c6dc697b68f4744bfd38cfd8f62e179fd236ecbbcb7e7555fdabd2d30dac9f73

Analysis

max time kernel
150s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
03-08-2024 04:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

OperaGXSetup (1).exe
Size

3.1MB
MD5

3ff24a81ae3cfe0f5bad2904240743d8
SHA1

503599a23b1a77f7cd0e155791db2ef8acdcce37
SHA256

c6dc697b68f4744bfd38cfd8f62e179fd236ecbbcb7e7555fdabd2d30dac9f73
SHA512

1e9cf2a7371546d25180c1be3059b2f90f1018104b55214a83ea25b633a90151a80140bb6c7d18fd98501c0ee79865d8d6b68f3df7d8ea597bd0c92861d0fd41
SSDEEP

49152:eNEyYYC1hqiJckG38dBFOhg5/6qF3rjb/h4CNcTCP8xphzSNtOSe+aSc:UEP1y3+0hgh6u/ZcTCP8BzONaSc

Score

8^/10

discovery spyware stealer

Malware Config

Signatures

Downloads MZ/PE file

Executes dropped EXE 5 IoCs

pid	Process
4332	setup.exe
3888	setup.exe
3000	setup.exe
836	setup.exe
1620	setup.exe

Loads dropped DLL 5 IoCs

pid	Process
4332	setup.exe
3888	setup.exe
3000	setup.exe
836	setup.exe
1620	setup.exe

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Enumerates connected drives 3 TTPs 4 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\D:	setup.exe
File opened (read-only)	\??\F:	setup.exe
File opened (read-only)	\??\D:	setup.exe
File opened (read-only)	\??\F:	setup.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

System Location Discovery: System Language Discovery 1 TTPs 6 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	OperaGXSetup (1).exe

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3596	chrome.exe
3596	chrome.exe
4900	chrome.exe
4900	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe
Token: SeShutdownPrivilege	3596	chrome.exe
Token: SeCreatePagefilePrivilege	3596	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe

Suspicious use of SendNotifyMessage 48 IoCs

pid	Process
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
3596	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe
4900	chrome.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
4332	setup.exe
4332	setup.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2296 wrote to memory of 4332	2296	OperaGXSetup (1).exe	84
PID 2296 wrote to memory of 4332	2296	OperaGXSetup (1).exe	84
PID 2296 wrote to memory of 4332	2296	OperaGXSetup (1).exe	84
PID 4332 wrote to memory of 3888	4332	setup.exe	85
PID 4332 wrote to memory of 3888	4332	setup.exe	85
PID 4332 wrote to memory of 3888	4332	setup.exe	85
PID 4332 wrote to memory of 3000	4332	setup.exe	86
PID 4332 wrote to memory of 3000	4332	setup.exe	86
PID 4332 wrote to memory of 3000	4332	setup.exe	86
PID 4332 wrote to memory of 836	4332	setup.exe	88
PID 4332 wrote to memory of 836	4332	setup.exe	88
PID 4332 wrote to memory of 836	4332	setup.exe	88
PID 836 wrote to memory of 1620	836	setup.exe	89
PID 836 wrote to memory of 1620	836	setup.exe	89
PID 836 wrote to memory of 1620	836	setup.exe	89
PID 3596 wrote to memory of 4188	3596	chrome.exe	92
PID 3596 wrote to memory of 4188	3596	chrome.exe	92
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 4184	3596	chrome.exe	93
PID 3596 wrote to memory of 2192	3596	chrome.exe	94
PID 3596 wrote to memory of 2192	3596	chrome.exe	94
PID 3596 wrote to memory of 804	3596	chrome.exe	95
PID 3596 wrote to memory of 804	3596	chrome.exe	95
PID 3596 wrote to memory of 804	3596	chrome.exe	95
PID 3596 wrote to memory of 804	3596	chrome.exe	95
PID 3596 wrote to memory of 804	3596	chrome.exe	95
PID 3596 wrote to memory of 804	3596	chrome.exe	95
PID 3596 wrote to memory of 804	3596	chrome.exe	95
PID 3596 wrote to memory of 804	3596	chrome.exe	95
PID 3596 wrote to memory of 804	3596	chrome.exe	95
PID 3596 wrote to memory of 804	3596	chrome.exe	95
PID 3596 wrote to memory of 804	3596	chrome.exe	95
PID 3596 wrote to memory of 804	3596	chrome.exe	95
PID 3596 wrote to memory of 804	3596	chrome.exe	95
PID 3596 wrote to memory of 804	3596	chrome.exe	95
PID 3596 wrote to memory of 804	3596	chrome.exe	95

C:\Users\Admin\AppData\Local\Temp\OperaGXSetup (1).exe
"C:\Users\Admin\AppData\Local\Temp\OperaGXSetup (1).exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
PID:2296
- C:\Users\Admin\AppData\Local\Temp\7zS8F8FECD7\setup.exe
  C:\Users\Admin\AppData\Local\Temp\7zS8F8FECD7\setup.exe --server-tracking-blob=NDFmYzkwMjMzMWM4NTY2MzA4YTQyYWYyMTg5N2YzM2RlNDYyMmQ4NWI0MzQ3MDVkOGQwZjk5YzkwYjM2Zjk5Njp7ImNvdW50cnkiOiJDQSIsImVkaXRpb24iOiJzdGQtMiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3d3dy5vcGVyYS5jb20vIiwiaW5zdGFsbGVyX25hbWUiOiJPcGVyYUdYU2V0dXAuZXhlIiwicHJvZHVjdCI6Im9wZXJhX2d4IiwicXVlcnkiOiIvb3BlcmFfZ3gvc3RhYmxlL3dpbmRvd3M/ZWRpdGlvbj1zdGQtMiZ1dG1fc291cmNlPVBXTmdhbWVzJnV0bV9tZWRpdW09cGEmdXRtX2NhbXBhaWduPVBXTl9DQV9IVlJfV0VCXzM1NDYmZWRpdGlvbj1zdGQtMiZ1dG1fY29udGVudD0zNTQ2X2QyZjZjZDY5LTU4ODctNDlmZC04ZDAyLTVhNWZmOWYzN2JmNyZ1dG1faWQ9NjE2OTgxNDQxY2IzNDE0OWI4MjAyMjQ2ZTEyMTBmZGImaHR0cF9yZWZlcnJlcj1odHRwcyUzQSUyRiUyRnd3dy5vcGVyYS5jb20lMkZnZXQlMkZvcGVyYS1neCUzRnV0bV9jb250ZW50JTNEMzU0Nl9kMmY2Y2Q2OS01ODg3LTQ5ZmQtOGQwMi01YTVmZjlmMzdiZjclMjZ1dG1fc291cmNlJTNEUFdOZ2FtZXMlMjZ1dG1fbWVkaXVtJTNEcGElMjZ1dG1fY2FtcGFpZ24lM0RQV05fQ0FfSFZSX1dFQl8zNTQ2JTI2dXRtX2lkJTNENjE2OTgxNDQxY2IzNDE0OWI4MjAyMjQ2ZTEyMTBmZGIlMjZlZGl0aW9uJTNEc3RkLTImdXRtX3NpdGU9b3BlcmFfY29tJnV0bV9sYXN0cGFnZT1vcGVyYS5jb20lMkZnZXQlMkZvcGVyYS1neCZ1dG1faWQ9NjE2OTgxNDQxY2IzNDE0OWI4MjAyMjQ2ZTEyMTBmZGImZGxfdG9rZW49Mjk5MzI4NjUiLCJ0aW1lc3RhbXAiOiIxNzIyNDYwNjgwLjc5NTIiLCJ1c2VyYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI3LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJ1dG0iOnsiY2FtcGFpZ24iOiJQV05fQ0FfSFZSX1dFQl8zNTQ2IiwiY29udGVudCI6IjM1NDZfZDJmNmNkNjktNTg4Ny00OWZkLThkMDItNWE1ZmY5ZjM3YmY3IiwiaWQiOiI2MTY5ODE0NDFjYjM0MTQ5YjgyMDIyNDZlMTIxMGZkYiIsImxhc3RwYWdlIjoib3BlcmEuY29tL2dldC9vcGVyYS1neCIsIm1lZGl1bSI6InBhIiwic2l0ZSI6Im9wZXJhX2NvbSIsInNvdXJjZSI6IlBXTmdhbWVzIn0sInV1aWQiOiJiMTg0MGJiMy0wZmZhLTQ4M2EtYjZiMC0wYTBiNmZjYTI3NzEifQ==
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Enumerates connected drives
  - System Location Discovery: System Language Discovery
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:4332
- - C:\Users\Admin\AppData\Local\Temp\7zS8F8FECD7\setup.exe
    C:\Users\Admin\AppData\Local\Temp\7zS8F8FECD7\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=111.0.5168.99 --initial-client-data=0x324,0x328,0x32c,0x300,0x330,0x74091160,0x7409116c,0x74091178
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - System Location Discovery: System Language Discovery
    PID:3888
- - C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe
    "C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe" --version
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - System Location Discovery: System Language Discovery
    PID:3000
- - C:\Users\Admin\AppData\Local\Temp\7zS8F8FECD7\setup.exe
    "C:\Users\Admin\AppData\Local\Temp\7zS8F8FECD7\setup.exe" --backend --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=1 --general-interests=1 --general-location=1 --personalized-content=1 --personalized-ads=1 --vought_browser=0 --launchopera=1 --installfolder="C:\Users\Admin\AppData\Local\Programs\Opera GX" --profile-folder --language=en --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=1 --run-at-startup=1 --server-tracking-data=server_tracking_data --initial-pid=4332 --package-dir-prefix="C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_20240803042012" --session-guid=d2c4f229-edd6-437f-9e71-e7014d97c353 --server-tracking-blob=NTE5MDg5NjgyZmVjMzE0ODZjM2NmOTQxNGFkMThkOTRjNzg3ZWY3YTkyZmVmOGQ5MDUwOTViNjlhODk0ZmRhNTp7ImNvdW50cnkiOiJDQSIsImVkaXRpb24iOiJzdGQtMiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3d3dy5vcGVyYS5jb20vIiwiaW5zdGFsbGVyX25hbWUiOiJPcGVyYUdYU2V0dXAuZXhlIiwicHJvZHVjdCI6eyJuYW1lIjoib3BlcmFfZ3gifSwicXVlcnkiOiIvb3BlcmFfZ3gvc3RhYmxlL3dpbmRvd3M/ZWRpdGlvbj1zdGQtMiZ1dG1fc291cmNlPVBXTmdhbWVzJnV0bV9tZWRpdW09cGEmdXRtX2NhbXBhaWduPVBXTl9DQV9IVlJfV0VCXzM1NDYmZWRpdGlvbj1zdGQtMiZ1dG1fY29udGVudD0zNTQ2X2QyZjZjZDY5LTU4ODctNDlmZC04ZDAyLTVhNWZmOWYzN2JmNyZ1dG1faWQ9NjE2OTgxNDQxY2IzNDE0OWI4MjAyMjQ2ZTEyMTBmZGImaHR0cF9yZWZlcnJlcj1odHRwcyUzQSUyRiUyRnd3dy5vcGVyYS5jb20lMkZnZXQlMkZvcGVyYS1neCUzRnV0bV9jb250ZW50JTNEMzU0Nl9kMmY2Y2Q2OS01ODg3LTQ5ZmQtOGQwMi01YTVmZjlmMzdiZjclMjZ1dG1fc291cmNlJTNEUFdOZ2FtZXMlMjZ1dG1fbWVkaXVtJTNEcGElMjZ1dG1fY2FtcGFpZ24lM0RQV05fQ0FfSFZSX1dFQl8zNTQ2JTI2dXRtX2lkJTNENjE2OTgxNDQxY2IzNDE0OWI4MjAyMjQ2ZTEyMTBmZGIlMjZlZGl0aW9uJTNEc3RkLTImdXRtX3NpdGU9b3BlcmFfY29tJnV0bV9sYXN0cGFnZT1vcGVyYS5jb20lMkZnZXQlMkZvcGVyYS1neCZ1dG1faWQ9NjE2OTgxNDQxY2IzNDE0OWI4MjAyMjQ2ZTEyMTBmZGImZGxfdG9rZW49Mjk5MzI4NjUiLCJzeXN0ZW0iOnsicGxhdGZvcm0iOnsiYXJjaCI6Ing4Nl82NCIsIm9wc3lzIjoiV2luZG93cyIsIm9wc3lzLXZlcnNpb24iOiIxMCIsInBhY2thZ2UiOiJFWEUifX0sInRpbWVzdGFtcCI6IjE3MjI0NjA2ODAuNzk1MiIsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjcuMC4wLjAgU2FmYXJpLzUzNy4zNiIsInV0bSI6eyJjYW1wYWlnbiI6IlBXTl9DQV9IVlJfV0VCXzM1NDYiLCJjb250ZW50IjoiMzU0Nl9kMmY2Y2Q2OS01ODg3LTQ5ZmQtOGQwMi01YTVmZjlmMzdiZjciLCJpZCI6IjYxNjk4MTQ0MWNiMzQxNDliODIwMjI0NmUxMjEwZmRiIiwibGFzdHBhZ2UiOiJvcGVyYS5jb20vZ2V0L29wZXJhLWd4IiwibWVkaXVtIjoicGEiLCJzaXRlIjoib3BlcmFfY29tIiwic291cmNlIjoiUFdOZ2FtZXMifSwidXVpZCI6ImIxODQwYmIzLTBmZmEtNDgzYS1iNmIwLTBhMGI2ZmNhMjc3MSJ9 --desktopshortcut=1 --wait-for-package --initial-proc-handle=7809000000000000
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Enumerates connected drives
    - System Location Discovery: System Language Discovery
    - Suspicious use of WriteProcessMemory
    PID:836
  - - C:\Users\Admin\AppData\Local\Temp\7zS8F8FECD7\setup.exe
      C:\Users\Admin\AppData\Local\Temp\7zS8F8FECD7\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=111.0.5168.99 --initial-client-data=0x330,0x334,0x338,0x300,0x33c,0x71901160,0x7190116c,0x71901178
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      System Location Discovery: System Language Discovery
      PID:1620

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ff9b754cc40,0x7ff9b754cc4c,0x7ff9b754cc58
  2⤵
  PID:4188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1820,i,13687720036340506880,13556554945886906804,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=1816 /prefetch:2
  2⤵
  PID:4184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1976,i,13687720036340506880,13556554945886906804,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=1960 /prefetch:3
  2⤵
  PID:2192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2180,i,13687720036340506880,13556554945886906804,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2408 /prefetch:8
  2⤵
  PID:804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3176,i,13687720036340506880,13556554945886906804,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3184 /prefetch:1
  2⤵
  PID:1072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3424,i,13687720036340506880,13556554945886906804,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3428 /prefetch:1
  2⤵
  PID:2764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3720,i,13687720036340506880,13556554945886906804,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4548 /prefetch:1
  2⤵
  PID:4300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4408,i,13687720036340506880,13556554945886906804,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4488 /prefetch:8
  2⤵
  PID:3964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3828,i,13687720036340506880,13556554945886906804,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4712 /prefetch:8
  2⤵
  PID:1392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4764,i,13687720036340506880,13556554945886906804,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4900 /prefetch:8
  2⤵
  PID:4492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4820,i,13687720036340506880,13556554945886906804,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4676 /prefetch:1
  2⤵
  PID:3160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4380,i,13687720036340506880,13556554945886906804,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4500 /prefetch:8
  2⤵
  PID:4828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3476,i,13687720036340506880,13556554945886906804,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4704 /prefetch:1
  2⤵
  PID:4200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5208,i,13687720036340506880,13556554945886906804,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5272 /prefetch:1
  2⤵
  PID:1072

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2300

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3780

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:4900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff9b754cc40,0x7ff9b754cc4c,0x7ff9b754cc58
  2⤵
  PID:4912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2020,i,994804917049408156,16140795602443025266,262144 --variations-seed-version=20240802-130108.496000 --mojo-platform-channel-handle=1928 /prefetch:2
  2⤵
  PID:3296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1884,i,994804917049408156,16140795602443025266,262144 --variations-seed-version=20240802-130108.496000 --mojo-platform-channel-handle=1724 /prefetch:3
  2⤵
  PID:1860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2256,i,994804917049408156,16140795602443025266,262144 --variations-seed-version=20240802-130108.496000 --mojo-platform-channel-handle=2480 /prefetch:8
  2⤵
  PID:2880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3004,i,994804917049408156,16140795602443025266,262144 --variations-seed-version=20240802-130108.496000 --mojo-platform-channel-handle=3084 /prefetch:1
  2⤵
  PID:3560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3012,i,994804917049408156,16140795602443025266,262144 --variations-seed-version=20240802-130108.496000 --mojo-platform-channel-handle=3140 /prefetch:1
  2⤵
  PID:3772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4488,i,994804917049408156,16140795602443025266,262144 --variations-seed-version=20240802-130108.496000 --mojo-platform-channel-handle=4468 /prefetch:1
  2⤵
  PID:1656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4320,i,994804917049408156,16140795602443025266,262144 --variations-seed-version=20240802-130108.496000 --mojo-platform-channel-handle=4456 /prefetch:8
  2⤵
  PID:2396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4308,i,994804917049408156,16140795602443025266,262144 --variations-seed-version=20240802-130108.496000 --mojo-platform-channel-handle=4340 /prefetch:8
  2⤵
  PID:1872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4732,i,994804917049408156,16140795602443025266,262144 --variations-seed-version=20240802-130108.496000 --mojo-platform-channel-handle=4632 /prefetch:1
  2⤵
  PID:4880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4692,i,994804917049408156,16140795602443025266,262144 --variations-seed-version=20240802-130108.496000 --mojo-platform-channel-handle=4708 /prefetch:1
  2⤵
  PID:3912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5124,i,994804917049408156,16140795602443025266,262144 --variations-seed-version=20240802-130108.496000 --mojo-platform-channel-handle=5140 /prefetch:8
  2⤵
  PID:3464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5184,i,994804917049408156,16140795602443025266,262144 --variations-seed-version=20240802-130108.496000 --mojo-platform-channel-handle=5180 /prefetch:8
  2⤵
  PID:864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5312,i,994804917049408156,16140795602443025266,262144 --variations-seed-version=20240802-130108.496000 --mojo-platform-channel-handle=5288 /prefetch:8
  2⤵
  PID:3208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5296,i,994804917049408156,16140795602443025266,262144 --variations-seed-version=20240802-130108.496000 --mojo-platform-channel-handle=5480 /prefetch:8
  2⤵
  PID:2648

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3964

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Browser Information Discovery

T1217

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
8443833de2902fb02c86c846d732af84

SHA1
1ec619adbd182f18925bc38a333a548033d82c46

SHA256
973d5f5d1fef1a275b7a31bdf41d1d62181de8cd5796ca1be0a2f201633d3026

SHA512
0134bcec90cf79714fc69f3b4aa87f1e79d4be0fb2995c841f479c851ece54b7ea6f51f8878e9fab70425a1efbff089377406460bee893363467f6ad3c0cd9a8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
05346288d7b27d7dc8205cb6e5f724a9

SHA1
a26e969adc8b7010f49069847f80211063c5b229

SHA256
85c5beca3f8a8fc973bc406772c8c5805abe64a0fe07c8c93d83e473c323b2c1

SHA512
e3f69e1b62c474fa0ac2a7030d072520ce9a521a0818f421e823ff1f867c25e324e7d4f9ad4f5d87bab51c125e18a755ceff6a7b35fde5358646dc2233734e0e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
0cd41c6073aecbca1e98906e3965ea8c

SHA1
0d6829285d7e2b148843d3e03cba58dc74b96d42

SHA256
53d850523a7b70e933bc66a819f6f0f54ddc6f688996a2a4af3702d08cb7fa11

SHA512
e003b97f8445d90a26a29d36245f80cc7f4ba2d70011f56f521f07fd8a97e1d3d10ce9abe6cf4dec915a64dd3ae39c66c1fec6582704168e334a796fef356fa5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
d77c9f94e8f58215f177249ec8e2eec9

SHA1
649782b2e384394fb95909edede040ef25ea83f3

SHA256
3e1383b976b3916b1ada54c4e6480cb05df8975e6dc9d9061befbad6e6912f68

SHA512
7b403b26389c2fd6303c67691cddd1460faf956e0216ba6374f94e12bcb076a0bac4872842ddfc6a465f5be405e7c7d595881eac693e779008527c6a020f05dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
2ec82c0727a4735348acee7596f9e9e0

SHA1
1496ca24dd759a989b05a012f1059fe2c0d56540

SHA256
50e23a6491685e89215c96ff26365e39d623e7a67745f2e120cf48999e52888e

SHA512
a1b205bb4870b1a192a6df6c8cfc53e1d26aa3973a44c5316997969ff663effea1da970162e00cb9b1515fb27daa59ab25b8673ea6a80b48ca1327cb473b316e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
34KB

MD5
7fcc7e86b1c5755aa1a97b7fb1d3ef3a

SHA1
97c0c301eec6a615d55a2f74e4a39069402fea14

SHA256
d7119a4873e48f740038f997034b9b517faf34cfeb4dd0d42d80a3074dc1662a

SHA512
d8f8f0ec518b90d198d8ad9b26422677c019ce35487a849817ba8c208892a3d5cc122b42c694dd6077396a5bbe9a72e632c918d58012f17bfcfb948ca8ec27f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

Filesize
59KB

MD5
1fed7050c0bafb6ddc7e7cb9d4c8be8f

SHA1
578f52ff18422e4f1f8beaf7e5a331f8ad900b14

SHA256
e67719ae7dc9321139b1dcfeb0ada897a1c7ffd2f89844e46bc8ca85f4038dff

SHA512
ab44617a67ec6160e66cd210e243e099a6bc9c5a703a0369f4d7cd695db4f808f7147874e0a5a97ac1de13c7d4649ba3dca53254efca155396c05076a24390ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000003

Filesize
41KB

MD5
9a25111c0e90867c7b8f41c5462abfaf

SHA1
0619625d479f31cf145c2e3714de0df4a69169d1

SHA256
41bb42020f1beabc9e72913ef6a33aa264556ec829ac70fd92c9c9adfb84803d

SHA512
0fbc3c64d6f5acc2c0dab67924b0c669fefa994f449240d1f6b78dcac3538343938a4fae972726156189f05806d3aae0e333035df52605ffe28886b82f31ccdd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

Filesize
209KB

MD5
3e552d017d45f8fd93b94cfc86f842f2

SHA1
dbeebe83854328e2575ff67259e3fb6704b17a47

SHA256
27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6

SHA512
e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
24KB

MD5
c594a826934b9505d591d0f7a7df80b7

SHA1
c04b8637e686f71f3fc46a29a86346ba9b04ae18

SHA256
e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610

SHA512
04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
37KB

MD5
186a6d001b01db572f763db11bd431e2

SHA1
18e2e156190e766e855de9fe5f01b3d991fc4568

SHA256
f9dae27bb6edca1151eaa312c7ed31b81bea0f7ba1434eca18ecb35a24c0ae69

SHA512
ba5c4fe8f5c82762c3a0c6952fffd07d0f798c2d6f8d9e4c590e0ec3e3703a1e34a2af956691c48b76f3d27ffe052cbc980b683cf79ffba8086815acc7d8e79b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
29KB

MD5
a2d30a5438e062d7e64a77938b25b01c

SHA1
82317f92b7a6757b657ad8c0042893ed6bfe389c

SHA256
66ea35d3e088e12dbdec35aae1f27b1e6cb40655a275559bc83a5f6e0cc57b3c

SHA512
9d92e755c5dc6453daf79c405dcdfc5af4d9427745c9c5c4efc333681c75df256ebb4764d23868ef6d7652d6ed7d7aab05859944c6e81ddea9677e6c36f5c1d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
69KB

MD5
862952ce8fe0bf07dadd0d148f394a9c

SHA1
61e5821df5738b4f9d270048fd322128f03c22cb

SHA256
7cc2e49dd7288de42f971ddddeb965e94c158df3e03535632ec5b95a3b3adc73

SHA512
0b786cb041e1ac616b5085fc589bab5f8d20a821bf2a879c1501aeb55f192cc3436e44850be2426f20ff2974c566fde5a8a01654fbcaea9c6826f45ddc8404c6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
24KB

MD5
87c2b09a983584b04a63f3ff44064d64

SHA1
8796d5ef1ad1196309ef582cecef3ab95db27043

SHA256
d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0

SHA512
df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
70KB

MD5
86a162abd8da8954c9489598e624c97d

SHA1
26832fbf83ba9b9458e4975a1db3370249e7b2ad

SHA256
64b9cd4a4ee6a195eab971c9178340b8925480628386ad7fdad7c6223cc73395

SHA512
a6e8f9b27442c940ec121d53c25130e2727d28c0e1ea6b57a65dcfaa0e16a76de7243652e3c9ba605da354c36d90b8884ebfa7a823dd160dcccc28f7821daaa6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
404KB

MD5
0d512262f1681877ad2e70b480a78422

SHA1
a9728305633f54645766c00913f789609d8b87fc

SHA256
6e72f9c1818b79360abcd1f63b715c2e8ddb51759f2ab79477fe7a3bb17870e3

SHA512
d46c753eebde15c4dc0343800ff5a83af471a83f7e7aa23b370c8b767cbbfad8f762864998d558f758df3a906b4bbba7ea23378fe7a0279b2c5ea07ff0eee7cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
182KB

MD5
3d85d961d47b668c6cbea48de271a51b

SHA1
af8c1f41f7b3b4177970254eebccd2d65beebecf

SHA256
c912a1920352e12b3a83ce407fa360494cf0b0ae06357f34bbb3dc6b99465a49

SHA512
317327e7d746c116f1a5292cfa4b6a59583d48c095eeb3388db2434d9c46c25e6e609a2cdf56ccaa737f1df1e1e527ab165b39574a6b3f490453231f5c8527d4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
112KB

MD5
f77e2ac17f67dba6eaea776d9567a15a

SHA1
627e5bdc1616955dc8af73d3d3e4a5f91a38ade4

SHA256
03a12ad4000812a5dd85e8b354166310247bbd3f85fccb367feedd9c96368ae0

SHA512
4a164269fe0a5a9c080aaa283b8badac66992c5aed9e5ad1ee6e9e40a4a91b2aff95e4c059d2825482b8081916ffb463645d5fdf6682f0f470aa1ca19ca0cf8e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
22KB

MD5
7cc5ca330c5803741b85c899b2324bbe

SHA1
33a60be69cae68cbcdc0ac690215c1e250e420ae

SHA256
1078afc02c9547ef6639e1b3e2a2ab2d76280e2e01c552ddd0d4c6ae6a69c7fe

SHA512
b13543578960bbc3646df147ecac6be3fcfe1c3ea37fb380e01a16261b6ebb0abf3cc6f06799a60bb48f786035848995eaa9e029eab64231b05a71b252e17ddf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
27KB

MD5
6da5998f8e90d28378c84a2f8b1acf9c

SHA1
1eb55404a9d4089239d61f07b64d83d16d578bca

SHA256
10714240fab1bf95a09c0a6461bd3621783b763b6847bfa8255622d7d13a4fd8

SHA512
8a96b06b85ef59794870598ce40cd67fd1d608ddb08ea71fbe47e499dc449461ba0a0125188f16efe33a4e22cb8fac403685ab18748a119379aaaf2327976310

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
65KB

MD5
afa81ebaba0dc5e9aaab3cd9c1cfb887

SHA1
0ebab42f78f37a2fca42a171419c1953c0f2497d

SHA256
cf8aff471e9ed017445eabacbc82addaf821f2e3b6a3a73e155b78368e66fb11

SHA512
7708a94b465bc4c17aaa7b61845b0c738106c8060f6632e07c068b1ec374f5e373cba007eb4eefb6e324267cc76b37f47ca6f5ee2db712f32008343b6249bd4b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
31KB

MD5
7f8a4f124f314e0f1a6d26a2ad2606f9

SHA1
b10bfb19db2d40eb4ac17735c385493e7dd04c48

SHA256
7bb5dd5ba2a9a34556880c1a064625644803bc44e86914e0185ba6004e917676

SHA512
217479bdba2eff0c329faba1f3c90cb287a716d50c1270617231efd40fc554ff9867875582222dbe0120d0f0325730fa4e43ba76683faea1cb8868e10e0f13f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
27KB

MD5
2111fef5111c42b21711de4e9926e7d7

SHA1
b6bfbcaba24b7b05893218f139c32172e2ca08b8

SHA256
4c3b5ede33b800992496a05eeeb9003deb2d185ec08d9e9004082b382a57032b

SHA512
f1875bf7f42c7395aab6f8ae19f734eba4a93e4804e495a2882611102e02192f5dcc36fca9240707e8704e1c7848220672b38e1079ced745f48cafc399f75e09

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
80KB

MD5
73fdae5bc37cae6073ac3f332611bb94

SHA1
001dfe924d03d4e6f21079b4ff8563df7fb7a3a8

SHA256
4246df1b4b5a5f6acd70c2b3d2a5b1d772cc13659bd8264060e07ebc1c2974db

SHA512
67016b9599bb2b654e2ef01b57ee091b0db3225336d16f9942291551ab1c709816bd4668ae706d4ed65fe7810b8cc36497956c2bd3c780fc9262567c700ec9c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

Filesize
30KB

MD5
c44858e3aff70229e04915c091d28f42

SHA1
43f192bdaee477d4564e85c6bde3e79c6e0e5b8e

SHA256
c1d03782f67483f84442ef02e315fc2f638507b9784f7bfc0dfe01a4c2115fe2

SHA512
b60eb885f6b523509ca7919c2f42430e45b4053298763c300bdd9f963962a85dea4e6372b4f3183fa23701abdb9ee34ea2face9336159ae6eb25c50c34dc4686

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
85294a14ab42c7206e8fd388f6a98f38

SHA1
55c23f5b62e0544bf934efa565481f479145c02b

SHA256
c0559cbe4509f5bf7e50aaa330bed444f102a023c6bd08e97ce1b05e98b85898

SHA512
59e8aef2669d89720c8c5d05b2a419cd85c4b81910055a45b8199bedd48f8f46a1aa08480d570938a4292a7ca877f2c0d9389e0b6a1e7f29cf97509c837d02f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
b0b11871248adf3425a357d43cff4731

SHA1
6e16ce388b2c332d52e301916ea0acf36caf3f20

SHA256
9baf1e4978434bb1a9775dcbd0f66594a63dc26d5828e7175fc80ee47835e522

SHA512
cbe852b2c57cf3b953fa3f9f28991554df41f85cf485cf9266d30458525298fa6235ec4110b8a4cc09b22e95ad9acfd702e9fb68aad5b26db29c86a81cb0670a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
5a045c2fceaff72ed03568e84dac7cf8

SHA1
2a484c4fbe3eec5d04dc151716dfd442773aee79

SHA256
31ccc3da40869a3bb7a376d8f96396ad139c413684d01718ef51f798b83f329f

SHA512
07d6bbe53a705213b6f72f574791d1e3c5c5cf03f4727701022abad53dfc6b069dfefdc9790251a1fea265589138fc1433b84e4e961a798b943b3d87e50bd80d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
c55788519608957571f3b67448ac7927

SHA1
9d06cf8421432ef4c563dbc97e59105694f8dba5

SHA256
de1dac238b8822514cb914fe269e5cd68624f057aec3d49e590266ffc5eefd37

SHA512
e89b2cd89db37d93f989784c50316b437d50c4de9ca89ceb4bd4dc0f9346de1143915e610d752c670f703ec6c2387ed33147fe23c4caa9f764026692fdfcb04f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

Filesize
24KB

MD5
d03828edfc8d88cbbaa2621a4f606b2b

SHA1
cc3fd2bdb18ae0d4426e267899a6588569d27176

SHA256
98e06e193bf08b5abf0bac06a618ced1d01c251ed42498a4bae4b2fb7f3f8310

SHA512
81b676f5e3c6d9cf599d0f82ba1b8c3ebce063fde3f1d466f75afbeea911334e10ca4cc3fad6ffbd080441485c741dc591522d23e1415c14e7bca3da5b37a38b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
160KB

MD5
7ce68630a4682d9b424b37ec83c6befc

SHA1
44e04e670209e26ce21a981d781ebdbaa835b9d0

SHA256
0ec4a1eb031b20cbb0a8ae79e66aeb9fe80d8f86ab399dc9916e20d4339fae2c

SHA512
5c96b88d8f794cf2ede3f532ae5f1301ce049b26e9bed9a9c1cb289037abf241285a056a868938ec97f323e1b89044dddc71316f58cd6fca1f385c895b0212aa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
8KB

MD5
ba236754f99f28f4bba2ea18908cc5aa

SHA1
7b4b8582296b5a3fe87eed95f8e2442aebea4cb2

SHA256
8b6bb028faa5fd9eebc4624a95989d5341e7663cbd67579a4351ad57ca4f0084

SHA512
481f099d445b619d1d380c2b6a7e6f681cf405abd89a8e6c8e0dafdcc1777d100c01682e932215f2b537d64c6bba0d9076448126160a5dfb19805f2e71dc6a24

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
94174acd0a137329bac0c573bec339aa

SHA1
38f1139eb037fcdfa44a21f0de4ae354f06fe764

SHA256
efd1af4109f8dd54b2156ff7e1386305e6dbe38a8231a6c36b817f04753eaebe

SHA512
578572334894bc7aa2ac0e4ab18527b3b5ca41d0cdfb3a9163e1f97d237463527da0662afb2999e84ae6af764bea5469bf1e9381232074591317b6dba562d7ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
1865ea9d7c11102852cfe968e35ef939

SHA1
003a9b16760e5dffa4649b52285bd08ef6bb9948

SHA256
8b2b7907454dbf10316a1b9301c0772d58e2f56852879540c5961c91e1b3b262

SHA512
561f7b0667207daa630e7a7d6d31dc17e0c6a23a27f5908b8d362333a15f43ce5f79845a0b51bb44070711d968ccc662c149dd0357757e9fa7540cc7ab4bb86f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
354B

MD5
da89780e7b1def319cc32e26f273b2b4

SHA1
1190a2761dd04729b739097a2e612a61e5482238

SHA256
7cabf7fadd1a78e0689b137264e01cbbcc2df7faea38500e333aabbf51c51e06

SHA512
afa6ac9ee5b657ac9f102158e70a897c41204a0e52719ebb236d46f278e7b111a15c66d4cd1a2dd128d2c5bfcd53123c2a89b7d89a709715c86f7386708e2409

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
354B

MD5
32ff24d766c0e797601b55c9be054ea4

SHA1
7e42cb9d78e35c710f09b7e36e04edc66ea759f5

SHA256
fa86a44e1669d62408662b84b4c2c14bde6364dc071040e4a5339193edbb9e6b

SHA512
c487e35ff8d550124256c1ec912264437a02516d575705f6e43391c435ca06a55102b47bdce4b24b14b60302faac73f9e5bc67daf24041ad5219928fa897be86

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
856B

MD5
e554e3eec39e2b7b4733091c1bd944d9

SHA1
22c48bc22d9d20944bf3b4f336b0f1a11220259b

SHA256
4de8c06240812da5134df94ed74b6d8ed62ae05117d294aec08a086bc0bc12f2

SHA512
d5f5b788a8af433aafa28c03ca9d5a4bfb92df5c368e95aeb4d3483663700aaab08dd3a52d7791964cc154238a4461304766a04c2f9f239a4e2f4aa135b4f732

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
688B

MD5
04ed729566481e593f475048f66ef320

SHA1
66fc41204f1927275bd8b72e236e745b1ee6fe8f

SHA256
4589b7d694f714d2cebe25875752e52e7e5682d9f140e70040d4fe26cefe3194

SHA512
771c0290085a3dc28d5df8c573b26f4fa92ee333c008752d3836657f03fee9119be5ccd69c59bfb6588f276ecb5c501beb47f934e987a0862db743047cae6e73

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
688B

MD5
f553a777916326c9d095538da0947485

SHA1
cefa999cfb78dc8d6931b9b18e471e18c7a04384

SHA256
4743c41b998f0d70b5e2ec588c870cd2a5daa536da4ded7e940414e4508386ca

SHA512
c9d396c9604e3042fac3ce213962feda6001a80b5ea7a679f3d5cea24015d97bd5549ad8eacaf9b338a7faa8f35172ebbe3de5812bb142939be2778af30cd617

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
856B

MD5
b4da5038862592f329f6c11e3d626dd1

SHA1
d6eb0e674b3c6906f5688638459aba3644ef9b27

SHA256
602b81828e1c3c769818c27d8b38822b2255a86ead788c3af739c2ea043f89d6

SHA512
98f65414f32d72d2924c7949ad1fbcd6f0a45aeb3527a6f9ce6bee9c8199efbbe8cf445254dd5c4bf6dd41facf9eea87287582bc0465f5051fa60f0007a92bbe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1024B

MD5
32f11e4a274679432eff5eab1481ac86

SHA1
02ef4567cb6e5538914b0cb81fe5cc496e6de102

SHA256
11037e2aeafd9086a0eb4a32da80b3ec5fcb1605ff44a265b9241e58f995e754

SHA512
80fc6147a5c6b3aec30410669449ea218f0dab5e1299e4b8f583e61f804128a5015273c1294d4aeeb07ce1677b2c536ac088a29107c026d287948fca91df443c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
2fac117b9913c549b6d555c8257211b6

SHA1
9834b3f2f7648487c9a349af683e32e62bf26be0

SHA256
146686dd82064ccd24d3e8c24f500f79367b66d1c9bff92020945f8e86d088d2

SHA512
69e3e231ee4a1f0284c313ac916303bd40ec989720466a7a14bcae71652744d8cd1947fd893bd9f67b04d38e6bb677777b05696caea63144094cc2ee092e71ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
e294fb8da9ff8876ce4c9de05d9ab5ef

SHA1
c1e157ef3a9ef21e5f1ad8bf19c96d79abbb627e

SHA256
373b9c56ee0813ebbdc17179d45aeb41cbd8216765a2e07b22ca2f51950dc8be

SHA512
2ca19bc94484fc352de9ed42c0071563b41dc8a68a6b88894c70290df0793d4e77017fb15e43b2d10277e3b35dfd7aeacfdc928d4aab36a3a8da2769538caccd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
57d3deba1fb4c59c9389b72ce6e6899c

SHA1
8ac5976435e4872a539c881d04cce8cb918b5142

SHA256
0447d1f066aea90d221a9aa5feff0346973c728db9f090bc1de1a8c6ec29d856

SHA512
247a0b3a063e8c45d3db0ac8b68ac44cfb8388c110ef20aa591b28c85c0518792a30c93cf63f8844cee724f2fe81a1774f45c44d238dfc501dd9bfda2ce1789d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
44e6e2ba93ed8d3df10c998dcfa71d98

SHA1
78e0aabe6c37ec5ed5537ac74de1990ffde0df22

SHA256
3d4d81a73edb8b0bf2dc28ee87c2c11d6eda249b2b0e76a6e7ec9bdebeaa682a

SHA512
85d30121dae2a6fdbff014b1a18f5cdfc428f9388519d29e282e5b6f80bc2bac9ce0c9fbcefd03fb9ab570e1d3608db0839863b6d3a9c5d263c0ce2f30c2ee69

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e70628b304d3364e55f548eb42235dea

SHA1
bd2ff1c682e5b3a91e460238a0a0079ff1d85e3c

SHA256
3e69bea01254432e2ee08c21afabdffe72103ccabec7394ca8c03ec9d575434d

SHA512
5f539156c63c11c88819ef1ee228a97a5e40c2d7a17b0df82c64166baab8912ec8ba3ee765d94a818cfaeda2471f46a98909c7c0ea7f9bc53f973f1105c3e1e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
5af0e18cb29a4616dd2586c39e4563d6

SHA1
8df06fae0536a874c7bef298e3b373d4cb16dc99

SHA256
eea00d0d0d15ae0e796558c8cbfd3b4a03d781516ee1bc5ac3247b887af27d77

SHA512
9856d05c38f1037b788e21eda9144e1757059b1e7fcdc328ac787a4bac22cf045da6610e968a8318a3619f0f8c0e7f0139c00722ae54c67a75ecc3c99c6c71ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
62be073cf7a057884b86eff66fbe64a2

SHA1
fdf629869c38b0bf53c8887c254712e7031fd5ec

SHA256
0581221d1a88a8d82d26baef9266fdc7d854d992f06380e78842534fed748d6a

SHA512
7feeb427d9d22c4ed08de5436934d7989a02806cccdc35cd2588faa116905d384c032e6b61a9e9c62a0f14cfc6a42f0a21dff91139ef297630b01c9b48335a96

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
8d8805dd53dbdea26a1d69c105a6a7ba

SHA1
394e055761cae6330a7ddee1d6b4caff8b828cf7

SHA256
792c93976926ba23978989cbc05743f7e8186efbf9ac7951cdb8a79591093c95

SHA512
9ae6cdc94631f397a7b5686294cc044795ea456ba8544812e993dca926be4182024bbdab73ea013232f8793fc0806c58a4899b4287f15c8e101fb10b26eefd6b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
526af11a26f9512fafed6600b5a8545a

SHA1
d6bcd8f890afc9f20474494964c3a5661194b684

SHA256
850576ed9a431fb460bff72868d613a93e57ffc450ad4f68a290340046eab4f7

SHA512
4e69a5ebc75fd277462196d1c6ea98297fb69c9e220eafec99225e8706235f917695513381ac5656e3e85f6d13ff9c746ebd44e2bd6fa2a56a569c4046018728

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
678ca1299b3ffae3248ce99aea8ad4c7

SHA1
a7db0dda77ddfed8b07d4cd1b04105a56974c3a8

SHA256
6777e9ef21795e424608904db83c21c5f6fae9d625f6fc0f01b519107e1b98b3

SHA512
6ea704e73a227ccb405795348e994a35b5b21a1929b68cdaa99dcf58f0ab8579178163b9f9834322eaef81af8cc0edd517956fdd10780096b7a9a4614530bc34

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG

Filesize
333B

MD5
069e9939acb933956880a22ec43fa65a

SHA1
05f67e22a30fb553ce4939889ddfee9886105502

SHA256
ffb9646bb52e1dbbfb5a7e13f9b92810f3956ddff3da0f20b9e4d92caaad6fa7

SHA512
6999e16d58446ea5bb1f06987cd8752c4660346d1b815bb994f29fcd98b62ea666771777ef093fa1f36caa880ee9e74c27bddf3bc8c19cc1d929f2bd514b5abe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
120B

MD5
f97f4f5ee6d50a3c3218f49848636077

SHA1
1263cdc55458b053d9fbaf9dbc168c2aa5154cc5

SHA256
8ef4a3e75f46e913507d215e7a5e87bf556bcfacffe949a5a9ad5440b54a9698

SHA512
44646d07b895131a6a2830c7ef076e5acf913ad0442d04db3b44b3699859970a79d4d3a1f5711cec877620a75d2e20c3be1c059f432c390f14551b388cf89de6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
321B

MD5
4f482b669c0b72a3ea461e364349e9d3

SHA1
286d558657ced11e409953874ab8d33cc0d0ff3f

SHA256
30502c19c0ea4edb5466917cd1818be22b6e6fe8d694271e1abaa235267fced2

SHA512
4d41e24de832cfc47ed9ee282e6d954180b5532bda441b04e02f3640b6fee64c0fb7379b843cd006f99b686ed9469999afd360d7999fa981781202fa09bb880a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

Filesize
128KB

MD5
85b99cbd6acb35cfc77a4d787827a053

SHA1
7befeb844115681475f654d5660adafbbfcc2582

SHA256
be6183d1530d9dae46e4e109a2725a01d0ad7a17873cf613b990b6534391832c

SHA512
3de45586fc1cf454357819568c968bbeadfe0da7f44e771651d0eaa05593dd0edb253361ee33a078c817f391d659862f453e6d66d9d235f7ca35782e2225b3d6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data

Filesize
114KB

MD5
cdecee1545eba6e2154144184a5c6d05

SHA1
acc41e1ffd1d06a347ed90e574ce604c1cd79b25

SHA256
1159a619db503e4cf89e4ea17cde43153945e878c52a4b8819b9b10a51dce4ff

SHA512
7c89fec27aed5ad46080e087b93da294929cd657df29b9f09801dc70d2122e7269d8c98bf108b50d7324056bb494fc5a4a696175f7fd7245a68bdcf4e314f945

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
ef48733031b712ca7027624fff3ab208

SHA1
da4f3812e6afc4b90d2185f4709dfbb6b47714fa

SHA256
c9ce8dbbe51a4131073db3d6ceef1e11eaca6308ad88a86125f221102d2cee99

SHA512
ce3a5a429e3796977a8019f47806b8c0671b597ead642fcbfbe3144e2b8112d35a9f2250896b7f215d237d0d19c5966caf3fe674165a6d50e14cb2b88c892029

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
512193fb6b3f0ba1ba6ea6be726f1548

SHA1
612cbd3875804034553c611aa13a339c9208f671

SHA256
c44e1c5bdad060c87c0029326c33dc35704b3608af81573dbe35a1a491d08c3b

SHA512
74f9e2339a9b9927303e20b69c1da3e6c71fb170fbcc57fc7e4223198d7f746e6cd23e9d891e75c5f63fe81bf9f82a8279bfa8d276ef7ba8cec9f10f39fca40c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
8cf62fc5cdfdf6340266a942b385d134

SHA1
8fb9c2121dbc075521e6c3df46dd22181f67f996

SHA256
80113c7088f63445ed0c5964df194904d4b72e6d9b44c57c736995927ea51006

SHA512
2cbea12fb5ace07226d0e32cc550054559a835e83ad8d6024fba26dfe3dc2b667122a9f7702e08c88ecb9aeb8935aaed7e1b33702fb45f7867d8b3a991924bbb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
bafedb15fef625038c0cbff5b647bdd7

SHA1
db6da75ac4ce9b6b3e5c58a03659326fec10f00f

SHA256
edbdcff5c0d92e29786ef38a4e909bec7b985c80f7c2184f8deeef8ef1a0fb2c

SHA512
ac52199c91dd94ddd62e71e4e86f84b25db38fa984573738236fb004ccd3879a6a3acdee82c2731fa7b329adfd39ff2e365e3bf36c1b394d336d886ed19878d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
b3b14602c097bc1953ecc4fb7184e23a

SHA1
10af281297d4bc1d38727f8fd4ccbd5eda05a274

SHA256
e853166f5f62cc07683711743271ec99186fd66d7f177fa95cd0d1030d3459c6

SHA512
e63e3c9c9d53634a8c5af8a5877cb4ab1e2a4ce5721bebe0248bf6c2a1d51b5ffd24c9c6c25fe228a3186a5c13e5e99aeec87f159a5f9580fb358a91b8c6feeb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
acf7eb4177984d13396e87ef08c4d607

SHA1
88dcca943524187c4c51f81b227efce2dd2c0b2b

SHA256
166716cca6359ff612ffe7ee80a74fe506ecf4d5a3527e570ae300a3d4a4959f

SHA512
7b4e308d60f122e9811e5062b9bf4dbc6d33bb1e89bfd2ebaa0a9277953af223d37e6695bafc9c16a1a057f0327248c527d503ee5fe1bae4ddad2bb9a3dfe000

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
d144040f87c3ae068877a1148f98a002

SHA1
f1d464e1e1c8b8a675199fd12bb35f98d43a0173

SHA256
e9ad403d3f802d6c1f3aa9b39d7d7e1bf77e444bf607427b8c3c1e01bc856c90

SHA512
35e57ba9f470cd7d7f0fd57e9a93b0277ffeb061784dd81179abaaeede4ce77cf13cb62a02a5bb5bf2d343aa7591de9e6911630282e33f25b5b3190601d3c6cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db

Filesize
28KB

MD5
9595e64b1de024067f37417017678158

SHA1
5d8429f4dd84fcbfdc12a5018b4c17ddd6de463f

SHA256
8017bfc3b880a20aee8ad99227a43a650126d5bc4051dc89578b0d85265e7c08

SHA512
11e3123a401b0de737d81fcd074ba28b486662ab6e83065f5e09f4fc3c8f02f052c81f00cf430101d4960276c412746752162757486147a235e02869034e4cf7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db-journal

Filesize
24KB

MD5
d49ac032a92dbfae7dbb82162a7457d7

SHA1
68c9ae6294c11b011679dcf3894f409af82495c0

SHA256
a33288dab9dbe5a67663be646e6601b252c0dce3254cfcb0c4e8aaa8f06c2f19

SHA512
809e25b603c9a72c224e6f26c36743c60d70112a1d60abb805fd2055c9546040bb053f9e15e28cfe4ac06e03a5cb502d29f7125c90a1696ce526642b2abc1798

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8F8FECD7\setup.exe

Filesize
6.4MB

MD5
241331bede4cd250aeead156de3225c0

SHA1
4e6ebbfda62706203c7f3016d136560854841358

SHA256
b476f1c8521db36255a862af284f462eef77c4fd5233adb002137af7835f5e86

SHA512
9eb8f3970645315c73e80cea2af9364d8aa68d4e3383cdf21dd0393fc74857538639793e995a66b6bd58f086738981ffc364a06b23b129fab380d0e59532d712

Download Submit
C:\Users\Admin\AppData\Local\Temp\Opera_installer_2408030420109874332.dll

Filesize
5.9MB

MD5
4510a03cd9a85d34ad47ed84097ed4a4

SHA1
a1a761249bbbe8dffcb3fac37ed570c89e130379

SHA256
cafaa2ac106c340ca91acbbd483379cd3c2273d2cb795349db6b07c7272c0433

SHA512
95b4b9de8818e025608f7a77b3281e879bbaed5bbde6cfcbbd4bcb1b6c6cf09706b68061b7264d90c3374c2a0072f91afffc5b617fec12921407c72b63b2be62

Download Submit
C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports\settings.dat

Filesize
40B

MD5
c9a4b9df9a08e90848c2ceaba2e716fd

SHA1
fb9600304596107109362589ed7f674e8c57b127

SHA256
6b17f0dfbb5755bc7652c608c52c11381d1129bfb96e337e31573b0b2cb3d34c

SHA512
830bbb24effc5cd110b88d24b8035057c0fe80bc13474f0c64752b4a4a8a582d58764434a95316ae226fa81419d997b50b651d2818b3b9d98ba9ccb84164dccf

Download Submit