cda4bb27e91894a804bf11b6f7a8f8142094f6405efd24ace511f8da4da9ddd3

Resubmissions

18-08-2024 13:57

240818-q9hzgawfpb 3

18-08-2024 13:56

18-08-2024 13:53

18-08-2024 13:51

18-08-2024 13:48

18-08-2024 13:44

Analysis

max time kernel
149s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
18-08-2024 13:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Synapse X Remake.exe
Size

84KB
MD5

94a63c8ffccb44fc39c7732c24e23950
SHA1

c3233bb8c4b786f2cc7bb021d0bad8096624dd21
SHA256

cda4bb27e91894a804bf11b6f7a8f8142094f6405efd24ace511f8da4da9ddd3
SHA512

3d9ec51934961097fbf85ada589adca34d57ae4227c0085149b41b86b191a4d1ac762d5aa1e9d2b77a375a203e7f648e1413bb0321f79320b4e95feb1638540b
SSDEEP

1536:hGwOgVHod9Fst2pRtm6o67wCmo+x3QF71V:hGwhVHovFsyRtm767wCmo6i

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Program crash 1 IoCs

pid	pid_target	Process	procid_target
3400	1808	WerFault.exe	83

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Synapse X Remake.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133684623386391811"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2236	chrome.exe
2236	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe
Token: SeShutdownPrivilege	2236	chrome.exe
Token: SeCreatePagefilePrivilege	2236	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe
2236	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2236 wrote to memory of 564	2236	chrome.exe	106
PID 2236 wrote to memory of 564	2236	chrome.exe	106
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3048	2236	chrome.exe	107
PID 2236 wrote to memory of 3380	2236	chrome.exe	108
PID 2236 wrote to memory of 3380	2236	chrome.exe	108
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109
PID 2236 wrote to memory of 4992	2236	chrome.exe	109

C:\Users\Admin\AppData\Local\Temp\Synapse X Remake.exe
"C:\Users\Admin\AppData\Local\Temp\Synapse X Remake.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:1808
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1808 -s 1048
  2⤵
  - Program crash
  PID:3400

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1808 -ip 1808
1⤵
PID:1248

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4380

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffedb66cc40,0x7ffedb66cc4c,0x7ffedb66cc58
  2⤵
  PID:564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1948,i,3905385784833349529,17424681241283045164,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1944 /prefetch:2
  2⤵
  PID:3048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1864,i,3905385784833349529,17424681241283045164,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2124 /prefetch:3
  2⤵
  PID:3380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2312,i,3905385784833349529,17424681241283045164,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2188 /prefetch:8
  2⤵
  PID:4992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3164,i,3905385784833349529,17424681241283045164,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3176 /prefetch:1
  2⤵
  PID:4896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3184,i,3905385784833349529,17424681241283045164,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3208 /prefetch:1
  2⤵
  PID:1220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4512,i,3905385784833349529,17424681241283045164,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4504 /prefetch:1
  2⤵
  PID:4900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4784,i,3905385784833349529,17424681241283045164,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4796 /prefetch:8
  2⤵
  PID:2972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4980,i,3905385784833349529,17424681241283045164,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4988 /prefetch:8
  2⤵
  PID:2300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5036,i,3905385784833349529,17424681241283045164,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5076 /prefetch:1
  2⤵
  PID:488

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:1604

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3032

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
785596c143903b1ac60ec5a8c7b88300

SHA1
293c5c9c4bb67805ceaabee2d7552e46cf9ed678

SHA256
61094d5adbf9238148436760a7a4a1e2752efc5fa76dcadbed899de672cd45ec

SHA512
dacfb536112f7a348895305f18c6074b35733feae4975d9f375569477617c37d2fd55bf15b95f5e47534d51e885622c0f80318ed21e2ccf7e5ef78f68b8ae908

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
209KB

MD5
3e552d017d45f8fd93b94cfc86f842f2

SHA1
dbeebe83854328e2575ff67259e3fb6704b17a47

SHA256
27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6

SHA512
e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
0647c27f84b3e6cdc1ad87f180898c0e

SHA1
90ad41e6c812877b3c8fe9877c1a457e60900274

SHA256
ec783f26ab755d5fa4ed07378482b0264cd1b027ae4f9c305d898524e6492bf8

SHA512
1e4d65cad8b988932b646e2f7c99155a3333025eb87caff3ce71147820c42ff3caeff7ec47b02c47f3de33bbaa89f85a1ec4751b6c0fdfab966041634d59dc06

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
34bc0400f979a5daa16c432770c728bd

SHA1
edbec53d61e3d0b3037dd35345e004f3f55c1d13

SHA256
9faf5321bd364cec885c27d66ab0de9d3b97c4c0d9ddc27d006bcd5511b751f2

SHA512
8b58fcd4215c5ec10b2f44746955f556c02427ddc5388726f031f36573217dbe3958a8f2b77d2293416276ae91e24fb23a6d65e659eecb30fe2ae506896e9a16

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
695845dd33e45d41e4b53cb552eac401

SHA1
ce83dfc37d5a93dfda27a206998cb186d6b9e8f5

SHA256
11ddc6182e88a8019a86fa808f507a5d4806a55484873fb66d08b5b03b726d3c

SHA512
3f5d377607b1e826a5c92d07f12572d81af367f68509e6c5e80a4f877b343cd627f17704f9d67f1000b7083fe292d32f6b76cd75696cef1af33c93717994e204

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
8e08bc394f78d4bddfdab017fd9f4e2b

SHA1
7485bbdf18c6f88a5cfe57d45d5451975a4a0321

SHA256
ac1daf0a2823c6d6e2fb5b588770ef28526d756e62b005b9db6abe793722b04c

SHA512
d327f72aee9139be9c24b5c83de075153a06036bec573aa6bf228d5e6f8d3b71248e2a4545c8da8dd976c7f6fc136c1c04114f0dfd96acaafc4ac7672597a221

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
6e54e63b7c94ce67b8b7432705c030e2

SHA1
37ee4a49ab972d2ebc321c02f167d66ea7a9da43

SHA256
ed568f1d53f306e0ff8fe175fae5bd778d0a87e5f865d2e7be074045564039fa

SHA512
17a10ed2fc70b2e02c69578454d7ff9057047e899a3a7e7defb903fd06dc170be2e872f76917596613ab3cb9444dd3da25b838b36648441fd9e623d21a175dc3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
78131071288474b9990642f6067876b6

SHA1
d44837b1394264e7b0d4f20ef6fd3bf2c8405580

SHA256
bbe5a490542349983b994b41db08837e7c43bb19ab78510146ca48ca08473815

SHA512
86cd2a7fbc2abf557d82dc98babec955b232f110fde9b68f4a4e1083e1f1ff35ee50f687c3bd31e27eb10753df01364442c6fe142ca8c7796fe529e86e43cb33

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
22c8818c470ccd60f998079acf6c4b1e

SHA1
de935b7fc74f097486d2cf8a5aa04329ddec1e22

SHA256
58587e18c3811e5a74297c5ab5477c4a3dd53470b36ba92c774bb6d38cf16da0

SHA512
de8aee6f3232be682723f4a8c0abcc73b9ded9d91e986ca0e2eb6048c5132d0b6bacffd6d6f39126e02317fc988598e2d57fd760684a8f98fee722071ae8c692

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
56f931b525317fbecf024661121d45f5

SHA1
9ecf4e88d483dbf5ca7cdc34caa7053a28f22e00

SHA256
b95784dd9c44f00032794d8c707e3f97a7cb10af47e2a445a4517472005c8c0c

SHA512
2504cee1b0a6ce89432f7df23da8125ee1bf7b83345687421ee45519954f100e4a019fa44f31f041aad19b6ccc87ddd293c84f4d4a2698bad58f730884c4d3e6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
629838e099e14bb169ced24ca4b20b25

SHA1
b49b63e02b327acff2e8b74dce595d4855f63dfb

SHA256
f755cb344c18c10b42710c91593084ca81b7dfbac740c65be7eba023bca9e9b8

SHA512
8c61d091e23b804c283a948373022b136439813845a3e5d944cc19fb7f32d85008d3bbb6eb3b63d771775230459e434589e448dd89313ec6f0110eafb7def32e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4552a985a5ae67c06dbf0734b98abd83

SHA1
becc66adfdae6b4a0a3618bca25cfb493834e2ac

SHA256
98f92d2a1b26f8914473605d48985e80e796eb4ab7b0e4d1ec1ff3eb3614f17f

SHA512
20f9192f09f7a9977d93889c1d1d079c7fbdb3951b6a90ef0e1952a2a9e4e8b7aa562499108f4f0fe5b9157ac9d39f4168e49fba113e2e610fcb0c465cb02902

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
b3404402469e76b2f1c9570c5a437c4c

SHA1
42155a75fe3ce73849c4529db207368f131785ce

SHA256
616ee1b9ea5a2c9a5949a023534badf96e1fc0a26c48eb63ee7e32dd3b635f5d

SHA512
eb0c2e089e07bcf49e91885c1662c812b147844b9ae95f1f46e1ec32a77361fd218a5370107151cea48c872219658a94c0e73afdbb8c9dabb687cea542cf7678

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\b7303c1b-2dc6-4f34-9673-0b75d9fec2f0.tmp

Filesize
9KB

MD5
c8adcd7e2f0a48f2f1108f1125fdb7da

SHA1
f43b9294541c3502405c3af655bac91e40f72200

SHA256
88e78bb580002c0258ff489603e11ff535124831527dd1a3ea33a49288df8228

SHA512
0387ccfb10d31f2febd29eeb85c0f93723c8395cb98fc09a0ab918367641fc62f16329e2505f202744cedb20975d960b6a26294e10aa24a7a4109c8f446dd689

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
196KB

MD5
870187a88e1948219f54287b6cae3b35

SHA1
da6bb44da1ca0113e43161960289ba67976bc818

SHA256
2065f61110c41eef05b4a1760a306cb7e3cadd1981f26644168ab41cfad5370f

SHA512
161f2fed438e7391cb006dadc4276089b0faed1537dc7dbfaeb42e190a5383f8098f008b244fe32bc553df95d0e160d0af33407d24b97f6c255c143df328bb1f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
196KB

MD5
6c9ae0c14ed4469578a945fbb0e176bb

SHA1
aa39f8c7e7ce2d73b9b69266ae7487d83e6af77b

SHA256
829449eabb7384a128227ec1b6bc1133abc79ceccf7f45afed18b171c6db35f6

SHA512
de475b704c58edc339956b3291756b95d2631e24734f90a12067bab4b7f3cdb89114e6a345dfbb513bb4573ac3daee70769204e99c5c024374371637133518d3

Download Submit
memory/1808-6-0x0000000074A30000-0x00000000751E0000-memory.dmp

Filesize
7.7MB

Download
memory/1808-0-0x0000000074A3E000-0x0000000074A3F000-memory.dmp

Filesize
4KB

Download
memory/1808-5-0x0000000074A30000-0x00000000751E0000-memory.dmp

Filesize
7.7MB

Download
memory/1808-4-0x0000000004C80000-0x0000000004C8A000-memory.dmp

Filesize
40KB

Download
memory/1808-3-0x0000000004CA0000-0x0000000004D32000-memory.dmp

Filesize
584KB

Download
memory/1808-2-0x00000000051B0000-0x0000000005754000-memory.dmp

Filesize
5.6MB

Download
memory/1808-1-0x00000000002A0000-0x00000000002BC000-memory.dmp

Filesize
112KB

Download