672a3f4ad8313383880b6ee2e139021d6f69fa6b6d547c721dcde11dcba4b536

Analysis

max time kernel
1469s
max time network
1480s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
20/08/2024, 16:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Screenshot 2024-07-02 230836.png
Size

32KB
MD5

04ad3b57a2da8e7c95cd50704f34daad
SHA1

3216818946bde39b950ecdf69e11992d888bc205
SHA256

672a3f4ad8313383880b6ee2e139021d6f69fa6b6d547c721dcde11dcba4b536
SHA512

1940c784725e6584aa3e16124eb88df53ea84dab391af6ed733512e5f232c292b5e2261e67b9b3059b3e1b29cd38f4b00db1e687a5ee177b0d0d27a0716388bc
SSDEEP

384:o71GFDeEdKO5VNbX5Wn1YvN76BEc5mH5F99ZEP/Jh4IqbGRnf0ZIaWkSTHMxCIie:o8FDbXxGBnsH54nJh4qpaWkSwUImE

Score

4^/10

discovery

Malware Config

Signatures

Drops file in Windows directory 4 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe
File opened for modification	C:\Windows\SystemTemp	setup.exe
File opened for modification	C:\Windows\SystemTemp\Crashpad\metadata	setup.exe
File opened for modification	C:\Windows\SystemTemp\Crashpad\settings.dat	setup.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133686443404981438"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2504	chrome.exe
2504	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe
Token: SeShutdownPrivilege	2504	chrome.exe
Token: SeCreatePagefilePrivilege	2504	chrome.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe
2504	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2504 wrote to memory of 836	2504	chrome.exe	87
PID 2504 wrote to memory of 836	2504	chrome.exe	87
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 4464	2504	chrome.exe	88
PID 2504 wrote to memory of 1980	2504	chrome.exe	89
PID 2504 wrote to memory of 1980	2504	chrome.exe	89
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90
PID 2504 wrote to memory of 4396	2504	chrome.exe	90

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\Screenshot 2024-07-02 230836.png"
1⤵
PID:3376

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffaa5f5cc40,0x7ffaa5f5cc4c,0x7ffaa5f5cc58
  2⤵
  PID:836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1780,i,8289759713332682172,3877882556648817926,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=1776 /prefetch:2
  2⤵
  PID:4464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2116,i,8289759713332682172,3877882556648817926,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2132 /prefetch:3
  2⤵
  PID:1980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2200,i,8289759713332682172,3877882556648817926,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2216 /prefetch:8
  2⤵
  PID:4396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3104,i,8289759713332682172,3877882556648817926,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:3488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3176,i,8289759713332682172,3877882556648817926,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:3872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4328,i,8289759713332682172,3877882556648817926,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4436 /prefetch:1
  2⤵
  PID:4796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4568,i,8289759713332682172,3877882556648817926,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4584 /prefetch:8
  2⤵
  PID:2368
- C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
  "C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level
  2⤵
  - Drops file in Windows directory
  PID:4268
- - C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
    "C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x244,0x248,0x24c,0x220,0x250,0x7ff6c3fb4698,0x7ff6c3fb46a4,0x7ff6c3fb46b0
    3⤵
    - Drops file in Windows directory
    PID:404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4852,i,8289759713332682172,3877882556648817926,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4828 /prefetch:8
  2⤵
  PID:2284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4824,i,8289759713332682172,3877882556648817926,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3436 /prefetch:1
  2⤵
  PID:4688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5072,i,8289759713332682172,3877882556648817926,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3344 /prefetch:8
  2⤵
  PID:2576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3588,i,8289759713332682172,3877882556648817926,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4344 /prefetch:1
  2⤵
  PID:3720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5148,i,8289759713332682172,3877882556648817926,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4848 /prefetch:1
  2⤵
  PID:4200

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4088

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3436

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004E4 0x00000000000004DC
1⤵
PID:3200

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
239984fe690bc3ed837d4cc876815313

SHA1
0e7c4cc44e47e84010653e7ab3d44dec3f115b29

SHA256
8bd8387b42bc6be3b3936c2b98ef6a57a33f2707e30d2ec656412a832d60f84a

SHA512
77ad79343666bb67dae72b57f9b0cec05bb60ab56387b85a816583a91c113166c480e990b8dc234ccad04be8e20cd2f7db44e3a19779ace2945aadc0817b9042

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
1024KB

MD5
312d78d27a06cee1223563ba4b0887ca

SHA1
e9bc03c9b4c6648860a4b69ba982516375390be9

SHA256
e670013f79524f44843c77d418d7321a04c38367b7f6dd3b7aec7f2c2a7572af

SHA512
333ee385de4981614c3f75407fee69b7eb6bdd007731af99b43d0b948fbbc261f473066b1a91829bc499630bfc471d52cd0ee58e83aeff45f446fae5a5b9cf7b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
863KB

MD5
a7aa9df65543a56c8f21b39b7b2750ba

SHA1
1f959ca3b2e81300fb0377c67687897a1bd2339a

SHA256
ec4eb32f0254c603849a10e52075f0f76f0e199dc5299fa9e1c665a0b9223645

SHA512
2283776d78928ab35a53f4ab3b29807531aaf7048f3d213f43118fbd4b343500fe161440239c62686b78ba3fdfaea724849bda63939c6bd7d410dcaf432f1ba7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
1024KB

MD5
e3726be5903bdc3e755a9e49b13b4d75

SHA1
5bb50dda728ee519d473bc9691878ff2dd113082

SHA256
c710a0335a5fa28c7c208872aca114129517ff48ecaf6476e28ed4f52e3a32f2

SHA512
e51c2a02621075920a8a4b9584457d3f3ebacb70ed3709c105c53933781f2fc1fe682fa114b3b5a242cec1429655e392222b962f5923c58ee864089ec63234f4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000070

Filesize
1024KB

MD5
161e0fcf55b1390a0df23cde7f23eef7

SHA1
481d487e9f08dc60b416088f73c373ae6e8f3992

SHA256
8f69e59180851ed724cec0d6e3641259be85cbb5b83e9ea7ba51e14b5c6dcb4f

SHA512
b8974bfe4c0ee5a13117165d3cebfef500db6dfa90d7851ab4e628bc287fccba1acf09c4dea483562459d83e90b574c1b14e78fb598a45e656fcacc4694e78b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
0d91740810ddb3e4f70f06f6183d8d37

SHA1
e754cdf32a548f7da8ff6a9ff714fa6067097147

SHA256
be6eb26f18ae6d806723c0c3749b89e5d6d5f4d9b9fe1a0fea22c688bd374522

SHA512
42c5657bb3bea642f17b7a4d1c31b01f301ac1b8eb54a7b2f1c66835a7a2ec6f4bdaa391b49b001e25fec63e2cf499fe3782551d842ac47796c2cff9bc318229

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\53575863-3c93-4b67-b80d-8ad9f5a4c10d.tmp

Filesize
3KB

MD5
43ac8ed05312b4acaf0a74774a2279c3

SHA1
aa0c77b6d2ac19275f6edfc70a7fc35ac8a49381

SHA256
7296b004b567524a189ffa2ba55a2f1aee995b6f9bdf783cf802e62372986287

SHA512
9630fb4c54ae31473f5c4c9d98746406dc4aace6cf2ed946cc8fedbaed641cb809c3847ff9d0382e790deb12c3488a5019762961fad5dd2cedd0f1800e234fec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\735e6efc-d4bc-4316-acca-4af7448351aa.tmp

Filesize
1024B

MD5
8d80f8e4ac9d0ff078816b8fb50917c3

SHA1
b756d681cb23dd81308bdbc3361909f1fbdcaaf5

SHA256
6fc9725f5849afe28aef29415f27944dd65d1efe3616d970c1967b26606b5433

SHA512
53cd218dc06d7fb3bff0db046d2f15139aa730aa4941afdaab96ba503d774448145d6da8a2283661f2d4b3b0a3d4610c398de2f4da9b6f9458529ea9c12a6c63

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
f6204516446794e58d243548ee8059b6

SHA1
3894e91cec04f475c74ad9e82124398f4076a4df

SHA256
6a4ab0a08df740b0e398e6d067f2b3e742a5e157e515db6a5d08e44e1343ea7a

SHA512
6617aaa0f82261120fc93f703f6cce8a4a5fb4e8f2171901136c90994261c4e26ef130a885c89d2de2f9318761d7fb8c027f4fc0c2da9236b54c815437bf5b3d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
857B

MD5
c37a75c8b80bc51ed84b16f50a289370

SHA1
3ed6fe28fe4159a7b994f06b10c974e90b5b05c6

SHA256
a3577157471de358d17994b970de9a8b775aea0aaa2d71de649fd98a52347857

SHA512
d89fa366d109cefda4108841cc2d8798231a01a96bda31fe29345cd6c8006dc5e3810fadc0e455c1903057e4b3fb58c129616102efe2f3a0f66f0732d31df73a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1024B

MD5
20063d57f77be4a504bf7be1e0ced7b4

SHA1
36b07b9d3f89487ebe731a3d0948e82774f183a5

SHA256
a9e07f23693cb41c7c23fad694a9ab3f42532754d456030c2a2d006606f48a5e

SHA512
a9e91f6b463d38baece3bd9520175cfc5f8e8944ceb28f32ade61803caa05d1dd9340e979ea604b2b64800cd314091ea55e6ee04a975ecc6b49493dfd789683d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
eee9fd002dbc7573b08e93b1bb4a96a5

SHA1
a0eeb9539d8f75b03a9cd8fb0fa4351533627fb5

SHA256
37345a41cb8aa1555dacec8654fed99a009d188db382d158ac7bfdbf7f51c23e

SHA512
18da125a45d0c93e299beb074fc536014d878ea3a79d91319dd38ef6b64152fc4d9e3e4c783fe4c9dadc66aeaa01826a256e0165bc59f5fac5d4e98322a45b3f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
43883320f5f5d1d988992ac703dc257d

SHA1
3ff15197ba34310336be403354560dc88ccd8db4

SHA256
cdbb4be99882b81f362a768e3557cc0befbc0cbef86fc167d093ea57f3ad28b8

SHA512
bed02e3342206bd07f228d45b223045152625bc898aea8dcb634db6baa3febb8a6fc0b29212fac3ecad5a9ee90ffc752e4a81480acf8cf26c6cf8a23814760cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
49c4d8f8979f2e44ac6b21f54fb0958b

SHA1
a306b625a60524622cbd8e7d9073c0cc40f82ff0

SHA256
34c6e401edc747df0c5b30fac561e4316061860df2dfea2f2b7c1b784cf2a03c

SHA512
f264272b24494a67f69ab57408d5d9cd8d006ba0ea5d528987a026858c880a7fd3d7fd7387b905e4fe4a0b1a994e632da50bba9333e265bd264e3e65463ec527

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
35aec507d97697c3f3ca5794cc9cd5f3

SHA1
33d61b781a1e1ee2d071869b61ba8a55d2ab7cab

SHA256
bad0fbe0dff489b014b9dd204bc818948827f2a36e38cfc35954cf56a9f6b5f5

SHA512
a8709053ae8e154eae0f3350308c76e563bcb2cef46c6574112db6cf6d2a772d060c1ad7ce14baf54a78ac90bc3de72bb795dfb8747d53e433a11bd5b98ecbe7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d576e76cd3202fede403bef4ab833e73

SHA1
192e85f9ee37f55a5bee98308435b5f182b7526d

SHA256
6f44a0c73b019fc4d7364b7f0f64d170eb752b7a667e6b707270fcadda4709b2

SHA512
acf1bfd0072f69c939b8218a1d4a6e529898332b8cb9f0412d9b996cd0cdca7cd0bd0858e72e306f1db113556eeaf79d2bbecbb684c32d976af2ab18c50c8304

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e7ff7c5259482bc55e50ce158908a177

SHA1
48e912965734e9519e6006d95ed5bd45f0cb0572

SHA256
39810341a9b858de1af822b83402df58383f9dd8ad02befab69c5f1c82afc37e

SHA512
e303aef078fad66ba118bdb7e208a28aece610a8bd6252d28073256058b51a8204138258da70c8f29893f2508ddfafb0fdfe6db470ad07162c36f7747d9db783

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
80d18dfe8466e6ce07ee7e7f3fe07194

SHA1
77177525231797705b320d8964e88534c18a5714

SHA256
3f212e6bcef8daeb8369c6e492e01641dac2830b2267e73726fdc6282c865194

SHA512
0221785f04127b22157e5c0430cb81dd59248a4469cb89dbe38249d7984dd46f256878038cd3f6d25d7d26ffdcf16eeb224d61cf34410118aa5964b756dd339c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
200KB

MD5
c0cc20c70222816003ad3bc044350508

SHA1
8dccc5f56aeef4fc86ea1897a676edc9e7dcf05c

SHA256
3553c7490c8f5020bbf51be898abac8d9afa2556e27ff2a40f8ac6d79f144aa2

SHA512
3b440927624ec458511acf8fce8371b046183480cdde7992a824a1901e5d5e8dfb3a785467bb5ce29804bc31e2d0709eae71a824b62731ed0c8acb13e660d192

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
200KB

MD5
f6baece17755cae7a813972b417ec191

SHA1
aaf846298b91d3d6e1cbe72ed018f2d0eca61954

SHA256
c015ae8f935d5bfc1bc19b1c5f71d95de65cf0ce53d6cb742e738a9f01e70ba4

SHA512
3595a387934759fc09e53ccf2f61ea1f83ad49e5758d7f7b870d23b3643a86dffcf11ee6a9dde756d5eb2394cb4f8d10edf9571f0653a64e092e20b61e905b2b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
200KB

MD5
173ac6b431e74b35901dd1f8a5e9d6c8

SHA1
a48b97b7dbcb71a786f9a051d72332746c8bab56

SHA256
fb88c7d28b25187b979ce05077a9bd168ef4de85b2281d11c9fd61a387d28533

SHA512
a66f0b8aa03875715464fc000ebf9cb6fdd449958e8cd7e24258cae675b9870c590d47af23b25a11a461bd3c58790dfc516153d194687f8da428b358b3ae3dcc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
735f0046d6cd1619f783ae4668925f36

SHA1
3644b9b68ae875c86ffbfe2e1c2189c1581140fe

SHA256
9e663b21005678af5d4d7e846188f0d8357812b694113845e21933548d068c3e

SHA512
87dfbb514ac832f6b88d24e9e45aaeea1ea107c42f9080e890810f51ce015b6718335e02d5b1b941c99e3402369614f06aa026fc828c4176095613a87d2e6a2a

Download Submit