212c00916c1969a080b1475568d3acb77da5f471e449e1a3518ec0bef3e90736

Analysis

max time kernel
45s
max time network
47s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
05/08/2024, 08:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Screenshot_20240729_011531_TikTok.jpg
Size

24KB
MD5

20bf28be2328c3fc71cc890f85c6c427
SHA1

99338e93d92c6852cb5ca9ff5dd3ef74da4543ce
SHA256

212c00916c1969a080b1475568d3acb77da5f471e449e1a3518ec0bef3e90736
SHA512

d7d1a28417abceb7689f89adbde87cacaa1298669d9a32fcf22bc1c58f6ad08e5891205f1e2782885745c15fb3b3dc037b39246189fafe911845fdd4a215d944
SSDEEP

768:sjbMqMTFiBTizxZv1gHnvwHTIjvQZ4Bs6GbPlWX2n3kh:pjTFiBTax1gHvwTI7wB6GboXe0h

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133673190018275660"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
5076	chrome.exe
5076	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe
Token: SeShutdownPrivilege	5076	chrome.exe
Token: SeCreatePagefilePrivilege	5076	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe
5076	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5076 wrote to memory of 4236	5076	chrome.exe	90
PID 5076 wrote to memory of 4236	5076	chrome.exe	90
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 4436	5076	chrome.exe	91
PID 5076 wrote to memory of 3736	5076	chrome.exe	92
PID 5076 wrote to memory of 3736	5076	chrome.exe	92
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93
PID 5076 wrote to memory of 3776	5076	chrome.exe	93

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\Screenshot_20240729_011531_TikTok.jpg
1⤵
PID:3532

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffa0a74cc40,0x7ffa0a74cc4c,0x7ffa0a74cc58
  2⤵
  PID:4236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1984,i,14579519998797702308,2338634030708811605,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1980 /prefetch:2
  2⤵
  PID:4436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1892,i,14579519998797702308,2338634030708811605,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2108 /prefetch:3
  2⤵
  PID:3736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2280,i,14579519998797702308,2338634030708811605,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2100 /prefetch:8
  2⤵
  PID:3776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3120,i,14579519998797702308,2338634030708811605,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3148 /prefetch:1
  2⤵
  PID:4828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3136,i,14579519998797702308,2338634030708811605,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3204 /prefetch:1
  2⤵
  PID:4424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4544,i,14579519998797702308,2338634030708811605,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3680 /prefetch:1
  2⤵
  PID:1564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4660,i,14579519998797702308,2338634030708811605,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4680 /prefetch:8
  2⤵
  PID:664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4672,i,14579519998797702308,2338634030708811605,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4800 /prefetch:8
  2⤵
  PID:1584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4812,i,14579519998797702308,2338634030708811605,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4816 /prefetch:1
  2⤵
  PID:3068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4904,i,14579519998797702308,2338634030708811605,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4868 /prefetch:8
  2⤵
  PID:3104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4856,i,14579519998797702308,2338634030708811605,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4932 /prefetch:8
  2⤵
  PID:4016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4004,i,14579519998797702308,2338634030708811605,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4980 /prefetch:1
  2⤵
  PID:4336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4516,i,14579519998797702308,2338634030708811605,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3468 /prefetch:1
  2⤵
  PID:1864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5220,i,14579519998797702308,2338634030708811605,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3140 /prefetch:8
  2⤵
  PID:920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5212,i,14579519998797702308,2338634030708811605,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5328 /prefetch:8
  2⤵
  PID:4528

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3544

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4764

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

Filesize
209KB

MD5
3e552d017d45f8fd93b94cfc86f842f2

SHA1
dbeebe83854328e2575ff67259e3fb6704b17a47

SHA256
27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6

SHA512
e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
9b28b14c80c024176fc54b8b055661c8

SHA1
e278d1d59010a5e74247844b41a05ae8294a2ce2

SHA256
d43ac96e2e87646368da0d8680d2a665134912ebad6323f0a2f494116284328f

SHA512
15cdef8818c9cc9c83d302c068f2a298bb4fc3f045c5cd8cd56d9185d6f1f88e93216278414567a388921d3811f31ccaaa997d93873a94332d0b4569a5c260c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
370064ef7ede7ab4321e4953bd67fe76

SHA1
c70b8a5b892a77d3cabc3ff578b14ab317ae89b6

SHA256
024fb141c624be45df5fe401370130a48f343b882ad83ec609e2a5de48d70df8

SHA512
5290fb384e6916b7b4f3103a4272dd91b6b765f0278ddbb4fe23feb184b406884af4d94f397c1fe9ea3cc6278b1baa182c48fc0507489b7b4740bc48d469c3c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
5eb057b018bbff44a9b80fbce964fca4

SHA1
0e9b823683524d9694374192d078ac203379d0b2

SHA256
309ca3368612d8980837ee154a7d2e9a306d147847d16a42667e4e22008a649f

SHA512
8adf3b17f5dbb5c1d7925709658d91c59f3ce2f45b718f355450524d5188c5605137a58fcefb3d97b04b7b9cc13ed29fdcf5ce19ee2ce0594e23ee036e73f83f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
72a86a47d29b0c28b85e3e7a936968fd

SHA1
123127ebaa9626f98c40ef7bfefc46ba38a7beb6

SHA256
ca119a8d1ca587b7f7aa3389a857950d045f4dcf3b5726ac62e03456630d24c2

SHA512
ac8c9b52e6669b6b118c4fbdeee2ebd84c6df42aa76be2edf15f9d34b0e87d23e36bdff95a5b0c213c40eee31760559093c030728b0aac85d5499b7643280d47

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
1878344fc5696e0fbabff35a8003a412

SHA1
89107cb97ba215561b64dc4ba3ebbf5391e11562

SHA256
cf934ed1ae3f5c7cc33fb9e2ca89e3e313f8ef6320ae23333585ce85ab7460d4

SHA512
30805b22649abccf9d4a3a571f45f9cf7527308c60b1e284ac9774e38957a58aa13fb1b77bbee1693bb15f2ba210b7a978e962d68cd9cbe0e48f2838b9d873b7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
194KB

MD5
c56cbf93cdafcbc82ac1f34a29a4412c

SHA1
c69602518ab7894fa61fcd67a571d419955015e5

SHA256
d17bfd440a1dc0e8eca05a885014af14af6036e897a035574a897ce5c527507a

SHA512
288f2f122fd9e8b35daab260ff2030c6ed3c708861635486c751d168848b61f23eb57609848080d0cc494a607c9c8dc0d80bee95bd9f4ddaecb055c902a3e280

Download Submit