66c48cd5ac19724ce1ac5664350146c57b545fedcfb6131a34b652815f25a216

Analysis

max time kernel
97s
max time network
98s
platform
windows11-21h2_x64
resource
win11-20240709-en
resource tags

arch:x64arch:x86image:win11-20240709-enlocale:en-usos:windows11-21h2-x64system
submitted
20/07/2024, 04:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a_file.zip
Size

13.0MB
MD5

f8493398502e2e1d693543393f30cb2b
SHA1

267a4bc3d632271dc57917545443b5e6ca5438e3
SHA256

66c48cd5ac19724ce1ac5664350146c57b545fedcfb6131a34b652815f25a216
SHA512

f19d1046f5ee966af2975789ba845138bb20684aab56afbfde4270ccff179e87fc925f73980d179d902fbc64caabfb59fe1812065451bbdcdb89b7ada00e60de
SSDEEP

393216:Lbgi7860mm8R+t5USonei4wtZi7860mm8R+t5USonei4wtZfvy8yh:LbP7860mmR5US9w+7860mmR5US9wrBu

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133659236943551847"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1372	chrome.exe
1372	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe
Token: SeShutdownPrivilege	1372	chrome.exe
Token: SeCreatePagefilePrivilege	1372	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe
1372	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1372 wrote to memory of 4952	1372	chrome.exe	85
PID 1372 wrote to memory of 4952	1372	chrome.exe	85
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 2148	1372	chrome.exe	86
PID 1372 wrote to memory of 1800	1372	chrome.exe	87
PID 1372 wrote to memory of 1800	1372	chrome.exe	87
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88
PID 1372 wrote to memory of 2432	1372	chrome.exe	88

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\a_file.zip
1⤵
PID:104

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffec1f6cc40,0x7ffec1f6cc4c,0x7ffec1f6cc58
  2⤵
  PID:4952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2000,i,5665909020633931808,1268095188560942069,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=1996 /prefetch:2
  2⤵
  PID:2148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1776,i,5665909020633931808,1268095188560942069,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=2032 /prefetch:3
  2⤵
  PID:1800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2208,i,5665909020633931808,1268095188560942069,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=2228 /prefetch:8
  2⤵
  PID:2432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3080,i,5665909020633931808,1268095188560942069,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3116 /prefetch:1
  2⤵
  PID:2960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3120,i,5665909020633931808,1268095188560942069,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:2564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3540,i,5665909020633931808,1268095188560942069,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3516 /prefetch:1
  2⤵
  PID:4900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4760,i,5665909020633931808,1268095188560942069,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4756 /prefetch:8
  2⤵
  PID:2896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4792,i,5665909020633931808,1268095188560942069,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4356 /prefetch:8
  2⤵
  PID:4424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4340,i,5665909020633931808,1268095188560942069,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4824 /prefetch:1
  2⤵
  PID:3776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3444,i,5665909020633931808,1268095188560942069,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3452 /prefetch:1
  2⤵
  PID:2740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4768,i,5665909020633931808,1268095188560942069,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5060 /prefetch:1
  2⤵
  PID:1464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3104,i,5665909020633931808,1268095188560942069,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3364 /prefetch:1
  2⤵
  PID:2544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4488,i,5665909020633931808,1268095188560942069,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4504 /prefetch:1
  2⤵
  PID:2820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4552,i,5665909020633931808,1268095188560942069,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4448 /prefetch:8
  2⤵
  PID:956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=4424,i,5665909020633931808,1268095188560942069,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4996 /prefetch:1
  2⤵
  PID:3720

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
1⤵
PID:4672

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1508

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
74bdae5abdaf24affb53ac994d8a977a

SHA1
0add895196239812feb7fed84e64e01248bbd847

SHA256
d9677ab92bcd416a948cf67766310cd7f412d5080554a5579cf42feb2ab6bd2b

SHA512
a2970fdb5ccda2690bb7af49f4bdb08d371b0e460fd4d64050f239c5e18fc8ba3a97cb45bde1ab6c71112a8632d6837cda8d20f258581905c00843da9cc93faf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003e

Filesize
49KB

MD5
8991c3ec80ec8fbc41382a55679e3911

SHA1
8cc8cee91d671038acd9e3ae611517d6801b0909

SHA256
f55bacd4a20fef96f5c736a912d1947be85c268df18003395e511c1e860e8800

SHA512
4968a21d8cb9821282d10ba2d19f549a07f996b9fa2cdbcc677ac9901627c71578b1fc65db3ca78e56a47da382e89e52ac16fee8437caa879ece2cfba48c5a6d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000041

Filesize
211KB

MD5
151fb811968eaf8efb840908b89dc9d4

SHA1
7ec811009fd9b0e6d92d12d78b002275f2f1bee1

SHA256
043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed

SHA512
83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
2a9c54d008266b31f6375ab41a584a20

SHA1
de2f4d46790584975be4937b706adb1612216fcd

SHA256
f3cff17fcd3fac4723299e4bfbad2d2f5dc74114696c9b6237ed6b4e330f9448

SHA512
04681505440246cb137c4c111f906a10a375f6d60f06d9272080f56d36e211a98967e34bb3d5f77960b3b18ca0c7492c094a8cd7a878c477f99443e65efbbd7d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
23ae35e1a16554558f82a6420573d70e

SHA1
7d1366b0612e79f9338f3068a266d254d927c56d

SHA256
7d0bcd0fa7fa17d635714b924cfb33bda70d7d3a31cfb0170bb7eace3248065e

SHA512
30b3c3f4525e5d6bedc8786519d3669f2aa70c5b2a2141b3aa63b143021d3686234faf7776f1eb8c614cb3bc524da08ed47d8cc7e4c478ec1f4e75d28b3fba86

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
7c5edba87653b4f95efc8fc0669c25c9

SHA1
72790eeb812a825f703c8401638567768708b973

SHA256
860b07c6cb340ed20fdedb050ec7afb81f4455d2faee37193517ea121929319f

SHA512
bae41657329dcc25e0459f2c50805cf76b1f467d8a7244b7e6d6ca337df2092d41c73f4bdc9765e14d40308f3699bb03d256f8c912b928344230081a802dc9d6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
691B

MD5
ea65532e0b2ad33a91784caa01dcb565

SHA1
ecec2618ac010b596ba2f763c05efe6e972100ac

SHA256
076683fd70a801ff81bd9132ce9287cafeceb520a22f413f6d0b4f19aeece2c3

SHA512
1ece2c718ea58cda5f635676569d505811a5c07fa7bfda45139a91360c8c03710917f8d8dbad054fbaf61653cd61e0750fc9938ba06dd2e90cc2b9427e6a0fe8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
df970bb5fe945bff4ec2e052025c90bd

SHA1
6ed1da7750483b20efc23a0d1b9413f148ba09a6

SHA256
141441223fbcda9e604e34b89276b2afa212c60353eb7eb8fbbc609e0262fbd7

SHA512
35f8c01f4583d31f10b1da88bedf2bc5eab7076b25b0e92d7147cbc6d3b5db64239063ba675d23d7ef681a6fcfdeac163a374004673ac819e062a9a94f16bb93

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
72e96a5dde490d569e1c8c3b77798f5a

SHA1
301c9f080cca8213b1bc75ab5bc1d40a6a2eb413

SHA256
a4e313c1930cc60f69ee4493aba637583191029e9a932f129cbc106576e98c12

SHA512
662b799a404367e41743f4dd3b355f07142494a4a33bb70f666975c69d2cd1d9db58ea8ba06a558302e8a80afb8cd9b45f352c7944f327d3876a367277363447

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
691B

MD5
16bd5888b53ddadca2c110a8fae31913

SHA1
47c37cc7996accf7bfcc61440e7e8fc0e6f6d217

SHA256
53f2f6e8045a356d4bc9f01247e96c17f4c98d26d8c1c22a78c77bfbffbd4711

SHA512
16c416c2bbfd4b98bfcd5a3896ea7ae9cec6935b4470a1313f10051a3ebd039ef0571fea36963f4a3b13f838261c0dd393ec83541a8637da5848f77e6bf14bed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4cf5cc9c2f21ee60aa4da4b2445412bd

SHA1
ca88b19b3176069a3ed9fcf7f72ade0d6431f859

SHA256
82789d6982073604713b1da143c879339f1b0b12d2380b6190bba74af7bb396c

SHA512
b37f3c9aa8c0c56b2e969aabc33589f93d8559f7618025566436ec08e54b5434b0a0cfc6d50ea14190112043ad7d0a7dc4c5a564b6e850f6428d2eeddd2c4716

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
e007c0f202ed23e0ac637d03db023652

SHA1
fbe5d8d2fd70ae4cd369b928f99693153995ec7c

SHA256
5f20c0b2b40f0314a927d46a89caf2692a7d89988f3b760ad7b490498336aebb

SHA512
fe37352070a3314fd73be50063f1e1c9bdc3638ce7c90edd4e5e97f8125b658339132936b0988535ea704df8b86da645a7b56f046b99b378cab04a491cdd71c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
1067a9eae715be06356e0d5d8d849e78

SHA1
e10c1f871814b12fccb1e77c4f9adee5446ae157

SHA256
4f18a436698d7d255e9f308c444441b43a67dde8bf37703ede14b2de9999227f

SHA512
732bc2497a38d9ae6e0e83d9a55a496dfc70efb3f228da6bf7f9fd9eb2b0a45b0ca2a2e114661407f4f499aad534f87b088fb0041150a5e2243e177963f95aa4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
93512355a068f1c9b99afffa0a25badc

SHA1
4af3c22d0ea78e7a160b5dd27e75d858d9e17bd4

SHA256
bf017517656c8b71e78873c51911fda03fa249bb5161a779c5c5e65b6fd46c54

SHA512
a097a2aec831280f9727ec31ba5642aa5a51a39d318c5a196863faad02c4d244888946228b5e1e3280a448f9040aa61bb63925a8fccb32e454cd61940af26a6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4e9458b3366faf6b27b676955235d3fa

SHA1
861b17868ba4b3bdef1f5f7196428b58a48194bd

SHA256
d7714c1329ff9c6ed5a9e8428d6a4e01988fdf0c6857616c4ad863e4fc77126c

SHA512
4aecd4902b0becdde93c21ef1af47bb4c1c920bfe7f2b914033975498a8bb16a91a33388d6e60a59e73a4d5a4d76beb2b17529e863dedaca2917351b42bee8ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
e9cc1e40048f2d8a25ba2479ccbdb95e

SHA1
805501ac23799178054d19698487168bc36abbb2

SHA256
492d1337b5b3b15d58bdb488fca543eb624a1595fe2241467a1684a04eeb5d26

SHA512
50bab8b88a22c5b31024fef43bf04b77dbd16077567c91e9cc25f1a7ac0cdb67c7d2539c687065cc923c0dc421a2bdc5141964d374c806c6ffc7b14ec628b54c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
8442ef07fe1decaef27ca114304ad895

SHA1
0bcf4228ce6c794f0d499dce700419c8c424454e

SHA256
23bb3ff0215182b26569b18838a8dd91ad828845f4ec8f3b05307e627d0de106

SHA512
86d62327c528dc2ec6b1bdc79cf6abce5ebfcd4654ded7128ab86961e35f63715d34b3b9ae5a4a78caa70b5063bf5b4523037871ab0132b6c306d25eceb99e0a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
185KB

MD5
34a3326555f64399baa9498ec9daa91b

SHA1
6363ba3b7cd9f073e3ddc756d3989b2fb45921db

SHA256
942ba17e331612294a217a8374fc5f1fc3c976f034cbb97734f584bd217df582

SHA512
19926508bb3c8f3cf734fd0829283376201b1995fb38cf42107bf05b67e491c7d9af54de5550152bef20e7652cf1f1bc5a23d7190a2c603a72993abd5c217282

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
185KB

MD5
2e5a9dba5d3139f70ca88ff31b59debc

SHA1
3e87d82dbfed50316dbaa524895d02dcff835d96

SHA256
5ee152e1ca035be5231b885e855be1c5b3c345a17a83dfc8f2e66e12bb1536db

SHA512
8a49c6571138babe6aabe3874d03c9eb95f871e678485b3ce7a7b7e018e64c582e4f356339c1fa48876066716959986fd42aa7fc5fe1f0b258203cbf9c1c1821

Download Submit