hxxps://github[.]com/draciusss/Updated-Draciusss-1[.]20[.]73-/releases/download/v1[.]0[.]0/Niggga[.]Client[.]dll

Analysis

max time kernel
343s
max time network
344s
platform
windows11-21h2_x64
resource
win11-20240709-en
resource tags

arch:x64arch:x86image:win11-20240709-enlocale:en-usos:windows11-21h2-x64system
submitted
13/07/2024, 22:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/draciusss/Updated-Draciusss-1.20.73-/releases/download/v1.0.0/Niggga.Client.dll

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
4748	FateInjector.exe

Loads dropped DLL 5 IoCs

pid	Process
2740	chrome.exe
2312	chrome.exe
5764	chrome.exe
1508	chrome.exe
3312	firefox.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 6 IoCs

Web Service

T1102

flow	ioc
97	raw.githubusercontent.com
120	raw.githubusercontent.com
2	raw.githubusercontent.com
75	raw.githubusercontent.com
87	raw.githubusercontent.com
94	raw.githubusercontent.com

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF	chrome.exe
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF	chrome.exe

Drops file in Program Files directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\Google\Chrome\Application\debug.log	chrome.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\debug.log	chrome.exe

Drops file in Windows directory 4 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe
File opened for modification	C:\Windows\SystemTemp	chrome.exe
File opened for modification	C:\Windows\SystemTemp	chrome.exe
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Checks processor information in registry 2 TTPs 8 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe

Enumerates system info in registry 2 TTPs 12 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 4 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133653819408813593"	chrome.exe

Modifies registry class 32 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16"	FateInjector.exe
Key created	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}	FateInjector.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}"	FateInjector.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:PID = "14"	FateInjector.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	FateInjector.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff	FateInjector.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295"	FateInjector.exe
Key created	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Applications	crashreporter.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\SniffedFolderType = "Downloads"	FateInjector.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1"	FateInjector.exe
Key created	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Applications\crashreporter.exe	crashreporter.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4"	FateInjector.exe
Key created	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\	FateInjector.exe
Key created	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2	FateInjector.exe
Key created	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg	FateInjector.exe
Key created	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Local Settings	FateInjector.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1"	FateInjector.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Applications\crashreporter.exe\IsHostApp = "0"	crashreporter.exe
Key created	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU	FateInjector.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff	FateInjector.exe
Key created	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0	FateInjector.exe
Key created	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell	FateInjector.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\	FateInjector.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295"	FateInjector.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Applications\crashreporter.exe\NoOpenWith = "0"	crashreporter.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Applications\crashreporter.exe\NoStartPage = "0"	crashreporter.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202	FateInjector.exe
Key created	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1	FateInjector.exe
Key created	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags	FateInjector.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616257"	FateInjector.exe
Key created	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Local Settings	firefox.exe
Key created	\REGISTRY\USER\S-1-5-21-1210443139-7911939-2760828654-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell	FateInjector.exe

NTFS ADS 2 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\Niggga.Client.dll:Zone.Identifier	chrome.exe
File opened for modification	C:\Users\Admin\Downloads\FateInjector.exe:Zone.Identifier	chrome.exe

Suspicious behavior: EnumeratesProcesses 44 IoCs

pid	Process
2740	chrome.exe
2740	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4392	chrome.exe
4748	FateInjector.exe
4748	FateInjector.exe
2312	chrome.exe
2312	chrome.exe
2312	chrome.exe
2312	chrome.exe
5428	chrome.exe
5428	chrome.exe
4748	FateInjector.exe
4748	FateInjector.exe
3336	chrome.exe
3336	chrome.exe
3336	chrome.exe
3336	chrome.exe
1508	chrome.exe
1508	chrome.exe
4748	FateInjector.exe
4748	FateInjector.exe
4692	chrome.exe
4692	chrome.exe
4692	chrome.exe
4692	chrome.exe
4748	FateInjector.exe
4748	FateInjector.exe
5836	chrome.exe
5836	chrome.exe
5836	chrome.exe
5836	chrome.exe
2732	chrome.exe
2732	chrome.exe
4748	FateInjector.exe
4748	FateInjector.exe
3312	firefox.exe
3312	firefox.exe
3312	firefox.exe
3312	firefox.exe
3312	firefox.exe
3312	firefox.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
4748	FateInjector.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 22 IoCs

pid	Process
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
5428	chrome.exe
5428	chrome.exe
5428	chrome.exe
1508	chrome.exe
1508	chrome.exe
1508	chrome.exe
2732	chrome.exe
2732	chrome.exe
2732	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe
Token: SeShutdownPrivilege	2740	chrome.exe
Token: SeCreatePagefilePrivilege	2740	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe

Suspicious use of SendNotifyMessage 51 IoCs

pid	Process
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
2740	chrome.exe
4748	FateInjector.exe
5428	chrome.exe
5428	chrome.exe
5428	chrome.exe
5428	chrome.exe
1508	chrome.exe
1508	chrome.exe
1508	chrome.exe
1508	chrome.exe
1508	chrome.exe
1508	chrome.exe
1508	chrome.exe
1508	chrome.exe
1508	chrome.exe
1508	chrome.exe
1508	chrome.exe
1508	chrome.exe
2732	chrome.exe
2732	chrome.exe
2732	chrome.exe
2732	chrome.exe
2732	chrome.exe
2732	chrome.exe
2732	chrome.exe
2732	chrome.exe
2732	chrome.exe
2732	chrome.exe
2732	chrome.exe
2732	chrome.exe

Suspicious use of SetWindowsHookEx 5 IoCs

pid	Process
4748	FateInjector.exe
4748	FateInjector.exe
4748	FateInjector.exe
4748	FateInjector.exe
3312	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2740 wrote to memory of 2312	2740	chrome.exe	79
PID 2740 wrote to memory of 2312	2740	chrome.exe	79
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 3564	2740	chrome.exe	80
PID 2740 wrote to memory of 4092	2740	chrome.exe	81
PID 2740 wrote to memory of 4092	2740	chrome.exe	81
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82
PID 2740 wrote to memory of 3560	2740	chrome.exe	82

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/draciusss/Updated-Draciusss-1.20.73-/releases/download/v1.0.0/Niggga.Client.dll
1⤵
- Loads dropped DLL
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff4739cc40,0x7fff4739cc4c,0x7fff4739cc58
  2⤵
  - Loads dropped DLL
  - Suspicious behavior: EnumeratesProcesses
  PID:2312
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=fallback-handler --database="C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --exception-pointers=8710196658176 --process=136 /prefetch:7 --thread=2296
    3⤵
    - Drops file in Program Files directory
    - Suspicious behavior: EnumeratesProcesses
    PID:3336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1784,i,13357099752607956465,11799681254392434749,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=1752 /prefetch:2
  2⤵
  PID:3564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2040,i,13357099752607956465,11799681254392434749,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=2096 /prefetch:3
  2⤵
  PID:4092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2148,i,13357099752607956465,11799681254392434749,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=2356 /prefetch:8
  2⤵
  PID:3560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3064,i,13357099752607956465,11799681254392434749,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3104 /prefetch:1
  2⤵
  PID:5260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3076,i,13357099752607956465,11799681254392434749,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3164 /prefetch:1
  2⤵
  PID:1180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4796,i,13357099752607956465,11799681254392434749,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4860 /prefetch:8
  2⤵
  PID:2988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5000,i,13357099752607956465,11799681254392434749,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5004 /prefetch:8
  2⤵
  PID:1648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5016,i,13357099752607956465,11799681254392434749,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5040 /prefetch:8
  2⤵
  PID:1588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5148,i,13357099752607956465,11799681254392434749,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4800 /prefetch:8
  2⤵
  - Drops file in System32 directory
  - Suspicious behavior: EnumeratesProcesses
  PID:4392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5440,i,13357099752607956465,11799681254392434749,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5452 /prefetch:8
  2⤵
  - NTFS ADS
  PID:3288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4564,i,13357099752607956465,11799681254392434749,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5464 /prefetch:1
  2⤵
  PID:3604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5540,i,13357099752607956465,11799681254392434749,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5036 /prefetch:1
  2⤵
  PID:5768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5200,i,13357099752607956465,11799681254392434749,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5212 /prefetch:1
  2⤵
  PID:2756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5704,i,13357099752607956465,11799681254392434749,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4844 /prefetch:1
  2⤵
  PID:5308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3108,i,13357099752607956465,11799681254392434749,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5492 /prefetch:8
  2⤵
  PID:812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5512,i,13357099752607956465,11799681254392434749,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=2548 /prefetch:1
  2⤵
  PID:3740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5524,i,13357099752607956465,11799681254392434749,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5664 /prefetch:1
  2⤵
  PID:5960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=3392,i,13357099752607956465,11799681254392434749,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5068 /prefetch:1
  2⤵
  PID:5968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5112,i,13357099752607956465,11799681254392434749,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5832 /prefetch:1
  2⤵
  PID:4380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3276,i,13357099752607956465,11799681254392434749,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5268 /prefetch:8
  2⤵
  PID:2988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5172,i,13357099752607956465,11799681254392434749,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5060 /prefetch:1
  2⤵
  PID:4048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5976,i,13357099752607956465,11799681254392434749,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5320 /prefetch:8
  2⤵
  PID:2132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5816,i,13357099752607956465,11799681254392434749,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5972 /prefetch:8
  2⤵
  PID:4996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=5204,i,13357099752607956465,11799681254392434749,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=6072 /prefetch:1
  2⤵
  PID:736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=5684,i,13357099752607956465,11799681254392434749,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=6004 /prefetch:1
  2⤵
  PID:776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5456,i,13357099752607956465,11799681254392434749,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5304 /prefetch:8
  2⤵
  - NTFS ADS
  PID:6112

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
1⤵
PID:1612

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:5224

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4800

C:\Users\Admin\Downloads\FateInjector.exe
"C:\Users\Admin\Downloads\FateInjector.exe"
1⤵
- Executes dropped EXE
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:4748

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of SendNotifyMessage
PID:5428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff4739cc40,0x7fff4739cc4c,0x7fff4739cc58
  2⤵
  - Loads dropped DLL
  PID:5764
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=fallback-handler --database="C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --exception-pointers=42829416841216 --process=124 /prefetch:7 --thread=2204
    3⤵
    - Drops file in Program Files directory
    - Suspicious behavior: EnumeratesProcesses
    PID:4692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1812,i,59153050255692279,14429708715130960923,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=1808 /prefetch:2
  2⤵
  PID:2608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2096,i,59153050255692279,14429708715130960923,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=2116 /prefetch:3
  2⤵
  PID:2372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2196,i,59153050255692279,14429708715130960923,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=2204 /prefetch:8
  2⤵
  PID:1200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3068,i,59153050255692279,14429708715130960923,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3160 /prefetch:1
  2⤵
  PID:6104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3164,i,59153050255692279,14429708715130960923,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3508,i,59153050255692279,14429708715130960923,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4412 /prefetch:1
  2⤵
  PID:4636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4760,i,59153050255692279,14429708715130960923,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4772 /prefetch:8
  2⤵
  PID:5204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4816,i,59153050255692279,14429708715130960923,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4772 /prefetch:8
  2⤵
  PID:3216

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
1⤵
PID:4784

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4728

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Loads dropped DLL
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of SendNotifyMessage
PID:1508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff4739cc40,0x7fff4739cc4c,0x7fff4739cc58
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1952,i,14934876914061862096,10553195209114141482,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=1948 /prefetch:2
  2⤵
  PID:4476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1724,i,14934876914061862096,10553195209114141482,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=2080 /prefetch:3
  2⤵
  PID:1588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2192,i,14934876914061862096,10553195209114141482,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=2224 /prefetch:8
  2⤵
  PID:868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3100,i,14934876914061862096,10553195209114141482,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=3168 /prefetch:1
  2⤵
  PID:5724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3172,i,14934876914061862096,10553195209114141482,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=3392 /prefetch:1
  2⤵
  PID:3232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3564,i,14934876914061862096,10553195209114141482,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=4388 /prefetch:1
  2⤵
  PID:1780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4764,i,14934876914061862096,10553195209114141482,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=4784 /prefetch:8
  2⤵
  PID:788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4804,i,14934876914061862096,10553195209114141482,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=4776 /prefetch:8
  2⤵
  PID:2840

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
1⤵
PID:3908

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of SendNotifyMessage
PID:2732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff4739cc40,0x7fff4739cc4c,0x7fff4739cc58
  2⤵
  PID:6056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1864,i,3799056557471984963,6671304616456782092,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=1860 /prefetch:2
  2⤵
  PID:2940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1916,i,3799056557471984963,6671304616456782092,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=1928 /prefetch:3
  2⤵
  PID:4496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2204,i,3799056557471984963,6671304616456782092,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=2404 /prefetch:8
  2⤵
  PID:5872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3112,i,3799056557471984963,6671304616456782092,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=3252 /prefetch:1
  2⤵
  PID:6052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3256,i,3799056557471984963,6671304616456782092,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=3300 /prefetch:1
  2⤵
  PID:5252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4440,i,3799056557471984963,6671304616456782092,262144 --variations-seed-version=20240712-130137.211000 --mojo-platform-channel-handle=3580 /prefetch:1
  2⤵
  PID:644

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
1⤵
PID:4468

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
1⤵
PID:2612
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe"
  2⤵
  - Loads dropped DLL
  - Checks processor information in registry
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of SetWindowsHookEx
  PID:3312
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1928 -parentBuildID 20240401114208 -prefsHandle 1856 -prefMapHandle 1840 -prefsLen 25751 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {521f9728-e14f-407d-a82c-f8bdd86d19ea} 3312 "\\.\pipe\gecko-crash-server-pipe.3312" gpu
    3⤵
    PID:3268
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2328 -parentBuildID 20240401114208 -prefsHandle 2320 -prefMapHandle 2316 -prefsLen 25787 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ea87d2ef-6645-4f6e-9333-68359c6b4e04} 3312 "\\.\pipe\gecko-crash-server-pipe.3312" socket
    3⤵
    PID:4716
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3096 -childID 1 -isForBrowser -prefsHandle 3184 -prefMapHandle 3380 -prefsLen 25928 -prefMapSize 244658 -jsInitHandle 1088 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5a1886b2-229b-4226-b659-ea505c179cc7} 3312 "\\.\pipe\gecko-crash-server-pipe.3312" tab
    3⤵
    PID:2728
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3856 -childID 2 -isForBrowser -prefsHandle 3848 -prefMapHandle 3844 -prefsLen 31161 -prefMapSize 244658 -jsInitHandle 1088 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6b4fe170-db26-4d11-82f2-a03c89cd0859} 3312 "\\.\pipe\gecko-crash-server-pipe.3312" tab
    3⤵
    PID:4208
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4520 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4456 -prefMapHandle 4452 -prefsLen 31161 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b3735bd2-b0c1-49eb-a379-414e1217c21e} 3312 "\\.\pipe\gecko-crash-server-pipe.3312" utility
    3⤵
    - Checks processor information in registry
    PID:992
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5396 -childID 3 -isForBrowser -prefsHandle 5316 -prefMapHandle 5368 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1088 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7e9156de-6e68-4a94-b0ae-d6fafa7a905d} 3312 "\\.\pipe\gecko-crash-server-pipe.3312" tab
    3⤵
    PID:5232
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5552 -childID 4 -isForBrowser -prefsHandle 5628 -prefMapHandle 5624 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1088 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {db553460-da80-4c4e-94df-2ce911b04f4c} 3312 "\\.\pipe\gecko-crash-server-pipe.3312" tab
    3⤵
    PID:916
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5720 -childID 5 -isForBrowser -prefsHandle 5728 -prefMapHandle 5732 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1088 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e08adcee-8e34-4445-9897-f68a7a2b5fbe} 3312 "\\.\pipe\gecko-crash-server-pipe.3312" tab
    3⤵
    PID:1228
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2236 -childID 6 -isForBrowser -prefsHandle 5316 -prefMapHandle 5368 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1088 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d4b158e1-839f-4077-953e-65b3eea49c8c} 3312 "\\.\pipe\gecko-crash-server-pipe.3312" tab
    3⤵
    PID:3352
- - C:\Program Files\Mozilla Firefox\crashreporter.exe
    "C:\Program Files\Mozilla Firefox\crashreporter.exe" "C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4i9bphnb.default-release\minidumps\c193ea25-3638-46bb-b2bc-1c3fbd8d22b0.dmp"
    3⤵
    - Modifies registry class
    PID:1400
  - - C:\Program Files\Mozilla Firefox\minidump-analyzer.exe
      "C:\Program Files\Mozilla Firefox\minidump-analyzer.exe" "C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4i9bphnb.default-release\minidumps\c193ea25-3638-46bb-b2bc-1c3fbd8d22b0.dmp"
      4⤵
      PID:1916

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\metadata

Filesize
114B

MD5
dfb004dcd352b228e7be950a0f80d81d

SHA1
2de9731e9d7a78cf6d76e2f7b0c4a55186a9fd4f

SHA256
bdbe40a35a68c4f5897b2153a67191da56c87344043e51d0dcfc02390c5f5eb5

SHA512
baa4c8ded9dd14ebb09bc226d2f8f49c195d9f8ead7cbadc325b8a1b4e1eaaec99bb907ac47354f3bb490e0f1a0aa9e9a1f6434db58e8c892c51c086898cc85d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\reports\32667147-5fc4-408a-affd-b858c834c162.dmp

Filesize
1.4MB

MD5
29b89cbe3eb6caaaca0f07e0078975e1

SHA1
83b92b9c1e336029c76474454e0d65d5b08b77ed

SHA256
6b8e3bc6d64540135975f261932efb8db42265d2e39e077ea2e9062b45bfbae9

SHA512
2b0e07cdbd048fd1264e49c7a57c4442b9a4dc1075133fecf3ef5646037b9779f4abc98d8e7cabafc10e404408fac9881179084fc49a4b373503ea3fe4507cd0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\reports\a3fb7c2c-adae-42b7-bbc5-0bb3611a066a.dmp

Filesize
1.3MB

MD5
6f9c4c2b618468a289a84c4c72a8a40f

SHA1
23ba982893bf183d6ccdbfb811634de11e9e6855

SHA256
48fa2b9c6de182a38a364b80b5395084d182a4e28299ea83372d774d6ae4e6e7

SHA512
70bfab5cf0f929b82e8c9e3b92756c776df725949c49299a839a1fe7b16e40326d3850772fffd40c6597d6153c7050b7a2f2be37e62479a24200fbb3066ad535

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
a1b6fb785a7e05d939446d6f959fa57f

SHA1
c5d27c9c52a56f39885e3616175dbda8185e89ce

SHA256
5a3b39f440bde02029552ed872c590dbc5ccb5b6152cdd5801a10cda3a7f137a

SHA512
c735eb2d3cb2360ec8543f9a4b5b5acdf2346d088577793c224a9932bd30a8cb3242f0e947226b7e166c0d8586715ed1393e96d596c2f1bcff78bad7ff0071a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
30c58a0165107439099ae4661b228ea5

SHA1
1d579c86d69953299a2027a837230e961a00c705

SHA256
62fdce5feb76b985a5748358ee1abc6eee6b1985dbdd325f76759ae0c9dc2a27

SHA512
f77f798d971e176fac5a9e82c3a7581d3f01e5fb1b2d06418d8a0451f2904827ec3bbc83ca3d107bb31c217cd07cf4dd858bcea71e6b2c72fe5474902225f8e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
5ce6a5b6e2ac110dc68343f4fef00b53

SHA1
bc598a840c32cb3418b76eb9f57b186ddc85ce1b

SHA256
603be644d5f07f07882365a41d52fa89349e971deacb2252ff1f5d590c314055

SHA512
c2b509a8c904221c37eb4d40e810815f2f1a321d3e42d81c87d292fec3a89bfe29d76b1628b7214f383fe7ac37f6cfc864a1f65050233856e042320ab20e5c09

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
84a3ae112bd342b241bad2c054386015

SHA1
6de94f4ea57ddb874f95f02b1146b06a42b9b357

SHA256
67d15422e63a56bb615dfb9ce7471aacfe552408c7a52941e81f984c180e4b14

SHA512
b3f3ce7ec1997a58c06021756638355342c0b28eca9b7bdb76c1d93c709c6c7327e43848ebc51cca1e0913d435f3b5505b6b5c06506a6ab306856993d3ec0402

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
7288402746fcd99b7ee6b027bd3435e7

SHA1
6a86b7609ddd19b753551f0100242367294da597

SHA256
f6acf742abc964470e70207aee180d8271d80d6f6f9a36431a60db589a9b7a3d

SHA512
1983ae5901a27b26decc1527c3a438b9f54ad8456ca8a140f761ba09038a195ea9d71f30356f865dd5f51cf4a22021c47feb8880d67da7bc3d3841824b6f172e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
819a827fb0949f85929d4aa6d7b1dd50

SHA1
1f9d945f1f74b9f38cbf28cb778b013aee8c94bb

SHA256
37ce6c53c7c6f5655c046cf7468918c69167bc548db553c0c38729f43b47ec68

SHA512
2e32b0bb2954d0b5acd6c3a3541afc5a547945f7ce76ec517203646ce3c84f8374834004ee4d6fbc4730a2fac29f9c39d783349fa5d2fe0a4b055a84cc668af5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
8.0MB

MD5
1a86489dbf88d442bb8e5daab0770190

SHA1
5873d473efd8925abdbabcf162e7c69f64e20e35

SHA256
f555dcdc88b6d2cf6c0861f6ffa71148f41c94b84e380c8be7272206aa9cf4fc

SHA512
6b697e8235cea30a8811f4deb57f4faedb722c49c6fe4d73ffec5f978d0266419985def12e6bd4b55c502c857fd3046811eabc0f2d596f9d522953e051e12c2a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

Filesize
1.5MB

MD5
d5f3bf8ff1ed6f556f249cabb84a583e

SHA1
d5b8d1f63e6e1fb1ae3df32d3698afd611a094bd

SHA256
922a2f2ca8ffa57cb339c6b834e38d380c082a959fc04776c2a1408c9602494b

SHA512
3c192daed508146793fb56b9d466e4871fb8a60603a2b2df9e8b4f81fd26b87e3c3dc7be50ea408cad59a692784775ea0d6c81ba4375a941a53f776eff87b600

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000003

Filesize
32KB

MD5
c8ce662f6d2b3bd9b91765e57d69018e

SHA1
3b4c66826af7e7769282bcabb200212172ddf8f7

SHA256
3fb3303a2bc6a1dc014c7b0fa7d108d12316c92ecd2858b4a7d20a2a0f31b5e4

SHA512
f3b1c02e4a9df94e535cdd47d78708016eb0e43e7bed80b54ecb2bff9ed9ac965f0ed3557f2d862c12ff96ba59634d011f50d53dac08b7d555d4c43b22c4a4fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

Filesize
78KB

MD5
35a46116980c974751122a331d47fd84

SHA1
cd6e9014e38596c681641a27706124b5b69f86fc

SHA256
ccab92b9bfa43457f743cd83e454bcc63a768deb352fbad2d06d718eb2815a66

SHA512
aa4f484d3ca65525d5613243797d7e025e552dbd4e68bd9887d88d32fc6928c13dd7a47e8f97c77436924478d451445fa121d1bc1958a0ba94a2a05159345048

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
77KB

MD5
ce2542d837895cdc9acc2afbf5721dbc

SHA1
3c2b8ee94fccace9989f6614a78cf23c4601ed21

SHA256
a313dee34dd1bc234e8abd1ca9a4bb3592aa61a8ef8d0426a5bb6a6546a44b58

SHA512
b58eaa8421799fa135521b5859b0514f07205d9ada50a19410ccef498ee11dd5b016a4682899f22f627b3127df8c79d8d53e4ee2c68118fe2c7bdd1b6d679bb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
90KB

MD5
89182f304e3ecc23485591b279c968b5

SHA1
94b6645bdf88be0ed765b2711afa26501e6ea534

SHA256
e14157416a17157766c916959cff26d300d987be80d60acdaae39f4444c08085

SHA512
5e71e0a4b09312cb4b37c76787cce3b869aa5b4acfad21fc999f4d9c547af0128b195079fc69b3d005bfca8ff2d9a470f7615d72a8912696dc40fa75bbb2a067

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
93KB

MD5
70332493476d545fb65725ce2a50d51b

SHA1
ef2a83f82e94af17732e8e3c2feaafac3ce02b70

SHA256
00ac5bfd4bc4f1987f017b32ad2ff5d9bad42057c07a0c2b88bd43d841491aad

SHA512
4ddee0c390bab6bba1b99fb7062191a5522cf26d143c9efe3bbfad6e818440c5fb292ec445a90682395ee5ed58001fe74635c6c82a7f662247251c816e9a7b5e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
211KB

MD5
151fb811968eaf8efb840908b89dc9d4

SHA1
7ec811009fd9b0e6d92d12d78b002275f2f1bee1

SHA256
043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed

SHA512
83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
20KB

MD5
1435f3cfd01bf0f3c24b8983e6780db0

SHA1
439ab7ffa6f9d5b654710691d8736eedf2b6e892

SHA256
8cd3f9f312e86bade2e77eb25c28eba805707909441d49e29288944677ce6d47

SHA512
dded0517b2c8f6c6ea045ba87f3ae870df63843291c3e2219e7bdeb4e33baf360b5fdb6065f0566fd1c79253105574ee4ca8cb13a11f7e6a51bf20eacf03155b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
24KB

MD5
c594a826934b9505d591d0f7a7df80b7

SHA1
c04b8637e686f71f3fc46a29a86346ba9b04ae18

SHA256
e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610

SHA512
04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
125KB

MD5
53436aca8627a49f4deaaa44dc9e3c05

SHA1
0bc0c675480d94ec7e8609dda6227f88c5d08d2c

SHA256
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

SHA512
6655e0426eb0c78a7cb4d4216a3af7a6edd50aba8c92316608b1f79b8fc15f895cba9314beb7a35400228786e2a78a33e8c03322da04e0da94c2f109241547e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
207KB

MD5
5a641d4af4cd4ebc751c4d0ff5390451

SHA1
0b6d6c07151f9e93e107d97173ea5de6d21c6ff3

SHA256
0e16584de89206c4e127988def8ea28d70bb0ef2dc8c914a2d8dc65a83fd2115

SHA512
4a0c770313c8206e9c878c24e7462cd5ea7af76d418261b503abc576378f59a6963a90a588e0f7ed2aaafbb14daf2d6316b5148998d2fa84c1ac4f58189205fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
95KB

MD5
14b616c58213882a00bf57826f472f33

SHA1
40b085bdbd5e8ced04498c0814820656dfcc40cb

SHA256
c71cc6bde81e6a5dcb9ab051c368c2100193d75964dc466efd31d1b700f87487

SHA512
04aa7b2e552f5df175726813361283f6a60fb4e428ba6de2391a30dea92a14cc42cb96d3575415edd3efd1dddaab68ce57c5837b2620f940535257725203fba4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
16cf9f1d88a55fa90b9c1fcdc61a567d

SHA1
a9b413b18a69e128e015047065b3a0cdcf835220

SHA256
0b3e0b1cc3c7375b2a0f8d3ee62dc2dbdb029142742b0c54f301ea92ed995084

SHA512
39d01a13912c7812e848378ccbcb9dd2cf41563c498046eb5527428a7c4a2b71e37466e26b5e462691f0d4014f45a83c28f785b155e970ea24e215b5c52196ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
369275d08b91288a5e806ac7af004276

SHA1
c5c4b1498a1643f6ff2239b85606cea04cb60d9a

SHA256
a44f8593e07df2ec7d895dca162d3cdb2e63fe013e41ed9925a2fcf06d4db7b0

SHA512
a91e0775202bfd1b4c37b765017587ad45e0497dc0d1a351778f403c2de284119746ffa1ab73729723f5c015313a7539754946ad8cccb9912c6c3df1d1cd7b7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
160KB

MD5
1fbf25ca131d200738e3d904afccd061

SHA1
facbd7cdbdb78b54821397c4c558e79a4976c7fc

SHA256
af230dce4e0a83b8b4eae42590037a0c85cd06a2bc31f190ab720b0ab7266e13

SHA512
e30fcacf1b7245513ed399751f70a3fd5dde234e154bf1d8211bad8ba861968c2093517932e77bb2db3ffc70a83a3f75174c35c223ae895a4ff83adceff67fa3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
7468476b8854ab2b66f23a2555cb04d3

SHA1
3c09c84ea4c9902b98da703d1c8eb6f156bfdd9d

SHA256
7f10d136e301b5134f09aa248b524c71d193bb6144328d701fe0363d93b241d9

SHA512
2234f6995f9e084facd577aa6eb0f7ed6cbb69f6f52b868a6a94aea07f6b3c946c7dc2d5e161c0ee6f8c83b1d0682d9ac74f46d2508a99e0c497aa21ea97e742

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
b990ca2f60b217901441bdf7f27ecaf2

SHA1
0e7c0bd8c12729d3c5033f3700633daa63f514fd

SHA256
292bface43ff1c71aabd3e2a162ca5860a45683099bd09c82f012e772ff282c1

SHA512
2c473bb8fe061b017c6e1f4d2c4ff16c8cc32345d58afe85c28ef5b262dbb474b737e8a8913f6495793da95918634549e44c447eaae39974f7e2af46aa2deb5d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
e4ba6f960c4b459ad17edb8d0fc10bfb

SHA1
6b8f7847275108be78fbc0496dd5256b7841a041

SHA256
25d529b02bc616e60e0087f636e1bc306c705e992b30aae55e0f787555e14295

SHA512
cebb74a5ed4df397c19e218d2053daad079d555181abfde4fb986d4fafa705574ed4f45ed53e948bc2de47eb3f7f6394b8db0404f1acecf16be2742bb44f53f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
ddff1f89583697415c9528bda9d1e6ec

SHA1
25ebfdf66075a96de55318fa4d5247507fd6ee0f

SHA256
b7ca83735a5e1af734e999db05a90846ae518bb930ac331bae61dfcf4b50e2eb

SHA512
121553c5cdd00664c893a385d270cede847638a0704d2dad0ce1d54bab600d19307f91b43b88f3cd0299db623ac89535145eb45d36d13e04e67de57fe2226657

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
253e3be764a294422019769ba9763c5e

SHA1
c5ba112d9670abc8c9a5465ac0c98e6d073cec9b

SHA256
bd46bab4a33107f839c6a1a3d776d90686528f26027bac8f5e233fcd04530b7e

SHA512
f9cd743d7de9996d8c708fbd56ed826af17e4415852567747c783b2564b8a35aa78829c162a62c6a457a1155ad09196bcabb569c54567ffbb8ec135b1cfd38d4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
a324db632ac6242994cb499bc1e88caf

SHA1
503826808946c7dce068d05e1e79b2459b12be6a

SHA256
dafffccf67f9b83ae66964bcf3c3f00d92ad17b8221c7d71de0f49024dc910ee

SHA512
e44e923bf30dfee96502759dd5cf131383530f5d089375175bc507612561e199092aa8ae05f3ceab0595b39afa9b1b3ab0fd32ab353f8c8175e133296b8b187f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
fca95b857b25e2403daaae23c1bf7a45

SHA1
dec52d85bc48979cb85dcd00976493632c5dd4a5

SHA256
047e98a05e1bd67869d64a271e90dd66bc7947480890d53d72ccb2743e5a1c1d

SHA512
8b1cb9da244917f4dda71c02d308fc0979f02a1fc96636f3ae303217e9fb340c433df1c8f71495348c01c27a07bc991dc92f4b7e208f5e25f1c2a6e3439ababe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
366f0aa10675cea2d4b7962d28782a61

SHA1
2f6fb104bbd1f4f4113559696f6ccf4b40aa8ea8

SHA256
a35efb8657ce246590f9577a9e439a9319603f974a638855836c9e61e612298b

SHA512
28d5900a9c037c6dde688107c4da7fd53452cb36dcb7a4a46699e0b79b21a9a09cced0634b5416b7038a230ca99f9bbc4061afa991a9ed38ed93d743590391a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
2c486e0489720bddae7b6a2f53807a64

SHA1
cadac2f7620ef9085d373d2ed90f933b51c44fa7

SHA256
05085c71b49b6f8a1431564d9f36b01d6faf8a8efff92ebf48f12da9eb2d289e

SHA512
3646fd5bedc04e2d1f6e692d262985aae56d277e2bdea6ced89e5b2f66d0ab0633f64ab476a8ad04ab9ddeacb0e4ff7863deb61be905b95ce49c237bf6ca24be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
d8adc97a19abb35fd15b4efe760b334c

SHA1
2a2775d64a96893c371bab3d15bbbbed825dc1fb

SHA256
b5d228e1a00c7b5fdfcc6ffeb070ac3d51171b258fb5ef3aa6a9ef7d2f82b76a

SHA512
33c1dbe0917117c9b4ff174e9c9f7d2183d357ffd3d4baa6f64457b145e3a4d36e531aa7d52b9b5e073dcf360648985a7c422f6ffdb9d52cb276bfd82192cddf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
85c75b817d98387e50d56597d4ca869f

SHA1
afbf291a96e5fe1992e8aca0fcd985af3cd3d1ec

SHA256
3b807cf16f7469d6c1954ae0adf168feba2136fb72600c41f281e5e79e9cf7ec

SHA512
2de2898360c184e789253749295ced89fd331d23c3202ed96ec2841fc1f27a231e258e4f6ddc11eab61cc7d4aca4865ede69f2a0de3e239030d249a003c81983

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
1ccd7a94f09a2aa68afa31d42ec3e99d

SHA1
df1ef1873600a6384fec2ce459b65f074c3c52a4

SHA256
0511453fac33f746dd6fd79a6d9adbec5b74a432a8c5b0dabcad25fcf33f09b1

SHA512
e9619016d7f9d9ddbac2b81b9b190604bc40b76645fb1837a44968b41be6a8814fff66e037cce4d9f668a57f8a5ed377d0458b541f0840f80b5e7abb941c4d5c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
521B

MD5
bc0fdcb25df7a6c65f64e79f328e6631

SHA1
4b16a12b56d2b70a5eadb75cb0dfe5f7a8c305c0

SHA256
f08aa00c2ef319bfe5abe96054ed52a4d70b7569ce1eba8b380cf6a7458da8fc

SHA512
ed34b30e880cb0a864339c49646444f5ff2015cac05194717bf1e9c4b353aaf46b280f9ff9fe77e02b17ab9056072bb2835f3d0d780abc9f705b1503a333f19b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
9e4a3b616932704880dc2033c6670975

SHA1
777b5abf5198b4ef5e639e82aa6d1fdd3aea0ffa

SHA256
16e3de134eb34ac37737d537a610c164282658e63a30fbe6e7647cdd949e3187

SHA512
9c82c78a398a5b0f70bc284400c6021dfd04a113da45da34c551b1315aea578cdf73645b0f5f259672ede0ec8528eaaf88f84584c3a23cd7909b109a0d42fa99

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
9fa2a14718b716b1f6774a2d1f6b10c3

SHA1
aacf66427051508e3d5520d2ad5b3ab12c7c0aa6

SHA256
f5c1689e7f70ba8c9c7a02b8995c1a0646aba1b013f63d7d13227a9d2e9757c9

SHA512
ed4749f07896680a434a1f5a05494ed8338eb1100c095a1206141724d0e22ebbf71b8667c3a77ffb7c94f71f1aaa1c2529c6d82ec760bffb015494b5146201f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
dc8cc80e47e13bd9e6ff701e00a941f9

SHA1
6ea0471905c285860db9b7f6bec51360e1c39f34

SHA256
392d4c6ab96be8907da15de24a25cdf0f1236e2520b1464b0a6ccd8c81697683

SHA512
065b297ffc55b6f257d6099900f75ff898b44d8cfd8a645ae280cc73414c40a7e6bc1550e5f5b178a451c9f6df7e4beaa09f0186ce781efddcb34253289d4eaf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7929b6dc47ff1f45afda7294a3b6428f

SHA1
fe3ccc7697bd7d6ead70cd6b1c69ee7fc0557987

SHA256
bfec9b94b6ad5102303132b71cd181096e75340c5d20ebc96b5b19d43eb43713

SHA512
865f11ce7a26f1e871541f0183c0b706f81bea53e9337907d4f5c3cd22468732290e05d0e4b14dc0fdb88f4fdd4d0264f8f011ce487d723a26f1917715e1d067

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
48a7e5ed451533ad6d0e9ae99daa70f1

SHA1
f8392d4c740603b4796473f71290a232c0913f6f

SHA256
24ef6e7a8ffcc3a40b52dc025358ad4c5ff870c8b6ad3cdbda0d8c6e0bf9559f

SHA512
94f04a2799b9a7fa6132d54d97fc9fc2ea055a73916bf4b39eeec7b5a461cc0ca29a9c2483b9c208ead67cf423bd2e61aa9672bd42ead6e85909d0144d9ecf2b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
161a398f8fc9abc39de7359d7bee3e3c

SHA1
c910ec7cae7a2a3e788bc8aac486e90c727eece6

SHA256
1b908241396abe6866de0e2b6098539d3a822daa759ebbdeecdc124225a9283a

SHA512
08e90f8daff7f3886516c0e5ee4c31afd01c494ce77075ce8ba8e3331dae49770a63a97bb5d70dc54ca5d4db6265920ad9af731a712da8b9763f71e334eb17ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0d7bbca8ecbba7d9052d3a4802358a56

SHA1
f366b4e2eb85e610d523647295024431874d1d83

SHA256
4d9decf0117d3585bbe239a013a944e4db27c5313b9b1bdca50b4bab93845d5f

SHA512
c239133ff40e01c9e81b11d81de037e1d47d55bd8ed82a98c61fd255b5f134a6dc3bccc02c7c251cc795f17a7b759c34a52eec9c3256628521de81c6f2923f8a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
165147cf942d3d0dfbf3c41a1b6457ed

SHA1
3b65d41c2eeeee7c4118432d608f338b1c5c9adb

SHA256
56c5b3516ae6a0e6b518b094d1525378db1ee2cd9eae34cff045cc256115c6aa

SHA512
7f61bab079f27aed3075a5472ec3d3e1976da20158a19059ea27f041270e43e647b664adf63b1c94883ad3706229f5c556fa5c81a3af2f64bb996b11ecc02a31

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
90bfd34bca3e1eac449a7b6eae14a18e

SHA1
11580f53d2531dde7d45e3aee819b73266379aa4

SHA256
aa4b193d0456809639ae0d06a48fb1aac82f220cf3e6c76ad10e963ad8fc339a

SHA512
8c4f391fe05e15ff9f5d8eb7c652919eb01bc3e0cddf042c1d3e524b52b5e7d3d1fbea2c84bab6773f727cdd116915875f7c851abc147f5e4b3e924f47e98019

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
6c89234cd9481a556169a98f26f7b8a3

SHA1
41a8fd9ed93430573d6fe88ea548caead73906c1

SHA256
15276ebe2c21b71bfd7e5ed540086647a4f9d170b5af6be435c0970d924d251e

SHA512
8288bf16fe46b738c2b565becec556bb804d3dbfaa542d03d8e6e7f7b9478c0bea0a232da66ab0eb6ec6959c97f2916d65516188bdcf1d3913a91e9b7ec44417

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
b784a7dc2e78ea969a1a734daab4df61

SHA1
2e512e067e1ab072a252930ae7acce412fa7eca4

SHA256
9e0d8ff012c1165d2a1f1679feb5e67a3cf33626bb16e38886c37e94a189ed37

SHA512
80b2a68c61d9c7b24dac4eb6b8b82b249125b02b1eca013775f3039ebe07afd94b1a305aaa12054cac18e416c554fa8a0fbe5ace5a900abaacb687f678cd4a83

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
bb7c96a961a47213dc7ca4d8a1fb77c9

SHA1
18b7798d387aaa9d78c9e8efbf0cfa396d6fc1f1

SHA256
a3e11d67912baeb7ecd0073e5733521f5742ca59ba79d823802b915b1d002835

SHA512
af85bdcbcc06c5a3a4a634f0220c3b50fae45078e31fe28842e959abcfbda9e54a14e49eab5fb283288d4953318f732899e86cad56693e05fd2b63bf2767642e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
77fa2cc98a5a52c0a194bde68b3bf93c

SHA1
ad5e23702f9929a5e1033cba213d305bdb3b10e3

SHA256
8c2932c55ea21235626903d3882a08f9b9f867d3503f6ad8ed9485258f144f8b

SHA512
872d9209e9686ffb83291f3b3c26f3c1ec340b4386dfec5a0be9aa13b41b9c8a3f98e8eb7eb4800a19d58a79c0cbb7662a891e73332f39eda4f7f4b2fedd8932

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
7e08d4113763c0fef3afe47b32c23a5f

SHA1
73c6f7d366aeb04b8af5703f50cacc8b29ce8a76

SHA256
212532999523093cdf6afd59d39bc69a291c99f0dfd02a12c15dd0f8c43f3fd0

SHA512
2a74cea9db393da6bd0ab254a86a7197bfb3b185ab160664003a02be85498e0f8e958d7b7894e2e06fb1b0f57525e588daba0fd15c1419cf843725f0f027f135

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
c602dd6d0735064a68467f58b9cda86b

SHA1
ba462c1fd5cb8fd40c9270d2accf1a1eb6f73e92

SHA256
fd0e448a84ae9278de09c5dfb7bbeac19d0711849fb9215dd0da85248b7d52f5

SHA512
ed4eed123c3027e6c58234cc8a855e1876145a62554113117cef70463be778db09424113971f74fed6e6015111062879247a59e22526309b722a413ef0c6593b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
58c3dd8914bcf9a5fab3cd4aa7b13ac0

SHA1
95cfcd3b15747f85e40ac2d5061d0402bbbd85b9

SHA256
c6f85a931e748022c609182ab42f22b67547f231c169e08af0c3e3fc34d974c6

SHA512
b77960137b68b6015ec32a75618bc87fa14b9b173f720d376c5195119276b93cbc5903ffb1d023de8a8952b173ea357e4c1cb4b529752cd7d5c5d50ab69a736b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
80d8989dd2597e469861869394d45f5a

SHA1
b7e8f81d99de676d836f112acc2e9eb5c81b74e8

SHA256
b5e0738ceaf76b9133b9d6e972fceb4b359f299e011d8c4a3af4c407b09f4d2f

SHA512
d96d001db0d5d0a598cff182946d2829ebe79ac23d890d8f458fd1803da047998e698d75d76e0df1a3c26238024e569ee23f6f041b6e0ac8ae7806bae57dba39

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
99f8e2acb767af987262675d58986677

SHA1
677719d7f54c3233aa7162ae276c38c73a94323e

SHA256
ef7b26d60405681d8120232996bded75d35c97ff1041a1e418c95b8283a826d0

SHA512
6ad5f8174e4bb184904f1c7e1d5aae128fcc59f508d0939597142b68c2ed4e516b9edcb85393850cef8b3231239033c086220d03df3c7125cd512dd9c41efd14

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
8a1400b3c6115d00ce9e3ef33e3083b2

SHA1
1a99d5d0cc9fde368585319eb8206a1b144c2ad2

SHA256
8f7510dfc7d053a95886a59af0e59550ddfe4ae5c907f9de589e6aeb6a663478

SHA512
a75c096879a29edc0db18611990e8167b090c61e14b30445c5c4530dad4c0dc71df7959f6e04e2972ed075b38d97c7489db9a1e167d8bc7b71bd36303e08806e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
f8335100d60062a3548ed7f5316bbd8e

SHA1
d7bdbbc1c2368be51b34cc2d13eef325ab9ea4e1

SHA256
02a2220eec520e14788bdba864441627164bbf9101ec87f8174128f878240173

SHA512
1bb78d9422f8e92cdc94e01aba9f2db3ac15c316731d68429bbd5f700e3a73370a3998fe180aa6f80fc891c70a47bbf3d657c98b995cc08a6e4f84cab1e48092

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000003.log

Filesize
3KB

MD5
0bb85bd7cbd628432d5055d77adb8a02

SHA1
f7aa7bb54fb0fdfca760990dab7c1690dc0515c0

SHA256
787acf903601c6acf14328ea2ccbde3d04368bb0aec4a9cef623b9c3493d6a0c

SHA512
074e2e3ad2a6581d463840ef8d1fe86304206609a0103320f1f6cf0e8f544deb2c6fc2a6221a9b8ec382ebe682aaf68bdaa324ea6f3668f995a7d5ccdb9655d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG

Filesize
333B

MD5
78e5b2b22a3cfd0271aae125caa6b2b6

SHA1
2ad17d6e062c8ef52503afea4f3d7051c37c0528

SHA256
faaeee6c0c0a825061d95be002d569b1246ab929bfe0dda4a61d847f02858db6

SHA512
cd80ed94f8f61202e2ac69889a8024390b75adf8613b15fe2adc0d0d687c3119bb784c12a8736b9ee358a006ba563f90c61c504cf07658ebf48e8c8d98ed63a8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
4944bf4eef7854de77defc2538441de2

SHA1
5d70d8243fc292dde60dcd3eef07da0beae64fd3

SHA256
9469d793a429681384ac177b1c89c8b36e2103aeca6eeae3a2040b9069dba50a

SHA512
4dda036881e140a305c3a7779cf847a3c6a21e602df44d2ac603470f5c4a00d6ca4b8d7e73cf2263a841305dc3629301853c9416ceae622555add006ca73130d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
321B

MD5
b98bbf70d688cf0f904212e0cc6548cd

SHA1
c206b860c3777dd6ac8e754545b9a8c1fea5c044

SHA256
ddf55f5ceafd0e3b5dd550ce2682476eb1b86685c0c52d009758b90d027f0f16

SHA512
47106f5680d10c13f788e99cf7c1eb01fb793e1d153fe6038355489ef72fab4af13e900fb17ad1436aa84a619b7f823b1a896c50f82a8dd0c0a6346774e4d29b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

Filesize
128KB

MD5
848c543eacddfd76a22813330a931dfb

SHA1
e623cb24d749cc1b918899543a9d24d4df27f053

SHA256
4ae498028464da20ae910a77e6585eedbede8ce799ef44e5d654850f1fe34f07

SHA512
0b28d4dcc58ed5311f982c8ec5be3fcb97d8c62ed982d1f09e64b05f50fd45790b45b0803b7fc3667512621309b50b21d8db48ef37f27b7d70da48220553dba1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\d063707f-48cc-48f6-b184-759dc89ab471.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
aaa1d3398c11429309df446cc70a4b24

SHA1
426037d880450cfe67c0db4e8836d8cf67c3af33

SHA256
d3c5bb416732a0643cb435ce980e4cf7ed0d96375d6d1d866565ffa4cf5f4e31

SHA512
5400a74ad59ee80e11b97e884bedee53af567520b807e4c3c43b68446bb495a967e22838aeee4bfbf02486ec5abfb2e821c5165ab2b894a54e0d7eb70c7355a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
181KB

MD5
dea67b5a0a84416075871802efd23e88

SHA1
85c9297f5dcfaa9b7e274b174f218a3f052f8c57

SHA256
9b333b32bc875b9ab0896ec9672382aa0b968d4fad297a4f2cfa4e0468ebec2a

SHA512
22818f13e0c7f27fd256a9343e45eed7912b04c66685d3c2c43025300ff65062083b04fce06996b1753c0dba5b99ace0a5af8d4e6f9079a68878f38e16152cb4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
181KB

MD5
344d07bd4f626ce0af706677516c486b

SHA1
a3da26a7115a27d90d53904481f882c23851b206

SHA256
c6ff5117ef15b7a5b55c8306620516b9499facd305590f2345dc469fcd2fada2

SHA512
998cf32574a26680de2e4940b49562483580a2df8a8baa858450d8c7457b49b0f97bdf14262cb80724a9022265644f5843d2ecfc69d5e7cf94adf911209e7d7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
181KB

MD5
4c532207718d2324c0454563f5234a6b

SHA1
8f418537f9f919f819d23d79679948e4c73dad71

SHA256
0e25e9070551aefda5388af470392f765ab06af76466a34353c706278bf51829

SHA512
0a11fe47508f78cbeedfee7d0d0edd88ba48c1a34021c36b82d12933edb2fe21237cc3a1d6aac9fe7ef74e921a0244f25d8ba1ac3e413e40250e60a10aad0fdc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
183KB

MD5
7d3602402cd8fe0ff246f8d21b095818

SHA1
4c7bfbce3e4bf90803cd1e49fe8e59dbc484a9d4

SHA256
070f18c3f8ff6315fd3f2982167ffc09d59be21b56698f0057671b9352f62443

SHA512
e62314685deeb57bdfd072ab1617dff7a777f87fda2fa6421d1dede00cd2b1919a85d51329bdc1e53ed45068496783fbf056b3ef7387939bed85581e7178a798

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
95KB

MD5
678eecd110da9c48523dbfdc528caedb

SHA1
ecd72e6fdba7ad3e065c785f5f2ad043e2aeda4f

SHA256
fdcf86ddd36841befe097b0ba61f0885d659c9fdf0b875f222c17e1b9f81f300

SHA512
8df7180cf5f763bbb58c27a9a8fd4fca3727ac85c7a1ed442094caded6da38d900968c448191ce07422950cb4b24f4bb48a3a8c302a7acdcfe5c5fdcab2af152

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
181KB

MD5
c99ad38360e3413608220811a5f3b67c

SHA1
931ed3e6a12fa01be59f502bb00d27df46794e7e

SHA256
bc6f731d2962264ebf925c5c8c5da077fbb568bee36f8e2d3293ef682d1237f4

SHA512
75cb3e38807dbc6a95affe7c6b9e39bbd92978157e54f52b44ae8302086f3a36023d22bfc33d3a5e37d8e7a8ef65c7ed53248b6a7ca38ae9b69f6e35607f1446

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
f732dbed9289177d15e236d0f8f2ddd3

SHA1
53f822af51b014bc3d4b575865d9c3ef0e4debde

SHA256
2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93

SHA512
b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\f03190ce-49ee-436c-b74b-4cec2ef3bcf9.tmp

Filesize
181KB

MD5
2a31965f70617f13855bb582b03408cf

SHA1
26b885eda6c20e62e262fe5690584013152e9086

SHA256
3b9762f44b084595aa0fabd1b6410f402a8350cd10fcbcccfd9c6722ac611693

SHA512
320abbca88bcd895c0626780001d89dc7ec82d4caa76db974ad2209145175cb3322c802b9ecec5cc6dcc934b229fafd1348775f04f85d625e038a0ee5eaff99a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db

Filesize
28KB

MD5
b6e429b53533723d8fb72fec49beaeaf

SHA1
433dcc0f0fed79a77e507667abdb356b0d971f3a

SHA256
2bd8925e5e7d01e192f3e15803fee9da27262279fd86690a186aee0a564783be

SHA512
27b652db8775e92b365db0431e7d362b253fba71074d6bdc9be6736852cc9845bce66ef8b78e45505fd2a2e9a3df2374a01fd9dbdae2c2a199a427e38727b933

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\4i9bphnb.default-release\activity-stream.discovery_stream.json.tmp

Filesize
18KB

MD5
75c0dccaa2437c427b06fc6e8d01438f

SHA1
64ee045d63e9f3faabb3c4d7e8f96ce1cbff11dd

SHA256
54ae1448118c126983672633cab35fa0067b95a15362326527fd39de87c815e9

SHA512
5b137165ef84c65b29f6c638dae50c9b1dc001eb51c429f871de38d4cba9c6cd66a0caf9f1850e7105007d645cf0c33cc5784cab74b64a9955b15b925b3f2a4a

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4i9bphnb.default-release\AlternateServices.bin

Filesize
6KB

MD5
ebf9db762e1d15a6408026f58f407ee5

SHA1
e81b94ae675867213e36bdc90e3a91be3ffcaa9c

SHA256
dcc25bf2e9a4f3def3ee6513f90af41c3256e8f05fbfd34c6399c8d27c72a1bc

SHA512
4e9e4c5099fca1aab95184624368d8544e8020b59beefb4f44a3dc46b7d2f7f6d0ac1abe312cfab08d36a375a394442ce8fa924f087c8c5d08d2d6118cfe4214

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4i9bphnb.default-release\datareporting\glean\db\data.safe.tmp

Filesize
5KB

MD5
85c93c9f5e696e2457df620614d7fb49

SHA1
abb8559692361701cbf6b314b2349bcff8308cb9

SHA256
d997ba54c40b951001726a1b83dae43aba91c069555de47541699af3517d9629

SHA512
99433b9b1263184531d55a99777ec9453ba6bce5d2c9eb9349184f7a61a8b9ad40ccc94941337bb9fd563ea5b3866ad7fb8eb5eba802000bfcf766c2b9c36148

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4i9bphnb.default-release\datareporting\glean\db\data.safe.tmp

Filesize
6KB

MD5
2f7c17f75fad05aa81c61f67ff675d79

SHA1
83f77c4bb0e70ab737656e18746311c3646d9cd7

SHA256
04b807164ca4d3f9f499cc8f9c183d41fdafb9023374199407be7f55c3e4e1b1

SHA512
22e6c628bb57b44db54c7cfd860a06c536f6c7c91ef1f2ec3d1d5317a7bae14c35999ae87db693c831da025ec2ba5bdac2d21b9dcedcd815913dbc98363ed75e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4i9bphnb.default-release\datareporting\glean\db\data.safe.tmp

Filesize
5KB

MD5
475e85925f3614413a47dd72072637d7

SHA1
34c1bf4fcf22eb1d51ce38b3d45779effd8b2ee5

SHA256
c3ee2dfef0eb89f1f261dff76d44fbd353bf3d4382fa206431ef066a223072fc

SHA512
7f54b1f2137eeeeeb7453d909eb755cbcf681221d36dc3e119be6cedbd93d4f61bfcf80feabfe85cdc528d75b07ba991558b402da54a7c363ba80b1b9d3312de

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4i9bphnb.default-release\datareporting\glean\pending_pings\232c7a53-cdf0-4f53-bdd2-35ebef174623

Filesize
26KB

MD5
4202329074bbf768a313135e04cdbbbe

SHA1
05179bb1be65ddcbe4a6ecfc9b4821c32131ca7a

SHA256
1041c48374d813b377686f63ad642b505b38c81b00edc55cf41ba0adb49c7b52

SHA512
489429770e9eddca1e98219d8b96bf73931b121d22cf405ff318c90536f8aaf368f77d2397a3b42eb376eece3754845c8a5638283d68e1f1c4c60916fc565c34

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4i9bphnb.default-release\datareporting\glean\pending_pings\8f9f7259-4147-4be6-a673-89081456898c

Filesize
671B

MD5
405bc7bd1fe13f80c32b98a2ec1f43a7

SHA1
6ed827c365e3dc45e92cfb4e71c01a9df895a762

SHA256
aae8392a82b1adbf4fa8bfe5fb89a1091fca1321c0a761dd5f1aacb7b423665e

SHA512
af099aa04688b47d98a6a71d15fc3040f7d96b1fc8b2257ba5dadf44852470c1bda41034c046a16f35e6d29c1143af06425ad09b23c7c8713289e8fa94828d62

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4i9bphnb.default-release\datareporting\glean\pending_pings\c6002e6e-a07c-49ba-92e3-24ef3fc2a6fb

Filesize
982B

MD5
95bbd6016e50f5873ac3aeb6bbc338ed

SHA1
50dfecd86319617a18c4242dd6b3ee40b2c6bbd3

SHA256
8aa8356f951e00fbeef1523eaad355eeb79de04206d026a2d7caf6dba99f21fb

SHA512
c97be8148af6484509d5ddcecccd8d760960ca2052b175c5093eb5e4e7500bfdc7291504f7f6c435662b2c7abc80b5c99bcbfbaac95d26f485ec79ce8a57861c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4i9bphnb.default-release\prefs.js

Filesize
8KB

MD5
0429820c612bcaa1eeea93202000fdcb

SHA1
6f5ef37fbe1e558cd3871e24e15f5061e2853ca1

SHA256
5ed231947602428159d3d16e062c4ab32278211b2cea2bf27156f660ba98e3de

SHA512
8822fd21df50b0bec45dd2dbb3b0037c96df2057d0b4d98b39c70cebe4632f40879901d8361196c092145ed70007f15aabd6385d80b578176447326e446209b5

Download Submit
C:\Users\Admin\Downloads\Niggga.Client.dll:Zone.Identifier

Filesize
26B

MD5
fbccf14d504b7b2dbcb5a5bda75bd93b

SHA1
d59fc84cdd5217c6cf74785703655f78da6b582b

SHA256
eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

SHA512
aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 619129.crdownload

Filesize
3.7MB

MD5
9e6de7c7ebd1a00c2f7ddec78ba9403a

SHA1
65a9e65bf9b2b683ed93ac9848df8b5c9f3d4297

SHA256
77a84c4ed29551d8968a9bc5de796d6f8463fa54df8554b3cff91ca83d8ff70d

SHA512
f2dac6efaf4fa6c32b14a45bfa60813b67eb3a46e9a7342d13c1ba3bea3e0a188a5703d34c5fc65d20baae751c334474a9b51d7862d4c74fb60007dd8ce4adc9

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 885702.crdownload

Filesize
690KB

MD5
469464053ba2078f8340a83960c68284

SHA1
be88e770b7a66f28573824bd1803f571e03f0cc6

SHA256
63b95f7e1964123d72f66c5a7dd58255e5141813531850e152b9b700aa10defb

SHA512
d14ba629db716d22f931c970faf25a0ba7c791bed122731d30316c079d3c86b3587ae2a1ab018d5097c6f1d0bbe67480b1019a55a509727acc108e1a9edbf59c

Download Submit