1354ee2b073cb9caf592597e5a00279c68186d27599b0aab0a27e49fee83e698

Analysis

max time kernel
84s
max time network
151s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
02/08/2024, 15:39

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

Screen recording 2024-07-30 10.14.26 PM.webm
Size

1.5MB
MD5

20b2da97e1f92291d9170ab36ad49d6f
SHA1

bae9a7f4d3d719c2d735237ee74bc7337db480f7
SHA256

1354ee2b073cb9caf592597e5a00279c68186d27599b0aab0a27e49fee83e698
SHA512

490e02e5ef6b996c5862309ac24994c699172c4e6a628b1e41fc24551344f47bc9d8d95b86d186bd8e98965c5bced92e3dfe6d2013a9d1221ea55f4901f29e70
SSDEEP

49152:9MBRY0tM+MgIcZe91imBQ4qF5tkiN5aUm:9MBRY0WBz9FQ4qF5VHm

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
2620	vlc.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
776	chrome.exe
776	chrome.exe
2072	chrome.exe
2072	chrome.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2620	vlc.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	776	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe
Token: SeShutdownPrivilege	2072	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2620	vlc.exe
2620	vlc.exe
2620	vlc.exe
2620	vlc.exe
2620	vlc.exe
2620	vlc.exe
2620	vlc.exe
2620	vlc.exe
2620	vlc.exe
2620	vlc.exe
2620	vlc.exe
2620	vlc.exe
2620	vlc.exe
2620	vlc.exe
2620	vlc.exe
2620	vlc.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
2620	vlc.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
2620	vlc.exe
2620	vlc.exe
2620	vlc.exe
2620	vlc.exe
2620	vlc.exe
2620	vlc.exe
2620	vlc.exe
2620	vlc.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
776	chrome.exe
2620	vlc.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe
2072	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2620	vlc.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 776 wrote to memory of 1928	776	chrome.exe	32
PID 776 wrote to memory of 1928	776	chrome.exe	32
PID 776 wrote to memory of 1928	776	chrome.exe	32
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2168	776	chrome.exe	34
PID 776 wrote to memory of 2900	776	chrome.exe	35
PID 776 wrote to memory of 2900	776	chrome.exe	35
PID 776 wrote to memory of 2900	776	chrome.exe	35
PID 776 wrote to memory of 344	776	chrome.exe	36
PID 776 wrote to memory of 344	776	chrome.exe	36
PID 776 wrote to memory of 344	776	chrome.exe	36
PID 776 wrote to memory of 344	776	chrome.exe	36
PID 776 wrote to memory of 344	776	chrome.exe	36
PID 776 wrote to memory of 344	776	chrome.exe	36
PID 776 wrote to memory of 344	776	chrome.exe	36
PID 776 wrote to memory of 344	776	chrome.exe	36
PID 776 wrote to memory of 344	776	chrome.exe	36
PID 776 wrote to memory of 344	776	chrome.exe	36
PID 776 wrote to memory of 344	776	chrome.exe	36
PID 776 wrote to memory of 344	776	chrome.exe	36
PID 776 wrote to memory of 344	776	chrome.exe	36
PID 776 wrote to memory of 344	776	chrome.exe	36
PID 776 wrote to memory of 344	776	chrome.exe	36
PID 776 wrote to memory of 344	776	chrome.exe	36
PID 776 wrote to memory of 344	776	chrome.exe	36
PID 776 wrote to memory of 344	776	chrome.exe	36
PID 776 wrote to memory of 344	776	chrome.exe	36

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\Screen recording 2024-07-30 10.14.26 PM.webm"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2620

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef2ca9758,0x7fef2ca9768,0x7fef2ca9778
  2⤵
  PID:1928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1176 --field-trial-handle=1364,i,10583967428399104877,11216590503820509778,131072 /prefetch:2
  2⤵
  PID:2168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1516 --field-trial-handle=1364,i,10583967428399104877,11216590503820509778,131072 /prefetch:8
  2⤵
  PID:2900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1564 --field-trial-handle=1364,i,10583967428399104877,11216590503820509778,131072 /prefetch:8
  2⤵
  PID:344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2324 --field-trial-handle=1364,i,10583967428399104877,11216590503820509778,131072 /prefetch:1
  2⤵
  PID:2916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2336 --field-trial-handle=1364,i,10583967428399104877,11216590503820509778,131072 /prefetch:1
  2⤵
  PID:1152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1720 --field-trial-handle=1364,i,10583967428399104877,11216590503820509778,131072 /prefetch:2
  2⤵
  PID:2616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1432 --field-trial-handle=1364,i,10583967428399104877,11216590503820509778,131072 /prefetch:1
  2⤵
  PID:796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3688 --field-trial-handle=1364,i,10583967428399104877,11216590503820509778,131072 /prefetch:8
  2⤵
  PID:2776

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2532

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:2072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef2ca9758,0x7fef2ca9768,0x7fef2ca9778
  2⤵
  PID:1196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1196 --field-trial-handle=1364,i,9924474570787663247,8933718401337158409,131072 /prefetch:2
  2⤵
  PID:1120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1516 --field-trial-handle=1364,i,9924474570787663247,8933718401337158409,131072 /prefetch:8
  2⤵
  PID:2116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1628 --field-trial-handle=1364,i,9924474570787663247,8933718401337158409,131072 /prefetch:8
  2⤵
  PID:2212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2268 --field-trial-handle=1364,i,9924474570787663247,8933718401337158409,131072 /prefetch:1
  2⤵
  PID:2984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2276 --field-trial-handle=1364,i,9924474570787663247,8933718401337158409,131072 /prefetch:1
  2⤵
  PID:2532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1408 --field-trial-handle=1364,i,9924474570787663247,8933718401337158409,131072 /prefetch:2
  2⤵
  PID:2192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1456 --field-trial-handle=1364,i,9924474570787663247,8933718401337158409,131072 /prefetch:1
  2⤵
  PID:2560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3776 --field-trial-handle=1364,i,9924474570787663247,8933718401337158409,131072 /prefetch:1
  2⤵
  PID:1152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=1864 --field-trial-handle=1364,i,9924474570787663247,8933718401337158409,131072 /prefetch:1
  2⤵
  PID:2572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3432 --field-trial-handle=1364,i,9924474570787663247,8933718401337158409,131072 /prefetch:1
  2⤵
  PID:1052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3468 --field-trial-handle=1364,i,9924474570787663247,8933718401337158409,131072 /prefetch:1
  2⤵
  PID:1120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3412 --field-trial-handle=1364,i,9924474570787663247,8933718401337158409,131072 /prefetch:8
  2⤵
  PID:2172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=1156 --field-trial-handle=1364,i,9924474570787663247,8933718401337158409,131072 /prefetch:1
  2⤵
  PID:2920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3796 --field-trial-handle=1364,i,9924474570787663247,8933718401337158409,131072 /prefetch:1
  2⤵
  PID:1208

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2036

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5d6a4b4af77b047dd71ea7a327ff7bc7

SHA1
e7a3616bd49f32997afcbf915da3451d92cfa03e

SHA256
ab37f91d5bfa3b8b7a15da75dfa541b711862740ff28437d11a2942cf7fe497e

SHA512
a5d40a6d5dd2ab7313c6d10bec87692ee166285bbaf24fa5a0f0d9273e23ac6e37b813fa7c5f912f3e16cbed2098ce6c7ddfb4fd8ba3a3be06abd9a14de7da78

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\29f89669-cb3d-43ab-897f-dc9b33b474d6.tmp

Filesize
311KB

MD5
dd31e03a701ebbcd9c56b476892a3be1

SHA1
e8da8e4208809519baf6e5fcedf4a651f665458c

SHA256
c71abe904686034471147271aab488715be35e47ca7935e6c5a54aba8b746b00

SHA512
f6b4b42a1ef2ad94dd7453260316c8ff65cf54652c3d3139bfc865c3bb6ea1ffcdc48a1ad5aaf11731a5263ebeb7356b6b7fba7c7757dea5e4605c5a8daba15f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
73a6dc263cd0733744af3edf0430e73c

SHA1
627cfa8003fb9e8b263ff4c7d5bd33e6c511af51

SHA256
c3a51d91384cbd5b6cf6797e9d82c938ed539a333f1909b3d2542d91a23f9300

SHA512
9387b59fc1767aacaf2995d78ee0cd32b74b040f75fa9036fcf268afdd99add3071e621f5c9748fcffe21c66cf648cd9d2b4c55732487bad3ef78771521342e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
fd00157788f64bd7927106af008ea64a

SHA1
70c656e91a1fdb912c04098a053122a4e582533c

SHA256
54a73df7c1033dcb4a7557ae76bad060bf1e00d82f7f58c9409cd94f35dd601a

SHA512
4bc8c54603566e301a305cf0693a7b24f42555d044aedbc0bed0724fcc972832f322d204adfd3fde92d49e124d4bf7e56706c2ad896b149f6e0512aa65258f66

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
34fa68787abe95e2c8136f108b85efa5

SHA1
64523a3dbe7061ff94fbf3cbb3efacd427ae35b7

SHA256
884cbdd63388b26f5ecb461a46a554f7572bbd8d18c26574cdaebca8c0a45f41

SHA512
ffcf98b273c6957cae9600a3ac5d9ef5f866b0873d07d38d56277cb2ec5c9a838f4854fe0f95dc23e2ca59f0e8772e956644e0bd20996590877aead29e7d7985

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
2bdf1a16fc1a25ba85b6ec4451b01f9e

SHA1
9f418ef35b54253d87d0aeca5162b1fe29a724c9

SHA256
f5eaa63c41ed3628384e6b4c3c542d3c03d767817b74a0447eb6281d395acf3b

SHA512
a7d4cace47df845f551deabe11d853214036104eb344806a9e28273aea6cd495c6b2bb60d03270fc933245f75582d86a215a7e5dbad7a3f879bad757bbdd7113

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
209KB

MD5
3e552d017d45f8fd93b94cfc86f842f2

SHA1
dbeebe83854328e2575ff67259e3fb6704b17a47

SHA256
27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6

SHA512
e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

Filesize
24KB

MD5
c594a826934b9505d591d0f7a7df80b7

SHA1
c04b8637e686f71f3fc46a29a86346ba9b04ae18

SHA256
e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610

SHA512
04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
d566ecda4686322f3ab49d5cf98cf9cf

SHA1
7664d8e06a8760b3387b8593aa84d8f67b8cd7c6

SHA256
ff0aeb9040ec5937ce94ca5ca77539e6ba75ed981a1d52b1a91b90ae1c5141d3

SHA512
e0d641f96df3851073e28be95e54b255bc057126302c6b2a37afa026c2100a960726f07a5e80b74a359086eded6eb1c7534b26f35f9507cca8d688a2b937e71f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\000009.dbtmp

Filesize
16B

MD5
979c29c2917bed63ccf520ece1d18cda

SHA1
65cd81cdce0be04c74222b54d0881d3fdfe4736c

SHA256
b3524365a633ee6d1fa9953638d2867946c515218c497a5ec2dbef7dc44a7c53

SHA512
e38f694fd6ab9f678ae156528230d7a8bfb7b59a13b227f59f9c38ab5617db11ebb6be1276323a905d09c4066a3fe820cf58077ab48bf201f3c467a98516ee7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

Filesize
136B

MD5
251ae8d5e343db75516b56ee618068c0

SHA1
b039e92c309aa4de09a98b0031bdb2c176dc41ad

SHA256
45e31c2f22e88fb5c6200c6d643ba414ec5eba7c227935b28fb957177d212341

SHA512
96b10ae2d93574fbde20d04c17ac4c1882d7e141b7def3fbd5e1d63a3c99e963afe5bf573bbc144af971c2369ca05031e0c0c626822d6fd77fe4e0ffce195344

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-000007

Filesize
50B

MD5
1be22f40a06c4e7348f4e7eaf40634a9

SHA1
8205ec74cd32ef63b1cc274181a74b95eedf86df

SHA256
45a28788cde0d2a0232d19c391eae45777fe640790ac0674d6daa5672c444691

SHA512
b8f6f42d375e3ad8015d744fa2814994fa6e588b41cce0131fca48194dd40146b08169a8ce0da350525ff32a59a16edb503c72e0f07254955c82a0d38074856e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000008.dbtmp

Filesize
16B

MD5
589c49f8a8e18ec6998a7a30b4958ebc

SHA1
cd4e0e2a5cb1fd5099ff88daf4f48bdba566332e

SHA256
26d067dbb5e448b16f93a1bb22a2541beb7134b1b3e39903346d10b96022b6b8

SHA512
e73566a037838d1f7db7e9b728eba07db08e079de471baca7c8f863c7af7beb36221e9ff77e0a898ce86d4ef4c36f83fb3af9c35e342061b7a5442ca3b9024d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG

Filesize
136B

MD5
3f8cf0eeab8ecc2eff3b23062d7bb7e5

SHA1
8e4224083cd65ee27316219fb9a388cbc5257b4b

SHA256
9459019c41a5ad0211d395758c050ecbb1e21ab194f73df98a1a0f59155c365a

SHA512
39cb7f5c00535db95b26d09acc29751be84da742dd1b5ffab4f76eb055a0b17dd8297a2bfecd3a0bb01ae8cea02426ca320748c78906116011fca973cb7c1d06

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

Filesize
136B

MD5
3c0b9bd2bea81ce1b224517c4ac6bc0e

SHA1
34bade0145abfec0d24b89b1ad62bd4051f83aa6

SHA256
5dd1b0256955dec9dfe192badbfb185b42c150b2760398d3a9dca1b07f5766b2

SHA512
91757cc1d6e2e096cd297bfdc1cfda1ef79048d1a6b8095a5d2ef7236487091733a1cefb405df96071f58c22b5044758adf82bec3f3ebdc2f576e141a8d93cc5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\MANIFEST-000006

Filesize
50B

MD5
78c55e45e9d1dc2e44283cf45c66728a

SHA1
88e234d9f7a513c4806845ce5c07e0016cf13352

SHA256
7b69a2bee12703825dc20e7d07292125180b86685d2d1b9fd097df76fc6791ec

SHA512
f2ad4594024871286b98a94223b8e7155c7934ef4ebb55f25a4a485a059f75b572d21bc96e9b48ed394be8a41fe0208f7bfb6e28a79d75640c5b684f0c848fe3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
987B

MD5
f1f407f11aac5a75ff5da4b8d4afa87d

SHA1
0eaaff2fba198c4fb797550299c84f6da5b0d753

SHA256
be26f59f53a520050f13976ffc3b510e6608539cb99ad7dc8ca6af55b99fcc6f

SHA512
3995c3a56d3882dc02496f2dc007329926503e603d6fefe8691daa6b3f65e7c15bb1be36b6fd1b73201a2e0fecd6134cdd03fb35bac074936b29b5d92ea96539

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Reporting and NEL

Filesize
36KB

MD5
7d1aea5319a61cb115cf9968137fbec6

SHA1
e951801ab8499db955f44120eebf7bfa81d97af8

SHA256
53f951cccd8969c28a6a0e0a84ffb35cf9a4368753bee00141a5a9a409818590

SHA512
1ae182256e72022cb99bb2d1e9142bf3c6643b1936ed6810f38483d80341805f3ea1f0521e87e1b6152fba4241f961fafd079197adf28857ab735ae21445a947

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
363B

MD5
391262895cbf9cedaa9f685ad7dabf71

SHA1
245a85f000ee55c4a48eb9f6f92d41927ff0a245

SHA256
15b31e3611cb4a66be0a7f9cc9030f0f0c079168b2ef9b43b931d86198e81e80

SHA512
b570300136ebc67a9d8bd1a2f2fe5559add5f82a3ada245e233fa9634ccc4ca4492c30cc3b68c3868ad33b736049b7bcfd42f43e8d04707dba61b767ba84d986

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
363B

MD5
4d857e12698affd73e90011217d64c52

SHA1
6f4fadf4ede9b07641d9530c2a997726aebf6059

SHA256
40524a18724ab66d509d0b1edbd438c043ee1d7b3ac11c9d0c3b1eb57992f3ff

SHA512
c64f9a0ae1816febd1176b7610a5f8c0418293478216e3213f6077f5b47937d700b4b129b4bed407f53e44644b33a149ef7504c282c3245832ec2dc408a27065

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
df1e767e4bd35831bb41b8665ddbf024

SHA1
b85d4346dd2e185fd27c420bde2f45cfbe07e1e6

SHA256
884ee16db5ff24916681d3e6b9da1a06f72212d0b68d44648220ec782cd879da

SHA512
53885c1b55ecb2e0fb67e6c07edd6b9eceb53c4a83d8cf50141982d414ce2a386387a946da85bf8c9cdba73cbf29150c18bdfcaa6bdfb3d780ae4a0c9745b13b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a22d56c80ee9973f0201163850e2a42a

SHA1
26e984c3502045919713756294c872c2831e3775

SHA256
f1aabc30c279d09154ad47c8f4a7930f5200ca0567aa0bf514d5d69c7a1e44d0

SHA512
7c71039570485db7bf657b5647357470cd1887c25209350c32e6f375b7d5dfe09bbab80c45ea6b8d3450499e98aa26df023da6c5a3088523e340123433dbfe6f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
af7270d1c1751a9f7ad54c16500215d9

SHA1
1e4470b46d01e2114606f5a0149f01243b2dd779

SHA256
696f99f2c673ceffcc6c01b432228039a1bf1e53ffed56b331ddde585bd11531

SHA512
0e4efe9aafddcc99f58cf4b76edc6ef2d8359cb783a908a114eb1df9ed3e56bc3fade687a5e1da512f8fe73f31bedc7f82b06f3af751ed246347a5e6782ef6fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
2bd2168ff10b802e61bbdf2766a6ae72

SHA1
116150543c03e808fb2db772fe38816be4c7ac19

SHA256
0abd0e246181a992d62c156d853d385bd0371eb0a30292bbe305b409274fed1e

SHA512
0c4b7c0ab16e89d19378fd18580431ff8a944ad4b87c268e3ba6707623a915fbf3c83f9bbfc4394df51e1d5b5df9ddc1c64af9a057bbf1420eda22aa7960b06d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
a991fd68d3af98238dc6bcfcc9a225a7

SHA1
257286983706ec20ef5d70ae21331c1549543e6f

SHA256
9444785991422ce87c49143e6c7f14f0714293dbee65c50dd11774d872719baf

SHA512
9b00c9d35f2adc16a4ae084e147c5534b7617538986aecc42ab422cb956f27186fa9245326ac5a40234dee5ccb05f9962e036a07f8e6f99af5ce7d6287c5653d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
9505fa157abc6577adabf82831068e61

SHA1
c72bfab30960f35ffc2daac0002faa91d0182d57

SHA256
d8c9cb23cf01c22c98d921f5d57baa3b064d2f2ad4fb412675f2e79f40710c35

SHA512
837417a810a46a13e56691fd12e319e8be012e64a4b38a27c994d988260eef6381add597b9c5fa6213cd5b1632a5fe96ad919d2b06834681ab98b4ffd899d536

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000009.log

Filesize
38B

MD5
e9c694b34731bf91073cf432768a9c44

SHA1
861f5a99ad9ef017106ca6826efe42413cda1a0e

SHA256
01c766e2c0228436212045fa98d970a0ad1f1f73abaa6a26e97c6639a4950d85

SHA512
2a359571c4326559459c881cba4ff4fa9f312f6a7c2955b120b907430b700ea6fd42a48fbb3cc9f0ca2950d114df036d1bb3b0618d137a36ebaaa17092fe5f01

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

Filesize
247B

MD5
e1871230bc5f522eb85601e5ef4c52f0

SHA1
50a467aa6f4f65d844d59af65af57399e3ceeac4

SHA256
40e9b8a85322d0aff1416702e97c44c21f7031f0dfbce6df5dfe6f5f424a4c17

SHA512
7c25324b6f2885ef8df2ff170016690095c39824b7f93fb21637755b551d419f83df9074e7a289081ad4d308e80cbbfc803385ca20f1bc88dfbe359f0ab7cf22

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000007

Filesize
90B

MD5
b6d5d86412551e2d21c97af6f00d20c3

SHA1
543302ae0c758954e222399987bb5e364be89029

SHA256
e0b2fdc217d9c571a35f41c21ed2596309f3f00a7297a8d1ded05f54f0e68191

SHA512
5b56ae73a61add9e26f77d95c9b823f82a7fcdc75eed64b388fb4967f5c6c42cb0796b0b99dc25c89f38952786176c10d173dec7862a8a5ce5f820280f72d665

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13367086853589800

Filesize
2KB

MD5
301886185a1c1fffac2adc35e23b0b16

SHA1
e26aed4cb9af8960ca0bc2b1c23336b1afe0a5b4

SHA256
199fb8a9f644871a2c78b6f8aed1451bc4d14e5b68538469af38a86aa8db77aa

SHA512
a8d7be23fe7df45484bf258518b0278b30aac6ce864e8b1e3b54963390b3805ae67bb400c204aa29864eac0385f74468fa68876079f231a4c2f89e52425f03f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
136B

MD5
a319cd5d605a8e32d6655e0cfc655ba6

SHA1
302dd75da0eabc69189916721dca51aab10129fd

SHA256
5fdd7654a6a1f55098e4ab011bc9a8a42e881494b778716227d57ab2fe0d7ca5

SHA512
035a8eb537fe65a4004b76a374f6118550ab477cdbfaf81a9a7be8cde468ee3ab94ac9f553c669250373df3f939ed6954779a67249133e16e0f1af2e49faf9e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\MANIFEST-000007

Filesize
107B

MD5
22b937965712bdbc90f3c4e5cd2a8950

SHA1
25a5df32156e12134996410c5f7d9e59b1d6c155

SHA256
cad3bbec41899ea5205612fc1494fa7ba88847fb75437a2def22211a4003e2eb

SHA512
931427ad4609ab4ca12b2ee852d4965680f58602b00c182a2d340acf3163d888be6cfad87ca089f2b47929ddfa66be03ab13a6d24922397334d6997d4c8ede3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000008.ldb

Filesize
1KB

MD5
0a572d48990716d98b67a6383f86f851

SHA1
90b6e778a1d4b010a86485427c5f8e9d5726bf90

SHA256
744f0bb1ee05874bee3cb6bf68225e3d61993edbc4f23821d7a7c02006354433

SHA512
c6d6b658d97d7e5919a93d58799a913ca55b2252467829a65e66b45788cb26431195e2fdd25136870cfd2f7b41bbc183df32570e4cd0f0b78a5077c776a54ce1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000009.log

Filesize
2KB

MD5
29ba6258fd0dbb3b2f3fef72a90f4639

SHA1
e1c0a5a284fab96f0d20ca4d40317e4e564c8c00

SHA256
a234138671c069d6900e0ead3e565eba0a020fc081e9a31e05384f17198c64e2

SHA512
1944a73006cead1c0c14e9eff98e9348709d8a032d98d51b3ffeecede9ec366e8c4aa39c22d7afe9916b385d1f8ca7dd3c537528a5ea8630f52d69fa5bacf8f4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
250B

MD5
e23d552815891bdabc9bd1474a4d072e

SHA1
ab9c0f85ab3167c3d689908627b6a5dcfffd6d62

SHA256
5ef1fa6ea4981f20763f65a42563a80d6bdab0d90fd4c6b76d48f92b0577a14c

SHA512
26ccb5fc176bf24975301ee556782363618160cfc4098890ba209a49d6b73f9b99a81ca8c5c9e541f4fb7813424979ea7b657562fbbe761636e21d6c07e87c5e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000007

Filesize
250B

MD5
17955c6a1bfe62d0dc5fef82ef990a13

SHA1
c4bc3f9ccf3fa9626c9279ecb1a4cbfbf4a0fcf5

SHA256
1cba135964cd409db09911c7cd4699112622596ff633cea868a83c54088c03a7

SHA512
5fb73bb4f7eb1c9e26f34e5d0f310783c7e629e717760ee38731a52a8e3fba6831d77abf0f37631fed820839a00c9242a582e59266de08d3c92c5c4f83c8e7a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000008.ldb

Filesize
485B

MD5
60a8d6d1e64382ef3d4b6fbbb731c782

SHA1
99632e02d26ad543afd96c83e429955e8fca4394

SHA256
6f769709d46db47018be936d962bceca1f9284d0e68bcc3de5e5ffade1a73929

SHA512
4b5187e03916599d88ff75dffc8fa9352026bba3dbd7595fe8999aaab3ef63c46260e7854a8cab95866570938fc309be807791ee95bf6a21a944e2cdf49af46c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000009.log

Filesize
189B

MD5
d2876bd49c8f4c041a1376e859452009

SHA1
aff62a9edc03140f6025737e0f5b2655ad973158

SHA256
c209fa8d1c25389da99552284f74f08bb83f706a7caee7d4996cc5e73f2fea2e

SHA512
615754501e15503a5a8c6d208aebbb2226ccac012232dd07b9488893d10bd6311656dce77d955ec0861ed842ce59c28ccbde0bc91b633d47ae4893cf05ff1675

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

Filesize
249B

MD5
8a231385d8d34c20be55149ef5a48967

SHA1
0d2f765c1b6bb37187e62402eb72d52e4ab288da

SHA256
5e2e673104ccbd61dc4c25352411066cdcf7e8ae61164d7faa82f27fae0674df

SHA512
4936a17eb281e568907009d94ad6a1ad4062a362c8fb5e70b538ca17694ca60b393fa59cb5511d8416b42339e441d0c259527b738b9ec337c772c0ba79e152fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\MANIFEST-000007

Filesize
98B

MD5
1c0c23649f958fa25b0407c289db12da

SHA1
5f6b10cd5a39fe8c30353bcf4cd4e4a60ef35574

SHA256
d5134b804a775cfb79c6166d15b5721d38ffc2da11948a6c1263595d6c2941cf

SHA512
b691e882018833a108bd286bc76c55a140d00d5a266617a3a381af1ceff01aefaef17acef29d14dec931d7051455726cde8974cd04cc07302f1c3cc452fe2f52

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000008.ldb

Filesize
315B

MD5
23b825c2aa8e278840839f1876a90c7c

SHA1
396fadf4222e8b470661db59530eec4491565a81

SHA256
a6fa015da1dacf8a5d71bb3a0b0a7b645ba28276d9a7b32ffb89df408811f10d

SHA512
d62feb1b6123f5081da3bb97594cf8f478438bf70f772c40a400e479c4bd6b6343fb1f70c322b00233fc83fbb0cf4d430ffdb34a9b9607e783437d7b795edd5d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000009.log

Filesize
34B

MD5
12275f46db968e27e4edb23a4517904d

SHA1
1bd41f5f55dc8532c45c5ed91bd0823deabe3d3a

SHA256
0b9769e63620205002586d7dbefa19d6c3573ffa65bc86eb49113ec271feea4a

SHA512
084364c331be5c6b8c537a6c56b732ccdbb45f0d74a1e0ed89ac195e9ae43e15f15c953e3ed188990f0abb7e0e6456fa4b6b34562a02c180f7c061a7728c8b66

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000010.dbtmp

Filesize
16B

MD5
60e3f691077715586b918375dd23c6b0

SHA1
476d3eab15649c40c6aebfb6ac2366db50283d1b

SHA256
e91d13722e31f9b06c5df3582cad1ea5b73547ce3dc08b12ed461f095aad48ee

SHA512
d1c146d27bbf19362d6571e2865bb472ce4fe43dc535305615d92d6a2366f98533747a8a70a578d1f00199f716a61ce39fac5cab9dd67e9c044bc49e7343130e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

Filesize
249B

MD5
cdabe1fad6c0115bcc23605a78baa008

SHA1
91c140da5b6254bae7ed40427d01c81ef8bfb184

SHA256
9d6cabf37b2e94ac9fa7b0332c8981dc49e945212bcfcf828747a965860bb64d

SHA512
b4a570301118b790cf3a12df840170fc0ce2a756d2c6f57480e775e339da395b3719f7a2c565a92e2bfb005ee63f8b235dfd816610d96d9d3369c89dbc728df4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\MANIFEST-000007

Filesize
118B

MD5
780d05a284715e9b093e9d8c4eac4b8c

SHA1
21c261ae0e90bfedfcc85b05a43e99c3af295565

SHA256
7ae4869c4df8067e19506050e0459798e31a3031c8a96feda2b2cd678b19c23a

SHA512
6c19f25b5b9f1e1c96d10ef1970f2b12bbb4a2a7fd2afc258219da9214bbaf024b2b9ee5026054163a52cf321c51ebb594561ec6ec96bb4ac3b18f03b9ed8b87

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Browser

Filesize
106B

MD5
de9ef0c5bcc012a3a1131988dee272d8

SHA1
fa9ccbdc969ac9e1474fce773234b28d50951cd8

SHA256
3615498fbef408a96bf30e01c318dac2d5451b054998119080e7faac5995f590

SHA512
cea946ebeadfe6be65e33edff6c68953a84ec2e2410884e12f406cac1e6c8a0793180433a7ef7ce097b24ea78a1fdbb4e3b3d9cdf1a827ab6ff5605da3691724

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
9eae63c7a967fc314dd311d9f46a45b7

SHA1
caba9c2c93acfe0b9ceb9ab19b992b0fc19c71cf

SHA256
4288925b0cf871c7458c22c46936efb0e903802feb991a0e1803be94ca6c251d

SHA512
bed924bff236bf5b6ce1df1db82e86c935e5830a20d9d24697efd82ca331e30604db8d04b0d692ec8541ec6deb2225bcc7d805b79f2db5726642198ecf6348b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
311KB

MD5
7f14b52b165d3191c14a30eb232b7619

SHA1
78596f857087bd8431522ffba632f5a660fc81b8

SHA256
619a95f83a139ce1496132117515f114e314abd85fcbac584886260ba127603d

SHA512
3f090eae859995c14aec88ca7d865ac520804111c15cad773025842cb2272255020482252aad10aa2dd17e7e7df60bbfd14bf90145f8cbdeefe73f849235bd2e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
85B

MD5
bc6142469cd7dadf107be9ad87ea4753

SHA1
72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c

SHA256
b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557

SHA512
47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt

Filesize
4B

MD5
3a410c29d74dd6fb68803ba346eb47b1

SHA1
9f492380c4240a3b11af3ec43092d93a096aee86

SHA256
7556b21a00f8fd0d9b1d286faf425280b546926d3ea1fe429a178d0367df9c13

SHA512
7347b47524deebfcf41196f882d7f657dee4ae97fef75daa6f4ce4fe9d1c1a4948fbab48d8542ee8ce25b66663d8497295481923af3de0598ba96fc7cec7ddad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabE89C.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarE8AF.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit
memory/2620-19-0x000007FEF7150000-0x000007FEF7168000-memory.dmp

Filesize
96KB

Download
memory/2620-7-0x000007FEF5710000-0x000007FEF59C6000-memory.dmp

Filesize
2.7MB

Download
memory/2620-52-0x000007FEF3240000-0x000007FEF3251000-memory.dmp

Filesize
68KB

Download
memory/2620-50-0x000007FEF3370000-0x000007FEF3384000-memory.dmp

Filesize
80KB

Download
memory/2620-53-0x000007FEF31D0000-0x000007FEF3231000-memory.dmp

Filesize
388KB

Download
memory/2620-49-0x000007FEF3390000-0x000007FEF33A3000-memory.dmp

Filesize
76KB

Download
memory/2620-48-0x000007FEF33B0000-0x000007FEF33C5000-memory.dmp

Filesize
84KB

Download
memory/2620-54-0x000007FEF3180000-0x000007FEF31C7000-memory.dmp

Filesize
284KB

Download
memory/2620-47-0x000007FEF33D0000-0x000007FEF33E2000-memory.dmp

Filesize
72KB

Download
memory/2620-41-0x000007FEF3590000-0x000007FEF35B3000-memory.dmp

Filesize
140KB

Download
memory/2620-39-0x000007FEF35E0000-0x000007FEF3890000-memory.dmp

Filesize
2.7MB

Download
memory/2620-42-0x000007FEF3570000-0x000007FEF3583000-memory.dmp

Filesize
76KB

Download
memory/2620-43-0x000007FEF3460000-0x000007FEF3566000-memory.dmp

Filesize
1.0MB

Download
memory/2620-44-0x000007FEF3430000-0x000007FEF345A000-memory.dmp

Filesize
168KB

Download
memory/2620-45-0x000007FEF3410000-0x000007FEF3423000-memory.dmp

Filesize
76KB

Download
memory/2620-46-0x000007FEF33F0000-0x000007FEF340B000-memory.dmp

Filesize
108KB

Download
memory/2620-40-0x000007FEF35C0000-0x000007FEF35D5000-memory.dmp

Filesize
84KB

Download
memory/2620-37-0x000007FEECE60000-0x000007FEEE6CF000-memory.dmp

Filesize
24.4MB

Download
memory/2620-38-0x000007FEF3D70000-0x000007FEF3F76000-memory.dmp

Filesize
2.0MB

Download
memory/2620-16-0x000007FEF4450000-0x000007FEF465B000-memory.dmp

Filesize
2.0MB

Download
memory/2620-17-0x000007FEF71A0000-0x000007FEF71E1000-memory.dmp

Filesize
260KB

Download
memory/2620-25-0x000007FEF6700000-0x000007FEF6718000-memory.dmp

Filesize
96KB

Download
memory/2620-56-0x000007FEF2CD0000-0x000007FEF2D04000-memory.dmp

Filesize
208KB

Download
memory/2620-20-0x000007FEF7130000-0x000007FEF7141000-memory.dmp

Filesize
68KB

Download
memory/2620-21-0x000007FEF6B80000-0x000007FEF6B91000-memory.dmp

Filesize
68KB

Download
memory/2620-22-0x000007FEF6B60000-0x000007FEF6B71000-memory.dmp

Filesize
68KB

Download
memory/2620-51-0x000007FEF3350000-0x000007FEF3362000-memory.dmp

Filesize
72KB

Download
memory/2620-23-0x000007FEF6740000-0x000007FEF675B000-memory.dmp

Filesize
108KB

Download
memory/2620-18-0x000007FEF7170000-0x000007FEF7191000-memory.dmp

Filesize
132KB

Download
memory/2620-26-0x000007FEF66D0000-0x000007FEF6700000-memory.dmp

Filesize
192KB

Download
memory/2620-27-0x000007FEF6660000-0x000007FEF66C7000-memory.dmp

Filesize
412KB

Download
memory/2620-28-0x000007FEF65E0000-0x000007FEF665C000-memory.dmp

Filesize
496KB

Download
memory/2620-29-0x000007FEF65C0000-0x000007FEF65D1000-memory.dmp

Filesize
68KB

Download
memory/2620-30-0x000007FEF5DF0000-0x000007FEF5E47000-memory.dmp

Filesize
348KB

Download
memory/2620-31-0x000007FEF60C0000-0x000007FEF60E8000-memory.dmp

Filesize
160KB

Download
memory/2620-32-0x000007FEF5ED0000-0x000007FEF5EF4000-memory.dmp

Filesize
144KB

Download
memory/2620-33-0x000007FEF65A0000-0x000007FEF65B8000-memory.dmp

Filesize
96KB

Download
memory/2620-15-0x000007FEF4660000-0x000007FEF5710000-memory.dmp

Filesize
16.7MB

Download
memory/2620-6-0x000007FEF73A0000-0x000007FEF73D4000-memory.dmp

Filesize
208KB

Download
memory/2620-35-0x000007FEF6120000-0x000007FEF6131000-memory.dmp

Filesize
68KB

Download
memory/2620-36-0x000007FEF60A0000-0x000007FEF60B2000-memory.dmp

Filesize
72KB

Download
memory/2620-34-0x000007FEF5DC0000-0x000007FEF5DE3000-memory.dmp

Filesize
140KB

Download
memory/2620-14-0x000007FEF71F0000-0x000007FEF7201000-memory.dmp

Filesize
68KB

Download
memory/2620-13-0x000007FEF7210000-0x000007FEF722D000-memory.dmp

Filesize
116KB

Download
memory/2620-10-0x000007FEFA2F0000-0x000007FEFA301000-memory.dmp

Filesize
68KB

Download
memory/2620-11-0x000007FEF7250000-0x000007FEF7267000-memory.dmp

Filesize
92KB

Download
memory/2620-12-0x000007FEF7230000-0x000007FEF7241000-memory.dmp

Filesize
68KB

Download
memory/2620-24-0x000007FEF6720000-0x000007FEF6731000-memory.dmp

Filesize
68KB

Download
memory/2620-9-0x000007FEFAAD0000-0x000007FEFAAE7000-memory.dmp

Filesize
92KB

Download
memory/2620-55-0x000007FEF3100000-0x000007FEF3174000-memory.dmp

Filesize
464KB

Download
memory/2620-59-0x000007FEF5710000-0x000007FEF59C6000-memory.dmp

Filesize
2.7MB

Download
memory/2620-8-0x000007FEFB540000-0x000007FEFB558000-memory.dmp

Filesize
96KB

Download
memory/2620-5-0x000000013FDE0000-0x000000013FED8000-memory.dmp

Filesize
992KB

Download