68359fa4e8405740c514ad06e8f405207454299ef7f2bd8ec00e102fac7ad544

Analysis

max time kernel
150s
max time network
150s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
12-08-2024 12:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

requirements.txt
Size

45B
MD5

64084969b43ac55a5c8ef94c328eb59c
SHA1

9c29ac893a3b2d68af428a3902ca84e699de6dbe
SHA256

68359fa4e8405740c514ad06e8f405207454299ef7f2bd8ec00e102fac7ad544
SHA512

3b94ba2636545e33333d87747312cffc64c7aa2856e04c869fc5a4cf65514c41da8f4c28a51b89e2fcb9860eeab594cd993d22ce8e82b7ccf65d049ab16bc6eb

Score

5^/10

discovery

Malware Config

Signatures

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF	chrome.exe
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF	chrome.exe

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133679410647494381"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings	cmd.exe

Opens file in notepad (likely ransom note) 1 IoCs

ransomware

pid	Process
2400	NOTEPAD.EXE

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
5084	chrome.exe
5084	chrome.exe
5084	chrome.exe
5084	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe
Token: SeShutdownPrivilege	1948	chrome.exe
Token: SeCreatePagefilePrivilege	1948	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe
1948	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3160 wrote to memory of 2400	3160	cmd.exe	82
PID 3160 wrote to memory of 2400	3160	cmd.exe	82
PID 1948 wrote to memory of 3156	1948	chrome.exe	87
PID 1948 wrote to memory of 3156	1948	chrome.exe	87
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 3204	1948	chrome.exe	88
PID 1948 wrote to memory of 2144	1948	chrome.exe	89
PID 1948 wrote to memory of 2144	1948	chrome.exe	89
PID 1948 wrote to memory of 2780	1948	chrome.exe	90
PID 1948 wrote to memory of 2780	1948	chrome.exe	90
PID 1948 wrote to memory of 2780	1948	chrome.exe	90
PID 1948 wrote to memory of 2780	1948	chrome.exe	90
PID 1948 wrote to memory of 2780	1948	chrome.exe	90
PID 1948 wrote to memory of 2780	1948	chrome.exe	90
PID 1948 wrote to memory of 2780	1948	chrome.exe	90
PID 1948 wrote to memory of 2780	1948	chrome.exe	90
PID 1948 wrote to memory of 2780	1948	chrome.exe	90
PID 1948 wrote to memory of 2780	1948	chrome.exe	90
PID 1948 wrote to memory of 2780	1948	chrome.exe	90
PID 1948 wrote to memory of 2780	1948	chrome.exe	90
PID 1948 wrote to memory of 2780	1948	chrome.exe	90
PID 1948 wrote to memory of 2780	1948	chrome.exe	90
PID 1948 wrote to memory of 2780	1948	chrome.exe	90
PID 1948 wrote to memory of 2780	1948	chrome.exe	90
PID 1948 wrote to memory of 2780	1948	chrome.exe	90
PID 1948 wrote to memory of 2780	1948	chrome.exe	90
PID 1948 wrote to memory of 2780	1948	chrome.exe	90
PID 1948 wrote to memory of 2780	1948	chrome.exe	90
PID 1948 wrote to memory of 2780	1948	chrome.exe	90
PID 1948 wrote to memory of 2780	1948	chrome.exe	90
PID 1948 wrote to memory of 2780	1948	chrome.exe	90
PID 1948 wrote to memory of 2780	1948	chrome.exe	90
PID 1948 wrote to memory of 2780	1948	chrome.exe	90
PID 1948 wrote to memory of 2780	1948	chrome.exe	90
PID 1948 wrote to memory of 2780	1948	chrome.exe	90
PID 1948 wrote to memory of 2780	1948	chrome.exe	90

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\requirements.txt
1⤵
- Modifies registry class
- Suspicious use of WriteProcessMemory
PID:3160
- C:\Windows\system32\NOTEPAD.EXE
  "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\requirements.txt
  2⤵
  - Opens file in notepad (likely ransom note)
  PID:2400

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcef49cc40,0x7ffcef49cc4c,0x7ffcef49cc58
  2⤵
  PID:3156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1840,i,8863117039026532861,7436348653899333105,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1844 /prefetch:2
  2⤵
  PID:3204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2124,i,8863117039026532861,7436348653899333105,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2144 /prefetch:3
  2⤵
  PID:2144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2200,i,8863117039026532861,7436348653899333105,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2292 /prefetch:8
  2⤵
  PID:2780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3088,i,8863117039026532861,7436348653899333105,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3128 /prefetch:1
  2⤵
  PID:4704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3132,i,8863117039026532861,7436348653899333105,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3160 /prefetch:1
  2⤵
  PID:1280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4456,i,8863117039026532861,7436348653899333105,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4312 /prefetch:1
  2⤵
  PID:2848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4776,i,8863117039026532861,7436348653899333105,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4792 /prefetch:8
  2⤵
  PID:4692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4972,i,8863117039026532861,7436348653899333105,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4784 /prefetch:8
  2⤵
  PID:2088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=212,i,8863117039026532861,7436348653899333105,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5096 /prefetch:8
  2⤵
  PID:3600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4596,i,8863117039026532861,7436348653899333105,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5000 /prefetch:8
  2⤵
  PID:5088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3408,i,8863117039026532861,7436348653899333105,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5008 /prefetch:1
  2⤵
  PID:1072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4360,i,8863117039026532861,7436348653899333105,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5144 /prefetch:8
  2⤵
  - Drops file in System32 directory
  - Suspicious behavior: EnumeratesProcesses
  PID:5084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5020,i,8863117039026532861,7436348653899333105,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5152 /prefetch:1
  2⤵
  PID:396

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3524

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1888

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
3c701d7904c0cdabd787146990228946

SHA1
d35f8189c3c97d09f2fb48c21c60524e1fa06a30

SHA256
a5750da8e88770929bc52d864724bfbe36aa3aa7954c3c70dc98476e5241e2bb

SHA512
8a37fc750c78f6b797178ac4ed6b59bb4912be6cd2de180b4881f294caf4d2b6c3c06bdf05508dab0f73215e48fc9b80fa8bbecba868ca98637717f94ed37598

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
210KB

MD5
48d2860dd3168b6f06a4f27c6791bcaa

SHA1
f5f803efed91cd45a36c3d6acdffaaf0e863bf8c

SHA256
04d7bf7a6586ef00516bdb3f7b96c65e0b9c6b940f4b145121ed00f6116bbb77

SHA512
172da615b5b97a0c17f80ddd8d7406e278cd26afd1eb45a052cde0cb55b92febe49773b1e02cf9e9adca2f34abbaa6d7b83eaad4e08c828ef4bf26f23b95584e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
baa0e7b3e1d24202e1a57031fa9302ef

SHA1
63af317a52b4ebe169524060c34b83d928f64e81

SHA256
078ddc173cfae8f3f431e406bd3549220a9fcec9e1b6990961e8f55f67ef87f9

SHA512
5c5b2aa02eb042c9ef1ea4e1c9ac8f97499fb244905dd5487f8fd47d33ef74af546eeca07366c225e9a385afe65e28a1402911d0eb1f3dd40b1561068cade417

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
354B

MD5
699007c7faa444cc9eba3f2c1c7050c8

SHA1
a6b33200afe6574ad87d4572c9ee81e43fc5b69c

SHA256
9b7a91792b5eb0297d2c74a7f9d68af91ad045072bc99536d14d2e211afe2dd0

SHA512
042aa5c4d5e1b5b47e906745024be1fa72f5a32a3ab008061cb2920267c23216fe116129d6e0f47880638a91d09f0f65fbf674f4ac92cfbecf744cb093d84d76

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
354B

MD5
261ec30ee21fe0266b04799b734671b9

SHA1
4a39eb230f6eacc78dad943556f71d47650090b3

SHA256
f8670d702b333af2a27890a926e4d598bee31845da7c6df9301513ffc97b210f

SHA512
91b6e6f66a2682312de7f190b5ee2cb10e43ade9342e55daf2696342be01281187d3b8c4d890f91acecc587c8ba2f8210c93635141e8bccc845a231d7dcd5134

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
354B

MD5
8c432225a76269d73d4d1b8fd6532a4b

SHA1
3f94d1aa2e4c955218d0c37494fd824ad18e72a2

SHA256
eba2c6481c6cd1721bcb1781e1cf564800d8e02fddae888e0cd0878f1d53dfcb

SHA512
3986dae8d9471d6b889711dce5d1cf1bfce50d39a3769781530f15e120d7b8dbeee3be0b2167453f798cbdcc28910ad8955cd35b553d319344e0832955179f85

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
690B

MD5
bbacb9993f6f4fcd1f6860f8f4a8fdc1

SHA1
68e6ca2f77dcdd80c6a9615129d859293bfe36ef

SHA256
3adbd18adfdc716f91776bde8242579a412128ba0dd25bdc429c184ec8558a58

SHA512
7cf8dbd272e35ceab6e900a16a9187a326c5f209ed2864d03c3a45146aeaeaeb34637f3078bd4cf3ba659929edbdb7459b04fb4c5d3b5039b3ad7f4aa80a352f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
354B

MD5
b278bacf00b274d487f15182cd79a5e0

SHA1
1ddd42b8ae9c06fe441d640df23b001e11a8ba58

SHA256
ce45688c5dce7ac922c78994ba214f7d2382ced438d17de8a92b1e69939ac33c

SHA512
cd3f2b364343516ff9bf9bfeb07336a42642287f882653f618787a58daadf72d061deefe14489e8f20e849fc2645bc31a46042d6cae4b91882b85ca1f608cac5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7e87359cda2bbcf04be1035ddbc51fac

SHA1
7acc14c12ceb066826705201830263a79f636569

SHA256
3034f4b8aae5a2af05d60e1d6c0f3cd1ca61218f6f84d3e06238298e57601348

SHA512
bc0e47ecb85acc0a3d8564084a3abfc3e0545956d16f6e206f1c28cb420b5b605d3a4f70f80d3d54131e2ee743a9995ff2864115b707fa4dfbb75e05c00ac8e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
cb656d01af4ee56e187156d536598865

SHA1
329c2d1b557ac52f164d373d0decdd127548ab43

SHA256
270e96ced0bf03539692079c2a1c4b0dbc343fa6b549f6488b1e01ed68fe76e5

SHA512
dd5a880dc16bb17c466c7eb851356029f3dc0a4663e872568b3620d8a59d6fa56ad8f46c5a733dbef170a060cc90ace59c2862c0792955399272b3ab6ded6886

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
8ca9be9e3eb69d9b72331c2724a525cd

SHA1
13550c369adb2b7f9666b424c891e7aac214e691

SHA256
7c6a2c13428b1add03a155c020c1d5ed13ffe6a344fd9d59abeec893691941d6

SHA512
97dec77d49a1fc0ac6b37c57689d3ecde4337ac9a083fc352790a8e7cd6da3a0ab3fb07b1eca7a0ea3e491394b8a73effe5092d49ead0b0241dbb3e4b843760d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
50c267f8d4e4918fd13d42aaff5232d2

SHA1
2dbb2a264068c5743234ae81be3d19adb0d1b448

SHA256
0ee26ac58533d54262f0736a152dfae870e9cfccbcfa0613605613c2bb355583

SHA512
addb15fc25e7b12ebeaae478ad44ddd831adb20e1fcffd8773e2b885325116155eff4ffcfeeefff6e15aa0da48f3a202c16add680b924fa8248fa30863fed09c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
2961a5df91aef2b20adce8e5015c8a0d

SHA1
7e76e54089c6e8b65cff6e2523fe44b5c0ca0351

SHA256
9b2bebb28a77a98ee7f06b07025919056270aba5627cd67f02f665036a3deb15

SHA512
9fe7dee4c327c561da7feaf0223d19c46df22ad04a480df17a99cbfea487c9b680c0b9e79ea77abb42dca551439b3a45c7803fbb911eb9793c87262d424cda4f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
6c9b0088dbce6c7fb6a8b46351741880

SHA1
8715d8d4352600420df783bb1d1f902328191068

SHA256
a54edfc5739ca44d1f3e08e0a0dc28d1c65a48d6e0d5816d98cf725ec2fc9737

SHA512
e6fd2855eafec7a27605cf028dbc5ce148083921126bef1426783a7e3001e6f51d769e288036d079dfdfa40f12f229455a1838279f9f7f2f7047dc5eb3d0f7e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
da046d09bc6b646a8e386a281c74855a

SHA1
e0040f0df6d73cc0d9d2dd0744b3c9c1535439e1

SHA256
4b187d5721f5fce782f7a82ff80ce7790ddbe552abf0e8a9acfd94bbb9a3a168

SHA512
b8dcc834aa08e152083b8680acda9a67c4307352bc533c15f5067560387b3fad2396b7ea528572e5cf95bd92f2fb7235717a7ea4d9ba95a005a184881e15b39b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ef8aa7d62f22f255afec725e3d58c8af

SHA1
d8c90856deddf3ccfbb8563c9eaf6bc771ea4aed

SHA256
fc869857f577fc076b681de539175122e4fdffef5fdb2aa8324c471d0c198518

SHA512
a6a5f016eaffcf777e8897d33e35c06a1ca6105131e6fa51224bdb155a5ea9ea29c0a01cce2af174e6888aa4f9894496bb0b9c9a1c02fd6abb395cfd305942d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f965c77e82139bd6855f44fd78df1a67

SHA1
9fb77912dd79a5d8ed417697999984d452d596dd

SHA256
4c69fbee3ecba005a9b393b9b48d76bfb1fa0a7f17b7e68bec0047ca04231a9e

SHA512
f20dd1f228d595c2a33bf86768f6e52d608e44d540f8d76bfd55b2633056844f7ed8e768c68df0b3c2a8a603cb204c13ab10b4e0d9d192c33557a98d35d265bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
e72c109c67c714b6f7378f73ad46184e

SHA1
1d874467cbfdd7fbd55842322cc989f2450e2e4d

SHA256
b8b80e23a1b536c6bd0eec59dde596e4c3563b296c3f625f876253a07f76414e

SHA512
e132e1a660d0f063ace9d2793d248d1e54b19e6bc18afbf235b2cf9887d25cf7e3388ce775a082a8fdb3a5b51fc9aba133e800dc8c11645c1865f78eeb3d81d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
196KB

MD5
ce3e29542563bdb57fbdf07329347900

SHA1
706b529d9fcfad73c4888e43006414a42ad71c03

SHA256
06cf4b1ee189551787b40ee8e1f491b7be43b345d06a92ed8135a8e90a341344

SHA512
bf505abf4fd57a36e6babd4ba9074f27a4731ec59e40fec50a8dd75b72e970ef7f8b606c90ed1c7ffd5ab8882a86b81a9635629af9b6926d90f58590a3799359

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
3e1ab4e7b1d88b6480c081f74e491a25

SHA1
8084a9876881da117317d4730b5df259cf195d2a

SHA256
98f4d80fe75d03824c1d4c0a9650aec168ecb848a4580bf9063531e356704636

SHA512
ecf88a37e2d95ad1746c654300c99d03a31e8c1ef2d0b13d5d0a9f69b799aee8dbccff75ff0a112c16e085cbd0c2b4cc282bb23657aab21c1be4b32e419d9ea7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
371d2241dd7f5c6d519912078781f0fa

SHA1
ab2fc82557a0a35452ccecc4132ae294350ee0bd

SHA256
bc5aa8abf3f83e491b4f22ba1118c7354b27d8c79a6aab49e6bf5788f092a39c

SHA512
999248bd71d1b5d3da7ca5c05cef86fa42c354b2e80827892c6c72394eb547fe37ebb90e8e3329f2ed7640570c3a0347ae5ce27d15e21a108b024d31331c97a8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
ad9a2499c9d2d1df8b19b27ac641106f

SHA1
b52c09788e13d2c31558f32f2773d6cf80b48234

SHA256
e54e21dc3c0e1799898ca11b7815d6992d2b5b119afb9449d83af6c2cb02eb32

SHA512
0727ba071689f92f9f80be782a4d8bef41f9318c4abdef5e3bfacc3cd71226c06a6cd52a3cae437296e9216234019b2213e17119c8f2e02051a11ceee14785aa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
224KB

MD5
e0c3b7f7833644aca280b94d6fa04cef

SHA1
158b94eb1af23a5fa47a5fb73b641eac2311170e

SHA256
4b9ff881950f4d175562564738e2eff8826919eb503ef107732b20bff199871e

SHA512
a4ed0b4970a5bad46973893db9644a18f004d46cbe1e36896b5d89321cac807176bbec4eac1ffc40e3b17959ae56cb2b12b8f164f6fe63acab2c46091caa180e

Download Submit