6cebcbca26e0f14971f038812cd603e61f2f4f075f07269bb991d12ce1e1a175

Analysis

max time kernel
314s
max time network
409s
platform
windows10-1703_x64
resource
win10-20240611-en
resource tags

arch:x64arch:x86image:win10-20240611-enlocale:en-usos:windows10-1703-x64system
submitted
25/08/2024, 18:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

file.html
Size

312KB
MD5

c08c7d600213a7dfdd914ff22200e098
SHA1

4e0fea35bca2521459a89f63314fd04f09019d66
SHA256

6cebcbca26e0f14971f038812cd603e61f2f4f075f07269bb991d12ce1e1a175
SHA512

a4b5280ec12c43963785fd4f2559eb6be8078f6ecde5fc70526decd446bebc2cc8671200afaf19c68f119acdec718d9614d3d38d2368c4b10611d9992236b6ba
SSDEEP

3072:WiMgAkHnjPIQ6KSfc/TH4PaW+LN7DxRLlzglKkVdLk:egAkHnjPIQBSfwYPCN7jBkVdLk

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133690847531862201"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe
Token: SeShutdownPrivilege	2372	chrome.exe
Token: SeCreatePagefilePrivilege	2372	chrome.exe

Suspicious use of FindShellTrayWindow 37 IoCs

pid	Process
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe
2372	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2372 wrote to memory of 4032	2372	chrome.exe	71
PID 2372 wrote to memory of 4032	2372	chrome.exe	71
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3100	2372	chrome.exe	73
PID 2372 wrote to memory of 3664	2372	chrome.exe	74
PID 2372 wrote to memory of 3664	2372	chrome.exe	74
PID 2372 wrote to memory of 3528	2372	chrome.exe	75
PID 2372 wrote to memory of 3528	2372	chrome.exe	75
PID 2372 wrote to memory of 3528	2372	chrome.exe	75
PID 2372 wrote to memory of 3528	2372	chrome.exe	75
PID 2372 wrote to memory of 3528	2372	chrome.exe	75
PID 2372 wrote to memory of 3528	2372	chrome.exe	75
PID 2372 wrote to memory of 3528	2372	chrome.exe	75
PID 2372 wrote to memory of 3528	2372	chrome.exe	75
PID 2372 wrote to memory of 3528	2372	chrome.exe	75
PID 2372 wrote to memory of 3528	2372	chrome.exe	75
PID 2372 wrote to memory of 3528	2372	chrome.exe	75
PID 2372 wrote to memory of 3528	2372	chrome.exe	75
PID 2372 wrote to memory of 3528	2372	chrome.exe	75
PID 2372 wrote to memory of 3528	2372	chrome.exe	75
PID 2372 wrote to memory of 3528	2372	chrome.exe	75
PID 2372 wrote to memory of 3528	2372	chrome.exe	75
PID 2372 wrote to memory of 3528	2372	chrome.exe	75
PID 2372 wrote to memory of 3528	2372	chrome.exe	75
PID 2372 wrote to memory of 3528	2372	chrome.exe	75
PID 2372 wrote to memory of 3528	2372	chrome.exe	75
PID 2372 wrote to memory of 3528	2372	chrome.exe	75
PID 2372 wrote to memory of 3528	2372	chrome.exe	75

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\file.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ff8729f9758,0x7ff8729f9768,0x7ff8729f9778
  2⤵
  PID:4032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1660 --field-trial-handle=1840,i,12454408983521813354,4321408015943891215,131072 /prefetch:2
  2⤵
  PID:3100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1812 --field-trial-handle=1840,i,12454408983521813354,4321408015943891215,131072 /prefetch:8
  2⤵
  PID:3664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2068 --field-trial-handle=1840,i,12454408983521813354,4321408015943891215,131072 /prefetch:8
  2⤵
  PID:3528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3020 --field-trial-handle=1840,i,12454408983521813354,4321408015943891215,131072 /prefetch:1
  2⤵
  PID:4840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3028 --field-trial-handle=1840,i,12454408983521813354,4321408015943891215,131072 /prefetch:1
  2⤵
  PID:4680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4748 --field-trial-handle=1840,i,12454408983521813354,4321408015943891215,131072 /prefetch:1
  2⤵
  PID:2024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4564 --field-trial-handle=1840,i,12454408983521813354,4321408015943891215,131072 /prefetch:1
  2⤵
  PID:240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5440 --field-trial-handle=1840,i,12454408983521813354,4321408015943891215,131072 /prefetch:8
  2⤵
  PID:4536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4752 --field-trial-handle=1840,i,12454408983521813354,4321408015943891215,131072 /prefetch:1
  2⤵
  PID:5088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5428 --field-trial-handle=1840,i,12454408983521813354,4321408015943891215,131072 /prefetch:1
  2⤵
  PID:4532
- C:\Windows\system32\NOTEPAD.EXE
  "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\Fastest Ucoin Farm.txt
  2⤵
  PID:3284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3036 --field-trial-handle=1840,i,12454408983521813354,4321408015943891215,131072 /prefetch:8
  2⤵
  PID:4736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3020 --field-trial-handle=1840,i,12454408983521813354,4321408015943891215,131072 /prefetch:8
  2⤵
  PID:2504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5224 --field-trial-handle=1840,i,12454408983521813354,4321408015943891215,131072 /prefetch:8
  2⤵
  PID:4788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4748 --field-trial-handle=1840,i,12454408983521813354,4321408015943891215,131072 /prefetch:8
  2⤵
  PID:4936

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:724

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
bde7940abd784d91f9236ffeea928533

SHA1
1d994b328619ac40307ec13707ed98f692e43e01

SHA256
e54c95fa9510bd1c09c70fbdd534fa96b9add223be9158e32c12173572b3ecf5

SHA512
61cdbdfe8a9df3aec8a4281912075cef72072c9d6f96ab74e201fe532af138883b50223fee268a8e0121afebcfce1c8036307cfb66afcf2582dc76eca27b4f30

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
480B

MD5
3af39c353c3c00ff7012382a5460e57b

SHA1
fc409b5bce63616b7a8928ee0f8b0d3f8e3f9f49

SHA256
0b8e8d306f29a42fde4967211595006bb363a0c8221d61b54ff3751a5dde1cd4

SHA512
34bed1ca0e0c4beeba8ff253f351f3fffa21a931862369b17e650f85bfd792c298269e51fb79b6fe22c1c0eb4690c159eb1790280678c2f89fdb52360d755f61

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
646302ce74b2f4aa10724e6918cb1d2c

SHA1
714926623dd2cc35c91133f3d1750bfbb2aebf87

SHA256
e3cb75ffc8aa26e03125a7bf4faf65846bfd777efdc3d4d1e5acc4956453216b

SHA512
586f3f73e2c4b8608de71cd32a41f278c2a2dba3b60b8a327becc6f6ef547ad23f89a5446e30d26737ce388df23edc929e09efbfd4116dc5b51317a1ae34e0ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
9d8c3ac069ad5b3979ca57fb4fcfeda6

SHA1
1758b2265100d177292849e641ed09f6bd5dafa7

SHA256
043cb4f4c232d82ba01bdd6315e46d460ce59146465cd19d9f39ac5e2feeec76

SHA512
b1826a05a19d23215c37c3c639bbaf2c014b75b7804d28908d110df7265f058546a2d6b29559a5653cf12e09ffccf36b823e8d7f924114ec7d55f3daaf7783ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
0a9f3a88a045706112dcb4eaacc1fec2

SHA1
2beb2b2e5cf16310c349ef462d6e6b1a4a100797

SHA256
b704b38e14ec11899497cede7383f8bc6cd88200e65c7bf9f2b1c1f9473744c4

SHA512
6268c847587ebfd0d7453a2c9235696ddfe1179d742bd189416f8ad8ac983701dc57aeb43ace1c472318dcc9828acade58e88d761cdac35a4fd29e2417e2cd88

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
62c163b61caffeb381a5c34731b069fe

SHA1
2580acaa556d08fb70bf7551bf39def3ff61cb46

SHA256
4171f0a7000bfee817731de1e7c433f9cc9ef5815d89fa672b25ffef88117a70

SHA512
6b9eeadd17552ca6c2dbf5325e60c596d8a08a0d934d24b415967f39bee05bc50739c32304112688969ce14e6bb17d5b5ef9fa0435c3f9eea01624d15bd36081

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
dc9184a6087d46c10b766ac4dfb3684a

SHA1
5226a263e781f7ba671ae82bb8e3475e33bbf99f

SHA256
1b9385281f6a6253dd5d10a91ad5cb8b52328560f46e9ec821f5f3a1376d0837

SHA512
ddc47f6d9e98856eda5f26d8060bf862b2fa281010baaea325019b1a26e2eaf366ffa75e903918f7acfe5a118d2350467a0c397aed63a1b9a0020d189ee5ca39

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
3324b5283346b50e5ca23edbd18aeaf2

SHA1
4a17bff8787292516f7b40aa100d0ff5df54a933

SHA256
d786b2270d8c5b6fceb28aa8f1cc828381f7ec0d350c93716b17c8496f0bea99

SHA512
4488373524abc5755da3111d0d981058b72e384bdbf800d2d8e0140903663c6dcef41e341e4817ac012aa41684592e3191bf04d0064b1723ef63117e43e0bfe3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
b7b4975fef4751f7078b5cb0bf4be33d

SHA1
b99b26baec05ab790fec7054fa2e11961e952eee

SHA256
8f9bc83cb1de809b37afe3e15c5570f5b230af799ce8435515611876e2a84872

SHA512
3154d02012373efa44981bca40f5617db3a0d7f604a550736860142a92e5f555cce9300e79431b685a539b7a5d4f9f477ed96ab9fb03da4a128ad2313777aab2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
150KB

MD5
b7b9d7d54e002a8e3caaf5af45b3b5f5

SHA1
9065df33393df7a7be8d157f87dcd6252c2d37b3

SHA256
63d5be16feb257a70b08f837768fd1602a030af11d2a379fd9560b9ce6865475

SHA512
2acc2cc2ce3945dcbb4b38a45a93b58dd6a24baf730407c2112933235d766ec326e478d8ea14dce9f542df8aef107b6b28fff98593ab5dc20d003dc34fff0d5f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
150KB

MD5
5b5c1536126170bbcaff44a839b68c99

SHA1
923050461b099b4f350a65e836565d2630de3a84

SHA256
2f530e2dc58cca57481dcd2dfd058975f7b8be1e019656f6a4ba05ff43cd4d1f

SHA512
8b605cfe2859ba400e261c7e3bf95e09951be87a6eb8f88e6f551ab254db79803de94bd5b9453323c45829ef412a4c4005f4b68edb05a9fcb5b588291608fa91

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
150KB

MD5
d749840db8fe66c0292740549f61fb1e

SHA1
35f16abc1c9a14e8fe45a2394b3364e67254ad23

SHA256
da6eed9ae30047523dbfdb69767e3d1ce5bab89f0ada0d3396ba61c260f1a3a6

SHA512
d7b23fcee82d63eed89a4d2f3212dcd0a616195e76a3d3338de63c28bd354a5e1542959b180e432a30bf550f1e19788ef947c9c7a3bba2c29f8ffb103f417a40

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
149KB

MD5
001c03463ece931de2dc85c68672df50

SHA1
08c53ceab2e4cd476a38650c2ce75f11dde0b33c

SHA256
3262d8e30502df2ff435d3fd91f9c59189f667222cf0d80e74b18783915abc48

SHA512
cbf55e082e0a4613a74c87c335dac847d341d20fdff9c06746fc6b11ed7009012b34f54cfff13246311db35349902e0afd6819cc05a7c647e6c5530c982e529e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
155KB

MD5
816cf91c55c090530c67440e51a2c496

SHA1
e50fc08d6638d006ecffa466e51e50c6f70a605a

SHA256
ee010ca8b0b491a8f11d66500f3e37d617a54adbc58b6f40b20a686612f63091

SHA512
1ddbfa5f976c04e121fc5bea8cdbd3a6bd5af4895c3bd644350f3ef39a451453d39d7b8e2f0420701159560539b4cb653f414b330b31976d64bd56f487f8c9de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
8fc4e448148643099493c29b2b82a031

SHA1
c1a460d092e8c9ff86bc6fb7716b703d22d70fe8

SHA256
08f003be866c438bc4046e5cc4a5cb31dfc6a153700c9ef2b9d39e2741e86add

SHA512
d99c52d524c86ff7c23d8a4b0f5f6d524706179c858c414dd90d3f288e2ddbd7436e2bdb173b783480c839a02a387cfe4cc748e597f303817358ed1815d19da9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\Downloads\Fastest Ucoin Farm.txt

Filesize
1KB

MD5
ddd7d4e1d84c20583d536e31eadc389c

SHA1
4184e36b5abc01e259296660444309a4e23861dc

SHA256
1e4fae9eb124c7c8a7f82d39c290c7d212265c3af90639dbdc28deb451e49870

SHA512
c7427a23189088bbeb8c3788efd082049dccbc92c3cff3395720c5ac47eb30b863efe2af28911e4c069025aa7014227e9150df38755b8f5e111654dae02998bf

Download Submit