168724d7280f86a4b05d

SHA512
be72517b7792b08f746375a860bc0a774ca0b92cd3a922d10ff548e5f1a826f14dd4c738ff3840f32804bfc4ff79c3b7f30a1d33b653b21a932d99c9ce1a5df3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
80c45ebb2592fb3dab45be4ac11ef2b0

SHA1
0854fc78adeee8fe7d77f730b77eea16ee444509

SHA256
a72374b5ce0a42643af36c724ef2ae4e50ff2a0b9c14ca4f7514ce3bb76339b4

SHA512
fec316f1d17eeffe481508c78641c91116a56c2ccaad1156907d4ab84e897a00a7fe2b6002fb7e6174a612e38a04857295db0b486c04e16c8287fae6681db37c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c89909059fdda1b616ad9d63d022e5f0

SHA1
f38f0904e4830c16208c299b37e1995e4a6c53f0

SHA256
e40a098d66bf82b2fa7228d308cf1e8853aaebf1e57bef65d1aa519def057c6e

SHA512
9fc9b1e0bfc19e5c5245b1595d18fb50ad6d9f13bd27f39c8f1fa1987e164b9b15ef381431266308479a88067e6b5332f2c556f59a9d28e5c8688ec022b63371

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4b4bcfb3113baf3e3204559c0122ff38

SHA1
998859381d8870d0acc10165e33d38a008bd7f3f

SHA256
f05f431dc5e219ea963f495893bc2e1bf8ade60674d0dbcbfa36ef8da998f2db

SHA512
1ab806af47bb2e9ffc3fe8d23fc1f1bb93f42aef591ae2246848be7b447a03c713d6a4bc40a81889290dfcf0a22a4f8fd18021e196770aaf64c144ae9be4ee76

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
2f19524ed9f285cc095fef3255781e2f

SHA1
22e013eade8f3bbb556215dd30898d392925fe7b

SHA256
e535c2429ca4a3e8e48a56f9a7253a642701fa605901caa42d2792b99e818f4a

SHA512
703961d09c16307fbf153ae6dcd583e93b9ba2c8327be83eb5a7b77e29e579020eb1767d6a4bd46a3c4f47936480f73225f08e9a8523d0e73f06d472d20d274b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
8c0e1c9bbe427ec86d99ece4c553f524

SHA1
e6d3160536caa9ad42a1c9e7c7842bcc489dd2fb

SHA256
29b1d9c6c4460a4e0d7c5cc0080c079c954f09aedd3a479482b80d672eccae6a

SHA512
e475b6f60ab877f9198727cf79ad6bf2bb89c184983eef2c71ca5f4be39ddfe6005da6653d87d1b76fa7438f3d45f530ceff8ca58e537c7e77d02a5f9e5b9eac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
182KB

MD5
c5c987337e7bdefe54146be301108e8c

SHA1
e973076edaee91a80f3c8ffc3e860d90dd758f55

SHA256
d811cced939352a153168ea62ef369e74a76fd791f50ce4321a9ef1e25992903

SHA512
95c1e5e4ad328ed60e1bc421160e226fbe68707e52f5766b8b14bc31a832bf968562100db27be12a8f9a133b87b34ca17bc5b2d0bf064836193a4f44421f7b3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
182KB

MD5
44c2deda36f8262ac6481f87f7c7b2aa

SHA1
a5eb642ad2fd750dc42b09da66c7d2ac6428d750

SHA256
9578cff19d516cbbeebb5fd68a1ef1729ddd394bdc076654acf17e56e0c0104b

SHA512
62199a1ad4da60c7c1c5ff144f938540a3518bfb9288a4a0748c1d087845408a5146ffc14518d008059eb8e0ee6e81b5b638229a9c35015b96e1a8044094a8a3

Download Submit
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

Filesize
11KB

MD5
f14d35e09a6dc5894408e3e4d2b71cdc

SHA1
df29ec121d401c6894fa1abd4ccc73b164b2beff

SHA256
8880a0b04af6e95fed9d68f98585fa976416a373ced4706c535bb37a8820d984

SHA512
e5ec58fc970dafb685f6990b213447e9fb4e40a14c25a79567f619d68be5b05061ef736110026d389c343573e30fe134d0de442b53593af54dd29b3c446d306c

Download Submit