Analysis Overview
Threat Level: Shows suspicious behavior
The file https://pastebin.com/raw/nXKxFBw3 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Legitimate hosting services abused for malware hosting/C2
Drops file in System32 directory
Drops file in Program Files directory
Browser Information Discovery
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Enumerates system info in registry
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-25 09:16
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-25 09:16
Reported
2024-08-25 09:36
Platform
win10-20240404-en
Max time kernel
1199s
Max time network
1085s
Command Line
Signatures
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | pastebin.com | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133690509806875125" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://pastebin.com/raw/nXKxFBw3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xd0,0xd4,0xd8,0xcc,0xdc,0x7ffe164c9758,0x7ffe164c9768,0x7ffe164c9778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1520 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1828 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2064 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2712 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2720 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4588 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4660 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4788 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4868 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4664 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5208 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4284 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5648 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5760 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5916 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5436 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5668 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5528 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5784 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5764 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5924 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5540 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | pastebin.com | udp |
| US | 104.20.3.235:443 | pastebin.com | tcp |
| US | 8.8.8.8:53 | pastebin.com | udp |
| US | 104.20.4.235:443 | pastebin.com | tcp |
| US | 8.8.8.8:53 | 235.3.20.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 235.4.20.104.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | www.google.com | udp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 68.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| FR | 142.250.201.170:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 163.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| FR | 216.58.215.35:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 35.215.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn1.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn3.gstatic.com | udp |
| FR | 142.250.201.174:443 | encrypted-tbn1.gstatic.com | tcp |
| FR | 142.250.75.238:443 | encrypted-tbn3.gstatic.com | tcp |
| US | 8.8.8.8:53 | 194.18.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| FR | 142.250.75.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| FR | 142.250.201.174:443 | consent.google.com | tcp |
| FR | 142.250.201.170:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | www.tampermonkey.net | udp |
| DE | 46.4.58.236:443 | www.tampermonkey.net | tcp |
| DE | 46.4.58.236:443 | www.tampermonkey.net | tcp |
| US | 8.8.8.8:53 | u.tampermonkey.net | udp |
| US | 8.8.8.8:53 | a.tampermonkey.net | udp |
| DE | 5.9.16.218:443 | a.tampermonkey.net | tcp |
| DE | 46.4.58.236:443 | u.tampermonkey.net | tcp |
| US | 8.8.8.8:53 | cdn.snigelweb.com | udp |
| US | 104.18.11.248:443 | cdn.snigelweb.com | tcp |
| US | 104.18.11.248:443 | cdn.snigelweb.com | tcp |
| US | 8.8.8.8:53 | 236.58.4.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.16.9.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.11.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| FR | 142.250.75.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 226.75.250.142.in-addr.arpa | udp |
| FR | 142.250.75.226:443 | googleads.g.doubleclick.net | tcp |
| FR | 142.250.75.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| FR | 142.250.75.226:443 | googleads.g.doubleclick.net | tcp |
| FR | 142.250.201.162:443 | ep1.adtrafficquality.google | tcp |
| FR | 142.250.75.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| FR | 142.250.179.97:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 97.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | chromewebstore.google.com | udp |
| FR | 172.217.20.174:443 | chromewebstore.google.com | tcp |
| FR | 172.217.20.174:443 | chromewebstore.google.com | tcp |
| FR | 172.217.20.174:443 | chromewebstore.google.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| FR | 142.250.178.129:443 | lh3.googleusercontent.com | tcp |
| FR | 142.250.178.129:443 | lh3.googleusercontent.com | tcp |
| FR | 142.250.178.129:443 | lh3.googleusercontent.com | tcp |
| FR | 142.250.178.129:443 | lh3.googleusercontent.com | tcp |
| FR | 142.250.178.129:443 | lh3.googleusercontent.com | tcp |
| FR | 142.250.178.129:443 | lh3.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | 174.20.217.172.in-addr.arpa | udp |
| FR | 142.250.178.142:443 | apis.google.com | tcp |
| FR | 142.250.75.238:443 | play.google.com | udp |
| FR | 142.250.75.238:443 | play.google.com | udp |
| FR | 142.250.178.142:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | img.youtube.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 142.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | scone-pa.clients6.google.com | udp |
| FR | 142.250.178.138:443 | scone-pa.clients6.google.com | tcp |
| FR | 142.250.178.138:443 | scone-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | 138.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ogs.google.com | udp |
| FR | 172.217.20.206:443 | ogs.google.com | tcp |
| US | 8.8.8.8:53 | 206.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.141.182.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | support.google.com | udp |
| FR | 142.250.178.142:443 | support.google.com | tcp |
| FR | 142.250.178.142:443 | support.google.com | tcp |
| FR | 216.58.215.35:443 | beacons.gcp.gvt2.com | udp |
| FR | 142.250.178.129:443 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | storage.googleapis.com | udp |
| FR | 142.250.75.251:443 | storage.googleapis.com | tcp |
| FR | 172.217.20.206:443 | ogs.google.com | udp |
| US | 8.8.8.8:53 | 251.75.250.142.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| FR | 142.250.178.138:443 | scone-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | gstatic.com | udp |
| FR | 216.58.214.67:443 | gstatic.com | tcp |
| US | 8.8.8.8:53 | 67.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons3.gvt2.com | udp |
| FR | 172.217.20.163:443 | beacons3.gvt2.com | tcp |
| FR | 172.217.20.163:443 | beacons3.gvt2.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| FR | 142.250.75.238:443 | google.com | tcp |
| US | 8.8.8.8:53 | e2c27.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | e2c36.gcp.gvt2.com | udp |
| US | 35.227.159.135:443 | e2c27.gcp.gvt2.com | tcp |
| SG | 35.213.145.237:443 | e2c36.gcp.gvt2.com | tcp |
| SG | 35.213.145.237:443 | e2c36.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 163.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| FR | 142.250.179.99:443 | beacons.gvt2.com | tcp |
| FR | 142.250.179.99:443 | beacons.gvt2.com | udp |
| US | 8.8.8.8:53 | 135.159.227.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.145.213.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | e2cs13.gcp.gvt2.com | udp |
| FI | 34.88.201.232:443 | e2cs13.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | beacons2.gvt2.com | udp |
| FR | 172.217.19.35:443 | beacons2.gvt2.com | tcp |
| US | 8.8.8.8:53 | 232.201.88.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.19.217.172.in-addr.arpa | udp |
| FR | 142.250.75.238:443 | google.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| FR | 216.58.215.35:443 | beacons.gcp.gvt2.com | udp |
| FR | 142.250.179.99:443 | beacons.gvt2.com | udp |
| FR | 172.217.19.35:443 | beacons2.gvt2.com | udp |
| FR | 142.250.75.238:443 | google.com | udp |
| FR | 216.58.215.35:443 | beacons.gcp.gvt2.com | udp |
| FR | 142.250.75.238:443 | google.com | udp |
| FR | 172.217.20.163:443 | beacons3.gvt2.com | udp |
| US | 8.8.8.8:53 | beacons4.gvt2.com | udp |
| FR | 142.250.179.99:443 | beacons.gvt2.com | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| FR | 216.58.215.35:443 | beacons.gcp.gvt2.com | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| US | 8.8.8.8:53 | 116.32.239.216.in-addr.arpa | udp |
| FR | 142.250.75.238:443 | google.com | udp |
| FR | 172.217.19.35:443 | beacons2.gvt2.com | udp |
| FR | 142.250.75.238:443 | google.com | udp |
| US | 8.8.8.8:53 | chromewebstore.google.com | udp |
| FR | 172.217.20.174:443 | chromewebstore.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| FR | 142.250.75.238:443 | play.google.com | udp |
| FR | 142.250.75.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| FR | 142.250.75.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| FR | 142.250.75.238:443 | google.com | udp |
| FR | 142.250.75.238:443 | google.com | udp |
| FR | 142.250.75.238:443 | google.com | udp |
| FR | 172.217.20.174:443 | chromewebstore.google.com | udp |
| FR | 142.250.75.238:443 | google.com | udp |
Files
\??\pipe\crashpad_3616_AVVJLGOJRGPLRYQZ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 69d3fe5f153204576edc287661057ff8 |
| SHA1 | a8f6ee016f6ba37b762b58b3cc847479019da149 |
| SHA256 | d60be17f73363b747d569ec8cf2f8be58c3adcfdb83937bbf681f5b1488e5410 |
| SHA512 | 4b56210570c7e7bc67ff4c3b9afc977bbb76c3067555474bebedb41772f16393b09ce2b6d6deddcbe1861cfb851ddf72c8b3d4e273ad7aabaf65c98ecb2e82e5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cc0900f949bcba20354f1082584d32f9 |
| SHA1 | 340bcef6a8db34d0ff2affcc9f660d8b38f65834 |
| SHA256 | 9bc61732d33d600dc38d0d9b22ddb612282cef60bf9b483a366168e74b61489c |
| SHA512 | 78952e2d41908e2ccee5c26c18062a67e289b17ce5a6c4b7049e34cbf8380f22976e6c629d799e8de5c474dc6402dfc0feff889c89885a96052e483b849e488e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 202309cc86fc872e536ffe38efedd7a2 |
| SHA1 | 4dcf726622b7003d0f2f4c2eadca67f02121c418 |
| SHA256 | e77fd3d3197cdf8e3ee97d4707b14c3f080afaf9612519f3357bdfb2873a0d6b |
| SHA512 | a545f32d0b6a63247160585bcc38647b37a9379faa49b870b1b8a3e71c0d7cd62815c1af9c7781a8bfe6cf52e0a9b21d87cc6ccf32a75fd2f89da855e7406f72 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001
| MD5 | 2257803a7e34c3abd90ec6d41fd76a5a |
| SHA1 | f7a32e6635d8513f74bd225f55d867ea56ae4803 |
| SHA256 | af23860fb3a448f2cc6107680078402555a345eb45bc5efb750f541fe5d7c174 |
| SHA512 | e9f4dc90d0829885f08879e868aa62041150b500f62682fc108da258eee26ad9509dcbf6e8a55f2d0bdba7aa9118dd149a70a7d851820d4ea683db7808c48540 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c78b11f459d3bf8fe1b28d4cfbe16fe5 |
| SHA1 | 80c4141f53e06cbc5749df59259c2f40f76a878a |
| SHA256 | 0440be42c3982f6f9d775f7ce412f212f3d11a3195d88c6062c3ba70ac97068c |
| SHA512 | 26a9569ae94419c63c90a76163f0f5492dc5f32623ac6ed2c2dff2297f436af2e4f60229ea05007c6f3530ec8aaa4d4d4380b2be549713a6d7590c0638edaa77 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1b50dd94928646280ebeacd6aa90e4f8 |
| SHA1 | 04bd88e41f71ee4689fe204f47fdbe4ded823a9f |
| SHA256 | 1948a54a61445810118072b103146c60317c98874b0566b563da43baac38e25d |
| SHA512 | 913d99ab5d27bf36bfb0def87137d36991b0f77ccafb2b6aa1bd7526a6edd23cba6e9b118c454528933e6e9cf022008d004414ac26bb1cce52d9134dd4a5ed1f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bf83897b15ba90f550d8b9e57f07ca65 |
| SHA1 | e9573b4cf9f51af807220a7aef20f981e9654f23 |
| SHA256 | de9d2d206bd66705c10160c30b622ea1540d1213976c076f4cc944d3af8a40dc |
| SHA512 | a1212680e05de93635d1c6e30c5b51e085f7099b3a4507cd75c40869d6e82a3d49f8f2165b7ecea4d2d810f4bc71cc8ba30993c99eb84148e12d426db90878c3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b44d73aba6013fee28fe1b0c908052cd |
| SHA1 | dd1c6d0f976d1272f2cca26ad46b638f06ca4713 |
| SHA256 | 6a12fb2cad4dd4e977a21f338b387dec9f125bf0054e7a59f49869d9a8f02ea7 |
| SHA512 | ab20da0a5c6795fb83c9c2f9cf04402450a855dc4c947c477cda055f4a28d1511ff5d950f2594c671f1cd15c3593e2c397c46cf90910c3825b2b7bed0a0ce89f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 88fe53ae86ef842788d506db6f5625cc |
| SHA1 | cdabb1d8f387976c2d5cb3460e81ac43c644b6bb |
| SHA256 | 41721c299fd34fe4c9fdcda95d1193334739c6d54cd8e43b5d0b978c588cd8eb |
| SHA512 | e257579efef37b35a78722b95dc356954c4e4cad2156ea6cd2bbda7a4e5dc9d2cddf72889b5ccb91b6e3e7da8b790363bdc779e26f402dc512d30429de59b94b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 4735a4d85a3b1286b29de695fb43803a |
| SHA1 | 75261ae4a87802d0256b5bc1552d48c6405fafa5 |
| SHA256 | 8cde5a397f4953c7de6d47f4fb9d4af2940d8002ff4e0e6fc35d292934b34c90 |
| SHA512 | 6c526292f3c10b9a6419d73a100386211223bae857b8dcd75fdaa9710e17327d1d999943106b1ed749d817534b2a3c44600fdb4eb7d19919e8709496d5c0b764 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 274ba36d783450c898da249809f91d12 |
| SHA1 | 683ce68f4dce680c862013f890f3db77808f202a |
| SHA256 | 56101356a527f385fbf015833bbecc3835cf6b0ca17580eb8db51ae39a523bdb |
| SHA512 | ded6d66bf403be2d03506fd1f51353d205f79d071d66bfb30af6d2a9a2dfb0b6ef0c6c177b0ad01e5e256a0da259970c0b2c5a5be433595d20658c2a6cce7c95 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025
| MD5 | e4cc1ece2f2425b10ae2ccc212c1dafc |
| SHA1 | 92609e6d0093693110baa23758382889bcb30da6 |
| SHA256 | 92e9415d8bc8529e2a3f335258ef7ff159cce2965ce3b2b7c15f73720efee809 |
| SHA512 | 2848dee3a6da891b7044518bc97aeafd340705cebe846350b9a7f314b52450f1eb977b8b492638965ce4674ebaa341e4f832438199c3cad2fb0a0793ef83a619 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a
| MD5 | a1afe33ce7442502a96deee597945384 |
| SHA1 | fe34cd78635f5617cf238de6dc746058d6f88899 |
| SHA256 | f7eeb570c60aff1435db1daf3767c0672634269789870ef91c69b2b90a47edaa |
| SHA512 | f8bca21c3fd79d63c8265f5dfcba95419eac697b42efb600e7c33d15dc5d9c3e0d0d360da39e14004facaea4cff4dcfc00d7437979283ce0a2b06916b69b8c80 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 638ee5a2f6a50151fc78578e80ce04c5 |
| SHA1 | acbbd657a6cc819bfe2746dcb308a4a407bf672d |
| SHA256 | 1692474b403c7311179fbce918deb9461a5a830f1957e4ad1c320f8a1b5a8e9e |
| SHA512 | 3efc5270880f5ef6fa142f33b7ef7ecb49fc8d54b92a3c2b1d8c50adcc18a2c50f279831390a449b67a80b768388dec15a99996977115c7d66eca829f8f35ad8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9aa7664f5f28a5dedbbbe0ceffd6a004 |
| SHA1 | 563cb6ffaa19835d554d1007f94328f5bf7d4e97 |
| SHA256 | 74bab92d6c80257cb495870e2283d1f19b977084d52cf20bb914ffab78d90c13 |
| SHA512 | 5b8a621e509877ae3f6fc71fd447479f89512bec46e818e0b540c4e3df236ba22945fd7429206aadabd1a8fd0f9e900e69097c6a9109b6c497345f3bea4cc77e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | a5479b88e7ab4b32cf525786fd533220 |
| SHA1 | ec4bb04cfcec8f6997cde632a353d7ba829bc169 |
| SHA256 | f1f868f18417630b0a7e1bd46f3dca8e1205d93a480b37ac44187040659eae42 |
| SHA512 | 08cccab147140de47b04a16a80b69437fe7ef3abaccc47cb1fa737a5bd67445c4902ef570f06841d0bc4df1dbb9a1ebda9cf0b9407eca6c7ce550885a384d1e7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe594ffb.TMP
| MD5 | ed9e5b4ff663670413043c08a7eb193b |
| SHA1 | 4d887f58c66dfbf4bc2b367c9a6916a769c8f049 |
| SHA256 | 02d940910c61bcdc65d2a78834ccb9e3ad5c5bd567ca98ec05325cbf00386e6a |
| SHA512 | 7bb694b75c9b676ef8056be7f9a9b70b360dbde31b13565b46ed65514d9eee1a4c3730ee6ef60549595ee4dc9abe9a86a8842ebd4d144db06dd57ef9e226dc78 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 76aba93b4cb6b1a47cc667795f5669ea |
| SHA1 | 05c953f149b1f331c722115ef186670c7a730485 |
| SHA256 | 81ace137f50fe2870923cee77fd257f67fd59257c47973bb34c983e2f3539c30 |
| SHA512 | 5ff0f2ac1facb888984ca2c287c9e9a1a34a2f26a625d6a2110ca6af3057cb1dc96dea8f3e47badf1d71641d395133a4050d42d976fa9e778e0c2c43bb6fa29e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f579aa8153adce168d65c90c5b02f02d |
| SHA1 | 3a496c3913bf8dfb0e9c731f39957fddb9ea18e4 |
| SHA256 | bc9033ec08c51f9e2fe13550b479783f88c196ca160c0b5fa3cbb4adf18f5e3a |
| SHA512 | b47a0099ae697494c9b15f9eb28344426c205ad9f712691683f9c29da8cc8ba17da5cb955f407f19cf3175a4b4e47615eecbb934d667a582f471a5572ea74dfb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b0d0f56e50b122b1843bcc1617c1e9fd |
| SHA1 | f6093f743737bb0f310a1d2afd23e0fe51d61b85 |
| SHA256 | f0407f6c72ec95680b3a864acf5a112196101aee7b602dd297752c77360285a4 |
| SHA512 | 998bcb3b8a51458da31407d466bdabc79b6843de49336b2765f942e1f71beb1fc66efb312ac762d53c1da88139b7151fd56c31dc6e8ae3486ac5580e9ad15c72 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000043
| MD5 | 0d17932e0626482afe8b6f310e47cb24 |
| SHA1 | 78dd115cea950e82c6428486836b1975b6630573 |
| SHA256 | 1f5b32a1afcdf9092cf1f0bb84eae0a6be1c8b4ddeb4d2fc4d271d1314aab252 |
| SHA512 | 75e51a80add7329ddf91df268fe15a827931325283f15212b55a2dc41b76c1050863b0c0eecc4e7f20c069c0b8cf0c5b4e666ec9dca843c37a8e25867785edb1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 0d996b9b8c7f6c521dcaff2405a655c4 |
| SHA1 | 61bf7281f7dc955ade126b74a9d87fb34bc6bc97 |
| SHA256 | db9a7d371d7feed0868dab7f2a0b8e8192d4a13234d08e194c75db70cbab3df8 |
| SHA512 | 5bb6b877b233da362dd36fe8a0afe9aaf3414b9ee0393446ef23f5b3a427645706c01fa5fbe88e88c590944e8d5809fc92b70457a31de19c992466f192e0fcc4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 24e112e7fcdf6cc8782860b0e6fdc491 |
| SHA1 | 20b6ec8a2e7e6e3645f95b7cbc2304e0d148da2f |
| SHA256 | 697d63fe0a87522bd7dad15afbf7e88aa818875fdd82a5149be08ed7ba4288ad |
| SHA512 | 9522e5ad0d1f9f2e799d778b6baf478174e27aafe6c37fef5e5871a0ff243c466e118e5faa5e0b77017cf535f4a27a505c80201104a4529e3e3d26a03af5e2ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000051
| MD5 | 6ee4f302b3696351f651f31b7f3aa6cb |
| SHA1 | 268b890b544ac6f485ffb567ed23b7cad48607ab |
| SHA256 | 6e15be0e38cbe25886179892afca211069402ce234cddb338c846f93ab2e1256 |
| SHA512 | c873a8aea2ebd1be900549647396c33a99cb1df5567e83a08011e0b34b23b97131031f41716915c50cd0db8718ab989e8f64d39f3a2297fb4e097f76926a006c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | ae6fdd3b9eea2c240acccba5aeca842f |
| SHA1 | 097df8c62b1b60cd9ea880566a21d341f11d374e |
| SHA256 | 6a1e92d025be8ee88c02f416a02859a9bd7a1a0d91ff9d536684942b676f026e |
| SHA512 | b6e26becb199ce657caf49576177b9ac4627bb1cbc1ca47106a4e059e09de314ad03e9d91b9fc4965c0ad98ee1745844d7e62207c1d6dd24b5e46f4234fcc2b3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1ac811c0275a8eab82ed1126e61194b5 |
| SHA1 | bfe8782766d73952ce0e34f9c8aecf3c08e73eb4 |
| SHA256 | 01d16dd155781f95f5a93ba5f2b60a9d613db320b37243189281aa6a8d309062 |
| SHA512 | 9a8bffa1c2a967a10225eb781a71614b14754fa6a098d7a1638b7244b9a20d7e4c4bc4e128e549dce227bade098c4a64fc55ea968dcd0d2e7d144ba6d2fa1200 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 54294fe6a167b7dbf9f6fdabf004c8fd |
| SHA1 | e0d08c296e02c00825297b7864278c709cd57621 |
| SHA256 | 1ea7f3c90a978727187ae924fd58d3dded50711b16140bcdf821800213fe403d |
| SHA512 | 044d7cbd2b4bdbfcc0a1e5197d5088b8a7896e3857906c84ae8b058753621d66b159034c303cfac4a63cef118bdd485b2f956fa576bcc8ae6dde54ee8a18812d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a157f7d469994220b25f11b9e2af2ced |
| SHA1 | b7865e912c62f24bc78968d743f0f3f08b175b9e |
| SHA256 | 8f5f1562bc1f5e6cf8d9c1610849b67592745451af8f83a532c26e44444a0ee0 |
| SHA512 | 4a9626a701ce5cc64e10a05df3d1d9d6b7b0fb8c946d16511ba0c078feef4bdfbcd687ec893224bf8088d3797f832428da67a21347ea45abd992f1dbb53cc337 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | dc3eab48a4bee939550cb43666c68ac2 |
| SHA1 | c7aba10b1949c1b1655b5485291008a82e5041cf |
| SHA256 | d37ab7a720637741f099c7a7630c1a130f216b4b4c480aa8e31a27517b6af02f |
| SHA512 | 0c98542d983c5596ae2b7585b38b2623573ded90644319ef1f2943555c7877da125919f171cdac0780df388da68549c1831b058e04b3f7742bf21c9601dbe9f0 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-08-25 09:16
Reported
2024-08-25 09:19
Platform
win10v2004-20240802-en
Max time kernel
171s
Max time network
166s
Command Line
Signatures
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | pastebin.com | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files\Crashpad\metadata | C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe | N/A |
| File opened for modification | C:\Program Files\Crashpad\settings.dat | C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133690509865096267" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://pastebin.com/raw/nXKxFBw3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffa5276cc40,0x7ffa5276cc4c,0x7ffa5276cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1932,i,18367683686240052021,17182040619357399599,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1920 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2132,i,18367683686240052021,17182040619357399599,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2164 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2264,i,18367683686240052021,17182040619357399599,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2284 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3092,i,18367683686240052021,17182040619357399599,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3136 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3100,i,18367683686240052021,17182040619357399599,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3300 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4584,i,18367683686240052021,17182040619357399599,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4564 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4724,i,18367683686240052021,17182040619357399599,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4612 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffa5276cc40,0x7ffa5276cc4c,0x7ffa5276cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1880,i,1300881497765596281,13424756757599041034,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1876 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2124,i,1300881497765596281,13424756757599041034,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2180 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2276,i,1300881497765596281,13424756757599041034,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2256 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3152,i,1300881497765596281,13424756757599041034,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3172 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3276,i,1300881497765596281,13424756757599041034,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3424 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3736,i,1300881497765596281,13424756757599041034,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3700 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4820,i,1300881497765596281,13424756757599041034,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4832 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4916,i,1300881497765596281,13424756757599041034,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4924 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level
C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x298,0x29c,0x2a0,0x274,0x2a4,0x7ff6bc9f4698,0x7ff6bc9f46a4,0x7ff6bc9f46b0
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pastebin.com | udp |
| US | 104.20.3.235:443 | pastebin.com | tcp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 235.3.20.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.32.126.40.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.28.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 227.74.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| FR | 172.217.18.206:443 | clients2.google.com | udp |
| US | 8.8.8.8:53 | 206.18.217.172.in-addr.arpa | udp |
Files
\??\pipe\crashpad_1908_STZQNXTVDNJSEUNP
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | c9ec3717f7ede0783cafe4a177cb1905 |
| SHA1 | 8941b9397f98a033d6fbdd2ecb97e392f1d8375f |
| SHA256 | 0db691ba9f2c055aaa67d4d0fff9400144e5ec914a29a8c23b849cc9611e5d7c |
| SHA512 | b7e1dbf720b91ac5a2a5fee4ff0199a510df89c2276332f4b1024b8529a1ffc2217e9d241880e7010eb4bea4ec75e8e88ec70d669d280966bff22ddadbe3eb37 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 9b59949ca47031e829f4824980d38cc9 |
| SHA1 | c6bfe34601a4ab78a5a34bad7dd04df326e60d56 |
| SHA256 | 029e28ed71820031b1e0dde1a84433cb0b6c6ab81a53be34a5966fa06faee867 |
| SHA512 | 0859cfceae90e9ac420af346d62e1868a73a1f9415db34a14fb3ec16838d7c0824ceebf8db449fcf515cceb7a7544df437d492e9ed798d9e9d0e443d9214ab81 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 47742a14d12ec3a2d2d4fdb43e501f07 |
| SHA1 | ffc65f0c7bea9d0a77f75d1d57a62f3a7edd3694 |
| SHA256 | cbe03df65237dad47a6eb72d4d6cc3252b43773f8867dd82559b6f509fab13b1 |
| SHA512 | 5c5ac09156638fad5ff35011438b0a77cae6d3df309bc0baf5b70997539b345ab364d276a97a04c380066f95682f149c04b367b823d0865e30f6a5dd7277ab03 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8f6f0a0bf5a85a70d1a69eeaa934a0bd |
| SHA1 | 26181f16182674a7659211398e4da7e2420b17b6 |
| SHA256 | 08de8c8ef8cb10b7e5d4fdf5bbf49c9f1024bd211a2a6a33370b776788cca071 |
| SHA512 | 30b14781eee025d18349cfead8eee292ef4d82632892244918446861358bfe1c39cef219c2e03729215640c75f4fd53e342b6ef454bc9d3880c896f5ecf4f6f2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 4e5e453183580ae0ddd688287437b5f6 |
| SHA1 | 147f947d85bb4cfc6598f19a9bf042586afa51f4 |
| SHA256 | 9104c3658d14ca400249c0a23aed216e48e9eb6c65e9dfbd22ab13267c5f2b5d |
| SHA512 | 3013aa534f8389194c1b34122d3a30ca31f04e29a34ce899b5526e1323c79cb40036004844b74532e41ccb8f6ac0d861453ed15214d4e05f8dbf35abf4c81c8c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 01d16b2ad1b460ad2d82ddbd71e5f674 |
| SHA1 | 9d8fbc75738ce8863f39262d0e79a4fc59ae39ae |
| SHA256 | 33ef1e696a2d5b4998069ac50de3b564245d299b490d8924f07b7a45fce5b88c |
| SHA512 | 338d694a96404b0bafc6bc8e32c81e36d2a8a8beb68dcf6ea175f9129dffbd782e2bf4c213a8251032625bf59b1984b4be12f1f3e67ee846bcccacef0f644055 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 6203a09a06c4c40eeef7168f1207b6a7 |
| SHA1 | 3502470b594690ed49f9eb70453562729a7e7c43 |
| SHA256 | 65c022d4f504882de0b2539e6c7f2f5f2dd76b133faab54f1d157ed1bac347af |
| SHA512 | 700e22096360c5726fb672e560e4d8ca5ef9f76fe03cf4be1faa8b7473d4df398d2860cee9c1f062229333f65176b1cf20545179b5bec4a994b6a73b7ecdbd2b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 619a6b57e2b282066a759a8e29481b83 |
| SHA1 | 47733d478a75c562e7f3c9a0f8be614574d8c956 |
| SHA256 | 73a17241cd695321d3a50576489a6f3c708d8bdd321bd46d748879d55b78ac65 |
| SHA512 | 99f8b4e25760c6c4f8e6954d60d55bda22100da4060f7e6739de7e2c14555a584a679418be112110ed3347e53cad9f2144c5a3da60c8d248359f3e9ac38df8d8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\89cf4d18-099f-47f0-abce-995196b16b2b.tmp
| MD5 | 62cdfd36143aa01aef04d038b36a8572 |
| SHA1 | 205e99baea8294ba5687099a3bcf4654e08f29c6 |
| SHA256 | 97523d73efe3da4f72ee30dd7795bf7434daa159a34a0af3400a0d6c3f8562f9 |
| SHA512 | 5d4663a6f7568b6dd5a156bc02cf66e81da2ba876cd2e06c076641ac43786fe40fdcd422f90349774cad068a58f8f6c8353a7fd5d99b196ebaed77dab8c4f272 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bac167e10d758c3a506de33af0963849 |
| SHA1 | a239f28b7b1eb508c1be135b6c4a1e3efa9d4a53 |
| SHA256 | 56ffde88255f39479a0a620e964222f8ca8064df8a15c91a9a4f52a21c103ad4 |
| SHA512 | 768174e7cf54aaed8a405a78def3e29ed95a3276db694a408c115fab2a17f31e9e762e7ed0cddc776692a2bbd8165bb7d2f2b8b2e30ee36f076703060520618b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 6678b293c527e989d200f1e841a52443 |
| SHA1 | 9ed053e1deb7299d988a47799605625599af8e02 |
| SHA256 | 5ae658a375675404c1285bf905b5e95f10538aa888e30d5d91115099ef7d5fbe |
| SHA512 | d39b1582e229b3c63fa49a129f3c64aacf6add79fbe28e9b60601b46df124b05a532b6d277165a3f1e84b49fbb7901852454ea1c4820f257e2ed637a172be8db |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
| MD5 | 1c7fcd4ac8f9d33823820e15b3051d1c |
| SHA1 | 5b6b3230987892ac112cbc81bccd6588c71c7aff |
| SHA256 | 756ef6a19eca12a0dc559c2a1ff69d0afb4e17f7fcdf373a8fc9e244e1950b5c |
| SHA512 | 5197f08558c5e43c7e0d46ea879959cd5f26f448cee2454171b53563f7b289845209922b3ec4f8629c678af411dd2d1b822266c7a2e8a61cb2e14fcc11ac542e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 4cac357bf24f523841d64a4775f0aa54 |
| SHA1 | 78b550849a3899d802ec8798fac15a7401580ba9 |
| SHA256 | 04e85566882a2bc4e8d6d31ceefcd36b4c0a5b3cc3885321ea274abf780ce5c2 |
| SHA512 | f9b9107b26c3ac0ae71c1a24c5e240f984663322eea15ecf6ad4d2e30cb444b78bb3da3d3c9229c37ebba39061fa283f94f02376524abd7d09f02cdb632159d9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | 961e3604f228b0d10541ebf921500c86 |
| SHA1 | 6e00570d9f78d9cfebe67d4da5efe546543949a7 |
| SHA256 | f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed |
| SHA512 | 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0
| MD5 | 81d112ec9cf0224b4760f2d611353c37 |
| SHA1 | 7da8bbd3353d1645e8b8a2a8cd867a974a357e29 |
| SHA256 | 690afcd1ed63792e249d273a8f1addc6a2bc92efc0660736b4116b720edc4e3b |
| SHA512 | 50e07707a27b7d8a896b9eade3a4f1838b92eb47d31a9d5ce84f2212c0f92f016b889b59d60c1545281fafcf8cd50905f335c815d4f52a30ba9ca7b282d9594b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 49497a4d9a27ba28e4b2dfda88876a3c |
| SHA1 | 433373bc3361327f9f9a65a714acb04e33bb4e0b |
| SHA256 | 6cbf17384c24525cb563058096bf8e36a39e063f726395902ef37477bb699045 |
| SHA512 | e0e62b403b789eefcef6e3a74aab864f81a7760ad426233688b07167870cf2ffcdde93c16971fa4c523039eaa0e781d52ebb5b1b60306ada059f087c2da5ccfe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | ac1108bc871057010aca9e8591d5bc4c |
| SHA1 | 16f841a82af8d69e81aa924f31902a9361dab6b2 |
| SHA256 | 831ef45a29eadf5d1c775aad34d32f3e1b33997e0aa4356c3cc060fbf4abc6d1 |
| SHA512 | 47807499bb006743d30e8927714c61e1eb31eb8308950c50b25728203810fadb61c3b7e0dabe3a1cbeb2dd0a5fd3874cb041ee287712fd7e4c1ff9dcee77ca27 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version
| MD5 | ef48733031b712ca7027624fff3ab208 |
| SHA1 | da4f3812e6afc4b90d2185f4709dfbb6b47714fa |
| SHA256 | c9ce8dbbe51a4131073db3d6ceef1e11eaca6308ad88a86125f221102d2cee99 |
| SHA512 | ce3a5a429e3796977a8019f47806b8c0671b597ead642fcbfbe3144e2b8112d35a9f2250896b7f215d237d0d19c5966caf3fe674165a6d50e14cb2b88c892029 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons
| MD5 | b42536df414f56f02f86174ef28d16e8 |
| SHA1 | f83777fcef31f80a6223d48ea05a0b541906c0d0 |
| SHA256 | adb70a155f0d7b1b4624d3f3e24a43b49f8e6c140d405685c5edea70b1fd15cd |
| SHA512 | 0415fed22a66280522662dbc39a0e806bb779914c0d5c78a0c2e9f7eef93a79c24910ec1e04fe9d6490310f1c24396ebbcc70860e1548599b6502c7812d154ca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG
| MD5 | 8c488b11e847624fe34fb63a6290e10f |
| SHA1 | 1f41ad4d2ed3970853c17e9dcd49b506b08c8398 |
| SHA256 | 925e8cfa26218ffd044e91bb3c5af54b7de14459c4549aa322721b45b00477f8 |
| SHA512 | a0e866d61f4414770a64ff3b14df0488905c31ca3a022b54c4a74fd96302a8305fe437d25bcc4ad3dba732e68d1b438368f9f89563c89c173917c776f4561b68 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2
| MD5 | 4cc8beb3ce1c23359cf01484515a88ac |
| SHA1 | 474b806a70495aeaca03b8dfb2fbdf421e70f232 |
| SHA256 | fffb545daaf3ad87f9ff1120d78aa6759edd57461582b43c4f8aa6aee7e21119 |
| SHA512 | 0131efddbd50edb563746860ffe36af04525bd66920a6c877891e34176eba50e4ed02adeeb0a32e466979ec292f451b6538ff2885f3ec1c52345923236c426e1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1
| MD5 | d43a80343b4b36cb78bbc0096b868f86 |
| SHA1 | 74de6debac3092468e6b715a6628112598b0cd32 |
| SHA256 | 8a60dfb1e065374a48e30cf47704b07327cf89a87706fc4797b6a3731e2254c9 |
| SHA512 | 5acb0ce1b726887b7e68d9af41ce21c182fd300494719550e7cd7b94b3dae7c15e61e0a44cbc4ac68fd4485950a7aeb15138528c0eec60e09a4757a6f637c08a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db
| MD5 | 0ff5d0e046b2a2cd41fa93d3b43d2a5f |
| SHA1 | 0d3233c3bdf30bd7a9c6d686c9a31276a44c4b6a |
| SHA256 | c88f161126dd01eccf3d1c075568ff247fdfb893978d5ee77042e87767133f07 |
| SHA512 | c1757f536e301ccf1714a2628091010c579933876d4972fb81fdacca18712eb6690fb32dbc9b4d5d625530185ad0008bcd8fd14dd5f32208bc22d22323f47047 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
| MD5 | e012287334b22fda17f76402816dc019 |
| SHA1 | 15b461227c5d8fc01d9b72166c3455a706547a25 |
| SHA256 | 0b9ab8c108b5b11b199194e2b75767249b94f160ef15c7e9bb52233a942f5988 |
| SHA512 | 38cd6548b0a180f35c703942ba08779b62116bae3bd354da2b5307582551e9e8bd9d20678bacc53d4cab3faa8e2520e9c216c19bc098736c79d61bdd6bf92a06 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links
| MD5 | c4d89b1b269ad7308885811a4eb67c2b |
| SHA1 | e447653aa7dc5ac369c1dfb723e1366b2817a8dd |
| SHA256 | ad62863c804db863e90e7a758e389f04e541aa89ec732433f340a2c924e9e752 |
| SHA512 | 033129606dfcf5bd8d350e3380232b9cd57f4f65d60da38e4b5ae306546476489dfaade758dc169c872e21b94e259b94aaed25400f2569bfa14950469a20eb5c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History
| MD5 | 8262ebee2c8aa88f00575869f3f8706c |
| SHA1 | d97355b2cce1dd3ab83d50e41731f2f293c17f5e |
| SHA256 | ff1d7aec88026948cc3d3ff467f7af8605b5971c1141b5739e85900939de8d58 |
| SHA512 | 725a6a09f96dc5bdbfeba934013abd9fa5a9a05188413596728ff32f4c60c9eae7482a0b785556a9930edc1ebc6885c51b2d7017a5ed447278297664acfd6349 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13369051131794053
| MD5 | 2498c3b7f1fe0d5eacfad0685f953728 |
| SHA1 | d3b435ec580af1227297d702971e5be11ac77c91 |
| SHA256 | aa0697c4da8c21629dc3839a2195cb5b479a8718f0681b537cc412ed4629b09f |
| SHA512 | ff5dcbbe7b9d2960045f1c93db4e818614909433e0d54b37071952daea2ac01e2fb25a87a37e128176ad61975118d927a9093e70eb14fa8cacff59ba2b4073ac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log
| MD5 | b5cc71fab5745c2f20a317990460e1cc |
| SHA1 | 22cb255e4b68992a07f0b6381c9005e2d3f8981f |
| SHA256 | 678fce0d1df644f7992de18454c85c9a01f935898fc4ccc42007a219b0fa27d8 |
| SHA512 | 59e7c9d57cbce6fd2ae5e0b570c9fb0aed937e97bd249605cb44ca4cc2e7c636d1d519f9a7d3f0a7f4df25ffe0d312c95f66ff3e9db30d2cdf7a54b33dc11392 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
| MD5 | 5a3aa9ca017a5650cb3bc48f7ec92a25 |
| SHA1 | a3d640cfad4b90ade1159818703a13b7576dcfe3 |
| SHA256 | 12bf7e86bccac31f83447447b51834b3752cc2abcc2a557ae6c1c9c532f8a70a |
| SHA512 | 2a18efb11ac9c5186cb76df5453af73f8eccf3d02e7db6cfc822294efe2dd0c3fbe0937431c714ae9c5359be84d4cf837a89ebe86e5100dddbbf84566e720e54 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_2
| MD5 | bf2a825ccd2ce4ace6ae3119e665ce11 |
| SHA1 | 2f97ee1eb0b94bc2689d798087cd9c477c22974d |
| SHA256 | 9f090bbf1732a252b7100dcd881de9f1eebfecd5c354759aa4fd41838025c9da |
| SHA512 | 5e037efc33d92721b07dc1fc156a9d57cbb389609a91486e7796c309e0e92a2d223954b9d8522dffcdb421c93d239818610f195efae8e6656a1aa8f42fe3cd76 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | 8ba40ba95fe7eb5d2dacb2e4a1be6c87 |
| SHA1 | ead0bea4a72186ba75def7a2e9158ee0910b06c8 |
| SHA256 | 861fbc33d57419aee125ad86708f79ee9b17fcc8b897dd7724b726f3c147dac1 |
| SHA512 | 91ea0362a62e522fef4c249fa8c346794bc779a013451188dee02a56a747dc6453faf950ba494eecf1575731590084e9f22028b232817a87787aa8be0b0df041 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1
| MD5 | 9416084eddf61f8ee035197dd435ffd9 |
| SHA1 | 275e43f3c0df0ca295c49ca23d300e1dd3fa70a8 |
| SHA256 | 791738b1e392133d3bd7b71179770ef6501f54aa13c9e593a7866b46b2928bd3 |
| SHA512 | 0b065f50d2a3bc52650be2086c5fe7bf8211ed0c9e2b441008a86293280cb16d24b44bf24affdb607e8e9c08cd305878b72cda2b34b121de799da2611ace0ce5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0
| MD5 | 18b24942ba3db416c734449a3fe53c34 |
| SHA1 | 067fe03c9109044bf3ab5eb94a034ac3968a5656 |
| SHA256 | a18f03b355278f58f973377f03f2882c3a003ae862d7602f1e4f61b1c5f03f8f |
| SHA512 | 1bd3b8fb0ca23b49d01b185fd499bb20ce725f5fa0d7b023bf48d45aa0d37a418ceb5d117d5300d075a8098c6402bd0436b94909a15a1e1c6b67ce055b0eb69c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
| MD5 | ab86906c3da38c48732c4817fcbeea9e |
| SHA1 | 15370576011374e4a5234954ad79479f7473e5ca |
| SHA256 | 77cd677552e6995c56e6011329c6af57b9242206e5f2f39c235be10be3539572 |
| SHA512 | 8d717f02c30e3298066fb491fa721e939dc01a8c730dc1e2385adb0503f80adaa57a4886d9ce1347d2efb72aa59b6f7b299c5058b4d3719a4dbef9017bda01b7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
| MD5 | cb685e168b6f1f127a2b45e159e84971 |
| SHA1 | a99241d16de8e6c95867aa9c109a513eafca9794 |
| SHA256 | b028f5068dd88659bcf640b0f3237b5d5982427b4e05e33f964385a2dd27d431 |
| SHA512 | 74de9d50de065285e68869fb382c53b36268832cbbffd3c1393586a3fc4156c87ff7f64a6115a68a16440d1e4bbf854bbe2f91acb8077e3dfed640efef5ae360 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
| MD5 | ccecf870158e8090f2ac4bd58a2bb2a4 |
| SHA1 | 3eabef107ea4f33e268e449c8f482f37f8df0389 |
| SHA256 | 7f9c430724b890b5dd23efd8f935ef02d2e7c955abc90f07ea48df598914f731 |
| SHA512 | 8f940f80f039748d3f935b9b6889e3d3dd5e652ca1dac650ee7324abd7f2e2a84723642e336716e2adb00ddc1ede226c3e7bca478d71c51cc7964f0b7e4e3f51 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GraphiteDawnCache\data_1
| MD5 | 9b08a634f99944bcb0715a0d8ae530e7 |
| SHA1 | 2fa8b4c8d9a65fd923149dfb49850dcffefd47f8 |
| SHA256 | b27a53d6a158b4d8e6a82559d74378953e0250c33c646e4cb7c7dc412514387f |
| SHA512 | 1d514c52beb35adcc795b0abcdeea11dda46e4bd25d247aa459e677a6a74c121970153798cc5146d286a330a39205bf2ddb8d543ec904e368f47d299f51bc81d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_3
| MD5 | 9fc79f737c0d1a1328d9f58d9017fd6c |
| SHA1 | 4c65967f9f31132aee1e406faf7562aa24dab89d |
| SHA256 | 83853443f98dcff48a54319c4759fc31db694b1582930ea602753482a34ef98e |
| SHA512 | e53074c10cc65694aca2b5bae27df496a85ed5fc6f12a6c82d8edebbaccef72f73bc010528286b4645d4e40303b9473fb835c30fe2e7c04d34dfa0941665f66c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1
| MD5 | 2096424f8b98a6d49642928a63e980ee |
| SHA1 | acf360a5c4d2d3010bf441ac4d1ba1eec21bec50 |
| SHA256 | 1b8a3ab252e13c3c630e36dd52dd1f8e457e83b78e1676876a9ebae70ec39f31 |
| SHA512 | ef88422d57a2066e0d1d44686974244e93b0b6a6684b825586e9c217de6373b0ec80e2289c1305553779e87205520bd8769669fe313522c67cb019b4ac9818b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager-journal
| MD5 | f54ed88356418613c11253e52bfecc5a |
| SHA1 | 9fe29a93734eaf295d0deab85347b3b5eaa9db12 |
| SHA256 | 97423f27eaa505e60ab7a7670e24bd5dfc420dcb7959f4bdee0fdf4d5aab2eda |
| SHA512 | 7b2cdfaa404a193605376d77f6236185206bb5a48c05bfdfff3bc89f8c840120361e64c8586d4345b4dae753f6f1139bd9e16822005bb4530c5c109ce84c0721 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager
| MD5 | 8654e3f982cf3ca59f7a88be3e19417a |
| SHA1 | 424439f775ccaebc3c75861bac2687e7b32390cb |
| SHA256 | b71dfb2f4ed5d608fbc19af783964ddc836e5328899c5c01388c8cd5c558260a |
| SHA512 | 1708c0e96a5aff0aee878995ef4a1087434b2cc2196aa62a0b25639279711a4027004f51f145fc05f287556f59ec00a2ec18992e9b06fe4e8aaa2240e48d2220 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0
| MD5 | 122b78139aa80b7112937e55eb6f9855 |
| SHA1 | 13ed63627a9e0f40f113ccd457c9c9cb68c5be29 |
| SHA256 | dca4d569f24d9280bd40e243f95379a6c7ff58aa67829961e1babdefc11c7384 |
| SHA512 | af56db8c7e30cc7be0b1a0fd62ea97e0020966b7e3e6723e3c2188129574b63b61fc1a8c14f51a6d322db5e950def8861b24a16d64c62cb644526e29134e2b5e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log
| MD5 | c2831f3a05da942b5d664eab5ae3b4a3 |
| SHA1 | 29cb56e5f5bf6bfbe9240a3150d8f3a7e3dcb32d |
| SHA256 | b128b2885384cf59ed677026168649c96e557c00b77b1f522fac219842644125 |
| SHA512 | afc82284e9f4451771bf42a2c5f95cafa5aa698870b28c85d772dee7a6a31697c5fc0b2757f2e630a89814e4bd532ace3b411daf29e284b0864335aff7f24b8f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG
| MD5 | 46b59e3c952091f0568ce69ee45314a3 |
| SHA1 | 55e70294af0f7aad5c16e98fef5c94fe9b2f4538 |
| SHA256 | a890a285abe7ea5acefd0b67ac6bfce4139081a23a0edaced0080953b21ce7ad |
| SHA512 | 1dbdd543715ea0eaeab972e4e457cafe305fabe35ba55a1cd7cdb1544fc70e0ba89dc9392b11935fe1b38f4b87a3b7566e50fe7635abc96f244a7ba142c2ae1d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log
| MD5 | 441cb59b14d567bda44e61dbcad372b3 |
| SHA1 | 1c601b28eaf7790ed9b87411aad483b01185b142 |
| SHA256 | 39036993874cfb926bdbac3b2b4e89d017a9913d51e5febc1a361dff95c20e50 |
| SHA512 | 862168987abc37b4cccd47cf10e3ebc39a37738e1849878788037b3bfb97cee611a48285b73ed2cdcbc2cdb21790e74ed5190edf23f28decefabe0b71294439d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
| MD5 | 91d237dcc21d9530826975ab23b1dc48 |
| SHA1 | 4ffdca8006a8b67c15e0f7e748e8e406016f4852 |
| SHA256 | 70d241bdb205f799a0489194e25a1317ff313ce55aed9feb12f162f862394270 |
| SHA512 | d15e401f635f41e2ed6f02833cf9b30a993e505ae79fd7a2d69f9e6205f25ef9f4ce89c4b88a2f891f35c683f7c129620a2c6d4c2b0f605cfd6a5ba5b5776d22 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13369050986478845
| MD5 | 05115ab987bac796a4a924f149530c5e |
| SHA1 | f25f1e33ed79634aa23e2a2b863b8fdb5446bd3c |
| SHA256 | f74965e13d7aad067464ba7b1d41081f2cc30499e1072dd940bc8fa8ae0acd30 |
| SHA512 | 55504c4ca82086f6894bd5dc914db61966e7dacb84f274e94ea9c81f324d36eb77d6e0d1a8c9417bcc088170241646393a336b99758c14ce73fd8b5428762999 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Browser
| MD5 | de9ef0c5bcc012a3a1131988dee272d8 |
| SHA1 | fa9ccbdc969ac9e1474fce773234b28d50951cd8 |
| SHA256 | 3615498fbef408a96bf30e01c318dac2d5451b054998119080e7faac5995f590 |
| SHA512 | cea946ebeadfe6be65e33edff6c68953a84ec2e2410884e12f406cac1e6c8a0793180433a7ef7ce097b24ea78a1fdbb4e3b3d9cdf1a827ab6ff5605da3691724 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
| MD5 | b1d5ec9e07303d5ed4da19d1fdce199b |
| SHA1 | cfad5e19d730fb84dd0d5a4a73d2aa7185c6dd29 |
| SHA256 | 915eafbac63cb218052bd92d2e7c64ad995958b6dc251408b6901a092466151a |
| SHA512 | 2f2f83d5ec321ede19e07ee12c5af83c955c2431073c089dfc05fabd701bd34204a3b508c45d5e5b857100b2cdcc023fb30eb692e88b26afa515d78309dda490 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\first_party_sets.db
| MD5 | 5a1706ef2fb06594e5ec3a3f15fb89e2 |
| SHA1 | 983042bba239018b3dced4b56491a90d38ba084a |
| SHA256 | 87d62d8837ef9e6ab288f75f207ffa761e90a626a115a0b811ae6357bb7a59dd |
| SHA512 | c56a8b94d62b12af6bd86f392faa7c3b9f257bd2fad69c5fa2d5e6345640fe4576fac629ed070b65ebce237759d30da0c0a62a8a21a0b5ef6b09581d91d0aa16 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\first_party_sets.db-journal
| MD5 | 72891b45e7b85d3f7321f3efdb404167 |
| SHA1 | d089f84193a3e673de2c56a4eab6d2efeb53dbca |
| SHA256 | 897e1d6a0b1ca016771b5adeaf73146554e6ca1721eaec7e67375a67a965c876 |
| SHA512 | 9c2ac45756b14f9ac17a4c4f83a124bfdf0aed74a63f32bbf9f6e64e9ae7d984ed4fa23c1e64a6f0c9ae4ebe7c1b279f62792df3e00260b3778fdce0ff895b38 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | e673163042c7fa767e96072336ec9fb9 |
| SHA1 | 1413132d200205d05589153320e91e4cc42481e2 |
| SHA256 | 17e4a886a763ff1a7a0f6b5fafe0b69e3088420300cf1718f699f7c1f2c6cdbe |
| SHA512 | 12272eb4fa969b2983a19c9fadd0cd77dcd53282a24c28f3e8b082dc34cd7b0684ad56aef4c85b8f1cbf43a304c6749112f76b71333f63f4bd01d628ee9b8be5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f721d4179e9d1cd92895160467942271 |
| SHA1 | e58a22e441f24f78eb5fbb8179b43243e83ef814 |
| SHA256 | 33f7fbc76c28fa294bc7e29511ddfe67ec02cac82ca48aaa611b7b758e39de28 |
| SHA512 | a26881494eca4e98dc1749a200d538f1caac838d940d13adaa71d04d17748d3ebb8f94a715a0863562c68435f42dfc8359f940047644d9f0758bece65b82beec |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c2f283e96835860d3ec5a372e27e9048 |
| SHA1 | 933831947ed2e3d8d9bd5356b0ef53e3d7c78cc4 |
| SHA256 | 105dc45821624640e7d716229eb2f0111d98e84f08b4c3d8d73d99c3b511805f |
| SHA512 | 99a09bc1f5447500a40751299fee81665d5e661c6cf0a9edab3261d6dbd3a24f56cef2dd69a117dffd25f504463103c424f5121db1280bd4950680f61d839486 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 5d8a5f3fe7260f15e4b8808656fca53c |
| SHA1 | f49fadc565c0ac27ab37457526c65a021e6223e5 |
| SHA256 | 441065a4eaa8d31f92777e746dcc7dcb1a67453d469c8c979a0accdb9437f96b |
| SHA512 | d6ed2ddd229de3795ee1df5164facac72fdb1863bd8eea7945eeb7ecf719af632aa84a8bacaefd8a0f875b371b5d52b69ec42c911d89edca4b857c96514891c8 |