hxxps://yim[.]gta[.]menu

Analysis

max time kernel
299s
max time network
278s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
14/07/2024, 18:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://yim.gta.menu

Score

5^/10

Malware Config

Signatures

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133654542448719058"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
3804	chrome.exe
3804	chrome.exe
3612	chrome.exe
3612	chrome.exe
4860	chrome.exe
4860	chrome.exe
4860	chrome.exe
4860	chrome.exe

Suspicious behavior: LoadsDriver 10 IoCs

pid	Process
4	Process not Found
4	Process not Found
4	Process not Found
4	Process not Found
4	Process not Found
664	Process not Found
4	Process not Found
4	Process not Found
4	Process not Found
4	Process not Found

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 17 IoCs

pid	Process
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3804	chrome.exe
Token: SeCreatePagefilePrivilege	3804	chrome.exe
Token: SeShutdownPrivilege	3612	chrome.exe
Token: SeCreatePagefilePrivilege	3612	chrome.exe
Token: SeShutdownPrivilege	3612	chrome.exe
Token: SeCreatePagefilePrivilege	3612	chrome.exe

Suspicious use of FindShellTrayWindow 53 IoCs

pid	Process
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe

Suspicious use of SendNotifyMessage 48 IoCs

pid	Process
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3804	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe
3612	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3804 wrote to memory of 2488	3804	chrome.exe	83
PID 3804 wrote to memory of 2488	3804	chrome.exe	83
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 3136	3804	chrome.exe	84
PID 3804 wrote to memory of 704	3804	chrome.exe	85
PID 3804 wrote to memory of 704	3804	chrome.exe	85
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86
PID 3804 wrote to memory of 3308	3804	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://yim.gta.menu
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff8fd01cc40,0x7ff8fd01cc4c,0x7ff8fd01cc58
  2⤵
  PID:2488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1692,i,9573951375745875144,17930918013754260461,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=1688 /prefetch:2
  2⤵
  PID:3136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2140,i,9573951375745875144,17930918013754260461,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=2148 /prefetch:3
  2⤵
  PID:704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2240,i,9573951375745875144,17930918013754260461,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=2424 /prefetch:8
  2⤵
  PID:3308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3108,i,9573951375745875144,17930918013754260461,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3152 /prefetch:1
  2⤵
  PID:4508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3116,i,9573951375745875144,17930918013754260461,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3180 /prefetch:1
  2⤵
  PID:4968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4600,i,9573951375745875144,17930918013754260461,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4612 /prefetch:8
  2⤵
  PID:3728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=5084,i,9573951375745875144,17930918013754260461,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5116 /prefetch:1
  2⤵
  PID:2792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=5080,i,9573951375745875144,17930918013754260461,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5060 /prefetch:1
  2⤵
  PID:812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5072,i,9573951375745875144,17930918013754260461,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3188 /prefetch:1
  2⤵
  PID:4024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5064,i,9573951375745875144,17930918013754260461,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4792 /prefetch:1
  2⤵
  PID:940

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
1⤵
PID:4448

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2608

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:3612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ff8fd01cc40,0x7ff8fd01cc4c,0x7ff8fd01cc58
  2⤵
  PID:1052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2012,i,402656638762193910,3328018108947226597,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=2008 /prefetch:2
  2⤵
  PID:4000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1956,i,402656638762193910,3328018108947226597,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=2240 /prefetch:3
  2⤵
  PID:1652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2372,i,402656638762193910,3328018108947226597,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=2360 /prefetch:8
  2⤵
  PID:3388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3188,i,402656638762193910,3328018108947226597,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3208 /prefetch:1
  2⤵
  PID:412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3228,i,402656638762193910,3328018108947226597,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3368 /prefetch:1
  2⤵
  PID:2532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3736,i,402656638762193910,3328018108947226597,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4608 /prefetch:1
  2⤵
  PID:2244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4788,i,402656638762193910,3328018108947226597,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4848 /prefetch:8
  2⤵
  PID:704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4752,i,402656638762193910,3328018108947226597,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5072 /prefetch:1
  2⤵
  PID:3516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4712,i,402656638762193910,3328018108947226597,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5164 /prefetch:1
  2⤵
  PID:4748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5052,i,402656638762193910,3328018108947226597,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4716 /prefetch:1
  2⤵
  PID:836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4528,i,402656638762193910,3328018108947226597,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3372 /prefetch:1
  2⤵
  PID:4440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4596,i,402656638762193910,3328018108947226597,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4852 /prefetch:1
  2⤵
  PID:3708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4640,i,402656638762193910,3328018108947226597,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4660 /prefetch:1
  2⤵
  PID:1152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=3776,i,402656638762193910,3328018108947226597,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3372 /prefetch:1
  2⤵
  PID:768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5480,i,402656638762193910,3328018108947226597,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3384 /prefetch:8
  2⤵
  - Drops file in System32 directory
  - Suspicious behavior: EnumeratesProcesses
  PID:4860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=4656,i,402656638762193910,3328018108947226597,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4396 /prefetch:1
  2⤵
  PID:3036

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
1⤵
PID:3728

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
9b202021ed29417f9eb734a3b0e1823c

SHA1
9bb8db6b93a0bf6377688f5240eceeaadca3c8a7

SHA256
d2f66fa845f111f639aa2c2ead8f90559d64042c7eae4e1127a9752f44d32daa

SHA512
53fdaf448b87d9cdde514a738fa30ad4f7686d8bacfcd3ed6c42cbcdb462a14a32d4dc16d00a60e78811e05999d7795ce1d42f48e308f49b4d115c5d20bed400

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
6ce29bebd5258c9be73c4fa7ee30e7b4

SHA1
9a687bbbb4915d4214f3ae0777d1aea0e42b5431

SHA256
7ff4f9d14561ba0783e7bef197792ae8bc505514668a739c7e637d5cf15aec55

SHA512
12fc9fd54cbbb4b060d4d752fbf313718014cbbbbc8b7b4b22ce2c1a51a8811682bde2b9f7d934b6e944b4e3c113ee597a57435c32bb87dbfcdb3bfdecee01ac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
4b3b280bee0f99f5eefe066aa3261c0e

SHA1
9b46af3153072f4cb6e9a7a354a2c5304fcca682

SHA256
cc9092e445c9408621a30bc0573ebdf14a6aef87cd2d8b2e6c67b03749cd56d3

SHA512
2bdb5ab5e5fe34bc1eb3fa02c6e1b004337122b1d2804a229a4dc35d1e5edecba90e0cda5162fa3681d7cb18e1ac72b4cf8dc2f826370655e4e086eb5db962a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
dc6cb21b606c65a8ba5fd77bc5e03251

SHA1
75c3e1e1bbf69a5253339c5b80c98726d2979e13

SHA256
a953a43a1489bc831926a39e2c51ba4a2d9d5525d1f8aecd6d1466f6b6a4a790

SHA512
c15b68a4ae9c2b69e9603b3cc6e036f2ad69e123c62995b33283e164f8ddd8f3ff6896dc1ef339acafce39c0a3d7ddaea7fe1c68336799082c2f6fa8ba2782d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

Filesize
317B

MD5
74c76c29a95c690a4b24fe06284e6792

SHA1
71685092dc1fb734dc57f12b3801568c6e5f4a69

SHA256
1cdc5b110ce97f301e3c46032c8b7b6d76b9e83e886887692103e05cdcfcf34d

SHA512
53204e852da739ad1fb154c73bde013cbd0d16630d53911a8dcd30cb1f6db3ddc8a40a97168c6570b92522c9bbebbe25899faa2771e89ca45f84b549eb876dda

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG

Filesize
327B

MD5
b72b2cf944892bd998e618505a5547b5

SHA1
c1480acadc12dc56241afcf7f99ce8404d64467b

SHA256
755a43112284bc50cc138ac693ca8c7f7b15cf0b4cb60d91ae6575fe619bec34

SHA512
1b4adfd370d2d1e2a71af4386592d3ac00b8009b4ad841cdd54754c8c172728af6e78a90f498d1dc12c91792191f33906d418e4fdfaee6fe8c65531c4c42c4ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0

Filesize
44KB

MD5
6669a8bd7000c8ec0d36b596ab4a2b62

SHA1
8eb02ccb61e115efe2760b41f623457220cdb030

SHA256
3f1032769e6508e9eb172d60ca620bf0bb24e034adbd838e39e3d6cd6578f54f

SHA512
0ca21fbf91a84a7eed0fd47d9453485e2a08815c61438abc6da4882a2c133bf1b5887079e3ea6eeaa27cbbc9ce6c29585b83d236bcab9f5ad44034567338d6b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
6f8c2b3ed58707cec631adc4b35f15a0

SHA1
415e6148208220d1a198fc021395fa4ce9d5cc2b

SHA256
e847c6eb57392f61268f4e4dcaed30506e1d525040225ce748faaab2cba58bfa

SHA512
513a85c3edfae810ead27775124ad6ebc669e7675010762a653679a189d9315085111bee194fb2951008229816f9c8984f44dde6ffd9b32c72f6e376f2e2af0f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_2

Filesize
1.0MB

MD5
f11e12b0d5beb6805018fc3f4bdd7da0

SHA1
93d0de372ff19ca23ece08f8c5f004033e4974ac

SHA256
f58f8f4b011ca25339c87fb081711a6639f95e508c77a9e2cb314390f8ab16d0

SHA512
7db77a80a85981834129edb5c644362276b25f87d9edb1abc65a963d4ce533768fd83df671ec8c551797befb6669b3de428c0241559aa63a444c7120fa8609d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

Filesize
329B

MD5
25c760a482238d7afa89a418b6bf0c63

SHA1
d1488ca98f31b50ed9eec0f012074080ce3932b1

SHA256
40c9208b86cd666bad88325ca584c78a6330eba70b6c10e2279586ca50d3bfde

SHA512
bddb0c1f22ed396d54ddcc899ba5404c97b70a22b0db0a294790ff26d74a38f8c598af7c2e00a1158e32e2d1ba35462cf305e92e7f00e5f81b01a2c551b71588

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor

Filesize
44KB

MD5
41b9bb60ba2d3cf49700fa9cc47a6f4b

SHA1
310923797a8a0dc4672dd1a9fad8efaf1a83b0e2

SHA256
20d0f7353447c272597461c74cb3967852644019b9f3f566a9ca97189e23ae4b

SHA512
f80f08bcb6639e1c746432de9b37a5576e4e435acd6986d9738d1008887c17f626c517658a5fa82243cf0ee8ebe94ae0437f5c95c983ddd221ddc1a0f1fb86c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal

Filesize
8KB

MD5
3a2520aefe3510cfa5e42572f5e20bd2

SHA1
2f2418015e8d4b915299ffb7fb0e53e50979beb7

SHA256
3505305ebf1b11470a02cbb820b1d0e51f28dc92fd1d102ef5333d6f3d607d40

SHA512
5a6ead24eef741c59ba4af98ab12b7c6a481d9186dcea60f35164ec750a4ec2850fc0a3e79fdae661ea67ec734e44606fa9421dc80b3cf510a27107499846035

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
4d389d25533bbb321eec433a310def17

SHA1
3019fbfad21f994baf1a3824b9c8bc5b759bfffb

SHA256
60d88c58e4ea04f037a609b8abdbe2e00df52f529d7757d7b3777f84e84cf5cd

SHA512
075f31363116247b1b65159b68ff1528f4988feffaf0fb8ee97110da38b5d57cc94d328b8c7e96da1ad9844e02b803979629d8f7cc213ab50e7897a3851f8d81

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
09a3489ade9d2e5243d1245b9b2531d5

SHA1
2a051fd19ec691b74d8393f9616e20c587e3f5a5

SHA256
fce460fbfa55b979e5a00515fab8014b4914fc76b4e5bc17be768d038451b086

SHA512
e2bf8c1bb591227d2755e0b7708c42ed42c1f151f1ed62ef9a8110cc7714f239cc623d98be24d0568d3876abd63f4829b2bc0ede15d0cf7d96dd4e0c2a5025e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
041e6a94c06eb3c1d103973507a1b0db

SHA1
29e2b44407014fd67cd0fbe2d3944da6268a95c3

SHA256
4f8c5c8c0336909f3b7d4852420767890c4527bf99c1ecb18af15468c3c056c5

SHA512
9fbf370db71cdeeae327752d4374a70f8d22cb88bc074b35f76f6218f5dc8168ad225f5d03bd7df87d088431450c5da303b605290493feecafef23f880d05ef9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
250d17d02cc85de3a94a80c56ef6de0d

SHA1
38ab9bb557d81cc12be23f4be14efb23697acacd

SHA256
26ac6f6425014b53788ef342af3c0841927dc29514a2e9faa08a8f3d1216b762

SHA512
85c850c54524fdf4b35aae4fc45be67b86924dc8655e1d862532af2c597cd10ad2d05c64243b677283356437109c3f15fa554cb61f74b6d5ca8327c19529f44d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
41cf1fd966da20c51a69bd2ce62461d9

SHA1
ec83ee16fc80f6ed0533b88d1d234e507337dbe0

SHA256
988173b081b7262e04c972959dd246739e4e093b8153ef81c3f8fbb23cec7136

SHA512
87494bc0c61bf8d084faf9faa97107f63ddbe4060409bc5cb18b38e32cd62b8a11c5d76caace426cbad61aa8a400f6dc88e96fdd5d1aacca2523a305bbac6479

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
eae692178a6d9a9ef768b1961cdb774c

SHA1
bbfb1123416851f27b337661148bde7493c5684c

SHA256
6fc182690673d3d4db7ab08c69df09aca9d01a1f4b3717f83e6cd04aad02a508

SHA512
cee6c2a07f2281fb02999e8383b8f1d557278ceefa743f1e4a06c337c5e7fcb2aedfb234dcfa661276e25a35920354d09335cb5863dc4e03d867d9e310db8bb2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0c73fe12886feb2f5ae3f1a7aa27ab36

SHA1
e8eb877d0b8798253eb5d158b1d61e31490ff707

SHA256
a9c5d69b3533c4605bafde96363ac928dd6097698548774be5fbbf65ce3f34e8

SHA512
c4ac61c580189ccd7d717776728008d07b790a426411c7950e7c0f37f94c5e49a3f3c45e42f968e989aeb54a1d8d7e78a71fea70751ad144efaede67a0ecf1ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
9339644896f1ed62b9d4b5d3c1bcb124

SHA1
52a0a523d9b2c92d80cb95e33ef1260839a6c5e3

SHA256
93b5a1fd94873640b0b0e3b3f45275f59308fc012916edef6d15e99089051a9a

SHA512
38e3118a3fe464b18001bfd992d83848ad75057223c1bbf2c73efe226f3890d1f352a21398c9d4f9e5b6a1ca94cda8f8839636f567978c9764f17af96aa415e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3713852fd8307a14268a896598050dd6

SHA1
9ddddfef98f3ef4ab911edf596e1096043b77c3a

SHA256
d924cd0e3984a00ecf424984bf6272d16e63a8ebbe46f15d513c366009a8bea9

SHA512
d3cfd158e1cbaff25e10f27b61e08e8416ae1cb7c3552a042409fde3e64405f07e0a2ecd649513c7d695ac6f0a283a211c054a0db5faa1c51a793743ee703803

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
84c2a6006dd4c420ea614a0aec1860f3

SHA1
10da1b9ee81ce5384a774f8a0b01805ae097d007

SHA256
eb9595bda3f9203a10cc0fcb5da74964d507c178e8dc5b1a73868450722cbfd8

SHA512
531802472a0513bb8226e8a0056c1a750825574b6b042e56d35c7ab8357c5d2e67904b7825db16ebd483885632babfd2b119a7774a2040aa40474dd6f532ff8e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
eeb918d7c9da920af9fd357fbd440bb2

SHA1
9023cf22a4ac869fd715e084db984008009f82d3

SHA256
9e7a9194ca9e8b48407da2eec1800a81894a1ea8fcae5db4d9dbbd33ee88ad15

SHA512
ee153245e1ddb52cad7e6dfb005a6462dfc14b2d54b28761c0c7f9244af819085e41c9de3a2a2e0ac43342b25d31efeb1d851a88f77d50d80eb8b329c1e2b046

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
20d6d6d2a2540aa924015125f6e756d4

SHA1
efbec4c20f17af34f052a8bdac802cef6f2a8f5c

SHA256
9e7ff8cc410cc1abee6c273cfa32698981d1bfe7f39c3953e6a17a6ba20f8e1c

SHA512
29dbbbd5700acaf5942b5aa5c163ba0ffae9d53d3f849c1892fab8a4efea2d72d765bb5f2763670fd3658f2df8b8bea18085cbab1c4b75d7c06695a0afff6117

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
2c189a76eea264a13f792d178601da2e

SHA1
384c0121c2c5527ccf8f24e0f3699e5afa98bf6f

SHA256
f1b9d436aa2a31f99114e0bb41b106b4203174700bd949b681cf20f7aa21217d

SHA512
910acadb90f612d45eb2d854a17d48b05920ccb6617a38fc25a43aa53a2e5f70c39fe164998f0ba4d63d8dadab035953fac313bb0b6a7fac8b32e0e009581fb9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
2953662a786d6f4690c6935f901e2bd7

SHA1
71c6a4be514bcd989bf562685adffe0a5c21bdb9

SHA256
24b5c0a3fe77992792300f09705333a9d4fbeaa4d12d7eb9d7ce0f0aaf0c162e

SHA512
871f25ae85cb49c5f45a569130966e0043d99ffe0b9d7d740c3ffa210c198acee1cb1be116d41b6733195b8890e0ea54e5d703b1b3bc12e44370cee4e7c7b66a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
9131416c6f3e4b99c1da5b3883855149

SHA1
cd2471411d6d51cd5aef933d99e6400110c6e205

SHA256
aa9b4b52ac73978ed90e36485ec5f0b4a67045214656b0967886c12ccdf314f6

SHA512
009f275b6fbe3e89ae83b4349ea64ce5a03d2e27a34e878d3abff061adfc88c34be9479af34fc17df30088cbea77ac0687f6f9f200fb721a7148913bd42cbd25

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
57e6f0994c228c6ce598eaf15695f5d8

SHA1
476e72b1ffa40733131fdd090dde17d35dd4c868

SHA256
b698bfbcfb0a1f29a97b0b97712d6c457fe01d4ba8e2cf59d870f0b7fde58ff5

SHA512
bd20e47403aadd970a0a8430842c385879d42f7fafcbaa6b9bbb5a0bbdb2a867d712a7096c1f83f63bd808751fd663e4a5293254e515fa94182a6533a4c17194

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
fcd95324eb7806fe5ab947d954e26b17

SHA1
b996bacc26edbf05a3d6dbb36c7e17bea164b6c5

SHA256
35262ad4cdbb7e7f17d1d973f3614b4199f7dcc06f89ed79988b972759957245

SHA512
fae7a9a1c762a9226461820795662b943e3f9142e12bc0879fe9ada06aa797ffe644b266ec9aa5b9d792e7676d9873e3fcedae5e43e8f70180c36f31cc3a0382

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG

Filesize
333B

MD5
f64874a0ffc8d61fd4975e551ceb4019

SHA1
dc724c080909bd06c9aa6c191fd19c64e85720d5

SHA256
693fcd989c89cd2f063730b9a3b0af36cce1d25ff96f4ebcbf92d8ed634333a8

SHA512
08df7120446db89a5acf0607c685d1f32da467553b9bbdfa26fd2981561acbe9cb94723ebf308bdcccd5b556b3bef78517a280f942093b08ed5470e349f5c589

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log

Filesize
327B

MD5
a66efaa590a0d16b1874a35836ba0a4b

SHA1
bb750c61e162420271f89a90f2b58f43587680e1

SHA256
b9ab1ed7609e2254b7d4fb655b57b21b2be601646c4ff0b207c411e8bdd9e654

SHA512
2b1ea0c798b69b360ab1546d14fccf7d5f9cb224b31bc8430cdb956c8cc570a086e4cfa10e6a843292deb862f4161dfc9b9abbc44afe397ff0ec9563646ff7a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

Filesize
317B

MD5
bed29cfe88ba2edd4d5d2f0fd9cc3c47

SHA1
60788e9cbcab00ecf67165eddefbd29aeb1d56a5

SHA256
850bd2f6b1e0ba2e35aff439968b03052e5cdd368fd875ea098b83bf5962dea7

SHA512
4fae8e562c4aab750e2d74bb765032cb3f0200687f2254d38e3139ede5183c56c7c280fa146e6cd77a3e6a2150fae3ba38b0c8cc36b426a2737758f34dcbf34c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13365454242150231

Filesize
1KB

MD5
8113b82fe10163527624e81107068118

SHA1
65c9f83b25f88bae77bac4696c3d5d3cd6c225e3

SHA256
3180a0c96265dc2e9aa03aa6de364232d7938e41317ba6b4cb8b4aee760bffe5

SHA512
32396bc7b50f2b7db2c3ad3800bf674717c24c582328814fc7ac435e6bf5366f9414ca5ab0ab8f7fc02f61d84047c1863d6ece616bb2185bd68482204cef1dfb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13365454270111231

Filesize
801B

MD5
34d45e8d056e5792b6d09c4a29b3c850

SHA1
ed5ceda67491e6eca33b6347d4258b0b9f4fb046

SHA256
801d84cd2546678aad01ff87cf527547f35e1d4623601cce9bb41d65753ad69c

SHA512
4040241e1595865a9af549e3f527ff205af1ae16f556fd31721cd523b7e915508c50bb16beba7a9b18b27f48a76a209d04ba8a7e023e7ea355edca2ed2827fbd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log

Filesize
112B

MD5
9e22e3fba709188ad1b62f6241a47582

SHA1
534d1a62cbc669a814a7764e0edba877ca4c8bb0

SHA256
f0471a4452a44291278cc6fea83e2868da152330195dbdb3177de638494de1b9

SHA512
278b21c11e70ec3af75e96fe5553c7f7ede1bf32de96bee20012230b1f8f6f601360a41f438331f28155177a4816f24590eaf90f526d9ec775ebc32af0d4142c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
345B

MD5
c33cfa3381ee7cd96c8604eb31564099

SHA1
8c994202ff42fd54971599ba5eac7fb1f5a9891d

SHA256
66bdabd44ee3555340f07ae2241679e690488ff393143ccd6c9fe01c9b389f4a

SHA512
c0c8ce1e727d06360e985f9af06bc2f396f98648eff7ea9c8adbdd125d66f78001eb11c7cff36ecd5691632113f9304b3004623b3b27e8da3946d47063380e8e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
321B

MD5
81b8ee1cd1493d4e58d67b5bed82e6fc

SHA1
62a462a36ca3949c3feb5ffeb7c0cfdc53dc16d2

SHA256
c6f2a4bd4eef7f5cf727544f20d475b068d99e198e6f7a4aa37f20d82e88754e

SHA512
e2b8a3589b99f1d312b5618f63ba01c8e46d8649cf15149af66cba9baaf72cd484b37957351c56aaf6bc17100a1c339913749d8e23fd760e70f60a52fa18a4d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager

Filesize
40KB

MD5
e82c0289cb1458b908aa2843a7d0cb88

SHA1
55c0e8bdec335d3277550d368e97b11de4f9ec3a

SHA256
2d82852417bd821dfc1ba7a795f1d16f73b16f3660d8746b1050ee32e487be7c

SHA512
f441a4d700a402f058d18a60bfe1830183f49d04656b18fde0463bd41257419dc05c1963e8de4e63d402bc53fe558dd935766e74cd544ddde9e4f69cbb65dccf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager-journal

Filesize
8KB

MD5
5eb4ca20e6145bd543e7ce7638d7d543

SHA1
132276d91eaebfda0a25476321dde6bc8be4b48c

SHA256
0e4c2c0b0d76cd8ea8717f0f58c5414d775403994db3387b0aa6fa99d479bcc2

SHA512
0f936503002a11950f5c7e4ba8fcb79171eb0c4446966e05b1f2499ab0395c048888c6ddf686e04716e637d727266def68c886dea05730139610f5d5135fd042

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\ba74062e-4424-4715-a3b3-82c0a1b4ef74.tmp

Filesize
9KB

MD5
e03ab4fcfcd5232726fdc683e0dd3d0c

SHA1
db9df201ea8c3a7a604271877782a6dfe5aa933f

SHA256
a27cf365d6fc178022dc1274c229de9d8b5a495ba6e4d62f22a12e2ff47fc5b4

SHA512
9b629203e2a5c1ea5788ce8f9c6c340663418b2633805b89d4b5da1c4bca4d7c1db43a3381064539cf70991e968219f7a76e05488163e41a1764686d101728a1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log

Filesize
16KB

MD5
2949443617c8a4abef33813db55b5f64

SHA1
5c4c5b2224921d82d4e08f1c07ed7e20f531adb8

SHA256
6043a9637b894297bd24143b8c14e0304520006f5e530bd5bbb77bd6817e3dea

SHA512
40f7d6b28b07bdeb6259fc384ab5892af88960a78d639c28531cdd371231617d43555ff2850c4fea98b800c5e2ec5578419e13efbe93ca06f8db8bd6f64a8f56

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

Filesize
317B

MD5
3354bda500557f5d69616f91e0711bb9

SHA1
2ba8b48b25158226204869853562a2bc04054034

SHA256
cb3228ecfee27551426c6999f67266f7800aa1f900d910d939ccdda26bd97b23

SHA512
6c9ab29ea8382404a032fcefbcabcb0223fe2b1fcc1ff39d664525bb07c37ea1764cb702339f9017d5057c09dfa4d28b90807cbe35de4efb39acbef438b8c7b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log

Filesize
1KB

MD5
18feef5744cd17b81b1bcc9274f8931b

SHA1
6042fbb392423d0469adda5ebf888b6c7c01dbb4

SHA256
49b356b4d4e3e2b65359234281edf8fcb6daf8a67a7e51322d4a1d9909133f40

SHA512
dbc6cf21482777747d49f6d5389c232f06361f6a6acbb4055ca83ca0e63e917ac05b7ba79f09affd114b1b377c2cdee2038cf66c4275eba94cba18233b2ca902

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

Filesize
335B

MD5
76c3b57294c9574f75ed92efa7a8fa25

SHA1
02fdae7cf7ece0fda46643a0aeb9d6873b3d5e80

SHA256
1e7e9df667d293a85bce21e350fddaea7db8e2ed7661dcc0eeb8fa06734e8165

SHA512
ca0bc79366a789422c3111f478a871726a1075a44ab8cc651bd181b7aea833527fecd8136c0e2367965399b0bce9ad14d492465028c421bcc8d8437f14f667a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0

Filesize
44KB

MD5
5deb2f71779c9e51fd045b3514daa1f5

SHA1
500e9382dadf2a0c43783064c893ba7442c98d44

SHA256
49b3a25a8d8b9003a1aa4233c84e27a359000f735fdbedb08030badadd5bfbbd

SHA512
721f34d6b09f6828325ba412292ff1579a571586269551653e7a84f5e05f469bca0ac78a47ec75af99d19160d6d8f7afc533df322c31d71f3fcbd918ccf84d8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1

Filesize
264KB

MD5
7706dcb530ff4038b530d835d6647422

SHA1
1ff494eca40b172d0f50a4d1a4b6edade1cbc603

SHA256
d6a221e1e8b4597f89f5c2ab7c506dd62a5fee310db0172aa98e07bad7a3c730

SHA512
892267019480869249fa22f966a37d2129acc026403fa1a9660d91c32e58b5f990a9669df4a7ca6c753b8811f3231aced95f5647912d5b18994adca545e1a7f7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_3

Filesize
4.0MB

MD5
54ad0529dcd392f96288596ac3bd72cd

SHA1
2817f7ea048fcf8e3895ec5ddfb1518f88d6e52e

SHA256
abeff0b810c7f8fd8d50fb1289bced85c5150480376c3a17d8c60c675714b1d4

SHA512
1402502d7b6fb5751f4f142adb56904884005f0d04a59bc25411f0d376ebc77b16f569d961f0b2c1a18d435eda60f812517849db3ff0701fad53fddbee85a312

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GraphiteDawnCache\data_1

Filesize
264KB

MD5
0c358e90551d5b642e0d8936e246a27d

SHA1
21a7c49374e5b6855cc9151a16ed076fb3efb57a

SHA256
830c515e616a061aeb0c495904bcb3deaaefeac9ee515ddf42ced88d9b4ce2a0

SHA512
37daba2b4844e8593a7904d94e055f24e9d4597408de3a1f47ec145a4fd70c93e60d182ef8603e23ea49f4e325b7f0ba21b03eb424b512303cdc7ece1b20c7b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Browser

Filesize
106B

MD5
de9ef0c5bcc012a3a1131988dee272d8

SHA1
fa9ccbdc969ac9e1474fce773234b28d50951cd8

SHA256
3615498fbef408a96bf30e01c318dac2d5451b054998119080e7faac5995f590

SHA512
cea946ebeadfe6be65e33edff6c68953a84ec2e2410884e12f406cac1e6c8a0793180433a7ef7ce097b24ea78a1fdbb4e3b3d9cdf1a827ab6ff5605da3691724

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
aaa1d3398c11429309df446cc70a4b24

SHA1
426037d880450cfe67c0db4e8836d8cf67c3af33

SHA256
d3c5bb416732a0643cb435ce980e4cf7ed0d96375d6d1d866565ffa4cf5f4e31

SHA512
5400a74ad59ee80e11b97e884bedee53af567520b807e4c3c43b68446bb495a967e22838aeee4bfbf02486ec5abfb2e821c5165ab2b894a54e0d7eb70c7355a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
92KB

MD5
6bfa1ecd7bdc566141927ec97c9c118e

SHA1
5479bec1eb7e745e7636dc7a2e64f08ab0519692

SHA256
a14630e3d81e3f78d965859e6da52540da7b8128e72d71a672548b40e68282ea

SHA512
cfc387553121a8323bd32ac512c6301de940353752a07b3cf01524c799333af407926252d1c5f18948fc4e9dc8793a30f5dbb291c33e741efe05799a1791814f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
92KB

MD5
3c049e4d0f3cf9a06d96048faabca623

SHA1
0fb07c40ca755f2447cbb86947272ec1c47b556b

SHA256
ebc4231c898986ee68a95114f0cdb77ba4f40dfbbbd3e6259ee1646a296fd6fa

SHA512
c75632d021ef8da8518014ad6369bdd0fc6062f243f3f056158ec509a3c91a59873510f828ae4ace8c37f87ba99f6918b23d8128fe8010721b85271a8d40b0c0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
92KB

MD5
10c9b53f2fdf5197d1e185e2f5722a3a

SHA1
50a06d90bb29d4ad8f248688e6e58804804162b9

SHA256
3ce39a5e0a6bb6740c81b960a15bdf2b93a0569c8d17cb98efa80cf7adc1beaa

SHA512
2b3172f19a8a21649bb74cde895f9fe79b6185ce7b38bc2cbdb935492f5c2edb9ad25e0a8527f3c1ed3bbaee7ccd08aae2ab10bb1bde02017101f46e7988737e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
ac382c6ba97f401ac0ea015e42336e2a

SHA1
91d976f1034a247706efcd2ac9fc8c714d0d25a0

SHA256
bf1a1a6edfbe14f0489b8e0ca1d27e48c0022f6b90b12d7aa29838d81a2bc3c8

SHA512
48af564ef575777ea282a987dc6f5830dcca8b4c6887d4fd2cf331cb022fe59fa3cb0c89b375852d44ea591a4c6ba91d38710f4b024dffbcf8e881d2744439d5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
85B

MD5
bc6142469cd7dadf107be9ad87ea4753

SHA1
72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c

SHA256
b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557

SHA512
47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\first_party_sets.db

Filesize
48KB

MD5
5a1706ef2fb06594e5ec3a3f15fb89e2

SHA1
983042bba239018b3dced4b56491a90d38ba084a

SHA256
87d62d8837ef9e6ab288f75f207ffa761e90a626a115a0b811ae6357bb7a59dd

SHA512
c56a8b94d62b12af6bd86f392faa7c3b9f257bd2fad69c5fa2d5e6345640fe4576fac629ed070b65ebce237759d30da0c0a62a8a21a0b5ef6b09581d91d0aa16

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\first_party_sets.db-journal

Filesize
12KB

MD5
481610195b333c31b489bce4aec0c167

SHA1
bc9a831f3df352d23c39cd65a276f66f87e14745

SHA256
47508c1c97176870e2b56f171258ea32c27aa514f618502a5766f28db68f3f3b

SHA512
ba7bf38b4bcaf77dae634e2643fc99c99aa1787fc93e2e1b5fa9eceb345cfef3493e4bba0d5d3f6b1f383ddb54f0dca703c0ba67c50ae1302f52f407a7fe6c04

Download Submit