hxxp://www[.]pureerudition[.]com/RWb-Ewnd~pp/exit/rgb/cmyk/ycbcr/lab/hex/convert/

Analysis

max time kernel
77s
max time network
94s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
04-09-2024 03:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://www.pureerudition.com/RWb-Ewnd~pp/exit/rgb/cmyk/ycbcr/lab/hex/convert/

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2360	chrome.exe
2360	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2360 wrote to memory of 2472	2360	chrome.exe	31
PID 2360 wrote to memory of 2472	2360	chrome.exe	31
PID 2360 wrote to memory of 2472	2360	chrome.exe	31
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2984	2360	chrome.exe	33
PID 2360 wrote to memory of 2448	2360	chrome.exe	34
PID 2360 wrote to memory of 2448	2360	chrome.exe	34
PID 2360 wrote to memory of 2448	2360	chrome.exe	34
PID 2360 wrote to memory of 2772	2360	chrome.exe	35
PID 2360 wrote to memory of 2772	2360	chrome.exe	35
PID 2360 wrote to memory of 2772	2360	chrome.exe	35
PID 2360 wrote to memory of 2772	2360	chrome.exe	35
PID 2360 wrote to memory of 2772	2360	chrome.exe	35
PID 2360 wrote to memory of 2772	2360	chrome.exe	35
PID 2360 wrote to memory of 2772	2360	chrome.exe	35
PID 2360 wrote to memory of 2772	2360	chrome.exe	35
PID 2360 wrote to memory of 2772	2360	chrome.exe	35
PID 2360 wrote to memory of 2772	2360	chrome.exe	35
PID 2360 wrote to memory of 2772	2360	chrome.exe	35
PID 2360 wrote to memory of 2772	2360	chrome.exe	35
PID 2360 wrote to memory of 2772	2360	chrome.exe	35
PID 2360 wrote to memory of 2772	2360	chrome.exe	35
PID 2360 wrote to memory of 2772	2360	chrome.exe	35
PID 2360 wrote to memory of 2772	2360	chrome.exe	35
PID 2360 wrote to memory of 2772	2360	chrome.exe	35
PID 2360 wrote to memory of 2772	2360	chrome.exe	35
PID 2360 wrote to memory of 2772	2360	chrome.exe	35

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://www.pureerudition.com/RWb-Ewnd~pp/exit/rgb/cmyk/ycbcr/lab/hex/convert/
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7279758,0x7fef7279768,0x7fef7279778
  2⤵
  PID:2472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1184 --field-trial-handle=1380,i,5609224709618058812,9529718564929767835,131072 /prefetch:2
  2⤵
  PID:2984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1540 --field-trial-handle=1380,i,5609224709618058812,9529718564929767835,131072 /prefetch:8
  2⤵
  PID:2448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1640 --field-trial-handle=1380,i,5609224709618058812,9529718564929767835,131072 /prefetch:8
  2⤵
  PID:2772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2336 --field-trial-handle=1380,i,5609224709618058812,9529718564929767835,131072 /prefetch:1
  2⤵
  PID:2280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2344 --field-trial-handle=1380,i,5609224709618058812,9529718564929767835,131072 /prefetch:1
  2⤵
  PID:1580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1492 --field-trial-handle=1380,i,5609224709618058812,9529718564929767835,131072 /prefetch:2
  2⤵
  PID:2848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3172 --field-trial-handle=1380,i,5609224709618058812,9529718564929767835,131072 /prefetch:1
  2⤵
  PID:2096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=2740 --field-trial-handle=1380,i,5609224709618058812,9529718564929767835,131072 /prefetch:1
  2⤵
  PID:1072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=2500 --field-trial-handle=1380,i,5609224709618058812,9529718564929767835,131072 /prefetch:1
  2⤵
  PID:676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3552 --field-trial-handle=1380,i,5609224709618058812,9529718564929767835,131072 /prefetch:8
  2⤵
  PID:1692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3436 --field-trial-handle=1380,i,5609224709618058812,9529718564929767835,131072 /prefetch:1
  2⤵
  PID:1672

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2028

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
38be1df45e7b4c507fdb5ef8a2ad85b1

SHA1
2c7bbb6b310a329d1b1484ce9b05cd8bab8d4714

SHA256
d90c99b1b6a36c93eb2d48a54383013be5ecd3309d6c0bb7fa10cad2c9492463

SHA512
cba7273d362a49be847dddf9d1ed7b9fe8bf18f146d6d78ecb710b96b2525ea180629cc56a58cdf96f6d4b662495d19afcb41333bc376ff800a5ae8114efc8f6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7f26b5507c3e74b8812c2feb071a77f0

SHA1
1ceb0da7fabab0f7925272124b7a837908b5ed18

SHA256
b622a9e64a144cfe99a3f118e6dab0d4bd0e64add5271ebcb1609eabb5d8db96

SHA512
9d63f7aa7dddcc2c10b38de5cf08fcfeac6d3d2195ab3e284dd7e7638c2c1ff671f7f91dc8fac42f207f7172bfc9998d7fb836406ae7a28e90a555ac2a6361bb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
17470043160aecd90bbbd589264dd3e9

SHA1
e7bdf568df992e1b3803cf7a323924a0ef0c15ed

SHA256
a6826e5b2f8ea08e8fdb67c001909950589d097976eb7756cfcb1303568c9558

SHA512
39659a5c9f75c553d91863702d3cc8b2abf3350e807c12c5cea06b94f3654c11a3fbb307a17422e9994449e28209b9b4f154894b62b5e95e07cacde0fac7eaa0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5015d2ca0875a45a47da5d300ad29a74

SHA1
088b69b59759677e4297ab6560fcbba957d3782c

SHA256
a856a0709908d997d124e57ec0f05dc79d178c61d861a03cc808f5776e84ba64

SHA512
35607cda42fbf1a76b5caf777d5fc67b9c9a8a8a9a12b118104a0e340dd545404c939de7dea8ecd291250120b6bc1e90e6181a243e15dfc790fba32bea73e3d7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d1a566faf73b2b8d978b29337ba34aa0

SHA1
c2435963167f3cda39bea0e48648702129b9d448

SHA256
f64659e47a9a4df2122856d7f1177e90fb333f61ea1e530cd3b272886d1c0b0b

SHA512
b14a5a4d07e68b75401e4af6d38bc7946cba6ab7d3f7e262615fdaff1b93a4bdc6a6bba4558a3551206a175fb0e4c4620ce88c72d498f8678bd32c7528952d8b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
db0e79328f10a11af5b5105cec92b86d

SHA1
267b8dce543f4f0f5b646ab12c1b8860fa887636

SHA256
b092ade9a70ac4d491344a4c01fe504990f8e71232cc9693daeb2c8f51a920a6

SHA512
ca771c36436212e54e0458f9367e03fcb8e92b3176be6e44b2581dac2b1287e965eeafb4f00d49d966069baa8241b7edef014becaa284f932b07071f6879e03a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
19617d76fe8b26483c60cfd763a8075a

SHA1
08d4dc63271a522031f16f8d19e94c05f0738376

SHA256
0c247a513e8188d7717979ddd2282518f1b4c962da7391d5411a4d4919b1f94d

SHA512
d6c37e7e6fe6f9ab36b65a1a3f90c64561c528b0173bbc13d6141ad3b1e76baa350fdbcba023c4653919cedb0db7fcaab986ccefa8fa2eec479d93a404708bda

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
987B

MD5
720583fdd779d9a48523bacdf1fc1e2f

SHA1
95832bc4c24437e53e2cb5124288bfc42ccac01b

SHA256
4ef3372ecfbd0887bbbdb3891446903c7a475b4b9e87ecefe8256353134c40fa

SHA512
4139a908fda92feb934ac3a9b0de58b01a18629f8ce0b97cd94c1e0ccb1d5cce6cf218d9b12ec3b73f91ca047ad6cd2b49fc4e9151ebc870cc8a6f0ba553d14f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
cd3c203d87d03eaa2f956e57b9ca1a91

SHA1
e8395993026a5cdd8bdf30c59a1b5cf2a1d12593

SHA256
04d842449e7ea454062f3895c84ccd94242c599ec6f0ec0847c134a6efd3e2b4

SHA512
543fbc0d8b8c2f70e3422da9d9546c5f974a01e2608c0eb1ebf9ae1b3850420417ea7c127fea13008df00cac648d4166fbb48b84a4c1d4719fcfc0d6eaa06ea5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
33b21772c1f2e97288b4d490f2f917ae

SHA1
870cbc3e88eb8a7237713ffce5d61b39def5ff91

SHA256
deaddb0cd0a519a91fc70a7641ec07b4779f4afa65947510ab327249d419b21c

SHA512
0f427394f13285e43ac043f1ce698288ca393eaff66cccafa6bf65b47eb91eae0eaee830c8dc6a2248cb42af7fcbf4b25b1cf481f3012fec1d10b510b4508c99

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
11e7c427a8ea4092315a09a96a65559b

SHA1
686c0a1e6c289d644fb2ee2558acc5553fc312c3

SHA256
778b161558aad6414902d0be6e7108c6cb8c1f63860459fb107e2367248589ed

SHA512
c3dfa442f4b5889ac99a40c3845add4364a43182fb5fbcda4df2dedbf7ce4e509ca01554a77bd163d712d98374b9b78f97db17a3fdfea7ce23b594aff5a82467

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT~RFf77b339.TMP

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabE5BF.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarE5F1.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit