5827b51240986e498eac9207ec38e20d91af0ce696c3c654873b0463364d2768

Analysis

max time kernel
60s
max time network
124s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
09/08/2024, 19:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

NYX Menu.dll
Size

551KB
MD5

58175e894608f40de100f8b786a28348
SHA1

1003255c8cead83cd8cdd52ee96079deb73ea2d2
SHA256

5827b51240986e498eac9207ec38e20d91af0ce696c3c654873b0463364d2768
SHA512

b0b022ae43e7d7b619ba3c7b6ffdfa08a7354444486f8fbd60d48a910eeaec9e06ac10e812405d8fcc0ad87f2194b669aa424b9341cd6dca47d2418d26b2ef8c
SSDEEP

12288:rS8beEZsIsisvsAs28exAxX84sEjXnWE:rBdsEiE

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1924	chrome.exe
1924	chrome.exe

Suspicious use of AdjustPrivilegeToken 52 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe
Token: SeShutdownPrivilege	1924	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe
1924	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1924 wrote to memory of 2376	1924	chrome.exe	32
PID 1924 wrote to memory of 2376	1924	chrome.exe	32
PID 1924 wrote to memory of 2376	1924	chrome.exe	32
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2616	1924	chrome.exe	34
PID 1924 wrote to memory of 2768	1924	chrome.exe	35
PID 1924 wrote to memory of 2768	1924	chrome.exe	35
PID 1924 wrote to memory of 2768	1924	chrome.exe	35
PID 1924 wrote to memory of 2968	1924	chrome.exe	36
PID 1924 wrote to memory of 2968	1924	chrome.exe	36
PID 1924 wrote to memory of 2968	1924	chrome.exe	36
PID 1924 wrote to memory of 2968	1924	chrome.exe	36
PID 1924 wrote to memory of 2968	1924	chrome.exe	36
PID 1924 wrote to memory of 2968	1924	chrome.exe	36
PID 1924 wrote to memory of 2968	1924	chrome.exe	36
PID 1924 wrote to memory of 2968	1924	chrome.exe	36
PID 1924 wrote to memory of 2968	1924	chrome.exe	36
PID 1924 wrote to memory of 2968	1924	chrome.exe	36
PID 1924 wrote to memory of 2968	1924	chrome.exe	36
PID 1924 wrote to memory of 2968	1924	chrome.exe	36
PID 1924 wrote to memory of 2968	1924	chrome.exe	36
PID 1924 wrote to memory of 2968	1924	chrome.exe	36
PID 1924 wrote to memory of 2968	1924	chrome.exe	36
PID 1924 wrote to memory of 2968	1924	chrome.exe	36
PID 1924 wrote to memory of 2968	1924	chrome.exe	36
PID 1924 wrote to memory of 2968	1924	chrome.exe	36
PID 1924 wrote to memory of 2968	1924	chrome.exe	36

C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\NYX Menu.dll",#1
1⤵
PID:2536

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6fa9758,0x7fef6fa9768,0x7fef6fa9778
  2⤵
  PID:2376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1112 --field-trial-handle=1360,i,16406084581632782698,4037482637517841634,131072 /prefetch:2
  2⤵
  PID:2616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1504 --field-trial-handle=1360,i,16406084581632782698,4037482637517841634,131072 /prefetch:8
  2⤵
  PID:2768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1620 --field-trial-handle=1360,i,16406084581632782698,4037482637517841634,131072 /prefetch:8
  2⤵
  PID:2968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2300 --field-trial-handle=1360,i,16406084581632782698,4037482637517841634,131072 /prefetch:1
  2⤵
  PID:2336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2056 --field-trial-handle=1360,i,16406084581632782698,4037482637517841634,131072 /prefetch:1
  2⤵
  PID:608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1108 --field-trial-handle=1360,i,16406084581632782698,4037482637517841634,131072 /prefetch:2
  2⤵
  PID:876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1104 --field-trial-handle=1360,i,16406084581632782698,4037482637517841634,131072 /prefetch:1
  2⤵
  PID:1808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3656 --field-trial-handle=1360,i,16406084581632782698,4037482637517841634,131072 /prefetch:8
  2⤵
  PID:2564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3684 --field-trial-handle=1360,i,16406084581632782698,4037482637517841634,131072 /prefetch:1
  2⤵
  PID:1604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3888 --field-trial-handle=1360,i,16406084581632782698,4037482637517841634,131072 /prefetch:1
  2⤵
  PID:1672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3028 --field-trial-handle=1360,i,16406084581632782698,4037482637517841634,131072 /prefetch:1
  2⤵
  PID:2308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3008 --field-trial-handle=1360,i,16406084581632782698,4037482637517841634,131072 /prefetch:8
  2⤵
  PID:768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4076 --field-trial-handle=1360,i,16406084581632782698,4037482637517841634,131072 /prefetch:8
  2⤵
  PID:2992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4024 --field-trial-handle=1360,i,16406084581632782698,4037482637517841634,131072 /prefetch:8
  2⤵
  PID:336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=2028 --field-trial-handle=1360,i,16406084581632782698,4037482637517841634,131072 /prefetch:1
  2⤵
  PID:1372

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1796

C:\Windows\explorer.exe
"C:\Windows\explorer.exe"
1⤵
PID:980

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
230KB

MD5
00be450e53be4c6908de198044d0d123

SHA1
8791756b3cc3becb7a8daa77d0df718571256c14

SHA256
95675e664f3a169ccdc99be73c4fe4a1217d8ff21373ba7d6839c3d72f8ad8dd

SHA512
8d758753acc6ed7d26c5d770d55c88aa6fbf4e84bc71ed56b64b0342c17bb02164e26cc7d91049061fbb02c5563fde21c8f0ad3312fc35454524abc980c5f8a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
93KB

MD5
e8135642c85fa2e3cb5bd741d7f95175

SHA1
4189c93decfd7e721b6fc1f375957a0943fb9793

SHA256
f959ea4c5c8954f9900681247810d5b27de367c860cac34ab6279028dba1b4df

SHA512
b1bc2051ed2334ffd7863c834d416598ac35fc18fb607a73e22b3f039abcdb6314e0959b04372fbad87e487f7acdcdfce470766f502d2c7b8360f1344a9414d0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
20KB

MD5
80f1c7472825e6dd19d7ab65b0984ffb

SHA1
76af1427993a5d699b8441a32d751777a91fb0ef

SHA256
cc6186b5115525964b454ef070e9034df1d919d806314ee6a2203a2d66b4f7b3

SHA512
b0be05f9536efd3ee010afef24fe879aeabe56cd52c877cc23980b8c1742823834f2e9e8c000a78d79b077d0f257dc30bff10b5eb5bfa6d2cd684405bfec7c0f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
47KB

MD5
fd1f79856510e1cddd8141f1d82aff4f

SHA1
659aa5c13b63adfb1480856cf8da6acd4fa624f4

SHA256
d2c922c16632143318a2792e0ea9345ea5c072ad583a84d8ef164cf952fec4f4

SHA512
7781c5280010519da7e71a849a9cb5e37f7b29a1e800bbf9cc47536eaa937abeecd1a2d61867c2744b7de83f0cfdc88b72255ee083501df0455fd018b0f86376

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
748KB

MD5
dcd507c2d15f5727bb68cd49cd21537b

SHA1
11e3182ae9e2930bd4aaca34bd4eb9d24fb0e891

SHA256
25faa783118dc4161f9fc728dd6fe91e83b37a533b4d698d8a7a154e1d2b0890

SHA512
56a73e8a8ae795f7d8b6fd8b7561cfc5de14c78e0fbfcd0e01785b63d10d2218a8157aae205ec1112f298efedac7a94f68333f2660af5a7aaa7d0bbe8c98329e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
32KB

MD5
26d51f80be8b4eba2f2bfd0bf12fd8e1

SHA1
34b25b9da6aa0418b734dfc3ac5303d31bfbb37f

SHA256
a962b42006d54887e66690312ab151780b57640a341e70e3374990d2e96e4a46

SHA512
5b6e3f1a5336bdc3ba4c2793c046c2bcd3a3adddb30c3587dd2ab544ea5e5836df780c3c1ab2c9b2670f1eaba6bf7f619dd646f5b8d58551a48f7f79d2c22c34

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
32KB

MD5
bdcf1dd416d169d87ad5f73b2fb38bb2

SHA1
f6f595a5d88f84b54533e34be969f3871ed9942f

SHA256
ee2264f45d3d0fc70f89a61c215d0470df5a9c39e47828db7e48c59fca9a50dd

SHA512
335a8b789c5dd06285df135e9e33cbaae0b20b3cda378fd2e92b33a66d7726e4e079f7920055121d2495d102e993e18d9a4430a36860d8cef5cfa100452186fc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf777c03.TMP

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
363B

MD5
d0a06b7021e7a983913bab14694fdda3

SHA1
550633671cda80dc3a056c3b75d07d71428b8c4d

SHA256
cb4450b9cdf9c85803ec4e847611c516076394341bacb60efb6f3a4220da8ba7

SHA512
6cade123b71e7ff0d33c49b7b39ac2f52d3576a07087a359da4b3f6bbb53b230699a3bde1054da31d524a9a059e16cc1e12bd11496b61a90155af47dcd86db92

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
854B

MD5
40416321d3d869f75b36ddc644cf25f1

SHA1
930451d010833763a06f6659ea9a91ea75f7d760

SHA256
72e4bb54a15e4c5273268831247a22f3bf2cd57d1cdefbd0c6f7d65211c62ba6

SHA512
6db10704887c6aeea9e2730387cebc2101defab94242eab070bb1ad6982861ca3e469d801d4a048d7ade3d6286b255ff13444895b9203a095730e67e086cf4de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
e726329e8118119401048329ae8d6490

SHA1
bc347b7d1e7a08ecadb2968d63a97547ec825b43

SHA256
390178d6586d57a70ec59ae0371e5f1c1ea186fc116bba07471bd4834c6f267c

SHA512
e0bf71bb2cf838a322c0290e5723a2fe474be95a7745525e378ee9978db14ca1e44592fac16a3bf624f1cf1a9d72c38c1c4771f1cd20aafe81fb5bcc0e72d3e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
c0fb802e3fc1757b5120839fc6b6c8c3

SHA1
322c1ad00cf23fc80d4b9f04d86487313df12970

SHA256
4f90841fac5ba84a60b485f84472190ec3f04d208493a6b35f9d1b29e5a50c55

SHA512
ebd9d6567dd6759e700a422fec785d8f1427b9828404d4def80a607c78205491804fd3ec31279ad44a9365a8ef92f5750e7cde866fd1ac135cf3e6c90acc0434

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\dab81743-9dfa-4f65-9444-d6a858dd4fd8\index-dir\the-real-index

Filesize
2KB

MD5
1538b54b3a9d3ba3229d7fcfa11fe94d

SHA1
dd9d3afecfe5eafad0aa98ff64ccd4e925b8e462

SHA256
7b3a8be1bc07d40df80baa04e06710ead083b027f79dc7f8533ac5a821e64886

SHA512
ea5392cb690a14f4282990fbbfb6bc0d9e1f085430e755024d79463b9e1603a3f25489268eea80be6e7b68c013022a05560626bc0b09aab074235b26c11fd60c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ead80593-b664-41ac-b35c-d8756ae4b191\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\f1b886e6-70c4-4a55-9ebc-b241f21a7c2e\e969d77e575a9dd3_0

Filesize
2KB

MD5
098b64e965d50cef5a281c5594b144a2

SHA1
c55882227c95d1e74425317b68327337f0127c1c

SHA256
c257c5010c548e43316d41f26828575c190e7eb14690c5c1885d1c58ef797bfa

SHA512
7765975f47624c270bb449fa01e2acf67ee2e1de3bbf22d1046a196bd946185384dd4d5d37fcab7da60bd1066ea5030035fe146832a0d13d0a4cb815b0c09bd2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
1672de216d38713dd75d89b3c77fabc9

SHA1
1c071c476872fbdfac0f8976cb57a168cdf8af15

SHA256
17e34ccae0d24cd170962a4ef29ed0d3af6a2afadf763634ecfce5ea070e97a9

SHA512
c7ad3e596cd0c633ff85523a909a83bf3add24d338f2ced9be029498bc50572cabd9556705e161e1f284c90faacadec5e6c0cb9e5aadd9483cc8465588b90570

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
da9bb492cb13d5da9fd48bdc9f301104

SHA1
2f82ef24e97635d155213fbb560397faf985ef48

SHA256
33e930f37ea864d8b00cf3ee9d444a36cb54699dae93bc4a2a225e1885f1bb6e

SHA512
41939b8671edc7636e2a64242f46328ec851ce6e6753cfeb506b365663ff91d2b1128d9d426dadc42abfc7ca22e74446066df8cea1c8702d2cce20a7b5292df1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
de7a5da2da9fb39845a0aeabc7132ee4

SHA1
eb08ffc33422c748d412d0f00ab1deeec5404992

SHA256
456a3a88c064ad25ac033f2057d3d4f641744afc7f848ae08a2849d28abd758d

SHA512
a15f564d42e231680e07deea8e0846f7c9755a98f4f56f6b5e2aae4f177c0ead37ebf8ce4aa57a75bc420d7ae5d7805348dac7e5c043f24d7dcd2751ef93efcb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
187B

MD5
8eb6192bd60bc50da9950785d5e70b19

SHA1
9f3fdcb975a2332900881e22b9ca5213e2e3e533

SHA256
0cd0bd445df1a4a3e9655e047fd4628504f6e9e517af16ca5acf5f4f0e7db862

SHA512
d3a63840b8ec9e0cc82bc005c5ac888a60795743e44b90bedc90cae803440035aa31ad4bb9c1a5a56f0a58f1b8846cb83a16bdbbf0ab0b31ef664f84cce53471

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
178B

MD5
90f01cb7aae4cd16a13c90cca72d5f99

SHA1
b0dd46be379f051b41486508c35348b268665340

SHA256
920908966a08a14e7aa69676835fb4ebf85e17bdc4ca62db2643a79a633781c1

SHA512
e0b7ce7826f1301cdc09225b47dbc8b5f56fd151bf607b0ac2eb9f3c7a0502889f85e5c6db2b77b96775fbf6980657fe15b69ffbe8fd15023f2e3df3429eabd9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\CURRENT

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
7f57c509f12aaae2c269646db7fde6e8

SHA1
969d8c0e3d9140f843f36ccf2974b112ad7afc07

SHA256
1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

SHA512
3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir1924_392572884\Shortcuts Menu Icons\0\512.png

Filesize
2KB

MD5
12a429f9782bcff446dc1089b68d44ee

SHA1
e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

SHA256
e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

SHA512
1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
310KB

MD5
dc476a7d4759f0f7576a60e2354627c1

SHA1
76a0cc3b686bf21b41d40730c7032a14c0b816d2

SHA256
01242ce1932d22e2cbc6b32de0cc025e86351c997ab88e539fbb3bde0d2e68f3

SHA512
bf3c08288bc9d9270a4abcf586137b7763a62b44c2e75cdd6a3624ee8c371537e5174958a2f38930e573c5414c9a0e209a12b7661961c3fbf76f0baf271addfa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\cf537dcd-8c8b-4f4f-abdb-6d037f010c91.tmp

Filesize
310KB

MD5
db78ecf478ff5f3b8b9635fb6b24ec58

SHA1
906e35c426a7c94c1a2319aa5fbcf56ffdff1b0a

SHA256
18cb08662c8a9001c55718fbc9c61ed77d002afbb14852896fb6aaacc89dc185

SHA512
951eb9a552b52d709373e5f8b7948de70a77a3c77b3c5688cfdca13d9865fa0b87bcb2beecc857f4bcbd731325ede38143cb8efaeb679602391d4846040b0492

Download Submit