hxxps://youtube[.]com/shorts/Q-sVkRFIeHQ?si=pdGJGTYS9yRv-v0m

Analysis

max time kernel
150s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
10/08/2024, 06:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://youtube.com/shorts/Q-sVkRFIeHQ?si=pdGJGTYS9yRv-v0m

Score

4^/10

discovery

Malware Config

Signatures

Drops file in Program Files directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\Crashpad\metadata	setup.exe
File opened for modification	C:\Program Files\Crashpad\settings.dat	setup.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 9 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Modifies data under HKEY_USERS 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133677461613143698"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 11 IoCs

pid	Process
1964	msedge.exe
1964	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
1572	identity_helper.exe
1572	identity_helper.exe
1916	chrome.exe
1916	chrome.exe
4488	chrome.exe
4488	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 17 IoCs

pid	Process
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
4488	chrome.exe
4488	chrome.exe
4488	chrome.exe
4488	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: 33	5472	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	5472	AUDIODG.EXE
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	4488	chrome.exe
Token: SeCreatePagefilePrivilege	4488	chrome.exe
Token: SeShutdownPrivilege	4488	chrome.exe
Token: SeCreatePagefilePrivilege	4488	chrome.exe
Token: SeShutdownPrivilege	4488	chrome.exe
Token: SeCreatePagefilePrivilege	4488	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
4488	chrome.exe
4488	chrome.exe
4488	chrome.exe
4488	chrome.exe
4488	chrome.exe
4488	chrome.exe
4488	chrome.exe
4488	chrome.exe
4488	chrome.exe
4488	chrome.exe
4488	chrome.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
4476	msedge.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
4488	chrome.exe
4488	chrome.exe
4488	chrome.exe
4488	chrome.exe
4488	chrome.exe
4488	chrome.exe
4488	chrome.exe
4488	chrome.exe
4488	chrome.exe
4488	chrome.exe
4488	chrome.exe
4488	chrome.exe
4488	chrome.exe
4488	chrome.exe
4488	chrome.exe
4488	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4476 wrote to memory of 1096	4476	msedge.exe	84
PID 4476 wrote to memory of 1096	4476	msedge.exe	84
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 2772	4476	msedge.exe	86
PID 4476 wrote to memory of 1964	4476	msedge.exe	87
PID 4476 wrote to memory of 1964	4476	msedge.exe	87
PID 4476 wrote to memory of 1592	4476	msedge.exe	88
PID 4476 wrote to memory of 1592	4476	msedge.exe	88
PID 4476 wrote to memory of 1592	4476	msedge.exe	88
PID 4476 wrote to memory of 1592	4476	msedge.exe	88
PID 4476 wrote to memory of 1592	4476	msedge.exe	88
PID 4476 wrote to memory of 1592	4476	msedge.exe	88
PID 4476 wrote to memory of 1592	4476	msedge.exe	88
PID 4476 wrote to memory of 1592	4476	msedge.exe	88
PID 4476 wrote to memory of 1592	4476	msedge.exe	88
PID 4476 wrote to memory of 1592	4476	msedge.exe	88
PID 4476 wrote to memory of 1592	4476	msedge.exe	88
PID 4476 wrote to memory of 1592	4476	msedge.exe	88
PID 4476 wrote to memory of 1592	4476	msedge.exe	88
PID 4476 wrote to memory of 1592	4476	msedge.exe	88
PID 4476 wrote to memory of 1592	4476	msedge.exe	88
PID 4476 wrote to memory of 1592	4476	msedge.exe	88
PID 4476 wrote to memory of 1592	4476	msedge.exe	88
PID 4476 wrote to memory of 1592	4476	msedge.exe	88
PID 4476 wrote to memory of 1592	4476	msedge.exe	88
PID 4476 wrote to memory of 1592	4476	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://youtube.com/shorts/Q-sVkRFIeHQ?si=pdGJGTYS9yRv-v0m
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8156b46f8,0x7ff8156b4708,0x7ff8156b4718
  2⤵
  PID:1096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,9781790524896073496,5112844731060422750,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2
  2⤵
  PID:2772
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,9781790524896073496,5112844731060422750,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,9781790524896073496,5112844731060422750,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2788 /prefetch:8
  2⤵
  PID:1592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9781790524896073496,5112844731060422750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
  2⤵
  PID:3224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9781790524896073496,5112844731060422750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
  2⤵
  PID:3996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9781790524896073496,5112844731060422750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4000 /prefetch:1
  2⤵
  PID:4076
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,9781790524896073496,5112844731060422750,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5140 /prefetch:8
  2⤵
  PID:468
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,9781790524896073496,5112844731060422750,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5140 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9781790524896073496,5112844731060422750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5416 /prefetch:1
  2⤵
  PID:3480
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9781790524896073496,5112844731060422750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1
  2⤵
  PID:4604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9781790524896073496,5112844731060422750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3440 /prefetch:1
  2⤵
  PID:1656
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9781790524896073496,5112844731060422750,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5576 /prefetch:1
  2⤵
  PID:2256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2124,9781790524896073496,5112844731060422750,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6008 /prefetch:8
  2⤵
  PID:5412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9781790524896073496,5112844731060422750,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5908 /prefetch:1
  2⤵
  PID:5576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9781790524896073496,5112844731060422750,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1
  2⤵
  PID:5584

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2608

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2344

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4592

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x324 0x4f0
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:5472

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ff80624cc40,0x7ff80624cc4c,0x7ff80624cc58
  2⤵
  PID:5000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1848,i,83666350178509129,11523074076988599682,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1844 /prefetch:2
  2⤵
  PID:5316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2208,i,83666350178509129,11523074076988599682,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2260 /prefetch:3
  2⤵
  PID:5384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2292,i,83666350178509129,11523074076988599682,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2304 /prefetch:8
  2⤵
  PID:5508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3188,i,83666350178509129,11523074076988599682,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3096 /prefetch:1
  2⤵
  PID:5656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3296,i,83666350178509129,11523074076988599682,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3236 /prefetch:1
  2⤵
  PID:5664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3732,i,83666350178509129,11523074076988599682,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4596 /prefetch:1
  2⤵
  PID:2892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4732,i,83666350178509129,11523074076988599682,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4860 /prefetch:8
  2⤵
  PID:6052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4960,i,83666350178509129,11523074076988599682,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4976 /prefetch:8
  2⤵
  PID:2236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4408,i,83666350178509129,11523074076988599682,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4860 /prefetch:1
  2⤵
  PID:5088

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:5732

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3320

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:4488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff80624cc40,0x7ff80624cc4c,0x7ff80624cc58
  2⤵
  PID:2256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2028,i,7625598158191680093,3231471609667585805,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=2024 /prefetch:2
  2⤵
  PID:5800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1880,i,7625598158191680093,3231471609667585805,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=1588 /prefetch:3
  2⤵
  PID:5984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1712,i,7625598158191680093,3231471609667585805,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=2248 /prefetch:8
  2⤵
  PID:5968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3136,i,7625598158191680093,3231471609667585805,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=3180 /prefetch:1
  2⤵
  PID:1444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3144,i,7625598158191680093,3231471609667585805,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=3208 /prefetch:1
  2⤵
  PID:3492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4528,i,7625598158191680093,3231471609667585805,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=4408 /prefetch:1
  2⤵
  PID:5436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4860,i,7625598158191680093,3231471609667585805,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=4868 /prefetch:8
  2⤵
  PID:720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5060,i,7625598158191680093,3231471609667585805,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=5056 /prefetch:8
  2⤵
  PID:4612
- C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
  "C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level
  2⤵
  - Drops file in Program Files directory
  PID:6076
- - C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
    "C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x268,0x26c,0x270,0x244,0x274,0x7ff700af4698,0x7ff700af46a4,0x7ff700af46b0
    3⤵
    - Drops file in Program Files directory
    PID:6012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4768,i,7625598158191680093,3231471609667585805,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=4800 /prefetch:1
  2⤵
  PID:1984

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2224

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
4cac357bf24f523841d64a4775f0aa54

SHA1
78b550849a3899d802ec8798fac15a7401580ba9

SHA256
04e85566882a2bc4e8d6d31ceefcd36b4c0a5b3cc3885321ea274abf780ce5c2

SHA512
f9b9107b26c3ac0ae71c1a24c5e240f984663322eea15ecf6ad4d2e30cb444b78bb3da3d3c9229c37ebba39061fa283f94f02376524abd7d09f02cdb632159d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\23809db2-1efc-45e6-a595-adfbc8551f12.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
df5f56d831c275035129c8ad371c811d

SHA1
ac2f4bc47f5ac0a9370cf3016bb4b4719287eaa7

SHA256
076354b310b4f4e0233e87f82c9b408b33e016c3613bbe0dd8afbdc9491be127

SHA512
becc145e28517a72a828416dc1e20f3f8a32d5031ceac2c482559f7717a688e78826558702f3988f68227073f74f3e190e942cee298c4a377512f6e861fa9a2a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
d0624cf611fbd78b39f0834f2443c549

SHA1
4a8ee6a724a255229bc5ba0ad8332d9274106637

SHA256
dd8578cb60f14a459ed21bb7ce4af3dbe3d2de7d9d84a63c865302123afdf41e

SHA512
cb3dab7ee16b88729a3d64a88a50e34fe62aa90ee9056a1f2546139affdcf3f4ddd21fd708c1126a9057c91a5848fbfe956608a0656df7ad64379d37307275ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
9eb0758debd4a75d275b870eab10bb4d

SHA1
13f00cfe60c6379a5c042d6b49f0bf77ee2f475b

SHA256
ab06a2ff00ac084e348b49b0c78e8c44b08792423708f4937c0accc3ace54a6d

SHA512
327f86179606168bed102ea338d8b9a2abb6ce24b771f954debbce36eeb24d4b7e4aeb70cbdb8bd93f5976d72a7f4fbb66435cb97e472bc8f984cd4331977387

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
7e1a2c86cee4183d690b3f7d50412a59

SHA1
af175b5102c2e4a9b190aa3c288ff16879281343

SHA256
74de2b6beccaeaa3c620ad3f66dcc6f511cad5c4c94332a1528261b44911217b

SHA512
1b407a1e42fd0ec22809677e1390b91dffc320f75984b7bac2c57eea60682ce2a6bbeeba9df4db73119d480fe407374905603ef4fcb3316ac7d3a849c55febf2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
210KB

MD5
48d2860dd3168b6f06a4f27c6791bcaa

SHA1
f5f803efed91cd45a36c3d6acdffaaf0e863bf8c

SHA256
04d7bf7a6586ef00516bdb3f7b96c65e0b9c6b940f4b145121ed00f6116bbb77

SHA512
172da615b5b97a0c17f80ddd8d7406e278cd26afd1eb45a052cde0cb55b92febe49773b1e02cf9e9adca2f34abbaa6d7b83eaad4e08c828ef4bf26f23b95584e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
0b19d512328d72502fff0cd842190743

SHA1
47755b8ee46a54099bcdd94a9e0ec352d05c7a1c

SHA256
863f0703e1799b33c2dcd4fa524c88072ecb722d22483efb2a5a8f576be90c9a

SHA512
7742162a68b6319e21c89e844028b97971eb78c667f7932e6b2a7953d2c93a561df18d80a1ebc4496cc25e65c647b43fa779f0beff1efa3d961ab4ab5ab2c9fc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0

Filesize
44KB

MD5
abd17c03ced900d92a2de3501e947ebf

SHA1
a1fbb00ed11af5a0bb943253fe5a3b36bec4e36a

SHA256
2707f64b32a015a23e06e1399cafa739d76525d9a35db858c3c7b311974f4fef

SHA512
55d8c7459c81c74203bf50175224c4a33789080df11c97eba5537845e0b0775f330580977b6a3f1b6f44b576a2295f199d417a70ef6ec891e4a7dea4dc3a22f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
bd0f52e1858aebb79c0da3737664217c

SHA1
90b285ac0b37b2d60dca001065a04c7d2e101fcd

SHA256
537243789a35a7691fea75a102e3c920814fa9d0e3b5c495437a293de901c03d

SHA512
831e3f81ae2de0496321c5e787a92d56f21da466be69f0b4793ebad0c0fdeb590ae58f8455972a791a0cecd1f135a4a024694c8974b1c7c4283b03a2b646ead0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_2

Filesize
1.0MB

MD5
c0790bb3836b370f9c207259f34d3862

SHA1
d8ba0efcf62b5b7bfdb8a6f7de4b194bbed5ef31

SHA256
4798c6c7a116b3f609b072259e7779b270702d72bfc9aa408c5cc7f18282c26c

SHA512
99b1863bc19eb2ec3b99d2d70619d08b959cb5200f5e0a3efea1158fab92bd0be05356f1a4a46cace8f6f8d9b695507bc4dcd2b5d5c52cce3bb7263597dcf534

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_3

Filesize
4.0MB

MD5
d6b0609c4b6edb45553ff9afbfc95e33

SHA1
2697657b75906d3653f48080ec1f3993c07bd8bf

SHA256
eb5cc165f4f69f7a3e72851b1b63e67efa9afb3c96bf8aefc962a5fdbdd6cc2e

SHA512
db4c837c9a8a30e65f0f634bcceecff3354d6b72b34536e584fafd02eb103cb4a6b01522d4463d8c54e6852d28a71d9ec8997e2f353e59ea8724aadbbc2a80ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
160KB

MD5
75d6abc43e1f9e08cf48b6045991edb5

SHA1
0d7d5d3a2b441c1dc7913d2708897afa75a03d90

SHA256
4cbc0bde4e044f5e087ab9a5969a866bd2c9d1f1d6d0c9f934a692b4ddfa0198

SHA512
b6fc15be8ca4252e71eab1bb4410cdb691aae6f8d59879a83f2ea6c67aa89b820e978f87c4142d5e25e3fe39e4a6d41721f76e554c2b60ffc4879e84e2c89fcf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

Filesize
332B

MD5
088a8f913be0e5cacdb3a47ba6105fa5

SHA1
06cf57413ed114444f1b0836cb52c52aae0e0f59

SHA256
afb79be27460d36d619b9544717222e040b8f55ebfcb786f60ce6a8b601e7c04

SHA512
52be62410228033725d1272f297dcfa4e36a4b74635ab859561c18a03781fdec73ef6e6277254173479f34bae15af8853a49dac60763b459c73e48c8f287a325

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
523f1c41ba6c55d2570113a579f3025d

SHA1
4a6ce070c2d7901194ed0a65cdfad39c69672412

SHA256
13f32e3c2600745ba30a22472a83ed6195e64432d2769cb52923614711e3fa65

SHA512
a4b2f29adf61c227d36a4709cd5e4eb0187f6fb6909019a5895dbec117076eb82f5d66225410a156743638da435baf527bc36cf1fd7ac2f7394e231667c46ad1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Reporting and NEL

Filesize
36KB

MD5
9114e2ae401768a0827b43640127ea3f

SHA1
7b7904ae20ab178996fa4056af617335ba72a916

SHA256
e83f4e319c62f4b85824260cd3d1e377f9eb43e274054132b612d7626c323356

SHA512
530e3639e2c2996b40adc56b55c7e34c0ad176c14ed7096dd4348941073691d04b55b4b78f48903890b6bae80c946f61c01c9aa8bcdc6b5c9d9caf18c8eeedd0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
fb0d9e309998b3d11822a60a7c876b8d

SHA1
e8d5a285356988edb2003d8b6ab2bb7f1e119462

SHA256
5d8be8339d0db4d2896ea78e39156be6c349fa140d0ec0e6fbdd9afcc3fa1645

SHA512
80b69253de12eb47ebbbf7f669018c0d0bf0d8571dd6b6b4b81a99a55fd2036dfd72828d1719c3091e65739913878c42eac4dad681656ab4664890e61b6b9720

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
7cd300a98f87d7b282cea11a2f10cc7d

SHA1
b1aad3dcf8a7039f1fa65c17cf6d550a00e12958

SHA256
a45d44bad775782a19e14f51e7922cad0cb64081cc771dafee4226186bf2429f

SHA512
fc6d5f8593c131b3a3994edd8f80de495aafbdd4d6ea7f80f9572fe469df425db7175e1fcffdab0c8c48f4b57165291470cf74d7778a9dd1a31c42cf02af9e06

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
cb48f005d45c246d1e2e645ecb257127

SHA1
d669b0dd68be16ee0e9b8ff0b532261625ff47f5

SHA256
32098b9325ea04c97ea60a3b3818e6124be53a96e1933b430d8dc3e4f8230af6

SHA512
820f235abc5456fb195934cb8552fde272c2cda3dc6d3c4f368393fbbb36dd722be6bf5dcd7f3b5250baebe4a685f6bcc0ab2f9d46d78ed3d500695fb8232f17

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
dda0114f5653f1dc0ea54a95b2bb515f

SHA1
f25882131941ff5118b669ecc6e802cdf7093edc

SHA256
c08196bf1fb6bfeff296a5cabc480afa1ec8318c1f6dddb1f2593b46b0795758

SHA512
3be3f96524d0030ace32f8a1c7d2540baa80e6e71f0a200953097251643c0c87a367d9ac125b335e655c5ab22ace6cf2b944bb84e35cd4f12e1ca8ecf057e944

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
2a61e325d4836faecc3d3c85aa53bca2

SHA1
c83990544929eba09d5ab16b0249fc5a91e9682b

SHA256
86b9c99ea674ff9e117772e45cd852f8fb1807badc624b41a67be5a9ecba94c4

SHA512
8cace6a8c30e75ff3b09d35d7326e6bf22305dc4a70c1697a3bff71f3524e2191169396d51bf530ca21c6773a1659f905da7fdf47340911f46421690e4a4624e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1e55044381646fc36239ab93c0abf367

SHA1
4eae87cf79c88ab09bece7ae4fd33d650c7c7e9f

SHA256
6d73c541cf9c309713cb0f51b107faf61611b917b7b461a73ff7c68900e3b6a7

SHA512
6768c17f5d6ebf52f8dbc4f0e32f9297da35eefab992cd92a7b7e1edfe28a120ac190247c4145e818aeef537f85a7a883134e723254ac332d75c6c764be2e750

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
402d338656a2f253d398a6dd73dbce52

SHA1
10056073ed1325c335aa462230cf31ebafdff977

SHA256
bf074a1f5b534a8d117c14cfda34a45220b8ebf1b6773a333886466fc075c41b

SHA512
6d980bf66e82e47a9a7093291d86d29d11ef2b70b100031d6366d55b79ffc8c6996d97979e547086b689363def593f2af8da605b7edd574f2bae271d8c81aac9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
bab48531ce133c1a940b268b5345489c

SHA1
1e3aed8362f08ef35ac884200e0f602216ab2397

SHA256
38ce6bc0fe70038eec7561e4676a485088529af6369e2219911ecb04d98195b9

SHA512
c217350ef26ecfcbbe3a75285fa427e40fccf3c74d457df50583f284a83de552aec535525e1c7f6398c446b50f99b5c8679f018a2f4a40cc741cb9114a12746d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
0c11057c3df3ea604e800f9d85d233ff

SHA1
a0ad37cbf37d16cfea08343952404a3e937a3140

SHA256
b3958fbedfca53ea1f6302678989d8d1f4b4bf728a156dc47752ed0312bf180f

SHA512
937a13073997860dad6f3f0483037ac2d186114efcf2eb30d06846a22646004cda6deb6afc928b166a901886f242db1c5ba9914ac9eb7ef483f7756683d05ddc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
bdf13454801cf85ff9f7afeeb6010114

SHA1
6efe971e01f9a24261e6df595b80eaaa5e9a9852

SHA256
eae2283c4de9025f95495f94c233d4a70102a1bdc51ff2efcc010fdf55cc5149

SHA512
2c2cd54a785569b5d35136bd62ed31344b2b94dfcddf752f1a4288c47fe1d1de9ceb153a938867cc819e8b6f9f94438437d6444cb9b29dbacf2722d04641c550

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG

Filesize
336B

MD5
deccdf5978bbea3e4a4d99b7e6de17fb

SHA1
be6aa573e654a8803e5e53e51f50c95280cb4a05

SHA256
e610f2d332549b7f25102e0cc53850ed1d5898c1982ba4747a454ddee44c5a6f

SHA512
b1897e7dfe9b020cb001d5f5ba1979cac48e4386b238b1c98e0f2c4379efa5bb8b1363715405112b15d737f17ef2218d62399c70a3cd1453ca3b6b85c653e035

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13367746186240787

Filesize
2KB

MD5
f1a9ebfed50f03fceed43bb36e9553ea

SHA1
2776e382288158bdd3c23956bbb95a8c0747743e

SHA256
a66da09424ec5a168fd749985c03286e20722aa9d920f61b1ef7408034c106c0

SHA512
01676ec7aeaec16a07c42f2803c5bb1b1d8b3ef2fd3e89d0851209e2c9bd093e1b2b84e420d76603c60c8f197aa9571c1c37ed160fc0d1487a57c7a88166be37

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log

Filesize
112B

MD5
5ce4915ee61b48d9a63463b94d4ea361

SHA1
5c4b6029601bc286a644d0af4476844823c11114

SHA256
ae28510b06a4d94397294b154a5b27a8bd2dae18f325245d242347ae2ac8e639

SHA512
710329718f01a13f2ffb09b6fda3eca7d90cc8f10bd35b22add24a5ccf0c62537474fbc75427b50ac7227703c38b2cb7ade6423373ea063090fe5f049608f017

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
345B

MD5
c57a45b6aaa78ff01858356c049c8f4c

SHA1
e6645082d2c407ed34950224f4a4b708327e227b

SHA256
9c97af3e1d569692ac2919a27720ec04e5aba2d313477ba16d6c225a7d6911c0

SHA512
157aa1f3e169f53255b0599829cef40a5bdc6d2a68049e68a5acc7e777e574f2e93c9526e8e2a94d53e7a6a888b7724aba68ddcd0a1fcc1a77203f19fa255f09

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
324B

MD5
4113e8d633de77036d373854b7b0859e

SHA1
33b59cbd2e04bd526ed76c8d9cb92e6eed312aa1

SHA256
4a2d68af7795dff319cdd7fb3e0eaf1c5e76d770ed94ca3b686fa71b59530f82

SHA512
46b4b5bb3bc4eca914b07ae069dcef42a5198f84d29558bc90dca8bae74ffb9add0106eaf241087e0b8faf630ffa0135a83d091cad2686833b21454acc1ea6e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

Filesize
128KB

MD5
1f9f0a39a8946c22aa90e3d35693c698

SHA1
818238415847d35d6b8959459c2e7283f6bd4179

SHA256
b1d193266487eab1e2b6812bfd5548f3422e0f50228015de9e5246cb16c5ba77

SHA512
de394b873e8b94ceb4870d5a3dc6e71ba984d12921ef9cb4f641b9303e66f3e07e8d8c102c333602498e16c03093e5505ad7e98d0706750fa0d34f63c525b4a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager

Filesize
40KB

MD5
56ff370840749ee6a305bd3ad3782eb2

SHA1
fc849d16d58baa33b28aaa615256208a7d9c5a17

SHA256
6c1a228c2773dd80f9540856f5f38ed10c74bd8b927d9ba233a0abc035a7dbd2

SHA512
67ba332d4d89c22dc12109d8170d38c4e099e2e36cff0616d54d6c2e5624f518d75392152dabef0d21373f0d65051f9964002c79a255a47e4beb1ab9fd68052c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager-journal

Filesize
8KB

MD5
f8d762063a25ab91ddb8cecbb44dfd63

SHA1
1049104181d03672ff1e524365d68c6129dc595c

SHA256
86282720063c7b8fc393107f750a4e5fcffc352bd8610003d4d0f0a5d7d9be72

SHA512
f3a8b9460513d75ebd86d3e467d41b0035ab12b65c1186e8cbd31b3669d80b2b24a11cbf9bb405f14f6341ccee2a69b766ef35538f2c6e9086e3ad480da6714d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log

Filesize
18KB

MD5
a6c2a2e3f405d6a474b29a3dfd917b50

SHA1
a259c1907905d76e08ea86023dd2a4bcbd508045

SHA256
97f972372e01a0fb1dcbdc6c855ad6ddf3789cdd36764fb01410c4c0a54f5ab3

SHA512
086c25b7eb518add38cb19d1afb60eddc13e41f2272e095263a7a2d7f0739ef6aab73527fb05d0bace417de63b238b329f7b508efd8ef1e7c349255672168702

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

Filesize
320B

MD5
d43f7b9673937cd52fa273e980f8f584

SHA1
326a13c9f5958da2feb19f620723dd238ac64ebb

SHA256
a8f5512b11e9d2b7640938a3dfeaa0a9c32c3e6a294b5c27518ef41bfe168aae

SHA512
215803da3af1a893230b11aee7bb980e2b12c84dae1a93fdfa28dd21f56650d2e687a6259dc64086236607a5ae0ecb4b26549368d4f06c540f948117c69d8bb4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log

Filesize
1KB

MD5
441cb59b14d567bda44e61dbcad372b3

SHA1
1c601b28eaf7790ed9b87411aad483b01185b142

SHA256
39036993874cfb926bdbac3b2b4e89d017a9913d51e5febc1a361dff95c20e50

SHA512
862168987abc37b4cccd47cf10e3ebc39a37738e1849878788037b3bfb97cee611a48285b73ed2cdcbc2cdb21790e74ed5190edf23f28decefabe0b71294439d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

Filesize
338B

MD5
d2ec63c0d1895767bf78864fc46947da

SHA1
068ae7f53ce160529e4a4f324f0e6cfe73d3bc10

SHA256
0bcd8c8648beaa355424a18815037cdc33b3ece2baa82f0336e296c02057e473

SHA512
a2673b5b0cb0297ef3a1dcc583c2fbebd9a74b700356f76ea455acf3e22dc7eb92cb91fad94194d52337dc531d0a9265502b572d8757c32dfad2eb8d8c80fa7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
ef48733031b712ca7027624fff3ab208

SHA1
da4f3812e6afc4b90d2185f4709dfbb6b47714fa

SHA256
c9ce8dbbe51a4131073db3d6ceef1e11eaca6308ad88a86125f221102d2cee99

SHA512
ce3a5a429e3796977a8019f47806b8c0671b597ead642fcbfbe3144e2b8112d35a9f2250896b7f215d237d0d19c5966caf3fe674165a6d50e14cb2b88c892029

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
194KB

MD5
c0e9c4b1c357f2806d434c60b3ab1ad4

SHA1
05e188b1ef174d808191a55d9cd86976f4afcc93

SHA256
82d7c18cdb0cb1881ee4addf7dbb754cb1a59455bfd62377733ab171fc810a0e

SHA512
1fb7e2ed1b582788e18fb328032184d80a74356ab10965422c7c9d4604d0b3fdeeb579f866a71a8d6db163facec87c65653ea17e3ad28a89331af5ba7f08c1c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
98KB

MD5
8ef4e82eca54b27b216fa8ecc00f5640

SHA1
b084016374dee53183cdb8ad1a88f25083f241f3

SHA256
a51dc34094531d5a76b19e22810be2d9ae4146d05f59dff9ffa1d325cb8be0b7

SHA512
2136b79f0cfaa3b15f4b7ed14d0b0ce2e256fb175330e4efd4ae9b113a93d2c22870855671eed5fbbf8820b938ec8dd4ad041fbe7d0bc7b963ab8513888c98d5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
98KB

MD5
7a7a3e08f8150aa46b0cd110d2968a11

SHA1
8522142ffae8a459de0304b876ed1e353841607a

SHA256
e6cd99e2f3e0fd7681e5cbbc7f8c36115589f539cab2f9ee9b6270fca92452c9

SHA512
2f6dfc375f885f67555d64a3894a2a62dcac81f76e420714c13a6fd5c808f6b31c932ffda447d46daf712b7f546819bb0a7fdc181a728ef593ab61988ed86b54

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
194KB

MD5
1cb018a7e7544da335ad921e76a7eb21

SHA1
22b1d0f8a6e35d9a5b1c0a5f378c456216c5016b

SHA256
38dcc163c4bd26ffbaf9096672e97dd3304c035b775de601fc8084e7ca50f67a

SHA512
b5ed09731ca36bccb5ef262e09ffd7375ab0f4473bd2040e1ff09f3a58a7d84026abefcf39ef157c001041e2740560a0d2dd5835700d79ebf2db696a1439d229

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db

Filesize
28KB

MD5
61adbcf17ce2b6d5dfc18ee51c489e84

SHA1
607608869fd5b844aff029fb8fd8d2ac49fbc19f

SHA256
2b0d1c9d055edc472cdbed81eec003fbc3af3734e365ebe938016c3b3cae2b38

SHA512
f5df3b21f1011d5bee100787d447d3ea854107cbc2fcceb92660cb1ac065bf6b28c7ab5fb97c834a67dd4c3530a4448a78cf70af94c62ae6f15f6142ee389487

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db-journal

Filesize
4KB

MD5
e605fc7da7b1f627dacec9288ca44c09

SHA1
f264768f9e01a458783a4b585ce20c8539e82654

SHA256
6f9428ea7fc12abab55833e720be9c90c1db2aab8fa478b55b60c8d984054cb1

SHA512
8144d1265762c057fe102f4fa29b0fcecfd8d8435e55941e54f68b0f202fbfea6663b76977b3d97407a6aa91109b685cbdcdaad75d5574349ee04a911d73ab0e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
111c361619c017b5d09a13a56938bd54

SHA1
e02b363a8ceb95751623f25025a9299a2c931e07

SHA256
d7be4042a1e3511b0dbf0ab5c493245e4ac314440a4ae0732813db01a21ef8bc

SHA512
fc16a4ad0b56899b82d05114d7b0ca8ee610cdba6ff0b6a67dea44faf17b3105109335359b78c0a59c9011a13152744a7f5d4f6a5b66ea519df750ef03f622b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
624B

MD5
8ab4a8530f115904543c6970a8845851

SHA1
f6550f02de8882edb4e6da0a93a6e3325eb4306a

SHA256
4a73766cc29532281cfaa8c8e7e0ab1affbe0140086a71fa82380b16fa6e66ee

SHA512
748c03e5af8ce2d9f6d68a91b32d1ceb73476d5434a828ce0fc42ace643cd3e1d0da44f9f355e74cc7057c298a5bbfc42e9921b22c72a68a2baefb861cc07bab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
b7920b3ad2be445c132aeffb64b87f98

SHA1
0d9d9604acf7421d64df1b3b296d16eabbe63ff2

SHA256
47d5b6380a3939043f0c25b903d9ba572f29095ed9951a0478b81124147f0f33

SHA512
43fd1546fbe765094ce00b8ba16834ce70c1ec07752f8e86f98642b6ac8bfa98b7462603cf7589a9443527638dfd5158030323c58723f2f3916faef3955330d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Platform Notifications\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d5f27d265028f38b07598cad663a8c58

SHA1
d26c23d5048fed493f7617c310916b9d7781c846

SHA256
3818d3f8a5b5f7007dd5929a584ada710287cba54f87192fe2123371554ae87a

SHA512
51e0df9b157b6c80c8d16413cc1eb286f05cadfbeb5bc9c8c1229e1c2757a1f71294eae8002dd015e450d4f2f5a49f8a59ece125e2c4d04d908eb2b7d586a625

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
1ec804473f98884cc0427e1ca35762cb

SHA1
6811daf2f4b68442acf23478c061298d061e83a3

SHA256
700e78887d270cd824df979d9e839cf39ef7a0e278e5766be8f6dae69cd047b0

SHA512
c6a116dc49f527318a3387937f6d099a1a0043b7cfe18e1f71927fffb4b73771aa9425cc3d27f022239f96c2c7e0f2a259fccb3aaa61a3038eb210b12f1dfb03

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
d10d3fe5dee3b660a4a9bc4dbe23334b

SHA1
0ec3c86e493cf3a5552ba3492234950f9d5d55ab

SHA256
94ed3af0aec9ce47983ea3884904531a6b0797f1bb01dbe2526f1c889847e6cb

SHA512
63f83bd69863fc7fcbecdc99c2372de8474a25f111cc666639578247367cd4346ec5232faee940879f8102e30e68ec86c2c33a121754e9751d9e0264288a9e4a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\49df4a02-1d37-47ac-a903-ef3b22732ce4\index-dir\the-real-index

Filesize
2KB

MD5
bcbcb374abb97e5539914a1ed61e83a4

SHA1
e34229d6d269c1705f4c2e0ba4b9170a2c650694

SHA256
ac1f548604be021d44d3654093b362e43d643284c2ca438b3b34260f4e940fcc

SHA512
12f0ce57575d80c4e9434bf3e8ac08f4c1accad927dd9ee5c45f71147f79e6fc944669531db90ea9875d3084c701145951c4c76ba5e17566248a4e6c18169ce3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\49df4a02-1d37-47ac-a903-ef3b22732ce4\index-dir\the-real-index~RFe580366.TMP

Filesize
48B

MD5
fdb472c4389db933f71cf4f739b77dfb

SHA1
e68bde400707b45f8c19e7062b5db633d489b333

SHA256
73adbcfda11d59af0111005575b414f75888b15495cf3700d013df168c6ecaa9

SHA512
5c036e0186a60ca23278d82fe04ed8ed26eee11ab248e8cb9000181be362effb39afd2c12b8bbb827bdd31aa893c4050b45d80becd06ecff782b58d5a502ab35

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
146B

MD5
5f2b0fb1ef2349b992092adaa3ef9263

SHA1
e4d5a7ad852c09a2eff8487fec89861296e079c9

SHA256
28e8a2524ab487b6e2bd7bc84ac58ba3c476e03daf136212ff773a25f13acf72

SHA512
ca9f6865ff5cf42e7b8902f47fd864065b744114b7a3eee8d3a6dda3a84faa784773b1fb801fa8d86b45ac14992915096c1841e4c67c9bcc67de0d852d696935

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
82B

MD5
94d1d8a61d570040b526b6dbc4244a27

SHA1
eacb7c2f9b9f8d58cd0f8b18d58ba6250a95cee5

SHA256
b2bc305289895d1fadb3362519a4ddc832f9a9a1989fb2e687b5edd596097be7

SHA512
857e20a1f299afdcc3b01739a70340817e093c77cc8567a409ff74224c19ece76b81bcab842eebb6cfb947f708b83985447a907e663111214b7372c93b01a181

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
84B

MD5
877ecb6fde1c10059e5848fb1e40939c

SHA1
3866d3ea93dbc208815cbdb70b35cdc907003a3b

SHA256
39ee0518914a81dae4ea3f34b9b8c24baa999db48d36f323a24ebf6b5922fbe7

SHA512
b13d9eebd6eb04d64d8735cc81d32064fb2f5a30fafa612584e1971689cce75fbd7db8dc684df770c7a442e8e9ac9720a5573d58b6b722346e29c7ccfec92ef5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57f08a.TMP

Filesize
89B

MD5
e06e502772be40060f674380fd4fa696

SHA1
41561da3b001bbb3109884e949bb12e574ebeef1

SHA256
af857bb7878045f99a3c385a521f4343b2d476d9e79619cce25cef9db22e1347

SHA512
651efef3ab88f43aba64b7de106a296e710da755cfc4fa5cfb75d68f7c27623f05a9a117903bd428556dd5a236cd212cb3fa47fa537faec6ec41d74a05f338e8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
48B

MD5
2f2abeb2134e4d5da4755819854f7e8b

SHA1
9b778cd0ab24d23baa12d6595356f1cd086880dd

SHA256
249238cd7abcf84752e35eff04f3348093e6980dc3319becc1926e2482fbc174

SHA512
39d2cbe904ba69658c3b304aa108a5c28394211e7cdcbdc10fb1dc79adc480bd992202609c42b9bfe91cc7284ee0d0e2196cc62243f94765c9051b18b1a9bbe4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5808e4.TMP

Filesize
48B

MD5
081cb1e12c5544a4425fda1f5ed7afe7

SHA1
91b27aa8cdffba1fd8ccd106c41c04b1281ddae0

SHA256
4fd4bd7d82d972a425466cca8689e25ee0619a2f12185ba6af65a8940ffca1b1

SHA512
52239f0941f577fda4de4e1708ef07f37eda13d37db40bbd34ce6d17237872429891cfa6a6c65d5930b6d7c8eda7142e3a8aa3c06200631e07b82ca70ac4647c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
704B

MD5
5663c61b71098cd7ef251792eddb7f5d

SHA1
8081b679bcb0564679ff263362171f906a8f741a

SHA256
0e3ad392579c44ef23c520e49424ca947a264bb0bd509dc6002a0c9a6cf29dea

SHA512
d42da8c459d3b1959ed2fc889c9880f1df24c6970d41f13b5ffcb9947a6f9e2c9037361d897ca78715e55562d02b2831c312eab87bb2bd6fcb89fdaf83d23fe7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe580952.TMP

Filesize
539B

MD5
c7f0614c5ddaf8994136185c696467d7

SHA1
115dbda87b8262d86fd2208d97105463b0f45b5f

SHA256
346e4f8bc2784b0287e7ea801850c202d0776ea8518df2c7c1374d8717cfd288

SHA512
6057ccf97e17cb4511653b587209a26bcab54f81781ee2f7c42da9e80f5b3d1f3f21abb0074e949fcbc66c4a35fc5c296abc5277e93c9f4db235c2ec3fd8b8e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
ef8d89c43b340df850511cdea2a6225b

SHA1
1f344d8c112b367b5c1f95ede0f3bced6a51dd27

SHA256
a2eb0139e252cf154192e561dbfbc1b23531d210a089f836f02669be3bc89a79

SHA512
a9220eaea1d5b51cdd2875e9e713a1ff2d985a550c08d1b42a8d6f005fae5cb7e8b1b5b5bc9fa1f47956bbbcd547e587d6a2a6e98371c282d66516cb2ca28bd5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
f19459ed5b0d1e01d5df20c6dec60b5e

SHA1
fd1c056469f604b24e7b111186b7fc6869a2148e

SHA256
5631f43e845cf04704065a313747c59a239a50c9e85325ee0bce1467f3dbc6af

SHA512
d2ccf3207ee0cf269936c2adeac7b6b42a5afeae4a3cc1d45f6081e9afe0dce6edf154c7162054b2e3a2d3c68a58b1d703ec171b64ef40cfb7057508f96966f7

Download Submit