hxxps://github[.]com/Hex1629/SOCKETPIE_DOSTOOL

Analysis

max time kernel
149s
max time network
148s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
23/07/2024, 22:05

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/Hex1629/SOCKETPIE_DOSTOOL

Score

6^/10

discovery

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 1 IoCs

Web Service

T1102

flow	ioc
23	raw.githubusercontent.com

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133662459419184440"	chrome.exe

Modifies registry class 12 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\py_auto_file	OpenWith.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\.py\ = "py_auto_file"	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\py_auto_file\shell\edit	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\py_auto_file\shell\open\command	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\py_auto_file\shell\edit\command	OpenWith.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\py_auto_file\shell\edit\command\ = "%SystemRoot%\\system32\\NOTEPAD.EXE %1"	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\py_auto_file\shell\open	OpenWith.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\py_auto_file\shell\open\command\ = "%SystemRoot%\\system32\\NOTEPAD.EXE %1"	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\.py	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\py_auto_file\shell	OpenWith.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3796	chrome.exe
3796	chrome.exe
3384	chrome.exe
3384	chrome.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
5112	OpenWith.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
3796	chrome.exe
3796	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe
Token: SeShutdownPrivilege	3796	chrome.exe
Token: SeCreatePagefilePrivilege	3796	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe
3796	chrome.exe

Suspicious use of SetWindowsHookEx 39 IoCs

pid	Process
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe
5112	OpenWith.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3796 wrote to memory of 1592	3796	chrome.exe	74
PID 3796 wrote to memory of 1592	3796	chrome.exe	74
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 1892	3796	chrome.exe	76
PID 3796 wrote to memory of 200	3796	chrome.exe	77
PID 3796 wrote to memory of 200	3796	chrome.exe	77
PID 3796 wrote to memory of 3960	3796	chrome.exe	78
PID 3796 wrote to memory of 3960	3796	chrome.exe	78
PID 3796 wrote to memory of 3960	3796	chrome.exe	78
PID 3796 wrote to memory of 3960	3796	chrome.exe	78
PID 3796 wrote to memory of 3960	3796	chrome.exe	78
PID 3796 wrote to memory of 3960	3796	chrome.exe	78
PID 3796 wrote to memory of 3960	3796	chrome.exe	78
PID 3796 wrote to memory of 3960	3796	chrome.exe	78
PID 3796 wrote to memory of 3960	3796	chrome.exe	78
PID 3796 wrote to memory of 3960	3796	chrome.exe	78
PID 3796 wrote to memory of 3960	3796	chrome.exe	78
PID 3796 wrote to memory of 3960	3796	chrome.exe	78
PID 3796 wrote to memory of 3960	3796	chrome.exe	78
PID 3796 wrote to memory of 3960	3796	chrome.exe	78
PID 3796 wrote to memory of 3960	3796	chrome.exe	78
PID 3796 wrote to memory of 3960	3796	chrome.exe	78
PID 3796 wrote to memory of 3960	3796	chrome.exe	78
PID 3796 wrote to memory of 3960	3796	chrome.exe	78
PID 3796 wrote to memory of 3960	3796	chrome.exe	78
PID 3796 wrote to memory of 3960	3796	chrome.exe	78
PID 3796 wrote to memory of 3960	3796	chrome.exe	78
PID 3796 wrote to memory of 3960	3796	chrome.exe	78

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/Hex1629/SOCKETPIE_DOSTOOL
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ff8b3629758,0x7ff8b3629768,0x7ff8b3629778
  2⤵
  PID:1592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=272 --field-trial-handle=1784,i,11767299956621430165,13352969675295746665,131072 /prefetch:2
  2⤵
  PID:1892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1816 --field-trial-handle=1784,i,11767299956621430165,13352969675295746665,131072 /prefetch:8
  2⤵
  PID:200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2064 --field-trial-handle=1784,i,11767299956621430165,13352969675295746665,131072 /prefetch:8
  2⤵
  PID:3960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2892 --field-trial-handle=1784,i,11767299956621430165,13352969675295746665,131072 /prefetch:1
  2⤵
  PID:4900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2900 --field-trial-handle=1784,i,11767299956621430165,13352969675295746665,131072 /prefetch:1
  2⤵
  PID:2368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5232 --field-trial-handle=1784,i,11767299956621430165,13352969675295746665,131072 /prefetch:8
  2⤵
  PID:4280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4864 --field-trial-handle=1784,i,11767299956621430165,13352969675295746665,131072 /prefetch:8
  2⤵
  PID:1416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4940 --field-trial-handle=1784,i,11767299956621430165,13352969675295746665,131072 /prefetch:8
  2⤵
  PID:4104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3920 --field-trial-handle=1784,i,11767299956621430165,13352969675295746665,131072 /prefetch:8
  2⤵
  PID:4740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1660 --field-trial-handle=1784,i,11767299956621430165,13352969675295746665,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3384

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4240

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:1232

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:5112
- C:\Windows\system32\NOTEPAD.EXE
  "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\Temp1_SOCKETPIE_DOSTOOL-main.zip\SOCKETPIE_DOSTOOL-main\pie.py
  2⤵
  PID:3376

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
143KB

MD5
b03b67b22e65000d964be9fb61221286

SHA1
1526f8b3ee6fd710fa0d5bb46750a6e06f2014c2

SHA256
8b47dc575097ad3be4a2e160ba4c0d2777738be9817d4674bc1ac566bc465cb6

SHA512
e15f9ce1224dfc2718beb593a217b7980844b220b9947a2d8070c00bccd2dae43b959d783f7d85bd3af526ab999388591424b789077564a82aac3fd5bc244930

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
4242ff263987a4367f2d92652d93b346

SHA1
7e1811e75b6e6d6c0ff05c48b2cb8cf827979f9f

SHA256
9573b5631e4791848c320b7b91119cf826929f6fbf2a48aec6bedb07634c1a52

SHA512
58fbc68aa4264f12359644925f6f2991f037a1afac88a3c6c0cd9b0ac4f4ebfbf446531503b84e16eff02e2408db5f5c707851aee2e6f09fbea798231340fb80

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\4e7805f2-6c57-4fab-9b3e-a98aa679e86a.tmp

Filesize
1KB

MD5
ccb56590f5f04325e025ce84fdb8896f

SHA1
4cbb84fc33cd30f4dd2c8f0a4b4e630ad7e2748c

SHA256
2f858725acaebe1f5f24e0e5ae6159b606b97efe611be59f92437946bf0fb1ad

SHA512
f9515d1b3332ff406c3333bd4c26504e209e96db0edf8dcddbad968c4020be295bebafacfcd182671e2fbd8ca3a9a9cfedf81d30a2eea38a3de40928dda37146

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
30f4004499fa6aa747599b9d18231a2c

SHA1
2d05dbf24fa0b1ff834e1a5c05a7a0119b600f57

SHA256
7a69787a24fe6429ce0661d38f325b87409dbbc567bc40a71b4659d6c18872d8

SHA512
57fca63124a15046cfd57c31033315c0a455b707928b804b5ee519d7e90fefc53942543065c0ccda796be9caa401a5d38c7c062814e2e1242286d38f029214f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1018B

MD5
de5cb4510ce93cb50ed3583d017670f9

SHA1
8ef58b27ce36b1e0078f9716be995e473b0f8dc2

SHA256
af9f65dc5e9b61d9e0148990e4f1836e9441296207f00761bc8405efe1bd419f

SHA512
a4890654ba946a40c8e247a1ad90228264c2962b6b5238aa588554d0c31a195a53cd91701ecfbf6b09239787a1b7b74a9518fc7501ab6ce62c5f09fc87eff4f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
5ed75744f0c3ab74829767ce4b75a472

SHA1
4f755f5405b260804bbfa7403b29576f6750f85e

SHA256
71d97aa4b3610120a3102e7909e75a209789c998311173769ad34d575f1e9c61

SHA512
d08e81ced2736726cdb5b94f4fd568ef6d7fb76bf09241778041366ab0f7632c3cc4d56457d93dee326036305b601d9d31130d37fadae79179ae29540200eeb3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
197dd4e5144d8674d9a4e1f07b6a38e7

SHA1
2cf5bc925f5325de089d91a5a11e7ad3d1b302cb

SHA256
9b45502ff4c4a3acb3bc856aff8bca9fd88f3602805540b995681d7f6314ae88

SHA512
c82891c876388e2613da7d81c37a4bf3b501676ac145eee98b500c56d71f61f22ff7376e85353efd10ec97fca78de593c8c2f51e0c0ca9aa11c0ff8c7cbf309e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
84753d7ac59efd593c6eaa0dc18f6c90

SHA1
9d1b2785ebd422e68fbfbe0bf8e4391c789f242f

SHA256
130b820d9665a8a20fa0498aa9e6710670360df69b0a2ab54f4b164357946b30

SHA512
4316fda5a9e37146a6810700d93e1ecf0b50c6569dba50bdb5ed0295e400f9cf6aa997f9e3cd8fc2e6d8294673e1d7353cee4bdc6d105302f9cc038490aabaf4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
3e21958f03f9494c60f2b91a05cd0efb

SHA1
6d5e7b72710f286eba78d1e0de424d3a891d1934

SHA256
75e7302be533a5abba4c96ae55750fa30cb8eef226c4708a5fb8798a9f16f85f

SHA512
128a2d8e08c0cf93cbf424a27e5b9880ca2c77d0d660d6c74471ff2be7f28d252f75ac985f23c635d10afe83eac18e9e960e136aa396c5cab16c96d3c6111dec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
fd935e797a4735e7bb3a8ef687b2efca

SHA1
0904c727aaff4c6ad12f6b8bc640ff6de42c0f65

SHA256
fc6ae23800b012324b5e1606b1e369daccfe53649cb3a40bebad4b1416304b58

SHA512
806634579d35af6af7a3f2c5cfb80a939ab4f48d441cbc5070aa4d8deae9064ae0384bbf080f08474c633901c137430c1f895f105fa1d78a0fefed978e87401e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
136KB

MD5
afc012fe2d05d2c2aa82606290a3dd4f

SHA1
c79ed4c275a360774d275dbb746cd9d00450cb82

SHA256
7c27ff2bf3014243ee3aa73cb6599ba1044d2b20407e2c7f36de26a9121b6410

SHA512
4dc44cb0841550bac55281c9a6046bed4d1a64676f6bfebd094b707b772ad12860b8d45ea7115c2d43366d2f799006f87daece16336994b73864c6f2d8a14329

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
109KB

MD5
b8d92967d76dd86fe2ae3c34548411ad

SHA1
f1f0296097d8691f7f34819740eccd506f2b9346

SHA256
6a57d407ff1ff74f9bd7035430a8c47e73283085bc726eeb6dca51d00fb30218

SHA512
097e92b9788360c7cfc85de642597a3a763027bcfeb8d8e480fab3163718d7633087ec03c6181dbf53fe29abe9d320bbd150ac186f5c2fa816059ef557b41240

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe580c7e.TMP

Filesize
105KB

MD5
77dcd76ead5c7ecab851a35acb03cf64

SHA1
c6fb143fc2d0521a307ec0d468a2def6515205ad

SHA256
41c0d28952e1dbd2643f44c033f6800b7f5e4803d337434bd06902072dffb382

SHA512
8d628abb5177a1f5811d8bc1161679f955f2184314b91e7b4945ff372ff3cc01a5238fcee139975595f07d1f28bcae708610b6aec61e7712ccf55cd45470d4c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\Downloads\SOCKETPIE_DOSTOOL-main.zip.crdownload

Filesize
2.7MB

MD5
7cd724df0558f29c77629a96360b73a8

SHA1
c51dd1bc20a507099f7e47bb85024fb21017d55f

SHA256
e655bedc135c0b6216bcf216bada9a01b2dc4e490f83018efe2edac9600c2284

SHA512
f59e6dc00695c6b5ca6c5b4fe0f157703d14850a7cfe712cd8176bfc1847421afc28ff40400abbd62571641010760b475893a9b5c88f83c77239bca81916084e

Download Submit