c69651cd40aeb5333614034c5aa6deb3f0af5360a19a6890091bf3058c6600cc

Analysis

max time kernel
12s
max time network
29s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
03/08/2024, 03:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Nezur.exe
Size

13.6MB
MD5

de4304b672f3a76cdb7f64888116b2db
SHA1

741a762deea3aeb3b5180250dd92a9ad895a4054
SHA256

9ab764a239cfc2816140352fddaa6dc1e3419b61851089c16274e74c2a26ff56
SHA512

37363e343227452aa1bf3ccd11040213a4b4e4c74e28c00dd9a246231b8e4f8cd58a15d209bad39edb4a91342a72c9f825f484ad46e626146b1cb7a84d7f09f3
SSDEEP

196608:+7WRWCqxIe8xLQ1U/ZPuQneUA5BZ4jxFHVJ19NgY5ojAwyQXeUDkCu6ccKIq:+71/xNeGUBPuJTGjNr5ojNHbe

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2660	chrome.exe
2660	chrome.exe

Suspicious use of AdjustPrivilegeToken 8 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2660	chrome.exe
Token: SeShutdownPrivilege	2660	chrome.exe
Token: SeShutdownPrivilege	2660	chrome.exe
Token: SeShutdownPrivilege	2660	chrome.exe
Token: SeShutdownPrivilege	2660	chrome.exe
Token: SeShutdownPrivilege	2660	chrome.exe
Token: SeShutdownPrivilege	2660	chrome.exe
Token: SeShutdownPrivilege	2660	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe
2660	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2660 wrote to memory of 2768	2660	chrome.exe	32
PID 2660 wrote to memory of 2768	2660	chrome.exe	32
PID 2660 wrote to memory of 2768	2660	chrome.exe	32
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2516	2660	chrome.exe	34
PID 2660 wrote to memory of 2564	2660	chrome.exe	35
PID 2660 wrote to memory of 2564	2660	chrome.exe	35
PID 2660 wrote to memory of 2564	2660	chrome.exe	35
PID 2660 wrote to memory of 2592	2660	chrome.exe	36
PID 2660 wrote to memory of 2592	2660	chrome.exe	36
PID 2660 wrote to memory of 2592	2660	chrome.exe	36
PID 2660 wrote to memory of 2592	2660	chrome.exe	36
PID 2660 wrote to memory of 2592	2660	chrome.exe	36
PID 2660 wrote to memory of 2592	2660	chrome.exe	36
PID 2660 wrote to memory of 2592	2660	chrome.exe	36
PID 2660 wrote to memory of 2592	2660	chrome.exe	36
PID 2660 wrote to memory of 2592	2660	chrome.exe	36
PID 2660 wrote to memory of 2592	2660	chrome.exe	36
PID 2660 wrote to memory of 2592	2660	chrome.exe	36
PID 2660 wrote to memory of 2592	2660	chrome.exe	36
PID 2660 wrote to memory of 2592	2660	chrome.exe	36
PID 2660 wrote to memory of 2592	2660	chrome.exe	36
PID 2660 wrote to memory of 2592	2660	chrome.exe	36
PID 2660 wrote to memory of 2592	2660	chrome.exe	36
PID 2660 wrote to memory of 2592	2660	chrome.exe	36
PID 2660 wrote to memory of 2592	2660	chrome.exe	36
PID 2660 wrote to memory of 2592	2660	chrome.exe	36

C:\Users\Admin\AppData\Local\Temp\Nezur.exe
"C:\Users\Admin\AppData\Local\Temp\Nezur.exe"
1⤵
PID:2976

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef79f9758,0x7fef79f9768,0x7fef79f9778
  2⤵
  PID:2768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1168 --field-trial-handle=1376,i,12028567622696531456,8124550753282030538,131072 /prefetch:2
  2⤵
  PID:2516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1544 --field-trial-handle=1376,i,12028567622696531456,8124550753282030538,131072 /prefetch:8
  2⤵
  PID:2564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1604 --field-trial-handle=1376,i,12028567622696531456,8124550753282030538,131072 /prefetch:8
  2⤵
  PID:2592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2172 --field-trial-handle=1376,i,12028567622696531456,8124550753282030538,131072 /prefetch:1
  2⤵
  PID:1040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2184 --field-trial-handle=1376,i,12028567622696531456,8124550753282030538,131072 /prefetch:1
  2⤵
  PID:1140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1168 --field-trial-handle=1376,i,12028567622696531456,8124550753282030538,131072 /prefetch:2
  2⤵
  PID:2012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1444 --field-trial-handle=1376,i,12028567622696531456,8124550753282030538,131072 /prefetch:1
  2⤵
  PID:2924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3956 --field-trial-handle=1376,i,12028567622696531456,8124550753282030538,131072 /prefetch:8
  2⤵
  PID:684

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2316

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
PID:1712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef79f9758,0x7fef79f9768,0x7fef79f9778
  2⤵
  PID:2132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1156 --field-trial-handle=1232,i,18404284274361964734,3489357393061206948,131072 /prefetch:2
  2⤵
  PID:2192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1492 --field-trial-handle=1232,i,18404284274361964734,3489357393061206948,131072 /prefetch:8
  2⤵
  PID:1064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1592 --field-trial-handle=1232,i,18404284274361964734,3489357393061206948,131072 /prefetch:8
  2⤵
  PID:1836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2104 --field-trial-handle=1232,i,18404284274361964734,3489357393061206948,131072 /prefetch:1
  2⤵
  PID:604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2112 --field-trial-handle=1232,i,18404284274361964734,3489357393061206948,131072 /prefetch:1
  2⤵
  PID:1612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1188 --field-trial-handle=1232,i,18404284274361964734,3489357393061206948,131072 /prefetch:2
  2⤵
  PID:2992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1356 --field-trial-handle=1232,i,18404284274361964734,3489357393061206948,131072 /prefetch:1
  2⤵
  PID:2268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3648 --field-trial-handle=1232,i,18404284274361964734,3489357393061206948,131072 /prefetch:8
  2⤵
  PID:2108

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1452

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
fd81db94741a2e9ee3567e1b97c61561

SHA1
812c6793ff5ed6c48de9b5bf14e542793d214f8e

SHA256
1de7ffa87c097849748bafdbf03a9031f42809272986eeb06fc59c6ac8c9da7a

SHA512
a07c8345f04de340c58df10bfb38e329510f0b662e85ce1dea8997537645142a26f22c15e1a7e852816029542198ec67c0cea222ff1f9b240078b0f5fd78a1b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
2d4b701e586f2f4fbd2bd6b14ed52ab6

SHA1
cded8b80fd46921f90c4a275aac8c3438370b53c

SHA256
63102f34b700ab1d802b7bdff02d611793f2697351c24b92815c57201fb90a75

SHA512
c2f25e4db2fd15f020531b32c8213e2fecb1cc41c7e3cb655b5464b2be8236b07230cd90f29647728e664fe89e9a51810ec01db7b696451dc295ce59c3e98ed7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
3dbf3b3a1ee7e06bcb919446789685a7

SHA1
ffc484355c39046a92ad5ac3606598a879e31c2b

SHA256
bad01d0a1ad3cfe734e8c0d875ffff64e33e36850a8f160fd21581f610212f3e

SHA512
87421735eee330112125586d551b16dda7250273d1ce73d14206c00bfa222410cacbe46b56cdfb430590861dcaefa5f7c55d582ab6e5d0dd20fb519f20527098

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
51e56bf683f20292da5eab10c1daefa4

SHA1
669a545c491ad8697fa4dbd086019df572a5c534

SHA256
1ccb4b398cbc01a9acbbdcea7a26af06e7031f0a2242a28ad90bd040ecdf81e9

SHA512
86c965beefcce0f736c1b8cc87f86bd4d54d0bcc74a0e156b939e7c92c320fc67770e9c5bf3c6199ad5699f3358eacfc0c69058462da40b1d186c7ddc0ee9ed6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\000009.dbtmp

Filesize
16B

MD5
979c29c2917bed63ccf520ece1d18cda

SHA1
65cd81cdce0be04c74222b54d0881d3fdfe4736c

SHA256
b3524365a633ee6d1fa9953638d2867946c515218c497a5ec2dbef7dc44a7c53

SHA512
e38f694fd6ab9f678ae156528230d7a8bfb7b59a13b227f59f9c38ab5617db11ebb6be1276323a905d09c4066a3fe820cf58077ab48bf201f3c467a98516ee7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

Filesize
136B

MD5
a072c45ea2385ed82c4cfa281d020cdc

SHA1
1872ca04fe606fed0774fd511057fcc5651328a9

SHA256
7eda7205d8779e4531fbe9c5725118e5ba2db4afb1c089f74fbda6d5bbb321f8

SHA512
f08431990d37531bb16f7fc9448186138ca54db915e993373cc5ed1d794b07072e58a138e1af131157133a7f0bf2b01fac7b5d921587f0148b06dbc293de634e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-000007

Filesize
50B

MD5
1be22f40a06c4e7348f4e7eaf40634a9

SHA1
8205ec74cd32ef63b1cc274181a74b95eedf86df

SHA256
45a28788cde0d2a0232d19c391eae45777fe640790ac0674d6daa5672c444691

SHA512
b8f6f42d375e3ad8015d744fa2814994fa6e588b41cce0131fca48194dd40146b08169a8ce0da350525ff32a59a16edb503c72e0f07254955c82a0d38074856e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG

Filesize
136B

MD5
083df6214965be0aa5c76a1c7042b0db

SHA1
5957d742f79b7b4a24faea8521a18672f6743ff1

SHA256
13782b3865820857f4c31e6a8cf19b7db7b2ad30fa29e38ba7823956f1036417

SHA512
c702730f1872d79acb6fb7dbf468112c926050d5fb7fd92567cc85b4b33c0073bf8f930b3c3b4b348ef3be4cab18615a6ccb228d7806f013a9d980c26f4b361e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

Filesize
136B

MD5
38acc14c5e89b696e550571c19c0618f

SHA1
38ac8bdb2cadb23decc80a330de95b75ab958808

SHA256
d63440fd76573f67da1c8f6868a2709daf0f93ecd46feab3628f110e7cf2fe3a

SHA512
9828875049625520cdb3e9f5983019a284cf14c8980de115a96a090bdbcaa506d5a205274ad7d068de1e72f57c65f637dc7fb6dc4912852d9829d4af0b306a4b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\MANIFEST-000006

Filesize
50B

MD5
78c55e45e9d1dc2e44283cf45c66728a

SHA1
88e234d9f7a513c4806845ce5c07e0016cf13352

SHA256
7b69a2bee12703825dc20e7d07292125180b86685d2d1b9fd097df76fc6791ec

SHA512
f2ad4594024871286b98a94223b8e7155c7934ef4ebb55f25a4a485a059f75b572d21bc96e9b48ed394be8a41fe0208f7bfb6e28a79d75640c5b684f0c848fe3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
987B

MD5
ca37e9a3d144d0fea247d973b2ae077b

SHA1
f45790e4310ed6da476311d677f956a879db9553

SHA256
7b34919bc5a13ba5432abc1f867c02763b59b8e015fd8a47edff764b2de2e8cb

SHA512
d582cc43b00da9d93e35e2c045c9877d493a1065ddbf9f1e41f1519c243ee7fbbb8236de14736fcd8b67c07b3f1bb1fa17a8570ebc74dd4897803c78ed242283

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Reporting and NEL

Filesize
36KB

MD5
3db4ccda3cbf11e5fc5eb7947adcc1b1

SHA1
f8ee8cb999cb546d0cf9909b016c4b194c587f69

SHA256
7ecd59157e756a4acbd4ad26555b3c91429c218d6228dd1a86e40a47171f96a3

SHA512
256d9712cc9880b83e4499d27822ce61f26225a5d0cbcd319690c9b14d7718e82e3a88987d240e821237d210d692b283ee9d8b4f22cec841b524b4616fcfc4b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
361B

MD5
0cdf45c4e28977515ce1f138bd7091e1

SHA1
4baa5dfab45d4e897822b9a871ed0c238c212cf7

SHA256
5b9b021a1588fce1edc11ba40eddc0c7128c9f7e774a443b5c59595d3ca873a5

SHA512
2b7aa562714bf5219a89debfe529993135fceac12fdde8fbea06b7003d229c39f91659159c9ead41175a4f000b1c19b4fd66507bd63452b8663bbdbcca3f5ef9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
35421f99a359647b90dfa92ac9b11dec

SHA1
e9316d9ad52a00c875c9a522b62239d34b3f23ee

SHA256
1e78bd8ceea99b93ff391ffb729b5a836d728c98fa0a1e4a6d38dc99eb80d2da

SHA512
6526a6c6989f49d9812c7f63da1adcbfa2c4b4dade17d9c7f6cbb5d051e917827b3d7f6680065b17eb7ccd197a7900e63415fb6dd8cb2450d2024270eb96bc6f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000009.log

Filesize
57B

MD5
c1fbc73703dc17075bfdd73203d1a093

SHA1
25e9eaf2abc195d3c4833e59c030e8287d5f0f8b

SHA256
81191d26af8575bb3e9325c04984bd427039270a0b563bde723f014573771f19

SHA512
a4a00d3dc83fdc1680154a68f2b661b98770830c43015a56deec2323e52de7fa2948c7fb27cd6000d25f76dc8923299c23f64c0ccd922fef23d3cee0da5d13fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

Filesize
247B

MD5
29d351458dcae852f711465de32e4f5f

SHA1
bd7df08ae20d0a94f330de240af84bc6791211b9

SHA256
3f7077f57d7a4284f81711af5dfbc10fe789dc2c03c4a4d90341a3bc62504bc6

SHA512
2e9b804dbaa57946668836fb0102f3e632663bb2c8af9df3bbc5b8ba31103e00496d426d8b18096202433ba758ac9a800604b55212139170b1bfee8f0634835e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000007

Filesize
90B

MD5
b6d5d86412551e2d21c97af6f00d20c3

SHA1
543302ae0c758954e222399987bb5e364be89029

SHA256
e0b2fdc217d9c571a35f41c21ed2596309f3f00a7297a8d1ded05f54f0e68191

SHA512
5b56ae73a61add9e26f77d95c9b823f82a7fcdc75eed64b388fb4967f5c6c42cb0796b0b99dc25c89f38952786176c10d173dec7862a8a5ce5f820280f72d665

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13367127853471000

Filesize
6KB

MD5
8312af6c526bff41c91556897f2d41a8

SHA1
be1e60ba54ab64c90e180805290a88c2fcfece1f

SHA256
46999207fb03b0b3948ca20c8d2bc49c126043c0fb5d310f91b152cd8bdac396

SHA512
c6c6723c6283cd14c8bc160b86788437ec253b94191dd8bb6c177160f6af0056aa123cfe2ad96e8d85220ecaaf8245ddfa4be9acad9687dde867b7b27211d15c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
136B

MD5
37372ebac575e34aa564a64a8b6eb86c

SHA1
66640f65006773a337bbae590707a6d5344ff561

SHA256
5a3797f82eae2252c0f05a3ce27a52edf3aa05de96caef1c9d433dcac432b4c0

SHA512
f763d791ba079b64e165eeaad6291be771e241bf5e62722030c2255c6fb971cecd299260e1fe1e46dfa6fd9362a69a19394d7cedd139f6f0b3fb031005f46659

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\MANIFEST-000007

Filesize
107B

MD5
22b937965712bdbc90f3c4e5cd2a8950

SHA1
25a5df32156e12134996410c5f7d9e59b1d6c155

SHA256
cad3bbec41899ea5205612fc1494fa7ba88847fb75437a2def22211a4003e2eb

SHA512
931427ad4609ab4ca12b2ee852d4965680f58602b00c182a2d340acf3163d888be6cfad87ca089f2b47929ddfa66be03ab13a6d24922397334d6997d4c8ede3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000008.ldb

Filesize
1KB

MD5
0c0e80f2644791435e049b2a799ec9c6

SHA1
489f75c2d6eb1575844a0cb850f30ef00df8e8d6

SHA256
5175e88983977846d5cc41ed8e82e62843e0538776d958064e05832eed91b463

SHA512
77c778b11845e810e1a41b7e107ba75b434f5ff136a2bd4d9df5dd3bd16cb840fbf882e1a8f3a079443f0ab3d49fd500b5e58f410947d69e5665fc1c44ac2f18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000009.log

Filesize
2KB

MD5
f38990ab48eaad8aef1c871b2b27bae7

SHA1
ac4997ff283a4a024d90bc5d8d762aea41245231

SHA256
2206fca1d9cb49ac498474104839bb1e121f30a82c8826ed11e02a243be7d467

SHA512
c067c46b63510c76c4737ebb15e7922dc954d234d925367fd958429838af2ce722930e4df91dadf90e41ac7a1f0907f56727cefde3d89aa8817f98c1e544f84b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
250B

MD5
72e9cc6899d99afc443e400f06438bd4

SHA1
3e8c62170f0c03557eed240e5cfb4b285a9cbced

SHA256
308ec41ae3fac4caa6a03f47a76b3e52579c6cd1b99ba629a42036d601cd95d0

SHA512
c403cfbc1970717e11922c168c0cce552a21b848e189c39214a6a202318a367e522b4a14d1f4e9f7d614386c7e5e2e1e998832f0a631a3680fb25ef73fe5147b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000007

Filesize
250B

MD5
d7b276de48cdaccb148a52dc89437317

SHA1
e3d8531c10d774a7b63e536cc3da205787ecedd6

SHA256
e3884633dc7f6d8c56e14fa7f557bd515ac3a386fd5c35a68934333b501e22d7

SHA512
43f1a3925220c4de838e4bff8d4cc73d4ee867a04f458ccbe9b08d98093dbddd193615abb4f4482c031b0db22cd283ed6bb3a44bde8320fe9957524215807507

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000008.ldb

Filesize
485B

MD5
a895bf557d4b514bd69f04ff4adf5136

SHA1
f469872f92dacc2fb11a593974e56aae09adc440

SHA256
a8512d4534bab0f09191f6c2d9f212b2eb23d9d45fd6c11d0e2e4dfb2cf65cb9

SHA512
0480aadb94be8e6c0c52f0ea3be63872fadc8f0c71064a3fb80da9336011f23e03b4711f39f48160f7f34a87c01a840c3f593f9ff2ea66bc9220756201db0612

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000009.log

Filesize
38B

MD5
353baef961f61f2bb5977f4412bed74b

SHA1
363988553398ac14369a21aff4744c6c6b06945e

SHA256
282f42c3291a4996b2465e4be29c814d0637ee74396b3352948b70bf3ec53399

SHA512
563bf093d36037025dc67e8c4ebf8b0a476b427d0da004006499b7c5ae742388d4c8620f4a73e2d48d8accab6a7cd250c4e1ab148695275f58521c68665b3877

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

Filesize
249B

MD5
ce7d48b19d19fc81b82b98bfd08c32a4

SHA1
452ff0b6521557b7573d09d3df93251e8b136a99

SHA256
d13f189b70529bfbb14501e8042bf2a2e66e59026dae1c7e96e76645fd7a89d2

SHA512
cf9c1a8759530e1d78f38e09520f1b9060f0ab0305c58edfbadb32faf53c60032a9404f65d1fc87678a5b00f9c09ca1ac981374a53bbb977186e1555bc78f198

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\MANIFEST-000007

Filesize
98B

MD5
1c0c23649f958fa25b0407c289db12da

SHA1
5f6b10cd5a39fe8c30353bcf4cd4e4a60ef35574

SHA256
d5134b804a775cfb79c6166d15b5721d38ffc2da11948a6c1263595d6c2941cf

SHA512
b691e882018833a108bd286bc76c55a140d00d5a266617a3a381af1ceff01aefaef17acef29d14dec931d7051455726cde8974cd04cc07302f1c3cc452fe2f52

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000008.ldb

Filesize
318B

MD5
3a43a8173dfb9100d043481f873aea86

SHA1
6a0e0ec8d23a4e3ff4c3116da1904a4c2158257d

SHA256
6ec071013ba28a6f74f119c594feb93cc37cb72a7ac736823643dee36b6b51de

SHA512
e88a2c3ed7f4f3cb9e7d254d540203c6782041b3e6c93a399dfb1632528c74a08e7d70b185cbcd99b19648e51a850557e002a56f56f08ba628c85f7168150d99

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000009.log

Filesize
34B

MD5
fe62c64b5b3d092170445d5f5230524e

SHA1
0e27b930da78fce26933c18129430816827b66d3

SHA256
1e1a9ca70503efd8c607f9bc7131f08aba0476d75f2586dadb4da5485a5315d4

SHA512
924daccfbfb0c0464b4c5fd769e01a8f2e96fe28b635aa27ab4cd91766b05b03bbf941af14c017436107673f01bad815ce1fac2a649e745c76b3c736994b4fd2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000010.dbtmp

Filesize
16B

MD5
60e3f691077715586b918375dd23c6b0

SHA1
476d3eab15649c40c6aebfb6ac2366db50283d1b

SHA256
e91d13722e31f9b06c5df3582cad1ea5b73547ce3dc08b12ed461f095aad48ee

SHA512
d1c146d27bbf19362d6571e2865bb472ce4fe43dc535305615d92d6a2366f98533747a8a70a578d1f00199f716a61ce39fac5cab9dd67e9c044bc49e7343130e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

Filesize
249B

MD5
c14061cde218f8bbcb268c20d72f74ae

SHA1
7d59e9f9c1d02a765b464dc5577a44390be240ab

SHA256
07a80a4d93693f3bce126ad8c49b35549110ffd82733609de7aae6d57e0f41d8

SHA512
1a4c1209a013188fb5cdd77b2038e31a828d494a9791f560ac8637fb67913f6729499f5f1e0a8851db43f38ff835aa232a10f71b8f9f4a004acbbeea6d6cbdeb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\MANIFEST-000007

Filesize
118B

MD5
d5842b6fb90a67708c353f0f3a33be85

SHA1
48a9e06c9bcf2791ac6376622d6dea179689255e

SHA256
c63523f14d423eee3b43947283056d5219edd0c63318007b1b876e24ab101d03

SHA512
1a5f288211bfdceedc802fe9de9cda4596d3db06222a742600a67262671f5084feb4ac797d39a10c02854590f680d47df39cd81bd41312a0807db597beabbaec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Browser

Filesize
106B

MD5
de9ef0c5bcc012a3a1131988dee272d8

SHA1
fa9ccbdc969ac9e1474fce773234b28d50951cd8

SHA256
3615498fbef408a96bf30e01c318dac2d5451b054998119080e7faac5995f590

SHA512
cea946ebeadfe6be65e33edff6c68953a84ec2e2410884e12f406cac1e6c8a0793180433a7ef7ce097b24ea78a1fdbb4e3b3d9cdf1a827ab6ff5605da3691724

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
9eae63c7a967fc314dd311d9f46a45b7

SHA1
caba9c2c93acfe0b9ceb9ab19b992b0fc19c71cf

SHA256
4288925b0cf871c7458c22c46936efb0e903802feb991a0e1803be94ca6c251d

SHA512
bed924bff236bf5b6ce1df1db82e86c935e5830a20d9d24697efd82ca331e30604db8d04b0d692ec8541ec6deb2225bcc7d805b79f2db5726642198ecf6348b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
311KB

MD5
2ca0b58212c5a5d1d1e3cc0617b30c94

SHA1
d45356f3a0b9954aac758f5011d8e5e1bd15b609

SHA256
2cb7752ca9e09b13241950e0f277bcb91bb4b185d54695f2bc8d22756184d265

SHA512
3d91ad1145a595ef708ccebfdadaa0e33cd65a492dad04326f7be4308a3c5d3b74a5cafa780a46a5d31d22a2c056395ad8401e4ba2083757fa95f144296b7eec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\b38ecf79-90f7-44e9-9039-11d8f80f15ff.tmp

Filesize
311KB

MD5
0583b6473498be4ba91d0595e44555d2

SHA1
e96f2d6bfbfb314e3a9e597ce985c28c9ad9ee65

SHA256
29b7a870479da9df963d274f16865ecbc049b2f336cd417b9383dc51e0fa02f7

SHA512
94df89eb23f7818c2c49847de8ef3ed4a56a3fe3b2745705415dfa8047f41d54fc5516d3e1caa6ffec2e896d7ca304088c12c9e30e86a9c60d62bb0482b0d51e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt

Filesize
4B

MD5
dd18c9a2bdb0242681dbf4da899d53d1

SHA1
ca76e8ae65b50275c3cf6177fcda1e089271eda8

SHA256
2ef6c177cfd631f0323bd5e829ccf4523180cf51b70a48ee974801ebb53a5efe

SHA512
44480c6de32b791a57c00f9e72cd471fcbe349aff5eefff2ff951001023590cddcb8e76d123c090ca0950861990e6dea0a6121b96f01e54777dbf08e5c93b331

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit