hxxp://f0a221bcb58c14f705bc35c5f86026d3fc50ecf72fb000ad36bab13c5f7d52bf

Analysis

max time kernel
74s
max time network
75s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
19-08-2024 20:54

Sharing

Copy URL

Twitter E-mail

Reason

Machine shutdown

Report Analysis Logs

General

Target

http://f0a221bcb58c14f705bc35c5f86026d3fc50ecf72fb000ad36bab13c5f7d52bf

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 17 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglowBalance = "10"	LogonUI.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133685745321938849"	chrome.exe
Set value (data)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette = a6d8ff0076b9ed00429ce3000078d700005a9e000042750000264200f7630c00	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History\AutoColor = "0"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\StartColorMenu = "4288567808"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292311040"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365271"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglow = "3288365271"	LogonUI.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History	LogonUI.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292311040"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89"	LogonUI.exe
Key created	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\EnableWindowColorization = "242"	LogonUI.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationGlassAttribute = "1"	LogonUI.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1044	chrome.exe
1044	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe
Token: SeShutdownPrivilege	1044	chrome.exe
Token: SeCreatePagefilePrivilege	1044	chrome.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
540	LogonUI.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1044 wrote to memory of 2612	1044	chrome.exe	86
PID 1044 wrote to memory of 2612	1044	chrome.exe	86
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 4152	1044	chrome.exe	87
PID 1044 wrote to memory of 2780	1044	chrome.exe	88
PID 1044 wrote to memory of 2780	1044	chrome.exe	88
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89
PID 1044 wrote to memory of 3528	1044	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://f0a221bcb58c14f705bc35c5f86026d3fc50ecf72fb000ad36bab13c5f7d52bf
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff90de6cc40,0x7ff90de6cc4c,0x7ff90de6cc58
  2⤵
  PID:2612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1832,i,16290964276560025948,12087893553766963425,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1828 /prefetch:2
  2⤵
  PID:4152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2128,i,16290964276560025948,12087893553766963425,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2156 /prefetch:3
  2⤵
  PID:2780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2248,i,16290964276560025948,12087893553766963425,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2440 /prefetch:8
  2⤵
  PID:3528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3020,i,16290964276560025948,12087893553766963425,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3036 /prefetch:1
  2⤵
  PID:4812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3040,i,16290964276560025948,12087893553766963425,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:3956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4456,i,16290964276560025948,12087893553766963425,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4484 /prefetch:1
  2⤵
  PID:3740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4008,i,16290964276560025948,12087893553766963425,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4396 /prefetch:1
  2⤵
  PID:540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4728,i,16290964276560025948,12087893553766963425,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4648 /prefetch:8
  2⤵
  PID:2444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4912,i,16290964276560025948,12087893553766963425,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4444 /prefetch:1
  2⤵
  PID:1288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5028,i,16290964276560025948,12087893553766963425,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4952 /prefetch:1
  2⤵
  PID:220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4936,i,16290964276560025948,12087893553766963425,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3368 /prefetch:1
  2⤵
  PID:3032

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3368

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1984

C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x4 /state0:0xa3906855 /state1:0x41c64e6d
1⤵
- Modifies data under HKEY_USERS
- Suspicious use of SetWindowsHookEx
PID:540

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
670bd928e8a4f48a840adcf60f048858

SHA1
0e50a67361450e88389fdc668329520ba5a739a0

SHA256
9e4df685278c0f0ac1bdccf1a62f1998134ea6a40cef0c1195c8819b131921f6

SHA512
2226c88efce2cab9565d8a837d8a3bf081cfb47260880645587f3598e71d813cbc497b459e1bd7141d53e2eab65375882ac481ea7d5aaa767768c6dc405498c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
209KB

MD5
3e552d017d45f8fd93b94cfc86f842f2

SHA1
dbeebe83854328e2575ff67259e3fb6704b17a47

SHA256
27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6

SHA512
e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
26fb6cb703ec5605d24c30dde95e302e

SHA1
5ba1e708b39cbccf68dff836f4d5f9845f0ded39

SHA256
c68f800218ed36d42bcd451aed5db8731e5905b0fc2d15c8a7fe20c2a0b0538d

SHA512
9101b09a6ba5ed432a2adfd3897d8fbb10b40a94c4dd5ed16fd6805ba773f27587e84ec2134c25b5fd72278d2ad64869ab967068e0ca286f2a4b8d1d1ff48e7c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
9aae90fa5b147e719169e1e2270027f0

SHA1
b133963db5070b36618c3ea21b22b13f426e39a6

SHA256
56f0f73efadbf85581fc46e8e13c22d32647ee12e8702b38039e29ccfa7d7336

SHA512
5aabea7a5a4917476d8a07925072d3b13eb839f1edf3cf9cb5c8c69e2e95374400bef2c26a635b425d686310673675b5ccaa9f4bbe358d05d18975e58a2366a8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
82d598b736d47e6f1363a2e641403f00

SHA1
19aae4d20b150adfb55687a9189d70bf283744e4

SHA256
4a37ff51ab44b95479d6c7668d7536822140f07e9225e414501776884e53f3ef

SHA512
fffb404edc11c9e1fa4e3d28850c6dc9731d4bc6844e98863824baa4e34ebaff36fff921579fa6da58ce13beac26db20b97e30f0a6672d4d46c1e3109e84b23d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ebd0c285315feaa2055b7c21a6bd7b99

SHA1
b04f3d900e49f091e901639a721fd3b92dd45c0d

SHA256
f34d7d2d86abfd11eb6be8350ed8ec32736f5f7488b5b4b6469ad24ad9ed9aff

SHA512
eae752a27d493f424daed07d2bdf105a0432f0037829a8776df1c051bfbe298afcc9cc76bd3ee23d617a66ff1582794868059173e05a79e39372f5d4af210974

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
71ffa93167202ae33c9dd206e8991dae

SHA1
e7fa0b953bf3e986d0e96e996303a68a45ab8fd0

SHA256
d47941104689d71a9c50738b7119867f5c001f37cad5cd38ee265aed8a215d1f

SHA512
ee759af4a533030869b847325edfec465e8acbfcaf41c6041599f4e0c0a2fdf64beda082c134acafa928fcb8ed8beef61cd45c1c34f654c0c31bfbe571642f7d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0eddd17134bc1bce564586597b9d6ed1

SHA1
e8f1820a8ccbd839a3b1e8f5b770ee99cbf95d32

SHA256
9d8ff0bfad7f56f81006f6f2c32f30cdc314c1061e5d7154d7f18b4528f5ba9f

SHA512
9988306ff4dcb47a741496a7f294130fa2832ec8d41cd918f9691cc07c40df549e83a8deee416ffbd2bfec980072d199cd7da3aad78e773af90e9030a6f58dee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
b81490f0bd0386a89030f945d71a5411

SHA1
2d4f0f53d55bcfc8059c87eb0526376b46121178

SHA256
ed8fa41ea26f8de770880500887778ca92359fa8d621c2a0df22626a620a621f

SHA512
198099e3c19b03ca54b1a2b820a1ca99baf5facdcdaabf181cc53f5de7662ad3d1268f889bb3b2e896825f026bcb94d84108c9e7ac07964e6961c3ca0f7fbec5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
3f333a3c1615769556e9583f9453844a

SHA1
73fd1e2b9e62facc0f6d740d1fe10eec3279098f

SHA256
35b2e6d37d516eb0a68917167780f05323c76ad2abe92c5b157a16a258590586

SHA512
99ce63ac8f280665f32b24163dca699b87d729e594ca307f549a5a3958d068a51a04b89b1048b7157a6c7af28060127b15369f4939410dd6fbc047868f16c25d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
d665ca7d4c4caaf51738cfa3fb995990

SHA1
dcc1be5309a23e4e564e97ec6e52a46df30edf57

SHA256
bf57d099b51e41697b105d4d3470cdbb2c89d0e366f6bc90351c0d4f2b276f5a

SHA512
55e8db33aa28b71f767e38446cbb083e30fd48864fca7406354c49c6ee0185d5db9b2cb71961e73b9bd9d795b9e7534acb2053ba34371badfb517f1365aeafe3

Download Submit