b029393ea7b7cf644fb1c9f984f57c1980077562ee2e15d0ffd049c4c48098d3

Analysis

max time kernel
847s
max time network
850s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
20-08-2024 19:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

desktop.ini
Size

282B
MD5

3a37312509712d4e12d27240137ff377
SHA1

30ced927e23b584725cf16351394175a6d2a9577
SHA256

b029393ea7b7cf644fb1c9f984f57c1980077562ee2e15d0ffd049c4c48098d3
SHA512

dbb9abe70f8a781d141a71651a62a3a743c71a75a8305e9d23af92f7307fb639dc4a85499115885e2a781b040cbb7613f582544c2d6de521e588531e9c294b05

Score

4^/10

discovery

Malware Config

Signatures

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133686583878023925"	chrome.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000_Classes\Local Settings	cmd.exe
Key created	\REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000_Classes\Local Settings	OpenWith.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1276	chrome.exe
1276	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe
Token: SeShutdownPrivilege	1276	chrome.exe
Token: SeCreatePagefilePrivilege	1276	chrome.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2456	OpenWith.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1276 wrote to memory of 2324	1276	chrome.exe	87
PID 1276 wrote to memory of 2324	1276	chrome.exe	87
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 1084	1276	chrome.exe	88
PID 1276 wrote to memory of 3948	1276	chrome.exe	89
PID 1276 wrote to memory of 3948	1276	chrome.exe	89
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90
PID 1276 wrote to memory of 3908	1276	chrome.exe	90

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\desktop.ini
1⤵
- Modifies registry class
PID:1736

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:2456

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1276
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd4a80cc40,0x7ffd4a80cc4c,0x7ffd4a80cc58
  2⤵
  PID:2324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1796,i,14945150897307021099,6292778982306874813,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1792 /prefetch:2
  2⤵
  PID:1084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2060,i,14945150897307021099,6292778982306874813,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2128 /prefetch:3
  2⤵
  PID:3948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2196,i,14945150897307021099,6292778982306874813,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2212 /prefetch:8
  2⤵
  PID:3908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3096,i,14945150897307021099,6292778982306874813,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:3052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3164,i,14945150897307021099,6292778982306874813,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:2024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4440,i,14945150897307021099,6292778982306874813,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4460 /prefetch:1
  2⤵
  PID:2448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4720,i,14945150897307021099,6292778982306874813,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4776 /prefetch:8
  2⤵
  PID:2020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4948,i,14945150897307021099,6292778982306874813,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4932 /prefetch:8
  2⤵
  PID:3392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5108,i,14945150897307021099,6292778982306874813,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5036 /prefetch:1
  2⤵
  PID:2008

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4464

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1520

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
1⤵
PID:4700

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\5391fb29-dabc-45e8-9952-a7ac51dcba6c.tmp

Filesize
200KB

MD5
a7098d9b722059c3e33a0be8a6c7d957

SHA1
0b7595e3e2b92a858f128714bd17a4069c9212d5

SHA256
f44592b92e4613f892c6a911d2e42d2378d0a8b3f1de673a5f997afd8bd2c2ba

SHA512
eb0af7775d54b3794aa94112ea480d3188661464534b213aa232fea62ee6a5cdd4a39acb10295481ce5299e4daeb49d7378ec733c3169508c939c764b9027e2a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\64ab8b84-1d1a-45fa-9954-ff0c6dc76a13.tmp

Filesize
200KB

MD5
ea61bb0985b3becf7b06d3dfc2ccc857

SHA1
c3345c82c20d1c81f09f4149d48af16757c98728

SHA256
334543ff8c5a0a584984feb5b15307b8feffeded78163b61f14f1451dd5e0476

SHA512
3e3ae78c148fb01742c7b2c64249142ec1051c57b82b7bb57e567d92cce8e2df3aeb483ba965b968783e890e3789cd82bf678b8068a541bbc06cb604b3968611

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
8c2af1eebadda8134d0de34ea065ce3b

SHA1
56605f79a7bd91b6cabfa839c0833715f3b6198d

SHA256
669cbeb1afdc1cfdb2331a06f4d20c387467564c4d3dde1821abd13def48623a

SHA512
1f31ba6c5374b4d498195545ad06347729f84cb862856ad9a827b5fa6adad0767b296244ba7ad540f1cfc44ed7b46177fce6961cd80e63bb919384d3b805c5a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
209KB

MD5
3e552d017d45f8fd93b94cfc86f842f2

SHA1
dbeebe83854328e2575ff67259e3fb6704b17a47

SHA256
27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6

SHA512
e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
240B

MD5
601dc7e6160cbe8acfea92dde95be3da

SHA1
cf9a04f6fd5902f4fcc4640312e3faa935868122

SHA256
57a86e84734c8fd8059a7723c3b6822c87273cf95ae4d967063bd63841a4bf86

SHA512
1fa836f2bc6c780494e59512890a6c14a495b43276036ed93fee8952a81ae1bf3fbd22788c4d441711eda29ebab79a2f85bc00b777a7eddb9f8634363dbbd769

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
6cddd384f211de2bdf5c1d85ade530c3

SHA1
740ecce068b2997a8b72750b10fb6a25c1b05154

SHA256
7a7fbae2286f78cbe0428e84be40e203d6f44c16d1c84adc0c28234570c20761

SHA512
24d3c012cd721ac62ea3da6b14fe777b7221b04cd5e3020c7362112c3ad838b7712f4b8c1c47a5648cb3af1f7021d676b85feac215b9912f7d31976dd5e64bc1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
1630e5a7b5d580b8481119c78bda6523

SHA1
20459f28da74f0fd6a05ebf8c83557aad6dc6e80

SHA256
54f7f3f38df4f5a76b95743867feb0bd2ab00b6e65a64920cc3ec74db5343b60

SHA512
187c36131dbc9bee87228464332e6f9784f29c332e7e4a80163e6c251a279cdbca019a9e038de9d927e3548f7fc5aa7df212feb57d109ffeeadb5d2ea4024ea0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
f9f44d3117c64b3fdd219a9c34af096a

SHA1
680d8208abc3aca69292c173db41479e501cd466

SHA256
4373f67aa511cfb9b6d79fa7735cc24f1f7d1906e176ee611f8f467bc5ed74fd

SHA512
029362dcc81eb94e4ad972f82e9da4857ff1eac416d3729e31697c455a0227b2542a4c3e706fbcea08c85608f0383d3bb1b6b83224584274fcefabb56b742e05

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e71ba2c8039653415e91dfeb99b622ae

SHA1
088a70d8396cd03fc92c1e7257249fcc9a4e2d8f

SHA256
d0af2c776020cb1a5bf7901dd86c6483940d7ca596ba03378ecee8844f1a65f3

SHA512
439265eeb0a0b033d3ef0b0c55c0a1e7e63fa03fe08ca89d286788311ca07a5b64b0b37189dac1a6437e2cdca822c5547304ae8d09c568ccb6803acf1a61cf9c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
37e14bb9e9d9bdbd0bbb00693c3c8b19

SHA1
9eb91e5cbfacb2337fdd92345796c74f7432467f

SHA256
faffe1def136742a66efdb78d6fba3442bd9c8abc428bb86e75801702b3fdfbe

SHA512
2bc60d5c53daff8d4d987fd94b041d9975eb8a2cef0086469b99051b74fc3ed6a9d5742c62c75eb0c29bc1df4b8f435274239455cfe837483900b46386259c17

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
38d6ec4ccc3e9d345c93696defdf1630

SHA1
b8408950fb1bff67564ec8166203516c9aea69e9

SHA256
89a5cbcc3f66c7497068158aefea4de2b86b12ce08fdc941eccbc1b395d48e5d

SHA512
175a118658ac0273b216a7b341cbf0a56b0ab3491bf0f40eecabf47e67e63073415db31698cd490eb4e35462c3ddde2620841e5df9c69e622b7263516eabc808

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
be3813896390a34fc04a09dc4e2d97d1

SHA1
50c9dcd86bfeb745b3f324dd160ee29a9a885616

SHA256
0f188aa657e22462ef674fa65d543a7de67fb9dd98c5a62a1f272e4ebd1f12db

SHA512
05ce0011173f799d7caef5be9413ffa4da4564d6deb692b4a6233a3b1095099823f7e8c396aea4cb60bc3cf39f5b3793fb6f178086986b0921d99f65de69bf34

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
dc84d6f1d943c1a9cc749b5ba94ff15b

SHA1
a0d1fd5f658928a7521d47509322456c5240fb46

SHA256
131f34a0d1e2113c7165ecb9609a340260aa7f3c7071cecbeb677d2205299835

SHA512
7b0d7b22cf729b4276070ea85f1bc8bad3e4ea6ea2fe9984f799c8167c8d62c4689dc795e67908b32ec1f63b1b64757079f7adb2eb9c69fa46aec7ab126782bf

Download Submit