148e4c8e99f4281669edf06efe06a2d665fa52465845ebd399a669b21b65dad5

Resubmissions

28/12/2024, 23:54

241228-3ycdrswjev 3

08/08/2024, 22:06

08/08/2024, 22:00

08/08/2024, 21:53

08/08/2024, 16:19

08/08/2024, 16:09

Analysis

max time kernel
209s
max time network
200s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
08/08/2024, 22:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

.html
Size

13KB
MD5

67d2b578e5dc47cbdfc65ed262e16ede
SHA1

aedf2e8344506c3f622c7c708dca7620410d6a16
SHA256

148e4c8e99f4281669edf06efe06a2d665fa52465845ebd399a669b21b65dad5
SHA512

fbc12b7c0036b6012c3707d319d4c4ee9d3c67e70b2cb50e78014123e2daa39b29c540ec87e2a9a12d36bbbb48185c29de082e68e741cc4698843f0dcdc9998b
SSDEEP

192:2335phvCphvpWPlphvf5+YUXmg7J7bBSagVSOphvY:i35nKn4PlnQYmmg7ZyZng

Score

8^/10

discovery

Malware Config

Signatures

Downloads MZ/PE file
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133676280512375150"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2376	chrome.exe
2376	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe
Token: SeShutdownPrivilege	2520	chrome.exe
Token: SeCreatePagefilePrivilege	2520	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe
2520	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2520 wrote to memory of 4688	2520	chrome.exe	73
PID 2520 wrote to memory of 4688	2520	chrome.exe	73
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 5100	2520	chrome.exe	75
PID 2520 wrote to memory of 4172	2520	chrome.exe	76
PID 2520 wrote to memory of 4172	2520	chrome.exe	76
PID 2520 wrote to memory of 204	2520	chrome.exe	77
PID 2520 wrote to memory of 204	2520	chrome.exe	77
PID 2520 wrote to memory of 204	2520	chrome.exe	77
PID 2520 wrote to memory of 204	2520	chrome.exe	77
PID 2520 wrote to memory of 204	2520	chrome.exe	77
PID 2520 wrote to memory of 204	2520	chrome.exe	77
PID 2520 wrote to memory of 204	2520	chrome.exe	77
PID 2520 wrote to memory of 204	2520	chrome.exe	77
PID 2520 wrote to memory of 204	2520	chrome.exe	77
PID 2520 wrote to memory of 204	2520	chrome.exe	77
PID 2520 wrote to memory of 204	2520	chrome.exe	77
PID 2520 wrote to memory of 204	2520	chrome.exe	77
PID 2520 wrote to memory of 204	2520	chrome.exe	77
PID 2520 wrote to memory of 204	2520	chrome.exe	77
PID 2520 wrote to memory of 204	2520	chrome.exe	77
PID 2520 wrote to memory of 204	2520	chrome.exe	77
PID 2520 wrote to memory of 204	2520	chrome.exe	77
PID 2520 wrote to memory of 204	2520	chrome.exe	77
PID 2520 wrote to memory of 204	2520	chrome.exe	77
PID 2520 wrote to memory of 204	2520	chrome.exe	77
PID 2520 wrote to memory of 204	2520	chrome.exe	77
PID 2520 wrote to memory of 204	2520	chrome.exe	77

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7fff16079758,0x7fff16079768,0x7fff16079778
  2⤵
  PID:4688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1536 --field-trial-handle=1668,i,6189372851252767149,17162522054284228957,131072 /prefetch:2
  2⤵
  PID:5100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1848 --field-trial-handle=1668,i,6189372851252767149,17162522054284228957,131072 /prefetch:8
  2⤵
  PID:4172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1340 --field-trial-handle=1668,i,6189372851252767149,17162522054284228957,131072 /prefetch:8
  2⤵
  PID:204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2848 --field-trial-handle=1668,i,6189372851252767149,17162522054284228957,131072 /prefetch:1
  2⤵
  PID:3116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2856 --field-trial-handle=1668,i,6189372851252767149,17162522054284228957,131072 /prefetch:1
  2⤵
  PID:2108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4404 --field-trial-handle=1668,i,6189372851252767149,17162522054284228957,131072 /prefetch:1
  2⤵
  PID:4444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4932 --field-trial-handle=1668,i,6189372851252767149,17162522054284228957,131072 /prefetch:8
  2⤵
  PID:1900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4676 --field-trial-handle=1668,i,6189372851252767149,17162522054284228957,131072 /prefetch:8
  2⤵
  PID:4904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5112 --field-trial-handle=1668,i,6189372851252767149,17162522054284228957,131072 /prefetch:8
  2⤵
  PID:4924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5208 --field-trial-handle=1668,i,6189372851252767149,17162522054284228957,131072 /prefetch:8
  2⤵
  PID:4780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4792 --field-trial-handle=1668,i,6189372851252767149,17162522054284228957,131072 /prefetch:1
  2⤵
  PID:3808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5104 --field-trial-handle=1668,i,6189372851252767149,17162522054284228957,131072 /prefetch:8
  2⤵
  PID:2228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5248 --field-trial-handle=1668,i,6189372851252767149,17162522054284228957,131072 /prefetch:8
  2⤵
  PID:5096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5308 --field-trial-handle=1668,i,6189372851252767149,17162522054284228957,131072 /prefetch:8
  2⤵
  PID:2564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5208 --field-trial-handle=1668,i,6189372851252767149,17162522054284228957,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2376

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3868

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
4588eb1bff9cd7fc296640521f03e93e

SHA1
44230a38f696fcc8f76cb37772e0b05b9a30b48f

SHA256
ecf6d6319f12294c45b59f7f294baea33f500c87654286a47e16106043988152

SHA512
15a3a10bb0c1d25ddb811009c43f9d11973f270f6ad8c6ca30772d2a77995db14ec3c75625295f907ba05e3a3a94e8cfb245962ec095a9258315a6d0edec49ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
467e0c8f6722b3e7a2b1f3d0b909d0ac

SHA1
911d157d59f11dc2a5929a5dcdaf9e37bef47c44

SHA256
bf94a1236bcf1220d7cf0c9478513a870dbcf8e5b739f426b85f6e2e4d63e863

SHA512
385bc63be7dc05d2c1167eb3ba734bc4962568b546745bf6c2449978941fe3190e9d0b063908f8933e25da3a4de9b42ca51cf015edbda78494801c80513d70f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
3bd006a090fab2a477971ade8de7aca7

SHA1
a07f8cb68d7957cf41acf7c199fa7c3e1d8821b1

SHA256
49ab7ebd24f146c2e9f3357ef2ca79ac23a6c68bf4a136a8350f9ac3730b7c6d

SHA512
200a8db8346864355089e5cb566e667334791a0077ce454c140ec5e0294726b1e6132b0037a1e277daa09d507cf2be110bfd623eebb8ee28c99065c846ad933d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
372139f79103fc409a563764f57eed67

SHA1
fa6342170bb4b0208ca817be5220fb2288f94480

SHA256
3190ccf63fdb76e667ae9f941a17e4ba98ba3e17f7b74ad07103009e7a84d603

SHA512
8e8216e669fe39c8140984e1c12c15d44c4f5aa1128087c1d71ab39c97fe8c7c98c83b725ec9a90b75e40dc0b5ed6b370d9e6a40fe92505b9705186558192ab3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
188d89132ffa5d3aff349a0ee30007a3

SHA1
652ef39904f8e8b11b2979ef3cf095bb1ccec62f

SHA256
20d17bb93550fee86f2f9da1524222a6d49bc225dc95fc317e1b0e299253689c

SHA512
243a9a08f54ea337b8c37199df17182db3ba5165c9bec80d67bf17de8022a171dcbea9825fccdd41026b8dd94457807634f0a52bf7da47e6ccfcf4b175cc3c7d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
f3ca647d3755762827dda48e2e78a7d4

SHA1
d7d8daa667b24cf8c55f9d02b0b11c1038a84422

SHA256
aedb7139e76ed334108054a23a9570e5150c10942d17b6adfe2acd85a069ad40

SHA512
57b2b50583aae511223251b79e053074245ed2e6fd2be1e9a8de1abbb38c17f9aeda768afc4c47ee8e9102fece7cef513f2e9d15b66b3a6dfa0d39d486f176bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
3b88684c12343ca9d8e3db6960012603

SHA1
0f4cf81bd98dcdbc7e52a830d3d7b80b56b8e3a6

SHA256
e892f34fccacd6bbdb864ee8a61b36d7d0c9de455d902b61b96ad0c9e6d9a54d

SHA512
fae958b13d7654ab4774abddef15e862e1f5bb61dfff4b65c12430520eb06712b5a01c93cf713bc8e5727c9ab3f0961c60cd979eb45f63bf86a155c8e1668c5f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
138KB

MD5
2e29d4cbb6a589d02b7de634457778f5

SHA1
8e65e9cfbffe5294041a37ca28c851fe70404b2d

SHA256
3b578fee4ecba0b34b52a248cadf8e7b7470594155c8d000e7e9a4ae38f8cc84

SHA512
90c7f2f7873ac8fb138ffe3fe2134e14486561cc5e3a0cfb0159173f9f86ff8b3ba88dcebd6c29bafb2c3788e82d65153e06d1f769b14b267fc041cdbbba7651

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
164KB

MD5
033f00d8b7f8946cc994f74c40aa2679

SHA1
4dc0779e1b70e34721dff68896bdce6beada1070

SHA256
bf11b8cb59f5cf786489e40b53142cf39bda2afa5cf2119dd32334c194ab8247

SHA512
982e606d2f8cbfa0c132beb84ebbc0c54c238feb8d3eb7f7df7ed8ba4f9e9a5c6e711b34e903d68985525ed4cea544a475629ff2ac2c7bc019963250398c45fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
137KB

MD5
ef2974add5d83ab337b3201f61f80fca

SHA1
49a7ccff1cd74f6ad10858e2b9d1207dec7d1e48

SHA256
df39f055e4a92e94c2acd33b7c7c6c641b402cca1f560339977949bba029dab5

SHA512
c749444f235c7152cbbe643970e6ea42db965d26fb991ff6bda9695f252e9373db6ebf2bcc1afce0ea69e3ce205554ca3318df94f0824f4c195b9a9ac84cb8c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
138KB

MD5
d194585a7197b0ec86a9bea4f16fcd87

SHA1
d256e1e0cfdb04bad9ecab047a74f6ba2419198d

SHA256
cbf624580882452ca7a9b1ec2f8bab986561400ad1a78a3a78f28b910f06af7d

SHA512
5ebfc33924e242a8bde689068b09fbc162bd34c78c5197c1f61ae8fe9efb47b80b2e6d02432a16ce40f21bc10775deee649c7448c80c00fcbf3670f3c602a046

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
105KB

MD5
d50c645429805d5ae3376892c8ef6df3

SHA1
268b2d60c61f8e497398bd0556a4e493ec0c6a35

SHA256
4153117730e88e420d0a5e6c68e1636439e6bc6e78301f0d52b1c7e036a928ea

SHA512
baf142fb291dce4e59f97e893e83fdcd679dd6a4ef91369d97c3416010be1ddfc2543c84eacff51fdf36a3ddca68c4fa24c6f4e1af67ab46321817edf0619fda

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58c2af.TMP

Filesize
98KB

MD5
4a22df86941a4b14051bc925b7e12038

SHA1
1b249c645fe5d0ac45482d56609b7619cf982c1f

SHA256
b69530208e9269dfe2804ff1a58957417c4b3563cd75daa57d586b1989a20946

SHA512
de2169cff5ba29933f8f42afdd4c6982817a567b9ced6a234eb00bdd80d741196d20e8c56d966f13ff31a852f7a5d10b64f1af1306e4e3832490cf5b43bf5f83

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit