hxxp://pornhub[.]com | Triage

Analysis

max time kernel
1780s
max time network
1781s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
05/08/2024, 09:45

Sharing

Report Analysis Logs

General

Target

http://pornhub.com

Score

5^/10

discovery

Malware Config

Signatures

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF	chrome.exe
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF	chrome.exe

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

System Information Discovery

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133673247681378926"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2188	chrome.exe
2188	chrome.exe
1556	chrome.exe
1556	chrome.exe
1556	chrome.exe
1556	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 15 IoCs

pid	Process
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: 33	1500	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1500	AUDIODG.EXE
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe
Token: SeShutdownPrivilege	2188	chrome.exe
Token: SeCreatePagefilePrivilege	2188	chrome.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe
2188	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2188 wrote to memory of 992	2188	chrome.exe	78
PID 2188 wrote to memory of 992	2188	chrome.exe	78
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 4040	2188	chrome.exe	79
PID 2188 wrote to memory of 3860	2188	chrome.exe	80
PID 2188 wrote to memory of 3860	2188	chrome.exe	80
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81
PID 2188 wrote to memory of 4060	2188	chrome.exe	81

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://pornhub.com
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d7d0cc40,0x7ff9d7d0cc4c,0x7ff9d7d0cc58
  2⤵
  PID:992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1776,i,269063248731886420,1056078475350373518,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1756 /prefetch:2
  2⤵
  PID:4040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2008,i,269063248731886420,1056078475350373518,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2068 /prefetch:3
  2⤵
  PID:3860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2148,i,269063248731886420,1056078475350373518,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2368 /prefetch:8
  2⤵
  PID:4060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3008,i,269063248731886420,1056078475350373518,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3032 /prefetch:1
  2⤵
  PID:1864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3020,i,269063248731886420,1056078475350373518,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3060 /prefetch:1
  2⤵
  PID:424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4076,i,269063248731886420,1056078475350373518,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3512 /prefetch:1
  2⤵
  PID:2092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4532,i,269063248731886420,1056078475350373518,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4540 /prefetch:8
  2⤵
  PID:1820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4584,i,269063248731886420,1056078475350373518,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4784 /prefetch:1
  2⤵
  PID:2016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=3468,i,269063248731886420,1056078475350373518,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3488 /prefetch:8
  2⤵
  PID:4940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5076,i,269063248731886420,1056078475350373518,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5056 /prefetch:1
  2⤵
  PID:4568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5364,i,269063248731886420,1056078475350373518,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5404 /prefetch:1
  2⤵
  PID:1912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5332,i,269063248731886420,1056078475350373518,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5556 /prefetch:1
  2⤵
  PID:3068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5672,i,269063248731886420,1056078475350373518,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5688 /prefetch:1
  2⤵
  PID:4556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5772,i,269063248731886420,1056078475350373518,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5708 /prefetch:1
  2⤵
  PID:4980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5588,i,269063248731886420,1056078475350373518,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5944 /prefetch:1
  2⤵
  PID:2520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=4952,i,269063248731886420,1056078475350373518,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5308 /prefetch:1
  2⤵
  PID:2876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5944,i,269063248731886420,1056078475350373518,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5256 /prefetch:1
  2⤵
  PID:2072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=984,i,269063248731886420,1056078475350373518,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5524 /prefetch:1
  2⤵
  PID:2908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4960,i,269063248731886420,1056078475350373518,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6076 /prefetch:8
  2⤵
  - Drops file in System32 directory
  - Suspicious behavior: EnumeratesProcesses
  PID:1556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=6112,i,269063248731886420,1056078475350373518,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6080 /prefetch:1
  2⤵
  PID:4572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=6044,i,269063248731886420,1056078475350373518,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6048 /prefetch:1
  2⤵
  PID:2932

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2244

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4052

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004E0 0x0000000000000420
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1500

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
1⤵
PID:2836

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005b

Filesize
36KB

MD5
a7f88582ca27c9430bc3f3b18600a55b

SHA1
6d997ecbd9e4390f58f132deb2bf86d673ed46e1

SHA256
e876dfd48459808034d9a2133a67dd2b00c1504709360310ad2ed904c2417869

SHA512
0148a1087a564ef3179b64bd6413d76548d6c0c814022da61166b889c50acf591f5e5b8ff4621560656fd75199e2506dc6063cafcc531a865b4660227ffc2070

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000065

Filesize
77KB

MD5
c68f6a2f8957af33831ae68de177625d

SHA1
49d4c709a7627f7f9ce2b161acad37ed87280293

SHA256
d2b3d1996cb24ad4dfcdf84e0c0ceddfee5ddc4200324b0f910a01d99b23d0cb

SHA512
283082ceaf63dd46fbcfc1b9818b801e7a62f4223ae3e20d9e7de033da737f9cb614933e71e40d8f0b46fc5c5092ea4fe4bb597fe9275992f258de84499f93ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006a

Filesize
24KB

MD5
c594a826934b9505d591d0f7a7df80b7

SHA1
c04b8637e686f71f3fc46a29a86346ba9b04ae18

SHA256
e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610

SHA512
04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006b

Filesize
209KB

MD5
3e552d017d45f8fd93b94cfc86f842f2

SHA1
dbeebe83854328e2575ff67259e3fb6704b17a47

SHA256
27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6

SHA512
e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2db6a0f39af20449_0

Filesize
19KB

MD5
b53b69c177bcebea29a564ebfcf2fbd1

SHA1
af2885d21464a2dba57ccb374961cda242c32a27

SHA256
eb15bf422c99b02b42659a29b50b692b1944ad229d441662c8bb81a705b5f4b0

SHA512
52c48bb4b92b7f4ac78528a7f7689784b6db365ae3941c9ae4328cadf8b0a8693407b76989567577c633b4624f374fc4e4d20fe7c13dc7b30e29b5aa73b5f0ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2f00a1f1f964f83d_0

Filesize
677KB

MD5
e93bf2bac9d34d68ddbb2d0bb7db3f45

SHA1
cd905cb2e9b43e67331ad5a7a68a71aaab771e4d

SHA256
16c240014785fc76de77a7c28e518c1828dfb6ee07b8d75e2f089692ca5661a5

SHA512
338624317d84209858ebc584cfaa76d0435e41bad25840c9c1da1279fba030d6d866a7b1993a748680b99e722455cd8b43255264848d874b9934fea64fe76349

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3115c0025559b373_0

Filesize
287B

MD5
7d27a0ff6fa6714a0ae446441a5099a1

SHA1
fc2d9d6199cf36ca949e7e85d24d9592a1f2e97e

SHA256
c9461b464d116cffde53e7147998e153f62b74bf0ed836397cfd667f405f1c58

SHA512
4215ba44cec9555b11d0651e68060057cad3c73d3d1e3763523025d8c0c3c91fb55a6f9f40463764e80554829dc3240e6008595252028530604625c0ba89142c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\42dc57498ed2a0b0_0

Filesize
332KB

MD5
d5ca9724cb1d4ef5993dd4f06ea8c153

SHA1
f7d8f6e85aec061e7b5c59dafc8142b572ddd1ca

SHA256
31311b06f31f9dd7167a746f24345b3a0a57cf63af86c881476abc4a6d4825e3

SHA512
d580e4448465d30a24ed5f4bd4e098610dc902489e2ea9a40551a57dd5d960d4ef28cd618a665ad666393a838acb2ac8a5bc0afda403bb9ceae841df2c3033fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\83881cc2f6a86511_0

Filesize
258B

MD5
dc4e123a1e4ce7f4ef2aa1aca6160989

SHA1
74e3cdfae2699f32767d68a48f3c5108f3ff7cdf

SHA256
2526ef21a3ecb461fb6e88d5262dcf906e5b5d0bfce0388c959bc21a9a487dfc

SHA512
5630231932718ead67d4f5ab942367925a3ed6a0df8d99782319f6423c48d6e3f4c208968353ac02ff1de04fd7e8912961a66d55a6b1b38fb3ea4d0312eb58f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e6db82c69e02cd36_0

Filesize
283B

MD5
b60359a043e460b263f7bada72414053

SHA1
8a716d4c79809c8ca04210552204a96599f9cc3c

SHA256
f6060457b05e4edf260f834da5c14cab8ec8bfab1a9e2565b3e10faf146cd9da

SHA512
ba1cbae936b0052bb3998f5c17c53892b86f2d3fef72e531a6a3ca7a9d94272ab2a404184dc0bad6b0191067149c67bc42759efea21d8d6277353c8b0f46d1f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
3d802882f662be0ecb10787b8027efc2

SHA1
5fc24afb5f9394ffb0ffe2baf772a5bc5bb09555

SHA256
500fa04657e382428a313597cae2a67cd1eae56df9ecf245d614590a4a15a9b9

SHA512
7a9164fddd4936f1b5c1e3493191fdb9cbdcf76e11f09885e4d7663508e212d34b042ed9b7e858ab9da442570b3d691f6f4830ac2ce322cd15e2331e7869365a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
4cf4b51834f45efe600a2e32169328d9

SHA1
38fa170eaea5221ef74c3e8553166645f94a3174

SHA256
f83b99629a98f2cbd074703b926b39544fe935889efef176a6e9df56f819ff2a

SHA512
4bb875c033ced13349437779bee2920f2217e66040064ff40184cac77e8e871457a221f2afe3f6a35c00cecd37ab9bdd85ee6fc143119eed3636789b8499f933

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
efdff5db16ba4c1f9f33e4d1a6116a13

SHA1
7685c1529f71847fdf5553a85c2e18e05838c975

SHA256
2fc41dbe3eeb810382c52bae3e10c8bc386d3cb982fc8273fa3e7c161bf5a827

SHA512
227ccbcd91d78a832ac8b31d879ab0028950cceda8852c4b710b4af2f3d10f90d2ce5a02a043b7776f268bc662b221f16be7fd881ea80d7f54b79dc27c239a87

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
95dec94dc10214795519909a74c34cdd

SHA1
9c355fe7f341b1358b975fef458bad83066e9d6e

SHA256
f5e1e4d804c32f65d513d3d0bb7c45439cd670b4d06fef8ed03a54301035b7d7

SHA512
9c739d447f5df4dee4046424635d67a9bd1112dde0bf8691ae320fab80dba6af9314cd4d77553394d5c86fc6b27290632a8589d53e45b73a7f0646b8184feb9e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
11KB

MD5
383ad16990b882e0aa17a9afeeb7d224

SHA1
baab3fb06989f2fee27a4354c65f5b084efda4fa

SHA256
c9fc805e7f1776bee09b4590c20a9d9ab9702a12694fd4d41c77a5d4a89c8386

SHA512
22257584393e3e35c4e3ef8e89385066f12b23227f7911ea17ba06355babd2babe228bf52b92d7f7f251068aef83b0c0e30912314f7c3fd6500c7533e70d70cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
11KB

MD5
d173d043889552d2e160e2ffe950fd82

SHA1
5131f4ecb620ead669dd57d2d67823404849f650

SHA256
b74730456f3f51be02e4258480698e7ad1b590d5a4fc7fbccdffcb7ff0a9728f

SHA512
763e1ccb5122a232af66b70d233222c28a0257b90f08ec8df6e6a787a4b52b195f1eae498e1a7bb2dc604f8c0bebe0ccdae3c4463ae07fdceb556576cfaff1e6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
61a48f41b3324293b090a7512d9134cc

SHA1
1380a782d3fc104d3a81c1a0108af879eb9a9bf2

SHA256
59e9b10d891fe300603c28636a31ec333fcaaa490597e4f070855c5825f81e08

SHA512
691a091eda91a23464846b5c74d81d0b6b34a36f97e433b0a549e3645e73e9e1e02bbf67903bbb20c2ce980d45bc55ff5535c604056d24197d5c28bc50748d28

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
ff3466cfe82731696d68ca8726135528

SHA1
31df261f2c5c87523af82f22ff410136b40112fe

SHA256
92feb0009fc498d8ba71f0fcc198e2bfcc9435feeee9eacdb4544a48e28a9126

SHA512
a0156194c0f6b4d60a8173b2afdfa5f5c23516d4d880199c350150bc78cf12b0a52e12df473e39cadd766f7a03c482e07de9b0f7214481e4cbe4e5bfb00c8bfe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
7084bfc25b5d37257a9fcfa875e68869

SHA1
d157bb38c11a788a81fb31d83b9fbe4510c9eec8

SHA256
447ab579ccbd5e816e8b478046340452139ec882790ecacf39e352bc7f533654

SHA512
90cd6df5821f07977301421aa98e2939c1ee2d6ecf864eb7f6cdfcd71cdb2ea5db78807e5c5e6efa41e78923f516263e8fb6483ab8107dc314497f6aee87c48d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
0af4aeef5687f56e48f3c20f97dfcbd3

SHA1
0b4da81bee4b91332a590e3004519c27b9b3d9fa

SHA256
a1eb22108b5691bd16f135ad00e24695a5aa2ce661adaff8e9c708e391cba421

SHA512
c9ae32f7f082982434713d53297361911d2485f80803ea766e13b9b6222c2b23b9a878e82981c2cc9d326b7651b420c7404cdca664bc63ad4bba3f1e007c5d0f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
857B

MD5
05e36965212754a21e8dfe03540c8b78

SHA1
253f6fd66269180e41d62a1bebe26b7fe8f6d185

SHA256
8efc2e8897ccff4e684ae972c15bc7e4c8325f142cd005d9370b683f1bc13946

SHA512
97d92488602236523ca291de0254c3b3d243a60ef7c37c14e8468ceef0ab8a1a298599b8a4a9508cc3a68d9f916da3dc7a31346abd1f606bdc4049d4011915ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1024B

MD5
c1832dbb261161d2b432d7a20da484f1

SHA1
4bd14a91874ac339005a0bdc6d037deed70a0339

SHA256
f27dbee5267bfe18cb883b53d8d6974e2d22a2f934fda16283558e3aa5c473e4

SHA512
49edc61aad8e2be938b2198e676c6fa53a92efad72117de8a5e942897ad65de8061c32aff8a60e931f49013e4ebacc3d1f92d2a329f6a321efedbdf8ba8c3a31

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
ec3f902d42f7a23a0c7c3735c8e585df

SHA1
b199babfdae2aaf97fddc637fed23130720ab1b7

SHA256
aa49fda43c5a58fd382a4ff40a787a4073d545cf254cfe6e42f10c42a7b909cf

SHA512
d47c5eb7725284e3a400fb539e0c8e6e8778b46072bcf9d0e745694765b94d8a5852bd076abfeef6e851079f31d4a910a7046db784bba93aec8794ce77361d1a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
6ecf44c64f225598cb4f3351b692e436

SHA1
c8cc617074dccf657d1698796921e56bef0f9846

SHA256
f9d1df71e7f5a6433bcb5e39545ba089074d44a49fcad2ba3cecd6291ede0b2c

SHA512
d4a2ad22a84309bafaf7137bf4cac8bec8e349969d8886f6f3b17297a31abda160c3a406a01ab432e034319f35f0f2b26eb7a9ce0c51a723a80beeb028408454

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1024B

MD5
6b1951e21ae78b70d078f67162e34a0a

SHA1
3369baf26b6299b18333380aa65ebf9688a3406f

SHA256
13666801638176ade8ac5b6a28e41499d8f30310a45b4c7b4b245dd8ced9bf47

SHA512
9f4c56db3fc5665e4aaf3622a816b7b5b66c40db70c94db506a51b2338e54bc551f47a96b947f4ec18bf8ada45b607ebd0629c89fe09f794e466ff30538df270

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
dd5d64eeeb77d19605d47c5bbad76554

SHA1
99b4418941dee319c9b9a5e9590da5b34f064d36

SHA256
68989bf89ef7170282ce6570d4e9b89392e286faf629ffb70011461991615cf0

SHA512
fd7edf0dc5bc54d58fbd66ae5234e185d1e9891e9bd16e0127b5a8719b9c4163d0bdba8000286a3ce06d8e7c44e136a5e87d47a9fe8af6da9363517741591394

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4e7de4203040677f41e7541913691c55

SHA1
cb66ffbcada83caaa7754a2818c81d09ac5ace71

SHA256
2919ae96840af2b75e9bc5e2a4804f3c8e4be388744f950354ad4c7277b45224

SHA512
a21974a7d83030dec3edb8ea463661ed2966efdb44e35a7011e1b8bf62c3a3722234c8be490b9596402969b951d58ac96f561c621be3d79db677b4af88e28c20

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0afa43253bf5805fdbab14921d7dfde1

SHA1
bce1d1e03b1be0a2ba3cedeb1730e9ee0b4ab1b3

SHA256
5874875a03e6499f97f9cf955970b96955c94c63aac95d7ff623f0a6f0dc1dc6

SHA512
7bc990a9c62f52b31d461db0fedb44e462ba16786e61316d25ca6e48163fff5c536308e0ffb72d25887fc34e5c47d37ede62cf25637344e8eb30c7604d9b5c29

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
5bfb18549172de0a487a72183e2202d0

SHA1
52edb79f5b9407443ec450e19dd204bd390491c8

SHA256
25eddea6940b8e0b51453d16fba996388e48c8bd4e65a821ed25cec404852ca2

SHA512
bdb2e219c8cffdf8f90d66786650d510282e6ef7e1baa3d5e6e01e74cf46a60158cbbc692eadf8ab2bccefbab4d43b8f5fbb4838a9845e12c9029e16f6bb3593

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
5a6b3b0ba1121b75fbe53e0515c48389

SHA1
222b9401ba49e153a12db64c8651d62c4c9f1f17

SHA256
65f2a22c876196e6868e6833b4927dfc863097bb46f7965876e1bc0c5f4071d6

SHA512
6220b5180ff63b4e65a820ccb67370787b5f87289e825d354cafe93a00e559499c94d6c7fbe456dfb6e606a8ab5bfe2f6ddde6c53fb5869e2ffc156a20536623

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
055cdf65a119b6dda15daedca90d653f

SHA1
3d5641c93ec9bc5b441be37a64c04d4c9e5c0087

SHA256
2a8300c2940ce48dcb7146c36e587ddd4b086e11eba7a18bc299336f6f52cd39

SHA512
b3f3c016e4b880fc74fa9138ce27af82febdd87e38edf7f0d4ce0d263eeeab0dc6a18d8af564efde1653cbf8eb65c66eac94b5026a4ac98c6881898cfb72e592

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
39cee2f54af81c29aded3393891f8ad2

SHA1
8363f800a41677fd21323cfcf685786fdc5001ad

SHA256
30d4bb6a7fa02bb3e9fa0b40878a51c132bcfaf0f1d800606962588ab33c838f

SHA512
63f5a33e4ccc2f063d076288ca9e5b5b6cdaeefa5a07d96239c2ec2596e56fe3b4ce9a31ec7c3ed4be53d723cca265438b1fb90dc5b9fc1daffc634312f20098

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
17fdc67441b18512927756baad74bb5c

SHA1
52b0f8207e2887a3c20db8aae8b441458e1f74ea

SHA256
062da46fe7d55b486d04104665eb4a7e28dba4af454d19f51524b61fb77e325c

SHA512
14a3734ab0583c62b141bfcf2cd6a271ea0f53f7518ad59d5403d16a9b80c6a2c742e463a126fec0b5f26d83c7f0fb501c8df36eb5dfe4c5f555125c1bfa387b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
d303142fa9d0521fd60e77fbcd6b0489

SHA1
501c5d8de8d9336d4f8a1e45cba286ed65ebe2d3

SHA256
e9c665405d31bf7a8a306fdc5ea0c20030760c1053f74991d245661220ecf800

SHA512
96daccceab329fa49f753d068ac50e625137fed66ab5018359f4a4c5c177512f15903617e9ff8822179c9ab54322650f3f6336861e74f9b81b80b18683e218b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_0

Filesize
2KB

MD5
0306141b134a2eddb6664bf99d978f80

SHA1
e27a5cc5f083a50d05377fe749a8bd5de48ce79d

SHA256
e062af1cd67bd798c25596ca80d6cef3d44cc0d527dbb7922bcab7e88d5c04ed

SHA512
2482fbb1cba79496c04e84ac8547129f5a709bc73051980dd6939f0611d10811736ce71d98ab7f5c4a66bc2dc9900a3fe812f26f9978ad5ece973c714ff5a3c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_1

Filesize
3KB

MD5
7aebd33f062dba93910c7dfaf45074e5

SHA1
405beab59db3cc852202c73e7b6013e00df763d9

SHA256
33cc4f8bd7da4e675170b4e5ae618c657fbb6e7b844decc9ac2a0dd31205d6ea

SHA512
ff6e3742fe86d24023868ef405a643656fd1bdd9e75e220a1af03975a7fce13c33e20d6230166591687545f2eae15fc2ed2dc9908d23f9fa7d881379fc0b7682

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0

Filesize
4KB

MD5
10b121462b996df67c69d2c8c8f02755

SHA1
689e977500f317164f8ee90c03391c7297e06d8f

SHA256
7c011de76034c1692c8bf766e2f4d4d0a1798de94a96468ec4c43bf722b70c49

SHA512
e8d7a1a04759c2af45d10561c610429a4284df79b14f79988133f2389f67c5ab65f07247adabdb8473edb0be971a9896297669214815614fe8e701642d4aac2c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
120B

MD5
dafbd549998ef9abb9ed7419504cf07f

SHA1
0431aee6f6c1062cf1c4984ee3f67f6c9b52b4e4

SHA256
1bb886ff13303a432cd8341bb0f41e4cc03a6e1cff67565b22daa8dee48b2cbe

SHA512
186d1dbb032d513ca4f219fb47028dd44f64d800013d33c38fc15a5ba75a2a1edefd774a4941a862a0210e6262c154e99147d49a1fa2cd42bda882fca4e4571d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\b163ab2a-b7a2-4487-9bd1-c022be08679f.tmp

Filesize
9KB

MD5
45fc70c6420fed1a373d342f2752d639

SHA1
9ae7828f959cd273074fb4b1c92f1e57cd26c5a2

SHA256
1f1494f87bcc89191542559c22f94278af518b1ccf8fc8843b67386e13fc8cd9

SHA512
cb8909c23ab094627589abcf7c1af3f48c18481ec5ca43f3f2a92abe989529673c1c4f8cdeec336294b48c5a772c850d39fc5e66041eecc378e59c4ff7e6a2c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
b09b50098d2d53028f791295ff721c5b

SHA1
e5487056af4d32e45a848ad86344f29d495a78ae

SHA256
9d6ef234ee38336e27676ee1c7eca667a7b392c9bcf48a3bca0226f40b2bbf0e

SHA512
51597e56036bba942de97aed9256bb2ed482287218dc76b3ca38ef2ccef756f46c4465b67fa25903b45a9f55ebeab2be3ce1ada451d805eb52528a46526fe3d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
dfb6acc547544bfb7c0c71afc4793568

SHA1
203a098564699c24affa468240b2474e65990f1a

SHA256
e9479c28ba9b850feb5a87a1a560bf21e85357c3d9de40e1ac789f53cb77a60d

SHA512
9d1bf2500b167418e3ebd647e54aeb044b9612c90396d48dd7727e85838a024345404f9c09c14464758e6758e5790238858ab0309bde202eb64a43a68a15dee4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
b4a990bedcc51050e0b238b12ba34c8b

SHA1
ecd981300f0e5ed8bfc68718a679f945a7eac08d

SHA256
bfe0453a4dc3074dba06d17db037cb5c67a3f41c68300a60905565701283fa76

SHA512
e09f9fc37d77b0887a79ff45d124326877586e71c5ea62130251e94572e27f5da0611d883c52f725cf341085b9f7445443118674b084c3e6bcd463026e39bf35

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
a7b03a5ef9eb20b8d8fba43acd1c96d3

SHA1
68950f16fd4199b3219fc18d69cd8106615728ce

SHA256
64b6bcd8d706ce041c62d9322b0b00e141edc28077c3042af62289904c5e0786

SHA512
3c0a2b11045cf7b9e0e1aebd530db0f15bdc84cfff3f108881e085645a00f3c5d1d4919f35875d685b00bbe50749e7dc0d3846ea7b88fd2dcec01e659339c5a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
f49f01c1fdc2dafb019842a63f23c0e2

SHA1
364ff32085d93ef1615bda23b76669da4f4d8889

SHA256
da4ae87f655a257c0d9ab42372a3b4d725d9d59d638c67e658890997923243d1

SHA512
0c20070a13e70f4ecc1114e5f7fddc27492db3888dafa36b03b975c9fc6adaf4bdff8551f14346f3db9c76759259de10109c576a776c511cf32ae70e32c59049

Download Submit