22bb5bfee35d9adb1e8e256b99763f1ed28dfbab12b570cf2cd926ad30fa494c

Resubmissions

17/08/2024, 13:45

240817-q2grfayclc 3

17/08/2024, 13:43

240817-q1k3gaybph 3

Analysis

max time kernel
150s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
17/08/2024, 13:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Bloxpredictor v1.0.0/Bloxpredictor.exe
Size

59KB
MD5

a6b302864cfb8a23ff529a53220ce45e
SHA1

8e51821c954c7aa26334347017c9760325fbd1ac
SHA256

9f2725959ca269bdd455789154903496c851af4879104a36a64cd675fc603379
SHA512

4a820f5ae2821b85d318f561d01bf4546ba54e562423b8eceeff2075d98069ee05918c8d87f7ab5332bc17a5409f8e93d2dc1bfdbc3c14b5cb5030165e15c383
SSDEEP

768:VifKCnZNC/gsEhKWiuK6OpJVk3w52ggMXCHWbhgXZlssvaBpje7xK:ViihIrpOFk3QgWbKpdv4Je7

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133683760058760500"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2170637797-568393320-3232933035-1000_Classes\Local Settings	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1468	chrome.exe
1468	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe
Token: SeShutdownPrivilege	1468	chrome.exe
Token: SeCreatePagefilePrivilege	1468	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe
1468	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1468 wrote to memory of 2444	1468	chrome.exe	112
PID 1468 wrote to memory of 2444	1468	chrome.exe	112
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 3596	1468	chrome.exe	113
PID 1468 wrote to memory of 952	1468	chrome.exe	114
PID 1468 wrote to memory of 952	1468	chrome.exe	114
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115
PID 1468 wrote to memory of 4720	1468	chrome.exe	115

C:\Users\Admin\AppData\Local\Temp\Bloxpredictor v1.0.0\Bloxpredictor.exe
"C:\Users\Admin\AppData\Local\Temp\Bloxpredictor v1.0.0\Bloxpredictor.exe"
1⤵
PID:316

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=4448,i,1602949858158667699,12464335823361976127,262144 --variations-seed-version --mojo-platform-channel-handle=4412 /prefetch:8
1⤵
PID:3888

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4332

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffbbcedcc40,0x7ffbbcedcc4c,0x7ffbbcedcc58
  2⤵
  PID:2444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1844,i,2495123699138967050,1343327186271432410,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1840 /prefetch:2
  2⤵
  PID:3596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2204,i,2495123699138967050,1343327186271432410,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2440 /prefetch:3
  2⤵
  PID:952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2236,i,2495123699138967050,1343327186271432410,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2456 /prefetch:8
  2⤵
  PID:4720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3168,i,2495123699138967050,1343327186271432410,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3188 /prefetch:1
  2⤵
  PID:4544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3324,i,2495123699138967050,1343327186271432410,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3340 /prefetch:1
  2⤵
  PID:2804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3172,i,2495123699138967050,1343327186271432410,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3736 /prefetch:1
  2⤵
  PID:2552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4756,i,2495123699138967050,1343327186271432410,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4760 /prefetch:8
  2⤵
  PID:1780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4836,i,2495123699138967050,1343327186271432410,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4820 /prefetch:8
  2⤵
  PID:888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4780,i,2495123699138967050,1343327186271432410,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4828 /prefetch:1
  2⤵
  PID:3972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4712,i,2495123699138967050,1343327186271432410,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5088 /prefetch:1
  2⤵
  PID:3352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5332,i,2495123699138967050,1343327186271432410,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5344 /prefetch:8
  2⤵
  PID:5372

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3364

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4348

C:\Users\Admin\Downloads\Bloxpredictor v1.0.0\Bloxpredictor v1.0.0\Bloxpredictor.exe
"C:\Users\Admin\Downloads\Bloxpredictor v1.0.0\Bloxpredictor v1.0.0\Bloxpredictor.exe"
1⤵
PID:5632

C:\Users\Admin\Downloads\Bloxpredictor v1.0.0\Bloxpredictor v1.0.0\Bloxpredictor.exe
"C:\Users\Admin\Downloads\Bloxpredictor v1.0.0\Bloxpredictor v1.0.0\Bloxpredictor.exe"
1⤵
PID:5772

C:\Users\Admin\Downloads\Bloxpredictor v1.0.0\Bloxpredictor v1.0.0\Bloxpredictor.exe
"C:\Users\Admin\Downloads\Bloxpredictor v1.0.0\Bloxpredictor v1.0.0\Bloxpredictor.exe"
1⤵
PID:5864

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\0b21607e-4b6e-4632-bff3-f3f4bbf9220b.tmp

Filesize
196KB

MD5
0eea3d4d22ccff5b8234f29dda4dd0ec

SHA1
73ca47fd3bde11b5a6cf5156cc45d3a197cccc30

SHA256
1711c2c655df15c86cca3d5d027f57e98f6caf7e8047b15863a04342d6c1a63a

SHA512
941b071cc0749689a25bb91356329cab1e12534b49a597f4e36c4c7105644bc51a697e20beb091ae98cae873e0753cbb5147289b5803fbadcb9ae86a10fa10ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\905c621b-88cc-4abf-9fee-d59d063f1ad0.tmp

Filesize
9KB

MD5
c98e80e883fbf7c48906f8bc25bb9834

SHA1
c0539c0f167f88c6608694498907c6549ae3b40a

SHA256
7a63cd7104f919fd5dad6dada64615dd9d31248b1463490f1bc0e781a1eb0889

SHA512
19d1ea58071224201aba7c819d02d2060a1f5c0fa2b81bfef0bbe7b26c75187869fd56a39fcb41c42166164bc6d9fd96357b7aa45431c6f39c9992a8d3fdeef5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
e1b24f7ae58a8d9e4d12f2b250551d86

SHA1
3942e11f69e972c6d54dccd93dcca08788b9729e

SHA256
f32ffe45b4679c2f8a9a1dbb1f6aedbf4b6d3d2adb1ddc253e6ff2d81abe9102

SHA512
c9411e2bd16a1075a1adff4076c937a9791dcf87c956d11bec4bb6bb7379cd959a40a8cf5098f46cb721fcd24bef0c345603f845fe779ab21e0a474bd89a9372

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
c88de56aa210f97b2f183a02c9ffaf1f

SHA1
cff94eb3383ed14c9aaafd4e6de1173ed5c03e24

SHA256
964a9e160a753d5355b7cff34531d7c56f955a3c9f3463b1b5d0eec7c0f675d7

SHA512
b5d279eebb89463b6b22ae9c863028c3078515f9aa112732d5c8bdf8c019704f4569e5b1f9085742eab434cf9e4315c62cbda25aa5e32ae867c65d2d25ca175a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
3dec80da77820b506ec55231384642cb

SHA1
1291af9ff7c4dbd1dd9cc4bd7d397e1d1c08f586

SHA256
933e2c22ec1126494af4126eb063fde973c9747cf21dc737aa80466285b085c4

SHA512
a07836406662fc9ba603802e47e56f33e199dac3f6516d62b85782b79f928d9fee55481e27001d6e66e8af67f1d6a9cf074738e89daa9853a6daf8473114b03b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1f278df394a086cfff99fdb759f0c2de

SHA1
c46de339ff6a52b37f63467cad87a0099f7517fc

SHA256
f236fb8373f229e803242edd389ddf5aa2985a935c7152f94654da3f9e0de800

SHA512
01d6a3821bedd5717ae20ad38765387d40ebf364671eec89507e2f9d4bf6e46b16b6126fa3f6d3fa0caa718a8739366bff9c452fe25b458584872b8aa4e5b521

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
5950115dcb1ed13c8a66aab294f7078b

SHA1
80a012997ffb9d938deaa8e57987bdf685643c33

SHA256
95a283799dd65328695f02b8e39b55b9e95280a8d0034f9086aef87d5ca51492

SHA512
8e1477dbb54859786ce6a720edecea4e5368e0c0f53f8435ed555255b4a85d6775431c0de39f55f60dfa3a81849128b8a6a1c5f406f366f7ca753655433a074e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
330c24593046bd1fdb6907c13a9593a2

SHA1
e8883d4ffa46dab0715cfd8168b2ad9a42477946

SHA256
3b174f96b42e7e5b325ce30d99aa8290b8c586100cf88a18f162612b21e3b829

SHA512
62d277072fa448803077cfe3bee74389cd71afe19134491601536b9ae2a734c3b89835f06cc541b940bb572d59c58be19e03f05f47d24dccc31ddf41bb82f9ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0dc1d24efc678d6dbdb6745ff595047a

SHA1
ecdedce9d24519b0833cb1eb23a56e34d325b388

SHA256
826c8a2d878efc750c4f6229b15f00579dd9bceb8bd30e5e90c93bc37cb56d69

SHA512
28b5d1e94d3dadb38f40f4a0329ea8f298d29272821649cc6e50c28e1ffc204d4c518b06866c621bf9f4f22716458ae134761018fc0d9ff1e3f102192dee537a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
850d20347d87c54b2f27869b216b425d

SHA1
a8c2f68ce04a9a2928c3d00ed38563e2c96109f8

SHA256
abb56c050cfca9b605ed042121dbce9c8272cfddb03ff4d4ed7494e2b5631472

SHA512
2c030080a40e491e3680b9ca91aa7ab4bef6e16cd9bf36fc84c77d0fa076ce732a578e2f5331a3f405d1f21860d1a35cc621affa480986de16ec2b84994b4874

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\f8684d56-1878-459b-b445-5ff173adbc06.tmp

Filesize
196KB

MD5
29956d166347976335210788b7bf975d

SHA1
5d73479558a6c972cf30fe4c56ef091030a24b22

SHA256
09178aefa4093ebb74197b14e9f9b68e734b8d8496f78817b9053c4140b935f6

SHA512
916a2dde62c23929a9ef488b1b38a3451c4bf88128c07a7d3acb3b6add75dfc575b9a8363c4147dbb654bb7aaf3b1c91198864611acd37a3c46127e4d87f9dde

Download Submit
C:\Users\Admin\Downloads\Bloxpredictor v1.0.0.zip

Filesize
27KB

MD5
0cbc698a8fc1011bd2a85ade3888a481

SHA1
60cbebf9b14eca21647689e268a992b2dc6c5cc7

SHA256
22bb5bfee35d9adb1e8e256b99763f1ed28dfbab12b570cf2cd926ad30fa494c

SHA512
645a94315d8c14ee51d375c5d4bffe9d49c5d9618ec63ac31621efad6422fb318195eb1ac90a8b379a11bdb94d7f4381af6f862fe88985b97ba561987df67ebc

Download Submit