b9f9e70c83f04830007ec06e6d7c3e0fafe90c6af53355e4248ab0a59ca1cf48

Analysis

max time kernel
79s
max time network
143s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
02/08/2024, 19:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

BSL_v8.2.09.zip
Size

932KB
MD5

4443556b4e0d63394f0df1297e484454
SHA1

cd92bf706a1347a2d2943b14391ffbe1233415bc
SHA256

b9f9e70c83f04830007ec06e6d7c3e0fafe90c6af53355e4248ab0a59ca1cf48
SHA512

68edfac08cac19ac151abdafd0708bb2304af608dde9dc04ffd52968a8e93bc2c6ce67902ff850e32c0280ec19587f06d0c550b41c709ee2e5d7974c8414c491
SSDEEP

24576:dReL/rFGYSh8KyQEPXrn7KoZq86rAHhQEzuekpko:dReXFl38EPXr7jZqPsHLaek2o

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2892	chrome.exe
2892	chrome.exe
2368	chrome.exe
2368	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2892	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2892	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2892 wrote to memory of 2096	2892	chrome.exe	31
PID 2892 wrote to memory of 2096	2892	chrome.exe	31
PID 2892 wrote to memory of 2096	2892	chrome.exe	31
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2216	2892	chrome.exe	33
PID 2892 wrote to memory of 2072	2892	chrome.exe	34
PID 2892 wrote to memory of 2072	2892	chrome.exe	34
PID 2892 wrote to memory of 2072	2892	chrome.exe	34
PID 2892 wrote to memory of 2720	2892	chrome.exe	35
PID 2892 wrote to memory of 2720	2892	chrome.exe	35
PID 2892 wrote to memory of 2720	2892	chrome.exe	35
PID 2892 wrote to memory of 2720	2892	chrome.exe	35
PID 2892 wrote to memory of 2720	2892	chrome.exe	35
PID 2892 wrote to memory of 2720	2892	chrome.exe	35
PID 2892 wrote to memory of 2720	2892	chrome.exe	35
PID 2892 wrote to memory of 2720	2892	chrome.exe	35
PID 2892 wrote to memory of 2720	2892	chrome.exe	35
PID 2892 wrote to memory of 2720	2892	chrome.exe	35
PID 2892 wrote to memory of 2720	2892	chrome.exe	35
PID 2892 wrote to memory of 2720	2892	chrome.exe	35
PID 2892 wrote to memory of 2720	2892	chrome.exe	35
PID 2892 wrote to memory of 2720	2892	chrome.exe	35
PID 2892 wrote to memory of 2720	2892	chrome.exe	35
PID 2892 wrote to memory of 2720	2892	chrome.exe	35
PID 2892 wrote to memory of 2720	2892	chrome.exe	35
PID 2892 wrote to memory of 2720	2892	chrome.exe	35
PID 2892 wrote to memory of 2720	2892	chrome.exe	35

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\BSL_v8.2.09.zip
1⤵
PID:1464

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7419758,0x7fef7419768,0x7fef7419778
  2⤵
  PID:2096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1088 --field-trial-handle=1376,i,5121915953854276630,13932946431140616155,131072 /prefetch:2
  2⤵
  PID:2216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1504 --field-trial-handle=1376,i,5121915953854276630,13932946431140616155,131072 /prefetch:8
  2⤵
  PID:2072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1556 --field-trial-handle=1376,i,5121915953854276630,13932946431140616155,131072 /prefetch:8
  2⤵
  PID:2720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2244 --field-trial-handle=1376,i,5121915953854276630,13932946431140616155,131072 /prefetch:1
  2⤵
  PID:1520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2256 --field-trial-handle=1376,i,5121915953854276630,13932946431140616155,131072 /prefetch:1
  2⤵
  PID:1380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1644 --field-trial-handle=1376,i,5121915953854276630,13932946431140616155,131072 /prefetch:2
  2⤵
  PID:1932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1320 --field-trial-handle=1376,i,5121915953854276630,13932946431140616155,131072 /prefetch:1
  2⤵
  PID:2428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3668 --field-trial-handle=1376,i,5121915953854276630,13932946431140616155,131072 /prefetch:8
  2⤵
  PID:756

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2284

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:2368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7419758,0x7fef7419768,0x7fef7419778
  2⤵
  PID:1572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1204 --field-trial-handle=1388,i,7164097872245092499,13461584256229268098,131072 /prefetch:2
  2⤵
  PID:2280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1524 --field-trial-handle=1388,i,7164097872245092499,13461584256229268098,131072 /prefetch:8
  2⤵
  PID:3044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1620 --field-trial-handle=1388,i,7164097872245092499,13461584256229268098,131072 /prefetch:8
  2⤵
  PID:2120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2080 --field-trial-handle=1388,i,7164097872245092499,13461584256229268098,131072 /prefetch:1
  2⤵
  PID:1740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2088 --field-trial-handle=1388,i,7164097872245092499,13461584256229268098,131072 /prefetch:1
  2⤵
  PID:2336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1412 --field-trial-handle=1388,i,7164097872245092499,13461584256229268098,131072 /prefetch:2
  2⤵
  PID:1896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1424 --field-trial-handle=1388,i,7164097872245092499,13461584256229268098,131072 /prefetch:1
  2⤵
  PID:2128
- C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
  "C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --reenable-autoupdates --system-level
  2⤵
  PID:2400
- - C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
    "C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x154,0x158,0x15c,0x128,0x160,0x13ff77688,0x13ff77698,0x13ff776a8
    3⤵
    PID:2988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3664 --field-trial-handle=1388,i,7164097872245092499,13461584256229268098,131072 /prefetch:1
  2⤵
  PID:2976

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:556

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\4578ccf8-8d02-4583-b3c7-2239d6c48ba7.tmp

Filesize
317KB

MD5
4478fae1487ebfee0f4289d1e9aa2ff2

SHA1
5934f4d5880673d5f110145abbf7dc6796c38195

SHA256
5b89aa746915a54f30540f8c69763a7a2c9a4964bb2f4a681f9bec7692e3b920

SHA512
d0ec5b440f488893d07db57cecbb84eb3186981be890ceeadc0d8dfa7e954e26a44b200d50750bb96ae602335dc1c2619e9e8eaa7ebbacb2f750febc746e6573

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
4af14b992d16a9097ddb4009c70b96b9

SHA1
2606b4a060c324c2048ea8d54374d4f2402886eb

SHA256
6ed45c34d54bb5f6e8b2a14aeb78406c243ca3d5eecd7a00089957e8c98dc7ce

SHA512
3d7642f60e8a54040b80872747cd6f37017c77ad3ec3f4370fe5641f8a0b76ffbf59f6592f9851d35ee192789b525e2e20d9cabb4c52f00cc08ea3bd94fa8987

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
e3ae5b3d39bd9236a8a52b2a4e5edb31

SHA1
83daab3c34a42115f4896e3806577ab9eeceb4bd

SHA256
ff81378494b422ef6e1d60ba1a70178e224f57dabbf17c990b8010de6071c67a

SHA512
03263221cd89ec461623e2aa00e31a23d81b3b76f657fd68c024fdb862caaebb10fa42ee342d10e2bbb1cdda59ac8c3988d778fff76efbb6a1de2303460261b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
67f91cfbac067275cf369337c8e96250

SHA1
0852eccfb50600214e6dc20547146226f322d74f

SHA256
6e876d8bae3a0b1d8b4ec6516870c4e11357e89cebc07599869e4c8323bbab38

SHA512
8084a12baaa575dab04d86c1a9754f347d6e14c52452c22735bbb28a0b0bbf762e18ed55db9af1bc7c7d5ab1f3c90698ed6cb3335fe4cbcede35ddcd4b22c8f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
fb3fc71e86ffab37e0690f06c95e9e45

SHA1
c234e367a53b112efc5544d30d89162fbd75221d

SHA256
89899e5abb77b32cbbf0fa336096d1381397a0054beea0e691af58669bc749e5

SHA512
157328fc1faa4fcca1eab99b415294afe0fc802f2fa6f7db09b08d71830569d5f1338675f0c396d80ef0bd2db2c44e0735a85700e3c66438625644b6284c5a31

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
209KB

MD5
3e552d017d45f8fd93b94cfc86f842f2

SHA1
dbeebe83854328e2575ff67259e3fb6704b17a47

SHA256
27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6

SHA512
e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\000009.dbtmp

Filesize
16B

MD5
979c29c2917bed63ccf520ece1d18cda

SHA1
65cd81cdce0be04c74222b54d0881d3fdfe4736c

SHA256
b3524365a633ee6d1fa9953638d2867946c515218c497a5ec2dbef7dc44a7c53

SHA512
e38f694fd6ab9f678ae156528230d7a8bfb7b59a13b227f59f9c38ab5617db11ebb6be1276323a905d09c4066a3fe820cf58077ab48bf201f3c467a98516ee7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

Filesize
136B

MD5
04059fcb6b4010ed39d73115f57c301e

SHA1
584284678165cc6f10b6602223488ffbc26d8ec4

SHA256
2477be8c8ef551f63001ef95645e6e850d1cb8d2c084321db020deea6543cca7

SHA512
4dca730771cfa625a118f370420fe704fe5c3ff81cb159bad528b84516988ec7b3bb21337c8368e0ca8cd6a75bfc448c42c07a59f99397993c448ef2e2661146

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-000007

Filesize
50B

MD5
1be22f40a06c4e7348f4e7eaf40634a9

SHA1
8205ec74cd32ef63b1cc274181a74b95eedf86df

SHA256
45a28788cde0d2a0232d19c391eae45777fe640790ac0674d6daa5672c444691

SHA512
b8f6f42d375e3ad8015d744fa2814994fa6e588b41cce0131fca48194dd40146b08169a8ce0da350525ff32a59a16edb503c72e0f07254955c82a0d38074856e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000008.dbtmp

Filesize
16B

MD5
589c49f8a8e18ec6998a7a30b4958ebc

SHA1
cd4e0e2a5cb1fd5099ff88daf4f48bdba566332e

SHA256
26d067dbb5e448b16f93a1bb22a2541beb7134b1b3e39903346d10b96022b6b8

SHA512
e73566a037838d1f7db7e9b728eba07db08e079de471baca7c8f863c7af7beb36221e9ff77e0a898ce86d4ef4c36f83fb3af9c35e342061b7a5442ca3b9024d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG

Filesize
136B

MD5
1c81b68200410d3f127d31c1e0b8d0a9

SHA1
d37eacc151d4fa48bb7c4651e7c83edc000d16b6

SHA256
7971812875f54c6855f86991241ba154c4b1ada40a5514adcef9169e565d8caa

SHA512
1bbcf7e315b72e66befe3b8c3cecf3856e11981d09f5d45c670437d48738659b01c61857d62c6bf8880c5a2abc6d5a7078755a64992ea707a026a6268560385e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

Filesize
136B

MD5
62b8869b04692b22d0c228b14f56a5bf

SHA1
a77c458fa36249194aa0358f9c8aab6e9d3d76a0

SHA256
aef79adf0d893b869516a886618cbbcb6919cfd6726b0b79cd55b397acd67f96

SHA512
cbe4d9525cacdc494c90609f0e0f7d95e4d85285b35c89e46257a910b1de55be65635620e1796c1e3247dd94c6fb073d9363d934ce9454d67071daacc1013713

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\MANIFEST-000006

Filesize
50B

MD5
78c55e45e9d1dc2e44283cf45c66728a

SHA1
88e234d9f7a513c4806845ce5c07e0016cf13352

SHA256
7b69a2bee12703825dc20e7d07292125180b86685d2d1b9fd097df76fc6791ec

SHA512
f2ad4594024871286b98a94223b8e7155c7934ef4ebb55f25a4a485a059f75b572d21bc96e9b48ed394be8a41fe0208f7bfb6e28a79d75640c5b684f0c848fe3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor

Filesize
36KB

MD5
ed83dcc8393fa14589601f79cd81cd34

SHA1
17b2ac0f21920bbb105a053e3b9a0b93087f5f10

SHA256
00b080ed69dbb6ab2275f350ffd0c0d0f4524d8a5525ce9878b9b7cdf8b5be90

SHA512
8152222491dcc714fec37906b68eed35fcafea677f0e31610a203f15c43f3032d9403bec4b8afa11983d4bc793d196c4b4c526fc8ce99f2a8353ceff894b6695

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
986B

MD5
2f00197c11806cc654126c2c2cb2c3f7

SHA1
2fd665cebe3543f5931dcbfd94c25cae07d2e633

SHA256
89ed5f0ab0483ea2bda2d938bb648bf54709d04540231d0b519ecbf600c00779

SHA512
54d84aca4cadfbf127ec2b829826ef7e8ccbae44bf320f57fafc079aae37c67948c7936999b635ff40a97c416f7c196f89aea4ea8acde3dc957330438966e011

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Reporting and NEL

Filesize
36KB

MD5
16d873eb2053c7b019b6b483160244a9

SHA1
35794ab7cd6eedacfbf4f9449d9be5f750a1bfd4

SHA256
1c77b621e3d304e8bcdae245369012836fa8a12c5052b4043a8e67a5e6645f1d

SHA512
7f609f45a5f9b4a64fb48e774a7d04bed19a863f8bda25109c88058c68d653b01e7d573cf560403823ad7cf94d76c08a562f9d20eaff6e8d9aeda599b6e5699b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
363B

MD5
da30de476406081a307c1a98ae0c3b9f

SHA1
16e2835d55d0f89449831a4322ab4eaca26e56cd

SHA256
b7e7de4c47d22713fd16393299050b0aa28b6708bd5f8ee070673f6eada7d00b

SHA512
ec475bccc66b83f6a6eb06d24eb170bf8b8ad4ba9dd06226876f9323348b37baab4bab0083d6daba29d6332106dd2551e00d9abbfbb74aaeb59f46ff309606d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
363B

MD5
6acd3b416253c4956e4f67219b2a0edd

SHA1
a540ffd5f497cae2ae176cbcea039b8b33d4b705

SHA256
7e9566b03a222efa9694663f11bd1eb893cd494985cc011c02f9c1671485d76b

SHA512
f3df02d087d2fa64d4cd8a6dced558b7c5cad1112e9e076727535ab34c7ec892d240722e07b78823fe6198b47288fd3b6f958ec1b01d1558c38fae26143bf293

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
2ba1af1d612db5fc9526a1192f327ea7

SHA1
f55c09dd3a9c0654ae903892a90a0d519cecc15f

SHA256
4be84c4ac0219b9f01df18dfe5e7c002764130a8d859b4b5e5daeeac2ccee0de

SHA512
b8c407ff0632159e604083558467796adee9e9531cd6e912ea02b083a6c7cf3589976b4a3c315598a7e97ff5bd20e9b4cf0a97919a7c1e69f3f8f9aca8acabc5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
4cfb4ee58359b6fa6ad0c1dd65564594

SHA1
bacb3e5f516f9e787093dedda6e1a30c74b5ac43

SHA256
292af977e1f303d5a19c61af996e2ada7d1830ab52aa668f23b0ff4b5581436a

SHA512
121cb4081da8d1aa8f6d4459d6d8c39b9cd9feb6f6971cd86ace909760bc6dd2f02aac539ea2acdecb7f3854f66a8691d6051f41f6e79587d40505d80ea67ad1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
4761db2d177d697600ffac32e82dea09

SHA1
39d69c899c23fd213064cd87b331267dab3c92c9

SHA256
9da2944ebbac9c0f708293b751e11650eb79992a0027b01a4981d6d0ba711588

SHA512
1bdd97870827d9a80ba1197e98f5fa10fa2eec366ad55e1ef7c12971394e07159ae80125d28a459b11d0ded6ec0f25f35cc7b4fac14180f1373255eaab5d249e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
d799f7f5ce2bb28657389f70f32fda37

SHA1
22f8e73f95d013a0000ad50bffcaf4932b1238d9

SHA256
533728e09680184173e984c6a0a66d233ef9861fd90b3a9146445b43ec249f23

SHA512
ab8d760814382f8e602b67bd437fae628a5f27681064efa8fc661ff26e3e9febbc977b1b703acbc835478094066306336fc73d9161e10e2be4cf8f02836fe034

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
6a20d0073699ae6ac16db24d0a937780

SHA1
fabfe8be8e40020e32fd0ad47d4958255b9c8c6c

SHA256
05a913a069deb2ac42e842d70685dcff80a59f4c240b43b6f4222205c74db384

SHA512
523b61b972752bee170845c3293548bd59e04a3fedf4f94b1a37199ab7b56c913c403dfb915448ade49d7d224643335dc023cdbf1f913a8af3ace61003522502

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000009.log

Filesize
38B

MD5
e9c694b34731bf91073cf432768a9c44

SHA1
861f5a99ad9ef017106ca6826efe42413cda1a0e

SHA256
01c766e2c0228436212045fa98d970a0ad1f1f73abaa6a26e97c6639a4950d85

SHA512
2a359571c4326559459c881cba4ff4fa9f312f6a7c2955b120b907430b700ea6fd42a48fbb3cc9f0ca2950d114df036d1bb3b0618d137a36ebaaa17092fe5f01

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

Filesize
247B

MD5
b8316d2f0ea81b3f8d2da5d5be3aa0ff

SHA1
918736fd5fd55e75e2a5d59e785b58ca2d7d7111

SHA256
53496795e28bb3e39037db6829e204b9a89b57680c339ca313bf565a4cabecfa

SHA512
f5a37bd029ebf982b6fb66480a15efbf2ff8444dcac171050abbf3b0eb5191c6ccdd32181bd3d97b2adcab166b1d8ef492b3bbd01e829f0a2c1b9878407a092c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000007

Filesize
90B

MD5
b6d5d86412551e2d21c97af6f00d20c3

SHA1
543302ae0c758954e222399987bb5e364be89029

SHA256
e0b2fdc217d9c571a35f41c21ed2596309f3f00a7297a8d1ded05f54f0e68191

SHA512
5b56ae73a61add9e26f77d95c9b823f82a7fcdc75eed64b388fb4967f5c6c42cb0796b0b99dc25c89f38952786176c10d173dec7862a8a5ce5f820280f72d665

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13367100247901000

Filesize
2KB

MD5
df7572879ef2b44683dc514aea3c91cb

SHA1
1a0d0649794d732daab42a6aa2b97abde4c27221

SHA256
1ef6287a3d93c353631ff57d2a5fce8fd6d4e484d84996e31672508302fa31e3

SHA512
1961c8b5f493709d40251c1a10e0a47f24f361c0a0b7ba836996a52f9fc73a7291287fe36662672ab2c2f611582f1423a79a5a38d3ed213d0109d9387219fd3d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
136B

MD5
87848712649c62c6f82f12efb6260e15

SHA1
6833603d7c16c0d4ca37558b92718c95552a36b9

SHA256
e0adc6c247472faea4e7d7c82aad8b708b2cca88b87e8714ddb283cccfc4ec71

SHA512
fdbbcceb52b108b09ccca2e99393affaa2b6047945251de60db71ed359c6d79b737fcf6e9185fea49faa34d33f8e1683435ab352b6de09b92f9950e94ae5b899

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\MANIFEST-000007

Filesize
107B

MD5
22b937965712bdbc90f3c4e5cd2a8950

SHA1
25a5df32156e12134996410c5f7d9e59b1d6c155

SHA256
cad3bbec41899ea5205612fc1494fa7ba88847fb75437a2def22211a4003e2eb

SHA512
931427ad4609ab4ca12b2ee852d4965680f58602b00c182a2d340acf3163d888be6cfad87ca089f2b47929ddfa66be03ab13a6d24922397334d6997d4c8ede3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000008.ldb

Filesize
1KB

MD5
e6305367badace56469a80ee5699626a

SHA1
43c630767f2e7b53541f007d12fc152bb0dd6b42

SHA256
c6bb8753b375eb83740a84710049bc0bdf3c9a16aa79089976b97c8e844378fc

SHA512
368a6ffbbe92d1ae144e140f3e9202116905656d295e95fec8032861b4dd7618df29c9c520981078a9cee35e73f22a204f39e531abcb6bec5cbabb46c420d0a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000009.log

Filesize
2KB

MD5
90665348e754e2e24efebdb080703c9b

SHA1
0a212ea41a1453dee445bf3f9773711e0cbfe3ab

SHA256
cadbab74d5731b950589e2c1430f3c0bce3adaea5896690ff3457012a9de30c5

SHA512
9c724f4d0872d546eb9a4852297f669f0523bbce098343ee9dcc6bcb4507508d884d3343b06ac3ac53ba82c4d753899a63a7aa5a7b8f28d615f30cf71e5cb605

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
250B

MD5
dfbb94330d4add0a4dd311a1147c6f96

SHA1
e5026863f3e28b3bdf9b4ccc9ac702973c2d3621

SHA256
d059fcb67376f0bc3f894a04a490922220473fc4be5cd368bb37f2d68d681ddc

SHA512
976f446506bb76e11e5d1d0838cccc830a277dc622cb41ec75a6b49c35b78dc632978574211c7ef39475a5e4a4baccab8f3177094b689c2e3ed3dcf67107b6c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000007

Filesize
250B

MD5
03d881fc5a4ab4013bd1b30988abb179

SHA1
9ad861569715575d7b676e5683b14dd3cffec304

SHA256
5da7b30f55f920166ad821f532fb95bd11546bf63a228fc41357aa122fcaf5e8

SHA512
29ab8ac2c642a83086266f88ffde8d71c96cd0d98812fac526e0a0adc58d8bc7f99760ad19a71cc38c3ef5edb9ab9d642ef6b665bf4ce336260b0171411e26f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000008.ldb

Filesize
487B

MD5
46afefb39df7014312b943d17e3bc752

SHA1
5fb71c70b425705fe8bfa69454e7441dc051086c

SHA256
7355ba155292d970b8d1c98beaa1caefe7db0b071d8a67e13847b46b6854494d

SHA512
38a6f900c3bf09990cc80c4e347c971bf3d548e7ded972ede9d65c540b3c0c655b4c06a813e57548cb8f0903d0150dd369f2c883d9306b8918b0f04a995cdf62

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000009.log

Filesize
189B

MD5
bf4e0e49c05b189c10b22f3dc27b7cfa

SHA1
8b5e3e9bd6f54278ea9a45c3c3e3f528d146cf91

SHA256
84749917763dbcc734552bfc61c538db384e23f5dd72c316347c614362df6363

SHA512
859c84d3c6c7b76ed8374b4b7f3e985f8154e34cf62ed1b6a5e430de7f4719f370d782884d787c18358508bad16431f782124884d301b1fe5ca7b8bee2d2d63d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

Filesize
249B

MD5
5b3bae5053f26b3a9510357eefb36207

SHA1
39893620b1ca50a4eb55aab16db0703815c117b1

SHA256
a76299ffb847cc3b0e5e31075214f90a6bd5ce971de8b7933349b786323e89d9

SHA512
8174b26ff03ea4bd02afd8f4ba5fe434e542e00fe62ae54e26cd7be32fa1b51cd278c9b3feaf1af6a5a1a22386aaa18d32b042470996d3906835d27aaca673a8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\MANIFEST-000007

Filesize
98B

MD5
61c22786fd625f0e68e668ce2f2f4069

SHA1
5e63f1ded1fbfcdb004da5f4bd9b9d3f41eeb0ce

SHA256
2c0248caa9603b6782ba43028b036445216782ceb6c3bc93f1105030f828e396

SHA512
7fd9cc680048d8e4730cd360836979d4f0f54666f9cea87018e0b6602ae707503a62b84bde1a701410694e434c26dc2faa85e7a2d54d989b6464f0161248febc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000008.ldb

Filesize
320B

MD5
3a6158076b7f6b861af0833c2a94989e

SHA1
8e6e89e30a898f00a354593138741a159b33d66d

SHA256
1f6500b752bacb0dc6ae3003a2b1ce655e98e48594fc727c2f44c42b60721c70

SHA512
1c45feb8c00fcd94e6ec56d1eb35139fa7970aa98b5344e0c391773afa2bfbfd550ff6625b623b1b8845947dd8efc09fe0de46012daee5503bbe9e19398a154d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000009.log

Filesize
34B

MD5
fe62c64b5b3d092170445d5f5230524e

SHA1
0e27b930da78fce26933c18129430816827b66d3

SHA256
1e1a9ca70503efd8c607f9bc7131f08aba0476d75f2586dadb4da5485a5315d4

SHA512
924daccfbfb0c0464b4c5fd769e01a8f2e96fe28b635aa27ab4cd91766b05b03bbf941af14c017436107673f01bad815ce1fac2a649e745c76b3c736994b4fd2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000010.dbtmp

Filesize
16B

MD5
60e3f691077715586b918375dd23c6b0

SHA1
476d3eab15649c40c6aebfb6ac2366db50283d1b

SHA256
e91d13722e31f9b06c5df3582cad1ea5b73547ce3dc08b12ed461f095aad48ee

SHA512
d1c146d27bbf19362d6571e2865bb472ce4fe43dc535305615d92d6a2366f98533747a8a70a578d1f00199f716a61ce39fac5cab9dd67e9c044bc49e7343130e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

Filesize
249B

MD5
17efec3635322b6fbfbb9e8d3d248771

SHA1
985aeca76baa34794b251fba684b1af330e86131

SHA256
528765e1912615e8223d9da431609de36a507f1ea33a5d82933dce0ebb11e22f

SHA512
67970b58b78d8a9800016940f43b50ec90f2294808f00747a22ad4693edab4026e179b6527e0da34cd4be32cd8050f0a36a5f44fbd31dffb2954517de2c1cf62

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\MANIFEST-000007

Filesize
118B

MD5
575eb75877faaa81d928a1498de0d461

SHA1
7757eaf39c358ccf6a00d7c6c6a40998dc07df7d

SHA256
6b1e5b7661fe1d6c286415a55d2e5af242bba8d95fa87182200f7b60bd8bb097

SHA512
7cdb67ed39f41a0a06938ddaa3077e8dfec8e6b905a8bbd688577b3f5e39e649be5fe6e1d969035611e11169d66f9127fba2e2ebf72a2ec6c3fab4a01dd225a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
9eae63c7a967fc314dd311d9f46a45b7

SHA1
caba9c2c93acfe0b9ceb9ab19b992b0fc19c71cf

SHA256
4288925b0cf871c7458c22c46936efb0e903802feb991a0e1803be94ca6c251d

SHA512
bed924bff236bf5b6ce1df1db82e86c935e5830a20d9d24697efd82ca331e30604db8d04b0d692ec8541ec6deb2225bcc7d805b79f2db5726642198ecf6348b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
317KB

MD5
8efb7a67a92901054c54b940f0f45f8b

SHA1
e833157295d2b992065b586bddc74e9bf1b24596

SHA256
20eb60eac4ea34b720634a531f2dd78cfb97d690851f8f531155d230287a668f

SHA512
f5b0505c4dcb2a6502006b7a22dbcb57a126fff7c59f1fd288ed805343ea0d3e2b54cc87b5920d61e56d47a08628bfbb38f2098f6e6cf9ac609d22bc469b8159

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt

Filesize
4B

MD5
cb9679fb0943173d0348e8dfb308bf01

SHA1
f6d30efbd1ee69e48865d93dc50baac8c89760ce

SHA256
26d4b7382f34b2dc307e478eed41a63a84656f96b30f9c4806e8c5ac32c768be

SHA512
31f1952f0c63f72fe74e18b0f6494e3fdd78a3f7b165845700afdb48597f431aa2e095a4f3397ec9156d1450fc87763804b66d64104d43b252df52d56ac88bdf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit