hxxps://github[.]com/Endermanch/MalwareDatabase

max time kernel
52s
max time network
49s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
02-08-2024 23:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/Endermanch/MalwareDatabase

Score

6^/10

discovery

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs

Web Service

T1102

Processes:

flow	ioc
55	raw.githubusercontent.com
53	raw.githubusercontent.com
54	raw.githubusercontent.com

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 1 IoCs

Processes:

chrome.exe

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 1 IoCs

Processes:

chrome.exe

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-786284298-625481688-3210388970-1000_Classes\Local Settings	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

chrome.exe

pid	Process
2216	chrome.exe
2216	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

Processes:

chrome.exe

pid	Process
2216	chrome.exe
2216	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	Process
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe
Token: SeShutdownPrivilege	2216	chrome.exe
Token: SeCreatePagefilePrivilege	2216	chrome.exe

Suspicious use of FindShellTrayWindow 41 IoCs

Processes:

chrome.exe

pid	Process
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	Process
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe
2216	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	Process	procid_target
PID 2216 wrote to memory of 880	2216	chrome.exe	81
PID 2216 wrote to memory of 880	2216	chrome.exe	81
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 2712	2216	chrome.exe	82
PID 2216 wrote to memory of 1836	2216	chrome.exe	83
PID 2216 wrote to memory of 1836	2216	chrome.exe	83
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84
PID 2216 wrote to memory of 1900	2216	chrome.exe	84

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/Endermanch/MalwareDatabase
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff9a931cc40,0x7ff9a931cc4c,0x7ff9a931cc58
  2⤵
  PID:880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1920,i,2459419068008324943,11823376340933473818,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1916 /prefetch:2
  2⤵
  PID:2712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2132,i,2459419068008324943,11823376340933473818,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2164 /prefetch:3
  2⤵
  PID:1836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2248,i,2459419068008324943,11823376340933473818,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2352 /prefetch:8
  2⤵
  PID:1900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3120,i,2459419068008324943,11823376340933473818,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3140 /prefetch:1
  2⤵
  PID:4588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3128,i,2459419068008324943,11823376340933473818,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3188 /prefetch:1
  2⤵
  PID:4852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4460,i,2459419068008324943,11823376340933473818,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4608 /prefetch:8
  2⤵
  PID:3192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4872,i,2459419068008324943,11823376340933473818,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4100 /prefetch:8
  2⤵
  PID:2492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=208,i,2459419068008324943,11823376340933473818,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5200 /prefetch:8
  2⤵
  PID:1080

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4272

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4016

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:3736

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
05068949fcb6e068ccec35eb2064a9de

SHA1
17c0470cb13f73c6ecba8b3ba57b29c8076edc6d

SHA256
e363b5893e35f9c1422bda2809e6c623bab48ff82b23159a1ec340f379898db0

SHA512
1d4024546da28dfbfc86fdeb16fac3264556d2f282506cf2b55451ba2bfaeb49a8311d8b5fdc9e00885878e4f5d4138ca3d0b7e7da874015f0bdff1752d38e13

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
6f0986ca62605ca63f4ac06da41f0d1b

SHA1
ac5255c140da7dae131960ecabb63dd23a1f7bcc

SHA256
0af5091471c20d0c84875270e09075a3a1969e2d5efc583acb04e825ec6e75fb

SHA512
b88ce3efa6acd24a83a086103baed617f23c9072dd42515ee4eda252d4d1f4cbac7223a03db6674147e9b8c8b4e0264e329eb2c7189757b807e3821d038b1f2c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
8a3f7d7fe7168c1ef4504ef3d472d4b6

SHA1
36a83fa49b2090e2978926846349761c717e14db

SHA256
c97c08a8b0130ae1a11c7b9721f48c00f0f9b240511c8c63ef95327f40e25d17

SHA512
89084a52208840b8ed59a3f1952cda187b18c60c0530833cae5d59ee6d6fa87a3d8010860107c1a2a193e41882ceb3ac27144cb43561e7ab713c4ad95ff0ce93

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
fd33e02a5e4ada2d445d0ee51bb7c3c5

SHA1
7e2f0f795f98e03b4c7fb0089d3f73e54b6d8664

SHA256
e2ccc2d150a7368b65e5008e8290d3c6a7423aa401fdd9891eae5dff6f4b4607

SHA512
d9bf8b4e1c701a6b92b0d033bb976af5ebb8efc40c3bc1f17bb1396f064332f2e9277a43223f237d0ed8655ba6e5fd65a57641c6ec30952d63fd394f4c46ebe4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
81aaca3cfb4d1ba9fe4b3d8c3a9bf1bd

SHA1
715f9873ace3f47b282808900ecf250b7c1d11b2

SHA256
cb2a444c302419966574d23866cf6bda4a38491ebd91d2f540dd5be5297a301f

SHA512
90cd965cbeac5ff6757d01c73592f437a97f122136315d4aae710a59a0201f64bccfe0277eaef84713e256a9dd0d2d44af02c3a3b53a585b81bf9bb9386b9566

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
245ffc574b31e7a6b79f0dc64907b309

SHA1
50a6adf704736edb680e9378f357124edb8be4f2

SHA256
15df5ab32fcf31d3c4ad948e4943745b79f19ddcf108afe7a72d13a401992484

SHA512
41da92e10e5cda549cf4bbbef69805b3a5fbcfac764e74bd812d0c98b99ff8a70847ad5000fa7446fb30725fbdae9d9a2a265f7542f48e57fd9ea7cee7588b33

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
97fc064399cc5fdfeaabef5e8d56d52e

SHA1
ad5ba90222121dd0c032b0f7f44d913b7afeaf7a

SHA256
d3a6184d187decfbe54b17e21c6194b06bf75bc3ce6984a85ace639fdcfba013

SHA512
247c362a3d90e788bf0443b6c3fbdd6c1810ce41616e9e93cf73f1470416fc79cb6611a2c8cc27e07ac554b47f8e36f625f3203bb34274a199861efbb0ac4b08

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
bf6c9b2675bf1beae293c2f065d884bd

SHA1
e974a93e8fd00c733eac6c48b30e2ac63d4fcfcc

SHA256
1761b06655e09675e56b4f3a5f6b78a8a4659e81bb0d92b680bf784dccaccbe2

SHA512
d2649dba8d606a64df18620722fe0ae396961fbfbaf8ac076ef073dec5698d23ea91a0eced355382f0c0a51c8e128d19081e3cf136b18b80f28b35311eeed01b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
69176311363223f0cfa8d153b3dfd0b6

SHA1
caca2c78fe840cd8c747630bb700924d5b39e5ed

SHA256
6b9a6635619e81428c636c5a738343a80eea72ea91ba3935066408fbc0b4975f

SHA512
c40afe2d983e69b27bcfdf93ae28ef78beb867d45bafbc443137d1569d54ab2bb85361c66a8631c4f674981dcdaa399510ef28a703e08f8aed484ee0b8be27aa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
3e248636a94a3165c5e4b08eceab65e4

SHA1
cb17e73de4775bf6082b24f7be1a8e5816621f4c

SHA256
d602994e352ec6537a131fa26fb9befbc11fa6c26e28687cccb76d1ad1c0c43a

SHA512
9cc2a7de29d7353ce8c4e20e5cc8f6abf668121b09d79fb2b27157fc6a90f3a40cf39cea7ccd33eb97220550077ed31232b352db664fd373af69fba97b3ad8ed

Download Submit
C:\Users\Admin\Downloads\ChilledWindows.zip.crdownload

Filesize
4.2MB

MD5
5806c691583167135665b6aac348d3b8

SHA1
34d14feafac0946097fbbc03e3be2b235392587d

SHA256
00cf66b0bab94b1ae74d534160a801315df8a7efea764cda906af49f99be54e9

SHA512
dbcda2362ba5aaba904087a512e3423e2356f0e824e4bd4de99f277316afb32e03d6f8ea109d4d046ba9f14fc32f21a5d80cceb982fbce529c6f15abd7c6fa7c

Download Submit
\??\pipe\crashpad_2216_IFFGWEAPURWOSNTT

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit