Malware Analysis Report

2025-01-19 04:41

Sample ID 240809-yteaca1fke
Target https://app.box.com/s/6lhv35bq984xszyp79hguului11unf6n
Tags
microsoft discovery phishing
score
5/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
5/10

Threat Level: Likely benign

The file https://app.box.com/s/6lhv35bq984xszyp79hguului11unf6n was found to be: Likely benign.

Malicious Activity Summary

microsoft discovery phishing

Detected potential entity reuse from brand microsoft.

Drops file in System32 directory

Browser Information Discovery

Enumerates system info in registry

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of WriteProcessMemory

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Modifies data under HKEY_USERS

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-09 20:04

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-09 20:04

Reported

2024-08-09 20:36

Platform

win10v2004-20240802-en

Max time kernel

450s

Max time network

450s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://app.box.com/s/6lhv35bq984xszyp79hguului11unf6n

Signatures

Detected potential entity reuse from brand microsoft.

phishing microsoft

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133677089481558548" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2652 wrote to memory of 2812 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2812 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 4844 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 1228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 1228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2652 wrote to memory of 2384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://app.box.com/s/6lhv35bq984xszyp79hguului11unf6n

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffb08a6cc40,0x7ffb08a6cc4c,0x7ffb08a6cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2252,i,1676110783118003291,1441699299072316842,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2256 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1716,i,1676110783118003291,1441699299072316842,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2372 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2020,i,1676110783118003291,1441699299072316842,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2524 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3112,i,1676110783118003291,1441699299072316842,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3156 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3120,i,1676110783118003291,1441699299072316842,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3180 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4624,i,1676110783118003291,1441699299072316842,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4636 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4872,i,1676110783118003291,1441699299072316842,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4808 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4492,i,1676110783118003291,1441699299072316842,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4864 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4976,i,1676110783118003291,1441699299072316842,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4984 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4644,i,1676110783118003291,1441699299072316842,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4844 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5312,i,1676110783118003291,1441699299072316842,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5300 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3996,i,1676110783118003291,1441699299072316842,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3252 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4804,i,1676110783118003291,1441699299072316842,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4468 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 app.box.com udp
US 8.8.8.8:53 106.39.251.142.in-addr.arpa udp
US 8.8.8.8:53 232.168.11.51.in-addr.arpa udp
US 74.112.186.157:443 app.box.com tcp
US 74.112.186.157:443 app.box.com tcp
US 74.112.186.157:443 app.box.com udp
US 8.8.8.8:53 notes.services.box.com udp
US 8.8.8.8:53 cdn01.boxcdn.net udp
US 8.8.8.8:53 23.58.20.217.in-addr.arpa udp
US 8.8.8.8:53 69.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 157.186.112.74.in-addr.arpa udp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 74.112.186.157:443 notes.services.box.com tcp
US 104.16.144.15:443 cdn01.boxcdn.net tcp
US 104.16.144.15:443 cdn01.boxcdn.net tcp
US 8.8.8.8:53 15.144.16.104.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
NL 142.250.179.138:443 content-autofill.googleapis.com tcp
NL 142.250.179.138:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 client-log.box.com udp
US 74.112.186.157:443 client-log.box.com tcp
US 8.8.8.8:53 138.179.250.142.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
NL 142.250.179.138:443 content-autofill.googleapis.com udp
US 74.112.186.157:443 client-log.box.com tcp
US 74.112.186.157:443 client-log.box.com tcp
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
US 74.112.186.157:443 client-log.box.com udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 73.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 43.58.199.20.in-addr.arpa udp
US 8.8.8.8:53 14.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
US 8.8.8.8:53 215.143.182.52.in-addr.arpa udp
US 8.8.8.8:53 76.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 notes.services.box.com udp
US 74.112.186.157:443 notes.services.box.com udp
US 8.8.8.8:53 b7fa0a8e.93776ea7ce245002c43303fd.workers.dev udp
US 172.67.167.251:443 b7fa0a8e.93776ea7ce245002c43303fd.workers.dev tcp
US 172.67.167.251:443 b7fa0a8e.93776ea7ce245002c43303fd.workers.dev tcp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 104.18.95.41:443 challenges.cloudflare.com tcp
US 104.18.95.41:443 challenges.cloudflare.com udp
US 104.18.95.41:443 challenges.cloudflare.com tcp
US 104.18.95.41:443 challenges.cloudflare.com udp
US 172.67.167.251:443 b7fa0a8e.93776ea7ce245002c43303fd.workers.dev udp
US 8.8.8.8:53 251.167.67.172.in-addr.arpa udp
US 8.8.8.8:53 41.95.18.104.in-addr.arpa udp
US 8.8.8.8:53 robbinstrevis.com udp
US 45.42.215.66:443 robbinstrevis.com tcp
US 8.8.8.8:53 r11.i.lencr.org udp
GB 184.28.176.80:80 r11.i.lencr.org tcp
US 8.8.8.8:53 p7apj0n03wn.ifaciitygrp.com udp
US 45.42.215.66:443 p7apj0n03wn.ifaciitygrp.com tcp
US 45.42.215.66:443 p7apj0n03wn.ifaciitygrp.com tcp
US 8.8.8.8:53 80.176.28.184.in-addr.arpa udp
US 8.8.8.8:53 66.215.42.45.in-addr.arpa udp
US 45.42.215.66:443 p7apj0n03wn.ifaciitygrp.com udp
US 45.42.215.66:443 p7apj0n03wn.ifaciitygrp.com tcp
US 45.42.215.66:443 p7apj0n03wn.ifaciitygrp.com tcp
US 45.42.215.66:443 p7apj0n03wn.ifaciitygrp.com tcp
US 45.42.215.66:443 p7apj0n03wn.ifaciitygrp.com tcp
US 45.42.215.66:443 p7apj0n03wn.ifaciitygrp.com tcp
US 8.8.8.8:53 aadcdn.msftauth.net udp
US 8.8.8.8:53 aadcdn.msauth.net udp
US 152.199.21.175:443 aadcdn.msftauth.net tcp
US 45.42.215.66:443 p7apj0n03wn.ifaciitygrp.com tcp
US 45.42.215.66:443 p7apj0n03wn.ifaciitygrp.com tcp
US 45.42.215.66:443 p7apj0n03wn.ifaciitygrp.com tcp
US 8.8.8.8:53 175.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 outlook.office365.com udp
GB 52.97.212.98:443 outlook.office365.com tcp
US 45.42.215.66:443 p7apj0n03wn.ifaciitygrp.com tcp
US 45.42.215.66:443 p7apj0n03wn.ifaciitygrp.com tcp
US 45.42.215.66:443 p7apj0n03wn.ifaciitygrp.com tcp
US 45.42.215.66:443 p7apj0n03wn.ifaciitygrp.com tcp
US 45.42.215.66:443 p7apj0n03wn.ifaciitygrp.com tcp
US 45.42.215.66:443 p7apj0n03wn.ifaciitygrp.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
NL 142.251.36.10:443 content-autofill.googleapis.com tcp
US 45.42.215.66:443 p7apj0n03wn.ifaciitygrp.com tcp
US 8.8.8.8:53 10.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 98.212.97.52.in-addr.arpa udp
US 8.8.8.8:53 r4.res.office365.com udp
GB 2.16.167.129:443 r4.res.office365.com tcp
US 8.8.8.8:53 129.167.16.2.in-addr.arpa udp
US 45.42.215.66:443 p7apj0n03wn.ifaciitygrp.com tcp
US 45.42.215.66:443 p7apj0n03wn.ifaciitygrp.com tcp
US 45.42.215.66:443 p7apj0n03wn.ifaciitygrp.com tcp
US 45.42.215.66:443 p7apj0n03wn.ifaciitygrp.com tcp
US 8.8.8.8:53 acctcdn.msauth.net udp
US 8.8.8.8:53 acctcdn.msftauth.net udp
US 8.8.8.8:53 lgincdnmsftuswe2.azureedge.net udp
US 8.8.8.8:53 lgincdnvzeuno.azureedge.net udp
US 152.199.21.175:443 lgincdnvzeuno.azureedge.net tcp
US 8.8.8.8:53 logincdn.msftauth.net udp
US 8.8.8.8:53 acctcdnvzeuno.azureedge.net udp
US 8.8.8.8:53 acctcdnmsftuswe2.azureedge.net udp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
NL 142.251.36.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 browser.events.data.microsoft.com udp
DE 51.116.246.106:443 browser.events.data.microsoft.com tcp
DE 51.116.246.106:443 browser.events.data.microsoft.com tcp

Files

\??\pipe\crashpad_2652_KFLLNDBUKWDHAYKZ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 6a3ce726a556f94361ccef2acc8e513d
SHA1 a9aa28b9aa828a9b4f0b882caf9f68faf294b941
SHA256 a53dd65341bbdd34b0dd9b09af54201edb072539475d26629193291db916a6da
SHA512 2e45337eb8371892b50b746243366438e38234cd5aaf4e1ef10dcbee7a2d97de0f37f270df2a0154bc8e0bb9e50bda83c214b852c2bb3e979483869e72a766c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a18d5311c65455a7f8caca35c7ac1ee3
SHA1 e3c1ce69cd599869a0d71e50efe5c809be7c1228
SHA256 c4cdc063e500567529e7ad5304a8b1c878bbdb9515fe9f8fa1a473f3bd4a2436
SHA512 b368533b14d0ed434012840dbc1093e2c79f533ad55639d0c5e51b705af91038c2635c27068f6dcbf9aafeffdc152f2f5029ac2140cd2222d67e31cf455f79ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 faa7ff4cb550aed565e909ba059776a1
SHA1 d3a0a797d38574dbd82999685076c45d6a968a32
SHA256 ae156c484f6599c90358dbcc078f7bfc46a79f089002c89243ed8c1587e12b48
SHA512 a155f14249289b71cf89d516e57c6c9a34449038232fe87a4d0337a0cf3bf6766ff15174e32fadc3c1940cc43989e878109da6d2b6d82c3b6e2df81ddd9fe7cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f3b02e3c789a2e425048dec1e8f9724f
SHA1 dffc12122b8b7030e306bda09ddf213ea3dbe28a
SHA256 3fe0b2e8beca5fece0eaed9cdffebd4a655ada8646c22bb5d7dae9af20333cb7
SHA512 4639e6eaad2c9b5d3554270c5feb4a8cc40ae1cad31cdd2ede1d329af7b3ee713d133fbe27c2a91f5fd9e3e44f596381eb24dd6420d206c2e16fa3d51440efd9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 3abd168e126504bedf55aca724e1f6d4
SHA1 94989a0578b0ee93f48858779fe1cbedb8ba304f
SHA256 9f1bd4f8d0445bddc832c5753f3e91ea9c0acdedf1d8e9bdb60e849291d5e9e5
SHA512 62b565481587e4b599a2a49f3693970045cd72c4b433d89d564f6a103ba349acf8fed3a1475402b340b847409241c514f357846aff87da3cf636768b14a1c6d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 efb9b1136cd08825f0c41f9863b420e2
SHA1 3e062c5678bbfe1c10cc1fab6b8890e948480e68
SHA256 7b2c137fd35ef33510413347df5d6b84f041bf6ba97c0e9d3633dc9026474f9e
SHA512 8a031ea7d2d609d97ad159330fb0b8e9eab20af41358d0eb3deccf11ca2c5dd429a2334b43b753995e83fdd7e6ed1a281085b7b117234393d94b7df2af03e013

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2b4276d68ed8255049994c02421880b6
SHA1 d7413b2b381290f59c48d21b4650ab28094823d0
SHA256 6f66c2ae01c26909308442fdd9bfe8881263e9e7a7d0e6dbc6e0bbaec02a7109
SHA512 0e518fa4c06f12d0f04fde5af773df2b798ce82807f41b02756b5aa0aef1c89b3910dd5ee809df4da765fc2d32fb3e7a58edc08448c58c90223a740719a95ec7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9b9bc5894fe32c51d7da0ca88b404e37
SHA1 2d11ded56c37c1257a9b88d1c2e8adcac1e09f76
SHA256 086e88b3e8f44f9b293dc89f65588ae50955c46091af080ccc36ceb0da7bf311
SHA512 e14b142cd58ce44bff99a8281dd3cf67811247031e20d4e94ea0136f3b776406e229e62f5379bb78f480a277eecb0bd1e56d3a2084d8c730d0e03657a66f6d05

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6c20f188eac10526e61b7b106c6e1535
SHA1 4209d7177bbe9ef0aaf6169605523923c6e2ed9c
SHA256 861dd8ce42beb9f92e134d531694b0726819203e4b18c54691e3d13d5c424170
SHA512 d38c4057e159b0b5fe72b85406de755475f2383d5ec83fb339193a44902e0d0ecf3983f9c030030a83d93a0c1c68fca303f6fab3eba3308f52aa5ce66b4b4924

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 663ea2d804763691046dccc3257e89c1
SHA1 d19fff4cfdd8a102ad48222b263ef1f2afee2d99
SHA256 c575899f327f11e85292457e135243ce9529c2d68c210850e448e5810ed51c89
SHA512 2733217d549de74833ed98a7e9334410d3c67935a39ab113af82b745ea433331b2c9c0bc6a72bf96801dc3b1cd887d0c45d9c8a3dc00cb377ee9cadb4c9e07b3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 30e41af057642e8b0c59881a2e092462
SHA1 614b6c18c85ae042998331dc3bab3d04ae4729ca
SHA256 0d890764b88d876537eb77f84e359f28bdab465e7f878ef64f1041d828424089
SHA512 2e6aeab47cd8a70b355f3be5b305cea868de1e25b3c6bad661f448197f4ac57c87da5e60b0d4d1495104304978691960979b2f66a8e448c3a6c15c9633a80a03

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 174dd6cf973488459723ff1a9b7399d3
SHA1 3e1a9b8e3c4597908357757a8592d5a0874f3249
SHA256 4872fb67201e097ab75812d008eab26735f4d1437a848cd314fb9e11a7c10938
SHA512 96d9b45a204164a0257db59bf2b1cd38ca0c6c343adb55fceab157cd1b25fae458cfe345bb2d719556bfef5f376ab6e256b3993cd23226dcbd57eb5bb27880eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 66c5dc5ca183b26f3a8c80e21327a1d2
SHA1 aba3a293eea91c483226c52a4f0897311f596178
SHA256 dac8aa256b607920100c7dc87acfec2fbbf474d845558a536f5a4e7fe465a260
SHA512 711c984eede2e2b763384d27525427f8990f114976b85371d2c21bc38257200941b8b93d9945f0a51358f5aec78aa2ce7a06162449e776e92ecabf7ed8539bf5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d11a35f3ab1abff4ced6df213d93134c
SHA1 bf5c67f8582eb22794d05d763f3e44d29d114886
SHA256 d080dcf6a9467931169d7d87331623f3a48fdd8860d5106b639c9bfe9bea0f75
SHA512 b747b6ccb161083f4c66f0f5bf267bd13cfed46bb7e4c33428d64b9caa5652185a63febf94df9012c0ae11e79f32abb16fc150e07cb418203dcf147b2c0b47d0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eba2ed700c888cdc0f20f7b6912c4082
SHA1 a13f114bd58c887b8f1cb5738a6102094bedea69
SHA256 1bc7b1f35127db1e778c31dbe796c0411b7005f0c9cea2b8739563e05253c32e
SHA512 d7f057b7a3d9d198de8fe30515d5915709d5bd2edb89a440d1b414682c6e126cd0ae5a2505f77b08238266415621057c698dacb1cb18edd1686c4dd891853984

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 11b57b1005ed9520e264d3a5bc884c35
SHA1 915258260598ce26f0183288d07dfc347b083357
SHA256 3ccad15d9080345d73a9ec6ef43ad0e6cc03199646b6caa129c1e7bf9a4d3843
SHA512 14e8cab8f37eea84a063da21983534f303b47c84cf437ca4878108d384a3fad9242bdd20e29ea91e6654626b2991b28f1558f6509bea0405baca0063f5a9533f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5dc1a25f6e28b212292f1aea469c3de6
SHA1 3943407e31657c262e9c6e11c3605a20f936f70c
SHA256 613f40b9491b409ff6ca9ce5dac7488f18b38c4bcacd862d939819ea0d2a055a
SHA512 25a9b2e7c9b600ec692bcccee3ace6599c156636ad3532ad43cd66038d3f7744ec32fa3f9f8d0c7dc9c4046a7d354f0c74c3df48d701ea7d176716152b829420

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ba6f43209e9ed0c82dd0c6a6e2529f53
SHA1 dbf4c8e44755a16100406c6a2d8314515ed891ef
SHA256 7d41936332614498dc550afa434bfb22c1800f7268ecd8f75c860906632a00d8
SHA512 93acc1fe168c38b5d31aaa6d110acaad520e036cb3c7d0aacb37162dd8632097a1571d2449882d354232c50c75d5507b60a7d8f7a5ad877ec81ff93d38543941

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9cc14d5c2c52e12b40780cf14f8a4530
SHA1 94fedbb6cdf199374fabf746a7096ea4f07e859b
SHA256 e10cc3b42ca141880bce40acbdd30a38660aab0118cd672ee668da038de71c1b
SHA512 8142db6c73ccd2864bd8182a44735bc5efcddf03ab322c12ac48cf7ea50aa44c884fb6b7fd12a176e56ab9a9e535641592283ce41723e1ea3af4de68d566d794

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 05e21d540eb659a9c58b81af817d31ea
SHA1 7a1b8ed4fb1d9f72288b0dba47279eefde732c5b
SHA256 9f7c2d2d6e6f22c2e856504f81feee9ffd68fc13f4c674978340a91eb445e34b
SHA512 8ee69949840f8e8c67006b6bb63fd04d54ebd70fc6ea74d9dc50f58880405bbee739a24f98e83f8dfa493aeec44ab42813a9812c3aee4b5b1da3232ea582039a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4363ed6b34de27c1dfb563c516a10060
SHA1 dc4db0a1a65185b0288653dfd21849ff2def70da
SHA256 67e33956fe7bfe18dacdea582bd225540b073e997b5485290aeb14cb4cad4d66
SHA512 f7aa7698432b18bea3d4e31bd89fab97f2b7ec7c75ae2c5fae71855d55d8e13e63aee599d92db7bebd8dc1571e3242da252b6a687433690e7815d8e6dd8b773c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b45880aa033e3442051bce19861b110a
SHA1 a38b74834eb998b53e447899246edfdbcd4f6fc1
SHA256 830967cae4e989a8faede974af2e86e08ad4ffd5dc5a8a2355e596134dc2fec0
SHA512 ec03f2b6c70593b243b0e7f93a9392dd355c52fc2f1739a50137c798140a0e53a38cee74d3f4072ac16db2e83847fa370874989281e8b844df8609740bcb6821

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 be8d0ab5d0e1082d333e59689fa6f5bb
SHA1 eecc669dd9e85270e0b7bd91619fd12d7932eb1f
SHA256 028a971135e5403045387d667e3c2f266f31ebfa74ca8da27cf3e917b9b2ee22
SHA512 f241fcd4812770b1b2ffb5aba1153fd633414493e7de63d883a4115713d5052030c41c593826fc01619ad5fb62578d52b98cdc94eba94bb558ec566c4b44de90

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 aef6bc1be51ec2354725620c3eb03507
SHA1 16d3c0a06631f0bf6e0e54fcbf0d596cbb676b2d
SHA256 34a250d263c3cf1abd98a4758e3a20103f8ebcc57a5f4795f48bfa811b265df5
SHA512 6935f30110c5cfa57e40360f8544189408f2530996fb8300473b8c80872fb32bf71252145c2206638e0ef08adbf657bbb70c89eb2d1bd2baa386d3339e8ec23a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d160589cfca64b97520aef6f46ab88e7
SHA1 0d9a963346af62096844f2c30d7abc4590234ee2
SHA256 0590fd81a373165167ff7e8f344f2797d435fdddf60b79c8731fee5b7399ebfd
SHA512 bbfaeb908983e6aaf77994a8373168e8550fb5d535900c144679ae478ec9d43b753992c55460492e85784e3c46edcdbce055a048e1052a35f3c803c70d735ebe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1d787e34b56953783dd0a4df35dd5724
SHA1 9dc43e35a4ce06ea235f84154915fb5d60eee704
SHA256 8ebd49c639251910706e9ab8ddc427e9985139481528ae0b661b82b3fffc4e56
SHA512 399ff19b5295c5a3ffbf9ff66d46f438ed7da1a09ab9babb299eaa6ceaa3c536ba21b58065db090297d79dc8d395a612067b446b9aba96ac97b77459c2000107

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c29ab70fbdc45cda0172c84a33c24cf6
SHA1 45c3dbbd7e689202149fa4729994ca8c51590b0a
SHA256 8261e61965bbb0d1cc7f89a97313debd312c8a0ea2a3615ff5ee615cab77bd83
SHA512 3608c8621dd82c5fba507bcf4f79a12fe011dfdef8f6771108321668eab64738914f6a41fe7d4522e14ad03c17bbfa7b3a10dd1957a8e9496818e0f5ddd04545

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 67b8d1ac134e339e79a05028d90d3eb7
SHA1 874776806363e0259d6775797e5332a835b190d4
SHA256 34fd84cf6602b1ee67461237c20f68e06a3039445de549a3f015d9061db340e3
SHA512 74af1ebb183ffd8f0ab1a7b4d065d489ffff5dc4df26685a78518589a9082d72065f84c50e460065eb52ae1e1262038f5d5f3fa5345ab48e92e022c9f205d45e