c9f0a859c6e6abcb9771ac4c1bcd671b930f16304b60c6a1940b1ca3c2ddb550

Analysis

max time kernel
80s
max time network
145s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
02-08-2024 23:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

iTEM-0.0.6.13.jar
Size

3.7MB
MD5

2c3d659e0b86790e9e0bfad3bdb23142
SHA1

fe1213b8f13f4369e52b90d1b02065b3aa4d0d4b
SHA256

c9f0a859c6e6abcb9771ac4c1bcd671b930f16304b60c6a1940b1ca3c2ddb550
SHA512

9dfa17ac3b467deb5e87ba4ba0487f8d170151a5d8c7e772b41465c78ad74300062610b648f4511cce3715e600bf063341542e7761bb26f01f8ae20aee0d58a2
SSDEEP

98304:DTnD14kAzF3G6Hh1x8vbykvEVir2hv8ax4T1Fi6+Q1SLtM:pBHgLtElreI1CM

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2828	chrome.exe
2828	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe
Token: SeShutdownPrivilege	2828	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe
2828	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2828 wrote to memory of 2488	2828	chrome.exe	34
PID 2828 wrote to memory of 2488	2828	chrome.exe	34
PID 2828 wrote to memory of 2488	2828	chrome.exe	34
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2564	2828	chrome.exe	36
PID 2828 wrote to memory of 2856	2828	chrome.exe	37
PID 2828 wrote to memory of 2856	2828	chrome.exe	37
PID 2828 wrote to memory of 2856	2828	chrome.exe	37
PID 2828 wrote to memory of 3024	2828	chrome.exe	38
PID 2828 wrote to memory of 3024	2828	chrome.exe	38
PID 2828 wrote to memory of 3024	2828	chrome.exe	38
PID 2828 wrote to memory of 3024	2828	chrome.exe	38
PID 2828 wrote to memory of 3024	2828	chrome.exe	38
PID 2828 wrote to memory of 3024	2828	chrome.exe	38
PID 2828 wrote to memory of 3024	2828	chrome.exe	38
PID 2828 wrote to memory of 3024	2828	chrome.exe	38
PID 2828 wrote to memory of 3024	2828	chrome.exe	38
PID 2828 wrote to memory of 3024	2828	chrome.exe	38
PID 2828 wrote to memory of 3024	2828	chrome.exe	38
PID 2828 wrote to memory of 3024	2828	chrome.exe	38
PID 2828 wrote to memory of 3024	2828	chrome.exe	38
PID 2828 wrote to memory of 3024	2828	chrome.exe	38
PID 2828 wrote to memory of 3024	2828	chrome.exe	38
PID 2828 wrote to memory of 3024	2828	chrome.exe	38
PID 2828 wrote to memory of 3024	2828	chrome.exe	38
PID 2828 wrote to memory of 3024	2828	chrome.exe	38
PID 2828 wrote to memory of 3024	2828	chrome.exe	38

C:\Windows\system32\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\iTEM-0.0.6.13.jar
1⤵
PID:2160

C:\Windows\explorer.exe
"C:\Windows\explorer.exe"
1⤵
PID:2808

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6829758,0x7fef6829768,0x7fef6829778
  2⤵
  PID:2488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1104 --field-trial-handle=1388,i,5957177061448253718,5484684360730435277,131072 /prefetch:2
  2⤵
  PID:2564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1520 --field-trial-handle=1388,i,5957177061448253718,5484684360730435277,131072 /prefetch:8
  2⤵
  PID:2856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1548 --field-trial-handle=1388,i,5957177061448253718,5484684360730435277,131072 /prefetch:8
  2⤵
  PID:3024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2100 --field-trial-handle=1388,i,5957177061448253718,5484684360730435277,131072 /prefetch:1
  2⤵
  PID:2836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2108 --field-trial-handle=1388,i,5957177061448253718,5484684360730435277,131072 /prefetch:1
  2⤵
  PID:2224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1400 --field-trial-handle=1388,i,5957177061448253718,5484684360730435277,131072 /prefetch:2
  2⤵
  PID:1436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1444 --field-trial-handle=1388,i,5957177061448253718,5484684360730435277,131072 /prefetch:1
  2⤵
  PID:2992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3700 --field-trial-handle=1388,i,5957177061448253718,5484684360730435277,131072 /prefetch:8
  2⤵
  PID:1008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3728 --field-trial-handle=1388,i,5957177061448253718,5484684360730435277,131072 /prefetch:1
  2⤵
  PID:2772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2460 --field-trial-handle=1388,i,5957177061448253718,5484684360730435277,131072 /prefetch:8
  2⤵
  PID:1980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2456 --field-trial-handle=1388,i,5957177061448253718,5484684360730435277,131072 /prefetch:8
  2⤵
  PID:2588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2008 --field-trial-handle=1388,i,5957177061448253718,5484684360730435277,131072 /prefetch:1
  2⤵
  PID:2152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2288 --field-trial-handle=1388,i,5957177061448253718,5484684360730435277,131072 /prefetch:1
  2⤵
  PID:1488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3400 --field-trial-handle=1388,i,5957177061448253718,5484684360730435277,131072 /prefetch:1
  2⤵
  PID:2108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3416 --field-trial-handle=1388,i,5957177061448253718,5484684360730435277,131072 /prefetch:1
  2⤵
  PID:1724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3732 --field-trial-handle=1388,i,5957177061448253718,5484684360730435277,131072 /prefetch:8
  2⤵
  PID:2672

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2592

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
PID:2204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6829758,0x7fef6829768,0x7fef6829778
  2⤵
  PID:2744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1132 --field-trial-handle=1348,i,246270377147182443,8244578376271943626,131072 /prefetch:2
  2⤵
  PID:308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1472 --field-trial-handle=1348,i,246270377147182443,8244578376271943626,131072 /prefetch:8
  2⤵
  PID:2284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1544 --field-trial-handle=1348,i,246270377147182443,8244578376271943626,131072 /prefetch:8
  2⤵
  PID:2492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2228 --field-trial-handle=1348,i,246270377147182443,8244578376271943626,131072 /prefetch:1
  2⤵
  PID:2996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2256 --field-trial-handle=1348,i,246270377147182443,8244578376271943626,131072 /prefetch:1
  2⤵
  PID:3012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1628 --field-trial-handle=1348,i,246270377147182443,8244578376271943626,131072 /prefetch:2
  2⤵
  PID:604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1308 --field-trial-handle=1348,i,246270377147182443,8244578376271943626,131072 /prefetch:1
  2⤵
  PID:1404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3432 --field-trial-handle=1348,i,246270377147182443,8244578376271943626,131072 /prefetch:1
  2⤵
  PID:1956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3460 --field-trial-handle=1348,i,246270377147182443,8244578376271943626,131072 /prefetch:1
  2⤵
  PID:448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3440 --field-trial-handle=1348,i,246270377147182443,8244578376271943626,131072 /prefetch:1
  2⤵
  PID:2140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=1316 --field-trial-handle=1348,i,246270377147182443,8244578376271943626,131072 /prefetch:1
  2⤵
  PID:2816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2352 --field-trial-handle=1348,i,246270377147182443,8244578376271943626,131072 /prefetch:1
  2⤵
  PID:1104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4044 --field-trial-handle=1348,i,246270377147182443,8244578376271943626,131072 /prefetch:1
  2⤵
  PID:1748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=2384 --field-trial-handle=1348,i,246270377147182443,8244578376271943626,131072 /prefetch:1
  2⤵
  PID:2320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2272 --field-trial-handle=1348,i,246270377147182443,8244578376271943626,131072 /prefetch:8
  2⤵
  PID:912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2756 --field-trial-handle=1348,i,246270377147182443,8244578376271943626,131072 /prefetch:8
  2⤵
  PID:2756

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2852

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\6450ec9c-8b20-409a-b499-063c5baad81e.tmp

Filesize
383KB

MD5
904c4cc11235bdcce7ff2640b360f7b6

SHA1
bde18c4326d0db0c04c3fb6d5cf922887ce05117

SHA256
337f8998714c2d666bc31314a4380a6269ac469a36aff1f3914463ae029f3c9e

SHA512
8bebe591393f9740f3cf3273488102edd43237e6d94a9316bc428476287398eb3336e5d0b8bf34ccdb062a52c8ca37e15f31b1649912e70d1ccc4849e06f6d2f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
ef6a2a508bb9cd255eaf22da187554e8

SHA1
c2d5c218e301d10427e31b4fa6029e3c9d80c590

SHA256
f119f6f4f35802d8a037d2e5ba72449b547a19ee4c947427767fe476b7ee5cb6

SHA512
2710f2e0db5399a1d17e6178ca97bb1c2ff57a755d733dc09cdf7e380a2964bbdb4799540a9fac86bfa80bc5a2db4a33acf73e104ceb67367c768e8ffc4d6cd8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
209KB

MD5
3e552d017d45f8fd93b94cfc86f842f2

SHA1
dbeebe83854328e2575ff67259e3fb6704b17a47

SHA256
27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6

SHA512
e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
b8f962b5bfb893999e1c2815ed876170

SHA1
2c847c55419e0c22370049b06eb074ac45933bee

SHA256
57253947ec57208f72d4a33cbfa46777db4c1e0d1df8e6ef922ef5c33560b137

SHA512
e8bf282bb4a67ef36581bedb2f41a74c543d9b696047d3162aab2cec5ecfbcdf424f0c222cfb21d02f40753913d7cb7487fc6c8dbdf5f892f70bf2233e86854d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\000009.dbtmp

Filesize
16B

MD5
979c29c2917bed63ccf520ece1d18cda

SHA1
65cd81cdce0be04c74222b54d0881d3fdfe4736c

SHA256
b3524365a633ee6d1fa9953638d2867946c515218c497a5ec2dbef7dc44a7c53

SHA512
e38f694fd6ab9f678ae156528230d7a8bfb7b59a13b227f59f9c38ab5617db11ebb6be1276323a905d09c4066a3fe820cf58077ab48bf201f3c467a98516ee7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

Filesize
136B

MD5
efb7df6e39aaad6e7c28dda99f22fdc9

SHA1
98f5f1632c943d92a5296899af78d7dde7fbeb91

SHA256
307123b4cc0fcd92f8d6771c99b2a1383aac2764b2a7a115bae4ea38e878b4cd

SHA512
3281e06d47916918b8cc5696708ce8c7f01f5381b072ee180431c2717885dc90eaca9a713d0590f6aa747a17584adff54db3ca72762009b75eeb37e89c2bc399

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

Filesize
24KB

MD5
d3b386d044f85a55c97ae37e8cbf6477

SHA1
3f8259da2ef5ea0dc104cb3aad3c760a991d11cd

SHA256
76f4fe4700ca94b8a92d12575f9154f83630accfab2fd23c1f048eaf31315bb6

SHA512
b94b458d52975116242ddeae9a6a5986d502f251b4b5c3deed90bb7366efcdec8f9c3e8ee827e86d8229ea96d694947bf678b96f8f69c0c884111cacacf1dc19

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
24832639507473f00056cf0f6a5e784b

SHA1
092487362f7cae9ceda5cee5be6563be6d6198b4

SHA256
8accc1a8602a896c38f43b966347f15eeabca28e884e07fb04b7d84587c6804e

SHA512
b476407b1f59b6188f5322611b76e879b344557af7f7bfebb241563ae003197ab5e016f42170d7e1a955643f6161543ebb04441ca11a2a571a3125766623ed57

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
148KB

MD5
ff73d1529d8a61afdfdb942a552997cc

SHA1
6c184d51405db8039d0c7772d77daa5a962d7e22

SHA256
d66c7d4919e038c9ca59cc2eda3928a7054cdd5b5c686139bb6e7185792dad1c

SHA512
25d4ef22b63582e2bcfb13c4c28959345232200ffa6dc374e5053de27b183a7c48815855fe601b32e4027222a9ffb2df5b9b2c7fefaa5b83d150dac5b8b13031

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000007.log

Filesize
278B

MD5
e6bb312a43c56cdf2ad95b2bb94bf5cf

SHA1
4d34655cb8c3fefaac7e13af25d666646c295122

SHA256
c33b4889da5f42d6465108c3fe29f1b401d88c6a8cce3c50438d9efdb8413348

SHA512
ba75820374fe7e2fedec964dcad7653e6c48c6f47c4ddd97b8ef7b3431207f3e63919e5a8eca8056f143e11f98c735b25ff913fd16ae2f3bdfee75d127e62dbf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\CURRENT

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

Filesize
136B

MD5
612a08630c6b9efa0830f1d1e953a934

SHA1
ecf3c9442b0e73c0fc3d79adc597bc6517b5e439

SHA256
d526bfd2f18bf638198b13210a73b937f65348d764c5ed0bed0e5f50c260f34b

SHA512
85ad68673ce0b0672d3f9d6e5fa2864562959ec20e0beb87dfc928bd264ce877479fcbe862c59f70feae96f570bfacd28455a911cf1f63c10b44844f842464e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\MANIFEST-000006

Filesize
50B

MD5
78c55e45e9d1dc2e44283cf45c66728a

SHA1
88e234d9f7a513c4806845ce5c07e0016cf13352

SHA256
7b69a2bee12703825dc20e7d07292125180b86685d2d1b9fd097df76fc6791ec

SHA512
f2ad4594024871286b98a94223b8e7155c7934ef4ebb55f25a4a485a059f75b572d21bc96e9b48ed394be8a41fe0208f7bfb6e28a79d75640c5b684f0c848fe3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
686B

MD5
63411edc814d647fb2842bdc85de87fb

SHA1
86ece4c6d44897c2724b9d75817c628336d17e0e

SHA256
3f5c30974ade8f39881fd18f027f2aaeed76a5469e11ec32ac11789479b2298b

SHA512
5c5ad54f5f0fd9f1ecb450a93f607eef430bfb4277a47afa1255116a6c4abc4dab0773f236d8da51784ead9a94644c63f4e4e30c46c88e3d23be8589cd52d4ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
361B

MD5
28a46fe06527da09306ccf16fbfb7ce7

SHA1
c8ff58da216e8d5b716b1b39ca3ebca9e07aabcc

SHA256
c08d69704a77a0cf07cf92fc5e8eab50d52dc452e5ec66365f7ab24b69f7c6db

SHA512
425796d228caf5e2ccfcf2528a64f1c6f6ea830d658995b2c255d488caca55563c377467c54f8512ed9536b49796825fd8e8c4dd03632db6d13b7d880583d840

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
361B

MD5
03908719bc628fa4b2787bb97bd8b4d1

SHA1
c37191f4623e204e998de5badbba532fe6c53ba4

SHA256
9f9a00e28dc617af0c39389955a973ff7010ac7c83e46aa681ac9cb1f1a4713a

SHA512
8cde496f2da4bd8319f793e460e881a33653b29a27110e28d4cac5159a25575d1eff21d20c7439855354d60f7c7b513789e7ae3c164cc17fad7305640de27500

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ec095542add3dc1d67194cf941f0417f

SHA1
e3d9d65117196c946a2529d04985007b88686b05

SHA256
b12c3ee515973ef36f60b597c152465661c405211da383a6749d6f337661524f

SHA512
ad6aebd6a4c28752dbd32a657b680645e55e806a670cf9af7042f48688254359d116886856f78bdff0454e460396e958f89e4df24536eb3c3ee0047564305945

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
9436142a97fa71541c59b90139d6e655

SHA1
34b7d714e127525f3b656dfed99000f492354121

SHA256
a7d21f33ad116eb6b61fcfeb66d5524d3971b66452b5082e1f8bab426b8f8a66

SHA512
57748165951e27adcc727ad6db9390a4c8c0e188757e47fea96c4c28799b333e2fea036f66cc0114cf23213859ed12e92385d12b20202bc030d13331e0271eb1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
1bf2f7e469af6374a6f2346c64de9cc0

SHA1
7a88934b496e30ab7a925076d43afe920a284b61

SHA256
1d061e2d60d5e5c132a0b82e26ba9e848a81758edc1c6e4ce7bb95a5d9fe4aaf

SHA512
987bd531ae12f181bc6ff1cc8a9721b6d17b29368eb07b758c99affa6395fcf14e28ca2ad6a7286ebd8675aa5827611a4a34fd5c1dacedfea176cc054218a476

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
5dd96c17c5b7a8e2d40a92bf9688afb3

SHA1
87fef58ac8542e142891caae7faf433b3f2fd8cd

SHA256
5c6a21cc3a3ac91ade38e2893722819485e780507f3719789c247b90eeb235fb

SHA512
6809166d60ce22dc2c66cca258f767c5db07c89039a9cafb7bdae35b9670bccd8b5838f500836ce186c85b8f2ed0a5a2f18eec51cecc8bb29cd960640adb935b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
26f3de4084eff0ab704a9046e4f50ad6

SHA1
05e07f4b4ed5dc27e622fd5ee7929900a2682f7a

SHA256
2b84296453828970b53c56d5311a92a90ab8538a77f42e09cdd046094ebae10b

SHA512
828130ea35f514d1e58acacb4657fa363f47f55533a3818d66f307343c3f5d28c7acb8f8a74646d8a5e36e4277dc46083b90086d9d923c3bc90be879c6423baa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000009.log

Filesize
1KB

MD5
9de41a537868ec59f259e01fef59e5ef

SHA1
e11a13d4708664fbca04b8b526768ad52a01dcf7

SHA256
4e9ae811fd664322e34564e51b5868ff61a0563ef6fae41c5c72bc5180d2d66d

SHA512
91aa0c21f9c087f1b5d398bf6571380d237fe7563c36c317d7054bb06f61139379c5f007cd3a1441a36d78b94de5021084f14de618a175a9c57224952803cb2f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

Filesize
247B

MD5
112043937760b851dbdf047ae54d05df

SHA1
b7058883f31a9b23621c05b026106df022aca161

SHA256
e4e25bd1eb3f398bd33c3d3542b5291d98b496369a592907f604e58e75a6a7c2

SHA512
40970526948d6d41f3f3ebaa5e72ee7041f60ef194c9787230d6e6d80e101beb3bb5fc853fa49559a7820b0f83f0ca4f78ceb30d0bf1ea80cfe6d2d6c40a185d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000007

Filesize
90B

MD5
b6d5d86412551e2d21c97af6f00d20c3

SHA1
543302ae0c758954e222399987bb5e364be89029

SHA256
e0b2fdc217d9c571a35f41c21ed2596309f3f00a7297a8d1ded05f54f0e68191

SHA512
5b56ae73a61add9e26f77d95c9b823f82a7fcdc75eed64b388fb4967f5c6c42cb0796b0b99dc25c89f38952786176c10d173dec7862a8a5ce5f820280f72d665

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13367114095801200

Filesize
5KB

MD5
2104225d51226f17626b6fdcd146d863

SHA1
81c5665696b10f577c3b64278d78396a84941448

SHA256
72b1d54d6da1209b4ba1139a0a805c766e3774bbe34363c00959f8f709677350

SHA512
49a6e2e3f3cebe1330ecbdff09cf480f7618e2e26fdb07cb6430fd11367961ca570e8b76198ebd4eb15448423e70f4b1a154095d7a7d94cce9c28b945076cc16

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000008.log

Filesize
144B

MD5
283713424701dc4dde7e6bec76d08cf2

SHA1
e4ac2ebcb0376bc2309bd494c6838f16cd750fe5

SHA256
4ce805b4782461caed8cb110c9014730c96735ba283318a2b22a529fb2d207c9

SHA512
f87a7670e813c5cb8092f732386d73ab774964611b692bb457db6c8bcbe903047bab3400d1cf1aab25a3d268c70f291d379b17bb47a6eab37fa86ff15848331d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
136B

MD5
507ecbc32eab26d5b228d070adac036f

SHA1
9865a981f5af7b8600c327e2347ea44384fd209e

SHA256
19f86547fba828ce856dbde45beb0989f88bdab5fda37173140ac26fe63ce6fe

SHA512
7e8cd079ffdd3260c9ded08202912daf4554c5e2dea630af18c7296f5977c7cfb610ecc8d4ab08fde71bbb734974b77b89fb80e8d012ef1c6d9b3fe41bcf935c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\MANIFEST-000007

Filesize
107B

MD5
22b937965712bdbc90f3c4e5cd2a8950

SHA1
25a5df32156e12134996410c5f7d9e59b1d6c155

SHA256
cad3bbec41899ea5205612fc1494fa7ba88847fb75437a2def22211a4003e2eb

SHA512
931427ad4609ab4ca12b2ee852d4965680f58602b00c182a2d340acf3163d888be6cfad87ca089f2b47929ddfa66be03ab13a6d24922397334d6997d4c8ede3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000008.ldb

Filesize
1KB

MD5
0c5bcd569e5d2db9df28bfa2a9eec6a4

SHA1
b9c51ec197dc4a5a95491ac2e6f281dcb787bfa3

SHA256
e9a8a94377f154dbca0d9307510d16f997344d376998be160ada9bbff91d79bb

SHA512
4b173f1f2ebd7fe7b73bd4ad49132933f71649e4829af4baacd093683a48d7b1b3cf7e4d773d14093aece8cac5c08ec98ac4141b3f8d50237333a58b0963628b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000009.log

Filesize
2KB

MD5
1373b863f3c0662657bf65522080b7b1

SHA1
4946a999a6860f3a753bdce424c608b55a95d318

SHA256
61383c04f64789184e9b5e858665a4e9c92a2cc11d60a0e7e2ff334ed1e15312

SHA512
2aeea228f0d3453d5f31d8af966460a6195f397145f63d871071c5689370014348ea3e09a8977d50c81cb5bafbefbbb3499963586834eb4a2b0896471fcc203d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
250B

MD5
316e7e7a76ca6284d3a814fbc009b411

SHA1
b0897083b8d1f82503f7128e10b741670cfa5024

SHA256
5ad16cde2b061b5030facc1e16f29983c94263ff90c94eab36fa20c6c92cd5f6

SHA512
409df3d455369736f9183cae50942bc9734ed526f6a00cb944f933192127311f54ee0edb162124501290106eb75d379be2721eaf6e666877457f3b7f69a00548

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000007

Filesize
250B

MD5
03d881fc5a4ab4013bd1b30988abb179

SHA1
9ad861569715575d7b676e5683b14dd3cffec304

SHA256
5da7b30f55f920166ad821f532fb95bd11546bf63a228fc41357aa122fcaf5e8

SHA512
29ab8ac2c642a83086266f88ffde8d71c96cd0d98812fac526e0a0adc58d8bc7f99760ad19a71cc38c3ef5edb9ab9d642ef6b665bf4ce336260b0171411e26f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

Filesize
128KB

MD5
dcd1cde544110308425a82a74d481a12

SHA1
263851c7d0ec3813c51b9ad37c2a34871f304552

SHA256
bd84ccce72df90b68dc0c51890ab308c85f6fe524f8dbe3c48fc947021df106d

SHA512
0cee6d028b0f03600195d10120a9851dc51f2379a0d660fe90ca3a8b2ebec0ea1eaf9b425adf01b6faee89768add1e37b30541707d73f5e334603ed2752b8415

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data

Filesize
92KB

MD5
34339ab5c6a3628ab27586ded93d94ea

SHA1
99b433d84971c4417c33274bbab7b2eab3f9eb24

SHA256
4632c21ad32c6a10f9c28dd5e7821c3b68ab4f3032e0e2ba9606fc07dc94da5b

SHA512
45b098ab1de9bdbeddce7cd985f2529aea33bc57a1d1a2d695c4eda24aba70e46c5ba4a255850293e4a6b85deb2bff86b103d177e1f60d6373d9b964f76611a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000008.ldb

Filesize
490B

MD5
fc58324902164e528c110e93002d15b0

SHA1
1345ee469ee8f0dfa63eb2eb6edca040f1062c95

SHA256
e512917d8a2e13773ab8b18a2d3160e28e12f3d259b972db16e0b8a60e7471f4

SHA512
d2771f4a5674f90f4852929cce1642d9d4d1ed675b9d3c6d231196b1fe4717e451c3e75a950442229d72d4a96c9e7dfe3b3d9ba90551048fc0c4c07acf254bbb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000009.log

Filesize
124B

MD5
1a54307972bd3b6f116166994a52d342

SHA1
257d3f5b07226fd223770e26b99d8064917db3c8

SHA256
ce8bf7084b27c9c5b409de4f233763860c1e402e36a93b06a475be8adfa5b513

SHA512
3d4c8d1c4a291b24f0437007c8f1187ef2eb6e6770e2809d93eba6e0ea3a25077b41ae3f51527aee056d4eb8664edca8d36c7819907e1a0446872b11ebb394ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

Filesize
249B

MD5
ff796fb6dc94e4dd26c362c17968bbc8

SHA1
fe1d2c433bf1d56fbd15b8da17c09bb27f196cc3

SHA256
371fc04cf28ee68ab87a40f9fb2a1909fdc19c0306a052a6140d5a283095fe29

SHA512
ac6264908ca901ba2770ab17cb782cb21d78cbab5bf17c4e1b92a31046cc8dedc3c0f02fa617f5c8e3bee51a97c58e55a68e6f86d39694929433f8b15ea7f252

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\MANIFEST-000007

Filesize
98B

MD5
975b3c5265382a037d55911149eec8ea

SHA1
1e3d42c04d9094936c3143c9db29246ad3f1c954

SHA256
d603b3c5ed3340f8e2002882784bdb2f1af0b5508d32f30a854e9658c69801b4

SHA512
97e0f5e34666eafd974f00a86bc560748d0b871cec7f515309e10aa1117f992c9d43b3b93a565eaf08ea681de67d64980b01aad998be84f12fd362039423bd1c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000008.ldb

Filesize
315B

MD5
19d28c26203a63a7449a07f41d25f3a6

SHA1
99b439edc98042971bf752ea853f4cefcc607641

SHA256
87fd5b867a9f25bb1d6c9d603f2989f74312e90d391346758a1ac635b4bb9dc2

SHA512
0e39f913d6202a4872f8c4f0a3b9513af1bcf418fd54e7d4b1dc6b4ff1d3fd1156ec46764ae0f8140af13b1caa7a31ecb886be81de94dc872815fa8547661586

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000009.log

Filesize
34B

MD5
12275f46db968e27e4edb23a4517904d

SHA1
1bd41f5f55dc8532c45c5ed91bd0823deabe3d3a

SHA256
0b9769e63620205002586d7dbefa19d6c3573ffa65bc86eb49113ec271feea4a

SHA512
084364c331be5c6b8c537a6c56b732ccdbb45f0d74a1e0ed89ac195e9ae43e15f15c953e3ed188990f0abb7e0e6456fa4b6b34562a02c180f7c061a7728c8b66

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000010.dbtmp

Filesize
16B

MD5
60e3f691077715586b918375dd23c6b0

SHA1
476d3eab15649c40c6aebfb6ac2366db50283d1b

SHA256
e91d13722e31f9b06c5df3582cad1ea5b73547ce3dc08b12ed461f095aad48ee

SHA512
d1c146d27bbf19362d6571e2865bb472ce4fe43dc535305615d92d6a2366f98533747a8a70a578d1f00199f716a61ce39fac5cab9dd67e9c044bc49e7343130e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

Filesize
249B

MD5
a2b143f439785b602e863486e88a45df

SHA1
a4f62eef33bb21e37d6d7de1616cefd926eecf09

SHA256
f185faebb881e86f9af5e93ab6ab6fd07a4574dc1a567ca9bd27e960410fed9e

SHA512
6f7a707119be26ad3c029713ad81402aa11a53af82188d8fc6d19bcd60d0437b946604fc0354578be97b959a3520a0a667f25c8d27af6f5980cd9f8e687a8957

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\MANIFEST-000007

Filesize
118B

MD5
1c2107d4e3c80dadb6b349e42a419049

SHA1
b38b68088655a66e4b2111ca3728182fa63f9d04

SHA256
6c8a27990ff1de53260117dd8a16297f7412a238b2e508336745f3c051daedbe

SHA512
66d8dcce40e3dc33ef7a9a5d79ecd299ad598bf411a038425a1ab526742d154cc48285bd530e99a6b79ed9fe4f296a1c829891992bb350161642d40d3f6ddde5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
9eae63c7a967fc314dd311d9f46a45b7

SHA1
caba9c2c93acfe0b9ceb9ab19b992b0fc19c71cf

SHA256
4288925b0cf871c7458c22c46936efb0e903802feb991a0e1803be94ca6c251d

SHA512
bed924bff236bf5b6ce1df1db82e86c935e5830a20d9d24697efd82ca331e30604db8d04b0d692ec8541ec6deb2225bcc7d805b79f2db5726642198ecf6348b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
378KB

MD5
998d8a4de790d99980e261a1805165ae

SHA1
6da212e8cf2af2edc41a1eceb63df398a0b8e0a4

SHA256
b856c9e8e412ec4ac1ce248d96df0ade73ff8e6ee389a987770a0c1583b10fe6

SHA512
04f80a8142738b116bf3ed818a584c58513d96aa9d6b687646db7043e3915e49b6f1e92674b713f8a05d437021dbaf94d7331af3af2069e4b53f462c5d693a6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
319KB

MD5
66b4a0a767d345b228e962f8c7e3e9ea

SHA1
6927378e05be933b80ad6e955448ef7708c16847

SHA256
032682cbab03158d130286632cf1687114b68e8589f739bc29d7dddb5b8013ad

SHA512
7f701960c4b7dc547097481e598f06ad9d854b639a109750f007889a6f444638fe0485049ec8e20431a7c8fb3aff9a75732c70bea9470afe5d0af69d7b35942d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
319KB

MD5
5989bd9995f830286ad8ea2e05cbd891

SHA1
af36f1fa870e6bd09bf896b7d5cb2004f6969640

SHA256
bc58567a7ee85fa37a586e2d8442d98fda607282c4feb962f4ee9e2b6e71a95c

SHA512
9943b971312837dca2d6bfad0c2ef69598cccad66fb16675c103b092f5ae0929f0573091914730863c7a5b72d808660f9aa1460970be5aa1f50bba2ce940c47e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
e5ae0b2fc9bc569af811523f6a7385a3

SHA1
2bae2dfb42ec214c7961cba14f6a556ab3b3c664

SHA256
90f008e78e161d3899e5e9e58f6b958b69ed0eae78521fa28bb487d3947ec232

SHA512
0374542e95666005cde7c56b09fd3d30dd4c6d9c2a01cdbe42a140b1b0f90ad4953511b60a320a5369d1979360f04cded3c6e925cbc97aa0b7bbb246fef3fa79

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\b0f961f4-19fe-42ef-ac64-1c62eabacf40.tmp

Filesize
320KB

MD5
44212c374f04415597f332abdcf221d3

SHA1
8e7b838e60fd5133fab98bb494dc68b504f2b5af

SHA256
29475f1464577a015bd1487bf39f20221d9652aef2a7495088826f3765193667

SHA512
bbac3e12589027a93900ecb3f7a5dafc9faddd1256c07884e4d7d7f4dcbfb530c2632e557325691641cece8e9f3193bf26d64a1a1fb1ccd4cc31890cac89ab2e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab5811.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar5824.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit
memory/2160-2-0x0000000002440000-0x00000000026B0000-memory.dmp

Filesize
2.4MB

Download
memory/2160-11-0x0000000002440000-0x00000000026B0000-memory.dmp

Filesize
2.4MB

Download
memory/2160-10-0x0000000000240000-0x0000000000241000-memory.dmp

Filesize
4KB

Download