hxxps://mediaspace[.]umn[.]edu/playlist/dedicated/1_cd7ctln4/1_snzazr6x

Analysis

max time kernel
150s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
09-08-2024 19:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://mediaspace.umn.edu/playlist/dedicated/1_cd7ctln4/1_snzazr6x

Score

5^/10

discovery

Malware Config

Signatures

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133677067493420540"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
1220	chrome.exe
1220	chrome.exe
3820	chrome.exe
3820	chrome.exe
3820	chrome.exe
3820	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
1220	chrome.exe
1220	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe
Token: SeShutdownPrivilege	1220	chrome.exe
Token: SeCreatePagefilePrivilege	1220	chrome.exe

Suspicious use of FindShellTrayWindow 59 IoCs

pid	Process
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe

Suspicious use of SendNotifyMessage 56 IoCs

pid	Process
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe
1220	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1220 wrote to memory of 116	1220	chrome.exe	84
PID 1220 wrote to memory of 116	1220	chrome.exe	84
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4972	1220	chrome.exe	85
PID 1220 wrote to memory of 4988	1220	chrome.exe	86
PID 1220 wrote to memory of 4988	1220	chrome.exe	86
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87
PID 1220 wrote to memory of 3712	1220	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://mediaspace.umn.edu/playlist/dedicated/1_cd7ctln4/1_snzazr6x
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff8f8b8cc40,0x7ff8f8b8cc4c,0x7ff8f8b8cc58
  2⤵
  PID:116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1900,i,17106658148467480345,5480126826955318026,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1892 /prefetch:2
  2⤵
  PID:4972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2008,i,17106658148467480345,5480126826955318026,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2164 /prefetch:3
  2⤵
  PID:4988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2224,i,17106658148467480345,5480126826955318026,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2240 /prefetch:8
  2⤵
  PID:3712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3104,i,17106658148467480345,5480126826955318026,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3120 /prefetch:1
  2⤵
  PID:1720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3124,i,17106658148467480345,5480126826955318026,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3160 /prefetch:1
  2⤵
  PID:2308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=4340,i,17106658148467480345,5480126826955318026,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4500 /prefetch:8
  2⤵
  PID:4224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4980,i,17106658148467480345,5480126826955318026,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4988 /prefetch:8
  2⤵
  PID:4064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=960,i,17106658148467480345,5480126826955318026,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4680 /prefetch:8
  2⤵
  - Drops file in System32 directory
  - Suspicious behavior: EnumeratesProcesses
  PID:3820

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4456

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2b4 0x2fc
1⤵
PID:2376

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1696

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
be7321e9b17d2d44770970804279ba9f

SHA1
dc106eb7d54df40570d81efb9a311f2f5b094f4c

SHA256
7a5cf366b9476059042244633f56c923dfaa2cddb01448dc31a59e363136dc92

SHA512
2155e4d2c5cbe2298e7735c29ed272ba43e9952aa1ca9287c45c331a46a19848e3d6dcd076836c3d23a171c40c79029d57aed2172e6acc83e6e21e6258ff90b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
75KB

MD5
6a245799680b65b7340b3f8f40f5fbd5

SHA1
7a4a512c3206ed3ca93138013013e320fc34ce82

SHA256
3d5a17342379beba02c62073c81f47586db113c1c55a1c533b72b0e34b35b938

SHA512
5c46fbd9c910684ea560f155fc66bb62e8797b6659e04d197016d563cbb4a2050bf1e346ef7feac02cd7900cee32d1473fc2a101aee42b5dae589c170cd45b50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
90KB

MD5
64de27c4a49750112f6cbd4a6b6c3da1

SHA1
4a3376ee0e2539b1ac7af60ec9e8e84cc231b614

SHA256
70f5a2a4717dabeb0c5992b08a4219c553b930c0baa86801f4cbe536ddf168b7

SHA512
116e53fe0618ab4a907ccae4fb264d05568b0d2faf27bfa5f048840652335ef41f0ba53eb9b78a8afb264ccdec5771be70a614d3b0bc29c2c0b0c4d3b2776ddb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
3c9a2b945ee4d6bfe9263888bc3f1fad

SHA1
18abc98e2a3f13cb79d06ce24050d948e3bf7b28

SHA256
e38554da3bdedb295e44575cbb5af1ea9bfe5f4fc2068a06ca374c76d91aecf6

SHA512
4d0c077fdcbd1eb424b77a28fb63315fd10ba05836018b74d4b9cc3daf60a752e68b2b58fc6eaeca68747a2353251c081d468e2600c63b4498dcc91a41adaf5c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
d926409674784147dc25cc48c3709c36

SHA1
3aa6cd386ad4d35ed9ceedee023074ffe2ee0929

SHA256
ffa5ec0a065b5b2e9b16c47e1edbc4aa10ce80e3ee4c5bf39c8b96305f11dd6d

SHA512
494456bca9e62d18ff8ad94956a6317df719d643093410b17229f33def45ba76840387f2c5664b38b78019d36b7ffc077aaef4380b4939205f06305cc79dee08

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
10f2bbdbc5124132dbed56c83f9e8ed1

SHA1
04dfdd7747a53d18ec07c4df3360f3768a8fed86

SHA256
c58de3c08e2c44d6d8c187179c13d9136986d3886538c9f257c0353ef05a92f4

SHA512
ea99f575e4c2ecea80ac37e1181eeb956f12aca5cd5fda36d5d3d6b2c75b770b776d8f0645e4460cdcaacc8e46dfe8a5b9db3867dcf72e9916b1c6e9bde492af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
5a2e0be96d022e89cc50152549626ca8

SHA1
ece40567be5a969fb89b679c6686288f41010dd7

SHA256
dc386ab1b065ecb52c4182eb500c600fcd2ebea0eaec57f97bdc313fe37fddf5

SHA512
093f6bb55db01e817390f29fdf314e281fb61338768a569db0bdc3f75e65dd04d7d3e42644914c666d3c68c96357c9baa105678c13c026f266b47f4a64b78d92

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
857B

MD5
d905b775a047e6fde49dcba2925c8150

SHA1
5b5bb665ca035a9ef84eb93a2a93e08677f005c8

SHA256
cafd16ebbecf63fd06723a5b32ce4637ed17f47bdcf246997ad1f4f46437a713

SHA512
709f5b814405075a0aad949ae1ade560c7bf460516502c9946a568a269b77de0ef5a7f97a1e205f3ef0b8091be0a9f742cdeae609353433f9acd5a080973cc44

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
afc2178563e0f8e307f5ad34620066a5

SHA1
d04302b19d9ae578f12391fb75ad4bc56b20d23a

SHA256
d9ff7830b499a1b61b45cd10651f66d9492a041b856c230cc75ceb6b2086c2fc

SHA512
9c12d43909b60eab7c689b1331b4d75f63c306f4c4a0cfdae8ab6f89054e6b328725e69d3ac4044d32b197b89bb6071cf3eb6f745175d14df1c3ccbae2bb9213

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
49ebac06fa5e2a8f4f9f0d1eda574f26

SHA1
c8632964c1b68092e9121ce75ea6355019d119a1

SHA256
f52ac18515ba9fc03047647072c0969f57cdb11fdce6c301b8619e1904512b55

SHA512
3b049b0d9e442df322a668b10eeb2802186a6eaf8d51506a871a4b94fca7f823cdce607bbfdfadd5bff23b6bacd17f394c16ae719b9ae300fd220363e0c8a7f1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
6964edbba7f27089cff90e650b99ffab

SHA1
955485e11193f7f08e2dae1ce39f2ef2e839a600

SHA256
b3228721c00ceb634928e54c66e0220ea429ba44db45c8af1d868d7b7e155867

SHA512
777a1adacb65dd699ba253fa51aa5152a37b8fcbb94c983a2d72f1561f5ba147c79d010cb7037fa243cfe26ced9791945f3c933ae3a78363a4fb12743efe928a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
19d859e29c225cf061879f078b10b761

SHA1
6652750d7a0cf54d8fa937d2a786df5fa07da3b0

SHA256
5b0f079515970a9026a0d72356d7a63fd6219663e4805489c75ca90018f7a0a7

SHA512
9dacfcbf300e783891b17740a4f479f9f6e771f79a4ca247e5d0ebae92aad55b3e6c05ecbc140b719ea6bbaf9f66f62155d27e739f534d1f0832b3b768534987

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
2d556faec0de4ff545aa2e82b788f517

SHA1
cd8daf6a7b4327d0e590191fce41a876e007ad47

SHA256
d61d0164377aaa7d3ff5f0430a4a0f4ff3a0c9efedb5f37b2994a8f397150114

SHA512
2c40e140af97337b8b45d212f1ae0d0bf9766c134bc91de5e04245846d3bd57c96e06eeeab7b4694090a9f78e82af80e7bc0a0cb0afd6befe00d491eb6845407

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
319836ea4b9a71cc1b75f6ec57f36f74

SHA1
6d9c919255611214aafd8438dcff1fbac2ab0582

SHA256
28cb84602af6efe6815cbb059d7fb20b9789f681aed563d6021dfd486c59daf9

SHA512
77511512dc034757d2ff926e1029f70cac6a5c552cc78c7f9fd9f80a309e86f12d028f4a767df0ea9266815b298d7c33ae102ff1575ef23536355a38e0b850ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3e86974f8bfacdcc30ed0675f2ea970a

SHA1
596b5c9c5d7aee30fe89d3008269a6738752e929

SHA256
c0afcf68d153fd88b97daa8775af10edb9032c32e0f1a462a3f9d3beec054057

SHA512
54f6c7789affd23ebeab446d776f11a6f36bf71a805ea32234d80d23660d3433584edb3b4403d9a983d7f52de24c4b49627636f3ab32d2369e542814750bb7e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7d2ef80a2a5cd7d64c366366556426ba

SHA1
43310ec86de7455038ac12cfafa78b153af7d866

SHA256
8255ad40040a61292788c86159823533aecb4807d924f442543d0ac2d8879b8e

SHA512
1b872f7c137725a99f7d82223f2ebc7b3b90f0a7a59a330f7dd7ee6b2c6bab270bfe6900fccf4b518b16c86e3beb7a3730db14fc94e3efe611fbd4b6fa71dff6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3df5d1ba861699e4047bb34045b231f1

SHA1
7dd54fccb0e03f4c93cd303607df73dcf4060c04

SHA256
015efb33c659d13ff53fa390c6018b5e9af666c2bacea4c4cf950d7213c553bb

SHA512
41577236fe26eed7bd910e9ca4435cad38df5d7b7a554858f78119d86770bccea5cd04dcd87b9980ee0bb73dbe5b364f9c96846695d646209ba2a95880f419ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\eff7bbe8-2586-431d-906b-73b000906bd5.tmp

Filesize
9KB

MD5
6076b2044773f2cb7fff02b373847bbd

SHA1
e94f1fbb0c124b76c8bc754326e0af6ddf86440b

SHA256
5b9bc1187d212325b4ba91625ec840387e9bbe1aed942cf1158f3b585fc7bd43

SHA512
2103ff0d4c86e2354bf394a043bd344f8bf48235809583be89a12b31d6edba37c379ddf9a2ebd9ac6e94b5da1167e7c82fbfd91fd8580e1e869aa44269abcc4a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
c201cd045db3b1c2e576acc0bef2f41e

SHA1
46e83d2d530aa70f430f81aef19ea5fcef6bf7db

SHA256
1f9bf045d595ccacf619ec7602cf266dfbd9a4eb7a27e4c3db3075d57649a53c

SHA512
4f4e17fab6f25d0bd487a924c141d3f3bc07352c9c35754a36c2a21552858609317dbdda7a0691ff3ef81488513a46a70193b7c4a495074c67f361663a7b3aa4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
16d15e0c8e496f8b4ce4142e5f2f46df

SHA1
105df26584184c473a7216375d548cbb0d6aed2b

SHA256
361b270e3dbb709c8144a5bbfdc776ac5a60e6465506da3df8e07c6323e93cb7

SHA512
b8d6f649337a3628bd00d8cf3ecdb76ec26afd0c100e167068b1f8d88936f729347fd55e8052cbf6bc9a33bd998e722def10299766311f01b6d1c83fd2c966c7

Download Submit