f26803b764a54a90852b7fd274d5ced7a8a58f1715d3ab4b96900ad4f9dd0410

Resubmissions

21/08/2024, 23:19

240821-3a7vrswdlb 10

21/08/2024, 23:17

240821-29spfswcpe 10

Analysis

max time kernel
119s
max time network
122s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
21/08/2024, 23:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

XWorm V5.3 Optimized Bin/Mono.Cecil.Mdb.dll
Size

42KB
MD5

1c6aca0f1b1fa1661fc1e43c79334f7c
SHA1

ec0f591a6d12e1ea7dc8714ec7e5ad7a04ef455d
SHA256

411f8ed8c49738fa38a56ed8f991d556227d13602e83186e66ae1c4f821c940b
SHA512

1c59e939d108f15881d29fe4ced4e5fa4a4476394b58b6eb464da77192cb8fe9221b7cd780af4596914d4cce7c3fc53f1bb567f944c58829de8efbe1fd87be76
SSDEEP

768:Ar5EYZep98C87KHeBUZwrEzsEAnbF+em50KktmM4CRIcZwMRTIzMAtpw:Ar59g98C87KHeBUb5AnZG+zdwMRTzAtS

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1920	chrome.exe
1920	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe
Token: SeShutdownPrivilege	1920	chrome.exe

Suspicious use of FindShellTrayWindow 35 IoCs

pid	Process
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe
1920	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1920 wrote to memory of 464	1920	chrome.exe	32
PID 1920 wrote to memory of 464	1920	chrome.exe	32
PID 1920 wrote to memory of 464	1920	chrome.exe	32
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 1612	1920	chrome.exe	34
PID 1920 wrote to memory of 3028	1920	chrome.exe	35
PID 1920 wrote to memory of 3028	1920	chrome.exe	35
PID 1920 wrote to memory of 3028	1920	chrome.exe	35
PID 1920 wrote to memory of 2748	1920	chrome.exe	36
PID 1920 wrote to memory of 2748	1920	chrome.exe	36
PID 1920 wrote to memory of 2748	1920	chrome.exe	36
PID 1920 wrote to memory of 2748	1920	chrome.exe	36
PID 1920 wrote to memory of 2748	1920	chrome.exe	36
PID 1920 wrote to memory of 2748	1920	chrome.exe	36
PID 1920 wrote to memory of 2748	1920	chrome.exe	36
PID 1920 wrote to memory of 2748	1920	chrome.exe	36
PID 1920 wrote to memory of 2748	1920	chrome.exe	36
PID 1920 wrote to memory of 2748	1920	chrome.exe	36
PID 1920 wrote to memory of 2748	1920	chrome.exe	36
PID 1920 wrote to memory of 2748	1920	chrome.exe	36
PID 1920 wrote to memory of 2748	1920	chrome.exe	36
PID 1920 wrote to memory of 2748	1920	chrome.exe	36
PID 1920 wrote to memory of 2748	1920	chrome.exe	36
PID 1920 wrote to memory of 2748	1920	chrome.exe	36
PID 1920 wrote to memory of 2748	1920	chrome.exe	36
PID 1920 wrote to memory of 2748	1920	chrome.exe	36
PID 1920 wrote to memory of 2748	1920	chrome.exe	36

C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\XWorm V5.3 Optimized Bin\Mono.Cecil.Mdb.dll",#1
1⤵
PID:2516

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef71f9758,0x7fef71f9768,0x7fef71f9778
  2⤵
  PID:464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1156 --field-trial-handle=1280,i,618390210832243350,2414006554056716574,131072 /prefetch:2
  2⤵
  PID:1612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1284 --field-trial-handle=1280,i,618390210832243350,2414006554056716574,131072 /prefetch:8
  2⤵
  PID:3028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1592 --field-trial-handle=1280,i,618390210832243350,2414006554056716574,131072 /prefetch:8
  2⤵
  PID:2748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2244 --field-trial-handle=1280,i,618390210832243350,2414006554056716574,131072 /prefetch:1
  2⤵
  PID:2416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2252 --field-trial-handle=1280,i,618390210832243350,2414006554056716574,131072 /prefetch:1
  2⤵
  PID:2080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1152 --field-trial-handle=1280,i,618390210832243350,2414006554056716574,131072 /prefetch:2
  2⤵
  PID:2836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1352 --field-trial-handle=1280,i,618390210832243350,2414006554056716574,131072 /prefetch:1
  2⤵
  PID:2272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3632 --field-trial-handle=1280,i,618390210832243350,2414006554056716574,131072 /prefetch:8
  2⤵
  PID:692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3884 --field-trial-handle=1280,i,618390210832243350,2414006554056716574,131072 /prefetch:1
  2⤵
  PID:1312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=1944 --field-trial-handle=1280,i,618390210832243350,2414006554056716574,131072 /prefetch:1
  2⤵
  PID:2596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=1128 --field-trial-handle=1280,i,618390210832243350,2414006554056716574,131072 /prefetch:1
  2⤵
  PID:904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2900 --field-trial-handle=1280,i,618390210832243350,2414006554056716574,131072 /prefetch:1
  2⤵
  PID:2604

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1784

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\0355be43-1ff5-4db5-8ed4-f65b1ac63fc5.tmp

Filesize
317KB

MD5
c228e99d35495d061c29e71a44b5c239

SHA1
7c20f5574285cfa75134192608a014d002b4e397

SHA256
842c4c6794aea43ab47c77e301a631ab54a7f481742c95ff085dfe69a9c1a346

SHA512
8897e7c00b588604e50cab7f835f0ac5a8fd08bf957aed233e5a0c9dc1f51715e4d0761cfd16d1774d45d11b7cb82805b714a8dccac296c463c3a0c09c46ab88

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
212KB

MD5
2257803a7e34c3abd90ec6d41fd76a5a

SHA1
f7a32e6635d8513f74bd225f55d867ea56ae4803

SHA256
af23860fb3a448f2cc6107680078402555a345eb45bc5efb750f541fe5d7c174

SHA512
e9f4dc90d0829885f08879e868aa62041150b500f62682fc108da258eee26ad9509dcbf6e8a55f2d0bdba7aa9118dd149a70a7d851820d4ea683db7808c48540

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

Filesize
24KB

MD5
c594a826934b9505d591d0f7a7df80b7

SHA1
c04b8637e686f71f3fc46a29a86346ba9b04ae18

SHA256
e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610

SHA512
04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
e73ac70f42e0ef3d189426d12213741a

SHA1
47cd75dabf805c099f9665540723573bf8a5e1c6

SHA256
466170fcc88b3a67e918a1ea8052251201405cc530ce09c6d925b639301bc641

SHA512
1626822b20954f85b1890f09e35b8a36b7fb1e775286e2a16265dea9bcd8f0a264cfeb557cfdf160115e7881f2f190ebb022029da479bcc3875cb2ae4c9bef07

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
8b16a4eaaf8a3d578d238e63044ecac8

SHA1
d8fae6c5a669023358c695ecb574b0d1ce3397b2

SHA256
8fef6d1b6674b7c6b1c58bf0f3f815ec43657efa7b2d5488a322a0917d93b12e

SHA512
ec06800ac5b096035df42af14dca624f4a69a20933802654543de97aa2451d83672198177d9cf6ac5e6df259dfdff849d25f200131e09f4d13181d9d6ffd8c41

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
363B

MD5
2cf2d161184181050aacd03f2dd06a2f

SHA1
59ef21f0285a293c0b2cbf74b87b4136e44d6753

SHA256
c668875ebafa23b73cfa10ac6e109b7385f041e790bd085b897c7e4a69e0ae0e

SHA512
d8e78896397ec21a7ffcc9d35f9e3ec5430fb1c0d4dbdab1c525aed492f4d9a5ac8a92efaa8322fadf47e2d67c52ac2a2df684977b058485c34edc8885b5a6b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
8d4d0836e4be07b60382972d323ddf0c

SHA1
641f0d805a39a42784c049dcc4fe5dff0ccd49b1

SHA256
2466e88fbf93f3d056d7ffa9a120cc770f61fde237688b18e35bd6373ab76660

SHA512
fae2c68b28fef500cd27cdc08d30ce0e5256ecabcda3e92190336a40fbcaf902f800795650e9d0d52b41d4d156a5fdeb3e5466042a92021c4329d1e2d35da405

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
93b85636b53b43b99bc18fb4931d1a34

SHA1
321d80f734cba7edc3a0f5f2b85e71ddf0d5563d

SHA256
54735fafb93921dd13ebc6469a111745608ab0087bd845dfd48675cd97454d76

SHA512
47b160dfadcbe1f0ae739092759e44c8c571549ca598f6e17c34bd61eebd334ffd913a2f69de6de77d5501482f9517a800214c49813ecb10fc83fbe3543c6ebc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
d78581fb18e3c312f6db221cab3f9cf1

SHA1
f2264a831668e30d1c9843a9c3e51456d899828b

SHA256
34609a05e6b11b9c3521b641f1a63071b774dbf2916afa9017a28f79ba4cf88a

SHA512
93d566a9bfa87bf3dfe065e5ff31870b754575a13b8ac5890421af1ac1298cf6f8752ee8f1b91e7a1e7a2de3b49da99ff3b8adbf77d0159d39f7095366d785b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
317KB

MD5
e69083993c7054431874166bd07ed5a1

SHA1
8902ad4c608d0456cc86a18cebc9d4d871b3ba7c

SHA256
e9b60594936e20b12c88cf2a70775f250690a9facbfcceb145a194776ed4ab99

SHA512
baf9826e93234d2060ae863c0cd4c112559bafe5a2f62421902adf14f1b1fe8070119cbaacf314f65b83239c8425b8928d51bee9d0122b1560190a0aba3be03f

Download Submit