Analysis Overview
Threat Level: Known bad
The file https://ctrk.klclick3.com/l/01J5XTD9AATG61KP0NBR6WAX8J_0 was found to be: Known bad.
Malicious Activity Summary
Browser Information Discovery
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Modifies data under HKEY_USERS
Suspicious use of AdjustPrivilegeToken
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-23 00:38
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-23 00:38
Reported
2024-08-23 00:40
Platform
win10v2004-20240802-en
Max time kernel
93s
Max time network
92s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133688471412983234" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://ctrk.klclick3.com/l/01J5XTD9AATG61KP0NBR6WAX8J_0
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fff515acc40,0x7fff515acc4c,0x7fff515acc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1864,i,17640420955552651038,11423908520999710010,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1860 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2116,i,17640420955552651038,11423908520999710010,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2188 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2236,i,17640420955552651038,11423908520999710010,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2316 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3120,i,17640420955552651038,11423908520999710010,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3136 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3124,i,17640420955552651038,11423908520999710010,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3176 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4464,i,17640420955552651038,11423908520999710010,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4448 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3284,i,17640420955552651038,11423908520999710010,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4712 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4832,i,17640420955552651038,11423908520999710010,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4016 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5028,i,17640420955552651038,11423908520999710010,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5044 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4580,i,17640420955552651038,11423908520999710010,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4884 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5236,i,17640420955552651038,11423908520999710010,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3160 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5192,i,17640420955552651038,11423908520999710010,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3352 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | ctrk.klclick3.com | udp |
| US | 104.17.94.1:443 | ctrk.klclick3.com | tcp |
| US | 104.17.94.1:443 | ctrk.klclick3.com | tcp |
| US | 8.8.8.8:53 | georgeepd.co.uk | udp |
| US | 172.67.173.58:443 | georgeepd.co.uk | tcp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.94.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.211.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.173.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.31.126.40.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 172.67.173.58:443 | georgeepd.co.uk | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gist.githubusercontent.com | udp |
| US | 185.199.110.133:443 | gist.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.95.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.110.199.185.in-addr.arpa | udp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | findicons.com | udp |
| GB | 13.224.81.81:443 | findicons.com | tcp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | images.freeimages.com | udp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | udp |
| US | 3.165.148.15:443 | images.freeimages.com | tcp |
| US | 8.8.8.8:53 | 81.81.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.148.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | elites365.tairmcan.com | udp |
| US | 172.67.213.241:443 | elites365.tairmcan.com | tcp |
| US | 172.67.213.241:443 | elites365.tairmcan.com | tcp |
| US | 8.8.8.8:53 | jidm.selinsvi.ru | udp |
| US | 172.67.213.241:443 | elites365.tairmcan.com | udp |
| US | 172.67.137.224:443 | jidm.selinsvi.ru | tcp |
| US | 8.8.8.8:53 | 241.213.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.137.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 151.101.2.137:443 | code.jquery.com | tcp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | 137.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.socket.io | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | ok4static.oktacdn.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| FR | 142.250.179.100:443 | www.google.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 3.162.20.105:443 | cdn.socket.io | tcp |
| GB | 108.156.39.24:443 | ok4static.oktacdn.com | tcp |
| GB | 108.156.39.24:443 | ok4static.oktacdn.com | tcp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 185.199.108.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 24.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.20.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| FR | 142.250.74.234:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.74.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | get.geojs.io | udp |
| US | 104.26.0.100:443 | get.geojs.io | tcp |
| US | 8.8.8.8:53 | 9au86.klwsu.ru | udp |
| US | 172.67.214.84:443 | 9au86.klwsu.ru | tcp |
| US | 8.8.8.8:53 | 100.0.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aadcdn.msauthimages.net | udp |
| US | 152.199.21.175:443 | aadcdn.msauthimages.net | tcp |
| US | 152.199.21.175:443 | aadcdn.msauthimages.net | tcp |
| US | 8.8.8.8:53 | 84.214.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.21.199.152.in-addr.arpa | udp |
| US | 172.67.214.84:443 | 9au86.klwsu.ru | udp |
| US | 8.8.8.8:53 | 130.211.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
Files
\??\pipe\crashpad_1800_UTFUMOMJVCYWQLQG
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 5570f599aa5572deba45a55dea3cef05 |
| SHA1 | dcfc537a6448d1bacf6451ce3e3d3c44b10fd88e |
| SHA256 | cb25a8b0eae4a019a8a28afb98792ad2541d7b21f0ad099f9979c9e4f6e7fccb |
| SHA512 | 070e42eebe150379c6596ecad22ae6ad26aa02d58854ed016515e633199bc9144fec628104d619c61065a12398ddea4bd99ea721c5b07cd14aed641aec1d8d83 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | f4b2f1860e0dbca916383cf7bb952ad2 |
| SHA1 | bde3f1dee08b6de7af53f4d5d91e8bc4ee64aff1 |
| SHA256 | b9f862b8a33c558604d0b2f715a02b7112b5ab7ff9823d8dfef46c6d05658f05 |
| SHA512 | 2cf19f45ee7de218bdc1c1c2bc0872ac94de4440369f4c2ac1e1bf7a53854dfcd60af5fa5a39755c052c2eeef8966e289b0f660b8ebfe0f01dfba87d49c73f4a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\23e290dd-5198-47ab-ad6b-a21f20c9ca67.tmp
| MD5 | 7b2fc6d85b51d4f4b880b63302b8721b |
| SHA1 | 50244fb3c84456c8a6ce374c0990bf2e9040097a |
| SHA256 | 68bba340518a96ce99e4e0bc38b22813d2962bc8db4113a6d4ac165df5c83502 |
| SHA512 | a79b725c51175360982dcf7999cf0ed1ee4bc2aefe999b2f0cd85de2af16a911184c622e63c4e5144854bc605b344b310a2cd70d893115fecf2fb1bad037a411 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 84c8d87c3a30176b5e91fcb26ca2c002 |
| SHA1 | 02b19e7101417f1cb3b0eeaec3ab0f8fb6ed45bb |
| SHA256 | ab29cc24b81c5e04d0b168e246bba0ce81ed1b36a1cba300a2c72d606220d8a4 |
| SHA512 | 59da35d27d70861b57c25a3265c045f15d5408261b5fbac99df8b40078f4af7328e457d3bc6c1239f0627050d3d8e7f7d87a758adf7771d561dffb61e61c5d7f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4f56e6f0ae23bb79bb38e79939c1e5a5 |
| SHA1 | 54b1a510aa5559501fe014402c726b4a2f37b411 |
| SHA256 | 5db1624c751f7e63718d468011adb80df15c29d0a7443cfdd1e7e747ade652db |
| SHA512 | 0266fad8fd4115548d2cfb227b53ec1853ffe296e8012fa08d06c735c180a772d89d3d87c7f9aba39005df6f1f10b77a72a727c7fe1c0d761e32d3a9b5b119d8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f96b9d8b382c18df520c7c6593e98175 |
| SHA1 | 385fb9d73f3ab891108e09bbc19f9003c0b2ce6e |
| SHA256 | 0f67298990ae3ea8b7bcad41912deb76830442426f975883f1c1d8d4cc047848 |
| SHA512 | 6a4eefa6c53d48ca797d6fd43c60a83bb8c04b3c36b61dbdcb6e4dbdf7e3a9668a5d810b7d0229056934b919b5030798813e593b94d9bb5e24d0f1b84c1167fe |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a0182b51797f85405ae56780ee318994 |
| SHA1 | 62859fa582407ffb032e5cd93beb72d47f1f6ecc |
| SHA256 | 824931b92f8523c3c45eedb7928d1c87be6e62ceb77dff8f854785c8f426c958 |
| SHA512 | ef0e601dba908d86879ef02d016eb7e659c0bc051450729b51a0d40e6a2d6f8947d1ced0de00697c9d96b38bbb505d31354b7dc0a41044c774869b6730f7ce9d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 1311b42ac28245bc9fe95850d15c2e19 |
| SHA1 | 6b152a224026993976f0d122df60d945a3afebaa |
| SHA256 | d91037b89239c297014be861c7b3500d8ecc48dbc564e2da7c5eec2bf6935613 |
| SHA512 | 977871b0d5682bb0a945fb444887b05c0aa84ea7354c4caccc4ad608a69e2dfc9981dcae8249faf93e8b0998f58da62f20d093789ebae66b57b4718528048834 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b652df0b45457c4e95c3de9a0ef21a1f |
| SHA1 | b6e219e1f2a947bf131c4fe2d39b2e0c8acb85e4 |
| SHA256 | 2af2464a3e1fd2153dea650020a21aed9ffb720f1453772eeafeaa611f09c93a |
| SHA512 | e3d08b2ebbfdb48707801a458362813d0350becb1a49e60862e09b36a8ef12a93d19e171cb679101cdffa38301a7b446e92259363f67954e7dc25418515753e8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 675994f609b492a88c1143f66f568963 |
| SHA1 | 6bef742dd54b33a9c1a6fd1ee31f262431f8d968 |
| SHA256 | 0e64f8f169c4a4ecec817fb96145083d9652bd2d33249489e112af06210e5c17 |
| SHA512 | 693a6f09324a623521876eb4a917964c44bc9a085150702f83b4af03298ff0f2f0ca60111311fa0963e52270f7e9c3c99f32dc6b540901c7fbeaae78ead85861 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 97893540b0c52b6d095c89d04ef982b6 |
| SHA1 | c60aa8a1606f4c28f79f77eb9870d4c8c3a31335 |
| SHA256 | 852eb93c5a15dff8c240c5f758bedfc26a5d836899a317d06abc7d701bffcbe0 |
| SHA512 | db41fccdb7c0e7e7325c5b79f1b8b4c6bafa0133c1a24207d73c6c6c0d8525cf8939d1d2aef143b0fc98855b40398555ec85ca83a77d9ce51703f72af0f8e4f0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 037427b54db0b1b0b541f095aed4632e |
| SHA1 | 4a4068e4e0ba6d08441c4e4576464f09f2ff169f |
| SHA256 | c64a11c2fa68e797b819f62e47a1a191ee6a2290fb06d62b5f4adeb6133cad5d |
| SHA512 | bd6802be10b7ef9aea29462dd06f20c2e7e02b9d41e135d4263b92795da76ecdd5d513f2a2a2188681f57f3d7ec5a739299070af19759fe67f7666fb0b5ed9b6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | dba3349ce20949ba37d8a34d1422e9d3 |
| SHA1 | bc88b1e4e2633d23e3a00ac9e11fb1ea7340880a |
| SHA256 | 844d6ef9b866a534de0df0d3bfc7bfcbc6bd3ea7d6c5376fbe0854c74cd608c1 |
| SHA512 | c5de4c346f3fb0a69244a2afb3ecabc19fd8fc77242bc728ddac6a9e1dc9db6af5813206ee087dc33a988c1773a630cb906c955920ee691d960f8ae732117bd7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0285f618de7ed99e8b4938d1f37ab54d |
| SHA1 | 48e02569eb3c9031ac1aa48b9b140a0cd7ba2ffb |
| SHA256 | bb55649a885df43f7a84ba9e482991c98c51be27995d1b88db9e0f0cbe4a8f63 |
| SHA512 | c05713d99d84650c061d61eb2165150dcaa0d7f84dc1b04bbf8cb83cbcb01f668c7a26e9ab05852afd97a95ffdca97f86027212c72737dbf68dc8492bf13d149 |