hxxps://winky[.]click/GuideBobuxx

Analysis

max time kernel
81s
max time network
84s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
12/07/2024, 15:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://winky.click/GuideBobuxx

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133652718529410199"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3419463127-3903270268-2580331543-1000\{893BF733-4F6B-400D-AF3A-8517DDED5A55}	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3564	chrome.exe
3564	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe
Token: SeShutdownPrivilege	3564	chrome.exe
Token: SeCreatePagefilePrivilege	3564	chrome.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe
3564	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3564 wrote to memory of 2004	3564	chrome.exe	84
PID 3564 wrote to memory of 2004	3564	chrome.exe	84
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 1172	3564	chrome.exe	85
PID 3564 wrote to memory of 2684	3564	chrome.exe	86
PID 3564 wrote to memory of 2684	3564	chrome.exe	86
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87
PID 3564 wrote to memory of 3540	3564	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://winky.click/GuideBobuxx
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffa123ccc40,0x7ffa123ccc4c,0x7ffa123ccc58
  2⤵
  PID:2004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1940,i,5582071408580357289,6498280768368851430,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=1936 /prefetch:2
  2⤵
  PID:1172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1804,i,5582071408580357289,6498280768368851430,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=2044 /prefetch:3
  2⤵
  PID:2684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2276,i,5582071408580357289,6498280768368851430,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=2428 /prefetch:8
  2⤵
  PID:3540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3120,i,5582071408580357289,6498280768368851430,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3144 /prefetch:1
  2⤵
  PID:1576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3132,i,5582071408580357289,6498280768368851430,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:4320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3684,i,5582071408580357289,6498280768368851430,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4504 /prefetch:1
  2⤵
  PID:3984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=3128,i,5582071408580357289,6498280768368851430,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3400 /prefetch:8
  2⤵
  PID:4360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3384,i,5582071408580357289,6498280768368851430,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4748 /prefetch:8
  2⤵
  - Modifies registry class
  PID:1040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5016,i,5582071408580357289,6498280768368851430,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4928 /prefetch:1
  2⤵
  PID:3292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4924,i,5582071408580357289,6498280768368851430,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4944 /prefetch:8
  2⤵
  PID:8
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5352,i,5582071408580357289,6498280768368851430,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5368 /prefetch:1
  2⤵
  PID:3524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5500,i,5582071408580357289,6498280768368851430,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5480 /prefetch:1
  2⤵
  PID:740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5408,i,5582071408580357289,6498280768368851430,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4876 /prefetch:1
  2⤵
  PID:1072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5380,i,5582071408580357289,6498280768368851430,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5620 /prefetch:1
  2⤵
  PID:1472

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
1⤵
PID:2756

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2380

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
30KB

MD5
8b4f796167cf6a66f485c75ac4ea69b4

SHA1
51b9bf2bac0b7c12ea4c586f3ed0f91093c37162

SHA256
51be5bc7738f16f0cf490faa32ed4e399409f1cfd743c8031d45afd541877d56

SHA512
ca2f3ffb8a08b24bfaced4357e248687a7169c01f9a46c57229689fe3132618720c076c099d390951a22287be70696e805116c8e099e9beae95a36f040b9d77e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

Filesize
211KB

MD5
151fb811968eaf8efb840908b89dc9d4

SHA1
7ec811009fd9b0e6d92d12d78b002275f2f1bee1

SHA256
043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed

SHA512
83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
5811e7f73b4dcf6507e25f805ba9ed0f

SHA1
b006bd6fc39a031182a091aacca111168f103814

SHA256
a84bbdaff11bf8511b1600883321337f7143058d00345c892cdc21fb75e91072

SHA512
d83ab56bc871b608fb16ca174d4b382f3d629b4f0ec568ef080e365d72a2062a7ef65ce54c6ef1fbd4d533c90d4db44a4610d7a60cc45de0f91142fc954afcb2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
792B

MD5
6348f443b4d8ed1ef44dd7a463d2a878

SHA1
8159e27405459f5b40959736d670604d11e94a9b

SHA256
11f1ccfb36891d0f6c9e1e33df54521c32d65d30640fd6591facb78ec58d0c6e

SHA512
9c4c8fad5124c2d6879b534cb5156e5c5c23b01798df9ce96b43444b44b1b455dae12b928ce306b91ded9e1b85870e7b7aecc585b98d972ce30a03494a9ff6c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
672B

MD5
32549db6b8d2ffa8c299b5e755babb61

SHA1
5a55a3d39ddfc13b6169a0df352a140d16359917

SHA256
311143c9c10fb155ed584c1eaf051b9b7b1978ab3f49dc451265d2f7320ff164

SHA512
bc44a6ae6b4c6e0f3984e78220f3f450ce1a322d7c912ccdaed891842008d58f384631aec9b3cf4b4a6267b152390b7e169d3004b71f796e6d68e1d4815956d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
50ec2c9c9da584890b1492b8a8271f25

SHA1
6808c0b1129d978293ac03a98e37a2c03b51b782

SHA256
1e0ddb835c4b22f758986cb8ae19eea92a092c29ef1a7ac114090a485f0fa7f6

SHA512
f8713409390d3f9374edd062cac66741cffc6579ae4cf455fc6f7e4e14d3a2387237b979d675c43987b936862acf69c2606164dd51a54193e9e0c1860d07f718

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
6e3b5c91a28bec63f46df13db0f661f2

SHA1
d99d0be8a38911d93b684a4efc6d0444cefd959b

SHA256
85277035f4dca1f839a5bc3e9a1da82148501f81a2093bb066c8e0ac358eeddc

SHA512
bc3bfdbf732f9230796ca84078219b25e595522f1ada7a7523483afc0651981760da42101353bceebd14b7b74a597121343707501b1643dd81dd8c11a43cf973

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
b54a2788921d86900c3e10f59e436627

SHA1
de8df5119535a6353b0b884559588f60ae3f51c7

SHA256
717142e45e58a73ce0fc22d3f67dee16f87a8ab5629286fd09f14309b0551281

SHA512
98e7f4c0865031b52a5252aeb276e75e7e99ee0484e956155c953cc2f016f20ca24207bfa24a5823787706e14f90fb3f2dc63e224266f1488a895687871d374d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
584820dc8447a3d0a4dae549a2b86406

SHA1
c867516f1d11eb5ce0c8718cf5ae15266537a976

SHA256
7dbd02a9447f0e08c6e7888252fdf718cc7315c148c2154a0b3ffbdd77eeb75e

SHA512
80722c48a60d60a36545f48668a604c2cf473b4823210b2591885e4f9942869bd5637b447c68c8350f0ba2b5996351b956cc1ea494fd69cdf98f06ee901c57b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
e7b13be54378604c7309b91e09820c05

SHA1
3b1e9eb94ad480606a18dd94739dc4c00212b77d

SHA256
ee417d558592a1de549e91d4024580c964c585f7414046bcb0e87e3f5c015391

SHA512
1cd8a913af84f5aebb283c857ce79e2db3ca3f1b2b5d732dd7df2506cd6107b733dedb11766716c5557d7bab1586f9f847f765431293ee16b34b48e4ea52d6e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
875b5369977d7543da683d96507c9fb3

SHA1
c57512442c3038b831cf04a404a837a48501f3b2

SHA256
1d29cf94dbb22c56e495ea5ae1917a730ec9a97e672b3c1c84634edc9969bc36

SHA512
4009f1f67b8d57e602f6d17b8ef5cb6285480a82f99eada0299aef6a59a024bf3068c7562bb614a8e30bd4fda1dbbfc9d4fcba9382310c2d6851da4f59399c3e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
c40c47dc6feb58995895a4ce9f150b6b

SHA1
275d90d5a512cca104dca83068d11018bc472362

SHA256
a643ef20e8ac33f1424293460ff1543ec11ff1c56bc07a8a14f6a45f5a95af4d

SHA512
f5c8bf6c85ec6cf2aae5a494cfe9952fede080ac8d92bc03ea2915613799572d579a154cc5a917c222d0f2dd43b6f276a7260574dead7811ddf2517c0f25f3ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
cb2556afc281f1070bdfc006e78e58fd

SHA1
17ed819b1d947463507329f1809101e366ed2294

SHA256
d46fa2931b94fa474615b8885ea9184bfcb5488f20b4413c5e91d39e10dd157f

SHA512
4afb72b781a852dca18feb292e3683604680d3efcbcb09de4ab02a023126a257357356ea7c8b3618954350b675aef1849494ae7b56754dc40225e23d1e2a57f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
977b9b7c3a3a351d26fa5c286afd6f8a

SHA1
6a0fbc3f3a8602fe14f60dc9b2f395cb5993f28d

SHA256
f7021ff3e07d04699588a10cdfede8da35d26e99459175b3817e869ae233ded2

SHA512
baf22be99009cefe9bf177949d327d7dd821052fb3d1fa13e758dcfed185599ded58ce73d369cafd0b033e568c8f9cb950ef7ee67f43830b0e85347b78e476ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
4cfb20102567b85818e1f1f2c53027b1

SHA1
1e7dd0c5cedf0eded1823ce04b18d32b442f2f65

SHA256
44f2b64cc0d48985cd7fee7b6f9a367959a6c44737c1fee6b200a6dd877f3f11

SHA512
f99218d277782e429a1c3bd7e53966e155d2dfdc437ddf59990e511348a6b612fdfa17138c09134399f6362956493c2fa3cd2c32485fc705f609eed192ff5e3e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
39a870eddbc7e54867ae88ef08a84a7f

SHA1
49c587cbbbb22e00dd54df640cbd1e4597d12766

SHA256
6aa815fb5c152944ebc8b74031b51ccc2b94dc82140e93a41cdcd7aa8209cb15

SHA512
56686bae47a5c3fd362356cd098ad2939ba4abffed25a1c3184466de6d12a9ab1361f4cecb3fb45baf826a0a2117c4a3a27883b96b0b220cba97025bbfb460bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
92KB

MD5
b4c69a030b4fa37ffb9f3066cf67f173

SHA1
b6496260123629e9f2899243404c7f4e34cf9828

SHA256
25481ad63157225266ccc44386fd5bddfba32cba6de3fb8962104be84b0e7387

SHA512
c76b32bf70f5a850ef51700ee7aa5faecfc33b9ac57d29c1d841433fa18a7a64f2e4e6d8d92a2e1b53a33e0db2a71282c3a4a771c9ca4733de9daf7261110d4b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
92KB

MD5
d0248169b6519c35e3ea1ece866b25f6

SHA1
7730b584cdecef618137598b7f4512b17dacd9e4

SHA256
0d94e29a6aa609b22b1f62fcb9cc9f39fd7b80cce34630534d0f4229206febbe

SHA512
8a70c6ab80f35586d825aacb84e223e70bc4f8b3e800e6225b9ecb73ecb5959be42a2e553c814c5cb9435e2794a20a802922d5ae48c32da6cd138b70062dd3b7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
92KB

MD5
0ed5aa8afc18635a31b55c00b09e9405

SHA1
7b8d67e98dfecfeacdc83af1c6913e859b1df808

SHA256
a676142d3ed7500f06d2ade171feb08a09235c521eab59ccd5be2a0ba00021ed

SHA512
0103b9951ea8dce555b342a58f768a0d5dea1cc2162daa3d5cc72a5ce0e96e6b92246a947babb0dfb848626980f642ded673b84824e1cf13a08041ad7fdfd2fd

Download Submit