hxxp://storage[.]live[.]com

Analysis

max time kernel
149s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
19/08/2024, 09:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://storage.live.com

Score

5^/10

discovery

Malware Config

Signatures

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133685339385482668"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
1888	chrome.exe
1888	chrome.exe
3604	chrome.exe
3604	chrome.exe
3604	chrome.exe
3604	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe
Token: SeShutdownPrivilege	1888	chrome.exe
Token: SeCreatePagefilePrivilege	1888	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe
1888	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1888 wrote to memory of 2424	1888	chrome.exe	87
PID 1888 wrote to memory of 2424	1888	chrome.exe	87
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1392	1888	chrome.exe	88
PID 1888 wrote to memory of 1104	1888	chrome.exe	89
PID 1888 wrote to memory of 1104	1888	chrome.exe	89
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90
PID 1888 wrote to memory of 2924	1888	chrome.exe	90

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://storage.live.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffaae94cc40,0x7ffaae94cc4c,0x7ffaae94cc58
  2⤵
  PID:2424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1836,i,12995536719813273583,3738433167398361878,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1920 /prefetch:2
  2⤵
  PID:1392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2124,i,12995536719813273583,3738433167398361878,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2184 /prefetch:3
  2⤵
  PID:1104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2200,i,12995536719813273583,3738433167398361878,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2240 /prefetch:8
  2⤵
  PID:2924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3056,i,12995536719813273583,3738433167398361878,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3076 /prefetch:1
  2⤵
  PID:1832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3068,i,12995536719813273583,3738433167398361878,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3164 /prefetch:1
  2⤵
  PID:1684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3688,i,12995536719813273583,3738433167398361878,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4400 /prefetch:1
  2⤵
  PID:4464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3672,i,12995536719813273583,3738433167398361878,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4532 /prefetch:1
  2⤵
  PID:1960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3332,i,12995536719813273583,3738433167398361878,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4836 /prefetch:8
  2⤵
  PID:2916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4832,i,12995536719813273583,3738433167398361878,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4852 /prefetch:1
  2⤵
  PID:116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4444,i,12995536719813273583,3738433167398361878,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4424 /prefetch:1
  2⤵
  PID:644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4548,i,12995536719813273583,3738433167398361878,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:3716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4404,i,12995536719813273583,3738433167398361878,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3172 /prefetch:1
  2⤵
  PID:3044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4004,i,12995536719813273583,3738433167398361878,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5212 /prefetch:1
  2⤵
  PID:3212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5376,i,12995536719813273583,3738433167398361878,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5064 /prefetch:1
  2⤵
  PID:1868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=728,i,12995536719813273583,3738433167398361878,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5204 /prefetch:8
  2⤵
  - Drops file in System32 directory
  - Suspicious behavior: EnumeratesProcesses
  PID:3604

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2744

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4888

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
c3acc2afcaa3c5aa3217661ef4be0e9a

SHA1
de4fa6c160d4655357a94601e1ca0b949ed7db3d

SHA256
eac06d460713865157bf78f5b9b19e4b04435a2e10ed4d29d3b8cf906aa52f50

SHA512
195a465c9e9204066b4bad07e53cb94cfaf64985bce3b88f24dd26db9df1d84bd73c8342c30e6e6c3ca82ceb4c29a5cac5ecb98542102db37f7821d9a1690c6d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
e05c06e866a48a0b445403800d4b8b0f

SHA1
bd40fbf2faf690d4bbf53f245ad418f13fa194a4

SHA256
1a31fa0ef8a15084ebd375aba9a937673d4941cf21343ec1153d0333e3170a8e

SHA512
b7dd4b641f6e8988c246ac5882e81b55c03558e7cd1b533afc87cadccc43266059c9bb877beafc767278379e6380c0cab404228950d8c1c113cb561bb860e6bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
c76a8bf4b09c88b2a20d550743b82005

SHA1
8380b3cf54d9e53bd8c48374b4b8001140e9338d

SHA256
93737ddef4a215cd73e6bdb57b9c05e31edf7e7e62e39d5e6016b930293bb8c4

SHA512
91227ac88d081bb19b2e24f6c18d5539e0fe24a61fec84a58745e384d24c0aca1df53f8788e99413aaaf02ab3d9007b96de585103ee6358c17302be36ecf7fc4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4b35b2f6095a9ad5ed317117f01dc95e

SHA1
0b7e372cb7b15dbaf8cd55a288532a695a15f275

SHA256
8da2e2f7c3a307e2140389c385134b405757b7700d768a7c8f522b77fd56bf7e

SHA512
b881db4bf60b6ca826022b16f292d8f21d9289bc96e6feb44f0246466d969565bb006f6135d0e7913f950166b0a86c6c470f366b5e689069f6b75c5c982ced0b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
0f901cd6eb4c14e81e7917c420e70347

SHA1
9f579883b95c4dc02be64ca34514abe0b9974db7

SHA256
c36cb0e3026944e7ca2a8576ed778486ba7271223d8bbd34aae0f637b37669af

SHA512
73b7acc635aaff4fdc04b612dbd235e893115a18f152beff929728bd7e5d2a443b2f089f8b73e3902bb0e837c74cb0ebef69f10b5be0af8de3b16394ff3293b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0936753c41c280c42cab0621f2424202

SHA1
2e0e693bd7cb2c50f1abeb17dabb406c65c45b8f

SHA256
4c08054c0308bf287fefce2c12e53e8441799e6d27fc459c6d8d0ea2fe65ce8f

SHA512
8106027673fd57bd659374f4b87a9514e92b9601dd9a62d5886538d391f5d9b63db57c28e105838620f27479e8145215f6b48ecb862dcf6226cef0eb13bdcae5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
717ff8573d02c2860e8f2641d27181f8

SHA1
65bc5ca3d6d07e911bd8cf7d5ad682a90ea58a7c

SHA256
f1ea89a1ebd8071ced2322e50ef4550143817b594f0bdb0588a7b05658713f2a

SHA512
cac28773849a30937d185d95e2e02419ae1890145d03a8dea072a69fc482a92d4a2fe8e3d5b8dc6a3598d72fcbd6c0222a051ec8aaec1bc18c025f9589f45abd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
13e486bd3a3803425657fad7bf08c939

SHA1
3ca946dd7113fa31538344e57a9d5e6bd59137d3

SHA256
eaa30ce3736ea9dd5c9f06ab4aaa16c9b36b76cbff72a8bbf910d416f31e59fc

SHA512
aeb483932d2b62521722bb074d30f09237f56c8899799d2f47d034e90b0dcb9c5c60cc0510b90d8c360481ffbb75cfc33d5eb68b4b73274c5a0071f0eb110866

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
52ae0ea6703519edb9899accb40581e7

SHA1
92ceb58b53d14acc84392b199881e3a64caeebda

SHA256
e90f07724d54435b6b605d0f18615b4af28902d740c38b891fdffe6fbe86ba5b

SHA512
068be56de45e7a7a9c71db995cf1a0b82b72c495ba37c6a1a23e3bc157cb24488ffcaa613f809be873d0db448883154bd24e00f2cfe39fbf32df1fb409da9eed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
98f3566d58a8b88b07fd2254ce40cb38

SHA1
cc3da6459018f855b5b738ec5726b60779f32693

SHA256
a2f04ef431fc88c0fe0b133d5f7d74302f4751f4d3c7fc8368a6e38df93af9ca

SHA512
cf5b7dfe7fb9887b0d9ac8e8c5384d42ba3602b67110ba25a72c46f6dadb0453eaa6954addc4d4266d5c9e4b77c069bb1bfc1161ba6f7faab75f30783b7de51f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
79e810b8d0615c6cd399f2c1d99030d1

SHA1
4f3a32c482bd9d0c53cb06422cb66e857b2b69e7

SHA256
6f6443a631b0a9b3296e493f42087fd87daa41dc1d35a1a3481849a6ec9d9370

SHA512
4a9bb3a6fba3fb07a01da0b3d434e21dcf54a23e6857d15ea9c62dfda783466e528fce5f7d3a87bc312e56954c2b84160b00d4b004c219a3e4d4f5ae218e2b25

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
76295f2e5c7a50ca003b95232c775df9

SHA1
b3e4408e83f75e4480d3c5ca6dc17b795e91329a

SHA256
07fc76fe70739cb0e1005edfbaf6a0f9d23e61fc2f6b4c7886ed70aaa47b9c36

SHA512
f7dcaed43c30030c08e2acc006188724ab7b6898e2a96a637fa2673ae7e8d3793a87bf10de75fd9b41c9d4456e60cafa0ff838bc5fd73da33751962f055d721e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a20b4f4aa9908b5fd70d91d801450d99

SHA1
570f401a7f00fa126793e5587be3961b6096740e

SHA256
aa896cb38091732f7d63325807f3c2f9084e29bd94a43619432012cd22311f11

SHA512
c42d59b09e7f7223906a2ae1cf0df42509fe619a834680a5f824e46ccf9a6c269ab0814ee0618401e3aee22bded922360a298f88be7745248a6d801185b02f02

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0abb2b8dd26574c4516f68f14fb0830a

SHA1
616b83b5e91c6b176784de573d07770e58928fc2

SHA256
9913f0e6c44c0a6eb0c28fe7dbae2ef4956f3a4e804b95baa0e7065ab31305a4

SHA512
c6e0bced5cd5a2483130c8cb483ddee7ea1dcfdc4d2aac48bfcbc3df052bd9e9a6ec900a2500a407ea5607d73999ddee4c3aa878485cc933b5809dbaddc2e5f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
063801d6940b9ca58e003ff2dd908319

SHA1
f2844fef7b0ebd9e9d15dec2396d0696364dab77

SHA256
27ddb772c206488e2cbf82403f9327bb0cac34e29f1a0b54672cdae3b038eb8b

SHA512
c2611b86ef15ae7114331484126a557add94e0fe913d1ed5495b59d38aafdd681e49e875d2d22b4344b157547346d9fcb95a1600230aa2315138655ed291565d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
5580ac2f77667117d48978ff3e8ce36d

SHA1
8a0105d81fd7605dfa4b6d4ea646cf22302add4e

SHA256
b51d94ae5f2d0710fec674e9265676bef08cc1b7ff43c1b7833841ba7e72c140

SHA512
af15cdc22dff1acdadb84cfdecd911ec432905bfa1e67ec8f9689bcf7ab657d997df2b9dbd9061abd5026fd4fc55b1b097022483543929692b5805a3e0fd5928

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
f8bb9c0e13942c06f61cc34276315258

SHA1
e38ecca56ff2212824bcf1d1f1b9cf887b300cd8

SHA256
945f0e3ec151dbc11ede0478b70f3d3d0ca764216614370360bc040a90378a72

SHA512
b03bb0b9eadd7e4be093827ef3b7a7f659d54a6d61dd02464e9023ba7c5e354411f391adfcfad576fdc29b7bfd968234ffd29ddd5e66f7a8b07516b0e569c00c

Download Submit