e7c86a734df3942463079883b96930f223b3cd40b501d32c3d143687d546d444

max time kernel
149s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
15/07/2024, 17:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

NXOV4.2.dll
Size

1.5MB
MD5

2fd3f4348ffc36ed2edb18c1c204bd3e
SHA1

1295a7987084a4c31a561518b4ea936ba05701eb
SHA256

e7c86a734df3942463079883b96930f223b3cd40b501d32c3d143687d546d444
SHA512

97fc477cd153ad811ceadc60443af544137fd5197c7ba99f6dc05e19aff3d8d364ab41efdeb87b067327d2f4b331173efe1daed3804d8594bf62e046f5399d73
SSDEEP

12288:jWcvWYVU2jcnUh2+gkE+sPIdAfBXjvtQ2U1YMGI:yzUh2+gT+fMfQgI

Score

5^/10

Malware Config

Signatures

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133655364440023792"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2340	chrome.exe
2340	chrome.exe
3888	chrome.exe
3888	chrome.exe
3888	chrome.exe
3888	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe
Token: SeShutdownPrivilege	2340	chrome.exe
Token: SeCreatePagefilePrivilege	2340	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe
2340	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2340 wrote to memory of 3016	2340	chrome.exe	89
PID 2340 wrote to memory of 3016	2340	chrome.exe	89
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 2860	2340	chrome.exe	90
PID 2340 wrote to memory of 4212	2340	chrome.exe	91
PID 2340 wrote to memory of 4212	2340	chrome.exe	91
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92
PID 2340 wrote to memory of 1720	2340	chrome.exe	92

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\NXOV4.2.dll,#1
1⤵
PID:816

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7fff4a36cc40,0x7fff4a36cc4c,0x7fff4a36cc58
  2⤵
  PID:3016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1884,i,10505161377038113663,11082119548581031439,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=1876 /prefetch:2
  2⤵
  PID:2860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2160,i,10505161377038113663,11082119548581031439,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=2196 /prefetch:3
  2⤵
  PID:4212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2260,i,10505161377038113663,11082119548581031439,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=2376 /prefetch:8
  2⤵
  PID:1720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3160,i,10505161377038113663,11082119548581031439,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3172 /prefetch:1
  2⤵
  PID:1300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3256,i,10505161377038113663,11082119548581031439,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3424 /prefetch:1
  2⤵
  PID:888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3796,i,10505161377038113663,11082119548581031439,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3792 /prefetch:1
  2⤵
  PID:1940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4860,i,10505161377038113663,11082119548581031439,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4868 /prefetch:8
  2⤵
  PID:860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5036,i,10505161377038113663,11082119548581031439,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5044 /prefetch:8
  2⤵
  PID:4644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5140,i,10505161377038113663,11082119548581031439,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4872 /prefetch:1
  2⤵
  PID:2188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4688,i,10505161377038113663,11082119548581031439,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5204 /prefetch:8
  2⤵
  - Drops file in System32 directory
  - Suspicious behavior: EnumeratesProcesses
  PID:3888

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
1⤵
PID:3728

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2420

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\48e24cf0-ec6c-4dfd-a9d1-c405564c48d9.tmp

Filesize
183KB

MD5
59ce82c37fb6ee7d49fa48eb13169343

SHA1
6f421ab9443c85f2a33864666e90529cd8e6ed1e

SHA256
bf082de132cc71a6f94576db3bbce22187d0f16d9672aa0fd24e18071bde3efd

SHA512
ca7db49eb706f5949fd56b9971c6fc69dddaff601d606193d5d70a3aa447f466dab347319449b1801bba45e9639d1d747472c6a6ca707b940d83a7c999048f27

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
211KB

MD5
151fb811968eaf8efb840908b89dc9d4

SHA1
7ec811009fd9b0e6d92d12d78b002275f2f1bee1

SHA256
043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed

SHA512
83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

Filesize
24KB

MD5
c594a826934b9505d591d0f7a7df80b7

SHA1
c04b8637e686f71f3fc46a29a86346ba9b04ae18

SHA256
e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610

SHA512
04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
216B

MD5
fe00746fd2bfd3f773ae34bc6e65b3c5

SHA1
c4fac7331700f19d1155f2df6d84046a2fa371c1

SHA256
3cc2fb82a3caec8a91f8d13cdfc6ceb453a1cdc8336af68f6f8211b6d4e81870

SHA512
eefc92bb2f11467cc04e1fdedaacd82e9fb16cb31559aa27e5e9653508746cc6c18812acec708be5aec23d93a0165c7006d095e057ec096aa0b3cf37bdcb2ddc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
92e76a9913460ae99759fcb0b7d7a66f

SHA1
c756c5a882eedfd4d671d0053f93a8d8b45ea3a4

SHA256
e418aaf398f2687c7ad94598242956e02829f748761f77f15b39fb10301708cc

SHA512
ce912763f0e98a7aec97a2ffb4b79bfbfb50044eaa927b52d2fd600a3a65ad184963dbd6be617b56c56e41f78d41c6bfa3a20ef3388e052552dae26dd505767d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
2071ffae55218a6e36f42e0f04d3abb5

SHA1
678816a58bf718d9f8b8e6889b1f4c7a6bc77f70

SHA256
185f69d082ecf3271147966d53079f7668403d4b089a032cfa6bee6eaf98f0b8

SHA512
aa4a58f1fcd6c80e35ef54d3a59dca77034546e856fc0d44eecffa8acd73d9082e537af2c1a8f71b7ad2bd70bdae3bbb66997a62aacf61c2866ecf74b57bd496

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
9b3901d5d7f3251eab20e18d02939852

SHA1
5a0d8b681913f9cd47407d724c19627510801d53

SHA256
e773046a7e30bb10de61d5772dbf1781ac149a106064da7dcff2cfe65b4dc007

SHA512
001a5399ac2bd6d78b652532e5b4960b31449afe35b1ac5cc758ddbd29fcc351f75e4b718121c6d1d0fbe9374f461a0c715e31a4eb61f2a94d0d8251456bdf9d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
fc3e5c6ea411b0e9a875a9c7074ae85e

SHA1
2ba43bb5a23f1dd7c2e9ab3fc92eeb4e93a80a3e

SHA256
67ebb77a0aefba8e3a71344e88074ed300f5cfda2e723f172770bf77c5614993

SHA512
429c054731de1fde3e46bb30d766a6a6f8d6e79ec973b8a98817cad66b2977e3188c93b6a10f1a22d0f6ecc1c5eeea303988a7732c80be237bcb6eaafd68a1cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
354B

MD5
3b9528ebf07d0cad152aefba12f519f8

SHA1
5da4b93981f8672a21a82134810caf257a28282e

SHA256
deecdb511095861897a6d2b744818d218e37c6d3d9488ba269b05a11fc7ce316

SHA512
ad30e0076f032ec9096d3c730ba7e21a7793b2adc137b2acb13815e66c20e2c8db3f82799ff830269c70bc981c72a812ba12cf7e9ae209681ea1ab8e2516e723

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
354B

MD5
02fa1fda4b86139020c259b4c640d7d4

SHA1
7df5f312f4e31e70869452868bb5a4ac80506be9

SHA256
34f72a9965e1f3d867dc8d3b21b1b62e9032cdca5286a82391152a6db97ded9c

SHA512
af3f2633498797e602736533473528847ff6d8c7b1b23da836414daf55f283c98a2036dec4490d4595019c8bdb794d4518330af359844fc0dc6a383a577cd19c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
354B

MD5
57cc0b0e3f67ed70afd9ebd5b8d47e8e

SHA1
bdc4d0469c48bd33e3b656c34a8cc48a085208a1

SHA256
ba5c1cdcc54392889ce07bfef9b5438128bfbd71c5e228d3ce8c5c77de067701

SHA512
ae29a195a90112e11fc423a63298319c03e52e967ffab554cb210d53218369ce3e0c822f8d23f204d6c0e71869a214bc7466c0f1f4505ee06454721cea5e1778

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a24ef420fdb51eb13de060c37b60c0d6

SHA1
9fe3c3a233aa2e9189e3e85f554003968114bd04

SHA256
7b08aad81a555fbec122ea6d7ef161fac978509bb0e44f3ed133d17e49f955ce

SHA512
c8b570b3b2e20221acd5a55d81935da6094e994250cd029d599000c5e544b76433cfade57a6ba271962554fb845a94d90d56758c63335da240e126c641ba5c39

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
0c356878c2902eb978f21f3273eb4382

SHA1
fefc0bde870d6d6cba13d035a08fc2bca175cdca

SHA256
ee9f8c961b2f350fd441abca29c53af5fa98815baaa29323fd598dff6d171d20

SHA512
88c1c3600f3a7d4152ae28923a08a9edf7e76aca905d6941db1b31866d00f3ed91c07babcb4fc5e61f3bfa5d922092ed961bb25d20041b4240910caa1307ecc7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
9fc5c789a3a3b28f8743dfbd35d24b64

SHA1
a751c7917aeb4d5b1af23e2dc3b160e4e2b75ed2

SHA256
3f95e28ee6e63e89ca3a9de9b8ed00065a117c3ef6b834e014b5ea1289d8fb07

SHA512
1fd9065da89f771feca4b494af7aafcecac705b60a90b0c6d68d96765055389bdf072fe30288e7aa36b3c81003d9a962d5e52a48de8f475d988ad1f9a949438c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
918f6a14ab69f283deeed53cd89570f0

SHA1
7df1ed695935f47c6a313a392a654d43608960cf

SHA256
6d3f3f9c801b7a61047de3246dcc35fe08e8534a18fd90643091e0e379a160ef

SHA512
7239b61de957a732329c3e3b421e8c528589f336de6861886578cdb5d5139af16dd9a5fe88816974ac4e7fcd1b537a74d5708c721e518900444f4f533dba6217

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
8f54e75b9d67eea42baa1e7542d9b926

SHA1
4ce2fb9a60a947e2d9f00a9b94f7597373122255

SHA256
39f0773afa74886166a22ad8e1591ee8e544f1efaab8b237bf5880cf9385a768

SHA512
161ec742bbdfd5d0a90c81036c7896f703ad9c021aff06c1eaac302525184e5585ad6a091d4925f7d22a3da99e7d810abcbc0c986b3ab82a999ce63c57421dc1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
8ce7e258f566ce6e8919b7f4c612e566

SHA1
d512832c777c637ccf60aaf9677cc2678f37a17d

SHA256
97271c1c0e26473f05565750c11b7944863a4108598542c43fa258cea5c71cef

SHA512
18739a1ff11fbbdbd8ddeb0af8da326e95d4ce763d4adbba8c40fcc441a1126c262bb0507025de8bb80cafb6d5ffa47a66d24240aec28c87c9404c653b2777f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a782e847f807e75fe9159161bb294d1f

SHA1
e174bb78e8ec005925484b8e9e2910a3c22bf014

SHA256
ce0eee721e024f35c59c19a4a18c8f2bcffa34edd69d297002e437de8557c861

SHA512
29ed03618c94777dd0ed2b48b282fbe0d8a98bac83aa0bceaa25a19dbc8cb26ff669d8e55bddd95d4cb137f7cd80c122ef7408667882bd94a2409f23197af63a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
ba681fd58a146738bb5f9ac800853d75

SHA1
bc8fa36184d04bc264aa0e61f237f4a29697165e

SHA256
791b1ef5a7ef28ba22b1a71923ad2a79ed7f9ca9999077d7ba25563885eb3f3c

SHA512
0782b581a41f302341e5ec6ce5969478d4ab40128058c2163035cd2e87170bdc7f169828ed7a45157e466ee4ed623a1c2a5b0cc7daac51e182e3e52ee004fc79

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
155873df9ea380c4fd331562adfe0e1e

SHA1
d5854312f888fe8e2d424af2aa9944559f00d2de

SHA256
2b0839ca5325a08bb409289d10146ad315b40041a3ceb259bb7f5ffbab17d561

SHA512
44d73d5590c7492a1849b3619fc97589a9537466718b8afafca0195d5abf05383e251d8047572201b358e89d773745c8ffe0aa606a7445897a3ab3f6e05d0923

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
386e43fb4d0055f91aa6cd7ee0532b9c

SHA1
c5447f5caac665f22c0d40ad3e913db9ff7794c6

SHA256
56ccfee0221da124d2e4fc60f275eee431c7614d0394c63ea07002499b374a62

SHA512
ce49f050a0a7de493c2d47fc110437fbcfbec764e00a9938ce333d6acf4ffc53335dfc2c9d01650787937fa41af1c970edc2551c83a48006cb495aad37ec0453

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
183KB

MD5
0502e445b1183681d87cb0630a09145c

SHA1
e829063cfc8e7ff1aabfeb3b1988e9de6a9d012d

SHA256
c818fb502a3eeb827752b042f02d20a4995690b2379a63068f88294fa3f13533

SHA512
f67bfec74cfe96d8b4aa34681cab6573e3ac71474f99e6d17cf43df54c702f6698a95938d5f715f108f1f1749adc4ea57598738723ea7bc350766ebffd020941

Download Submit